Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

c0000135


  • This topic is locked This topic is locked
8 replies to this topic

#1 Noxien

Noxien

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:05 AM

Posted 18 April 2012 - 03:16 AM

Installed Avast, it was scanning then my pc randomly shuts down (assuming avast did it)
then bsod STOP: C0000135 The program can't start because %hs is missing. Try resintalling the program
Tried the system recovery options
tried system restore
Looked at the registery it was the correct one not the virus edited one
did a FRST scan and this is the log below
if someone could please make me a specialized fixlist.txt for my issue i would greatly appretiate it.
Thanks.


Scan result of Farbar Recovery Scan Tool Version: 16-04-2012
Ran by SYSTEM at 18-04-2012 15:06:25
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [168216 2011-06-01] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [391960 2011-06-01] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [419096 2011-06-01] (Intel Corporation)
HKLM\...\Run: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe [649608 2010-06-09] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-08-10] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 [2207848 2011-03-20] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [617120 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe [909824 2010-01-20] (Sonix Technology Co., Ltd.)
HKLM\...\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [4526 2010-11-29] ()
HKLM\...\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd [x]
HKLM\...\Run: [CAHS1Sound] C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CAHS1.dll,CMICtrlWnd [8724480 2011-07-07] (C-Media Corporation)
HKLM\...\Run: [CNAP2 Launcher] C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [499608 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [5889816 2011-12-07] (Logitech Inc.)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" [370 2012-04-14] ()
HKLM-x32\...\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" [2018032 2011-04-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [FLxHCIm] "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [40448 2011-02-24] (Windows ® Win 7 DDK provider)
HKLM-x32\...\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM-x32\...\Run: [SessionLogon] C:\ExpressGateUtil\SessionLogon.exe [x]
HKLM-x32\...\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe [21504 2010-08-12] ()
HKLM-x32\...\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [87336 2010-02-02] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" [222504 2010-11-24] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe [953232 2011-11-16] (Razer USA Ltd)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [1523360 2011-01-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-08] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [1987976 2012-02-27] (LogMeIn Inc.)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4241512 2012-03-06] (AVAST Software)
HKU\Noxien\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3514176 2011-11-10] (DT Soft Ltd)
HKU\Noxien\...\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED [740216 2012-03-06] (BitTorrent, Inc.)
HKU\Noxien\...\Run: [Toxic Games] C:\Users\Noxien\AppData\Roaming\Toxic Games\upd.exe [x]
HKU\Noxien\...\Run: [Desura] C:\Program Files (x86)\Desura\desura.exe -autostart [2529096 2012-03-19] (Desura Pty Ltd)
HKU\Noxien\...\Run: [{20AC037A-1608-759E-DE5C-8725DFF7B3F6}] C:\Users\Noxien\AppData\Roaming\Isqoda\cohu.exe [141824 2012-02-27] ()
HKU\UpdatusUser\...\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler [222496 2009-05-05] (Acresso Corporation)
HKU\UpdatusUser\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3514176 2011-11-10] (DT Soft Ltd)
HKU\UpdatusUser\...\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED [740216 2012-03-06] (BitTorrent, Inc.)
HKU\UpdatusUser\...\Run: [Toxic Games] C:\Users\UpdatusUser\AppData\Roaming\Toxic Games\upd.exe [x]
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.1.1.1
AppInit_DLLs: C:\Windows\system32\nvinitx.dll
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [253088 2012-04-14] (Adobe Systems Incorporated)
2 ASLDRService; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS)
2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros)
2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations)
2 ATKGFNEXSrv; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2009-12-15] (ASUS)
2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [44768 2012-03-06] (AVAST Software)
3 Desura Install Service; C:\Program Files (x86)\Common Files\Desura\desura_service.exe [131912 2012-03-19] (Desura Pty Ltd)
2 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [2343816 2012-02-27] (LogMeIn Inc.)
2 MSSQL$SQLEXPRESS; "C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS [57617752 2009-03-29] (Microsoft Corporation)
4 MSSQLServerADHelper100; "C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE" [61976 2009-07-22] (Microsoft Corporation)
3 npggsvc; C:\Windows\SysWow64\GameMon.des -service [3840968 2011-11-24] (INCA Internet Co., Ltd.)
3 RichVideo; "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" [247152 2009-04-17] ()
2 SkypeUpdate; "C:\Program Files (x86)\Skype\Updater\Updater.exe" [158856 2012-02-28] (Skype Technologies)
4 SQLAgent$SQLEXPRESS; "C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE" -i SQLEXPRESS [427880 2009-03-29] (Microsoft Corporation)
4 SQLBrowser; "C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe" [254808 2009-03-29] (Microsoft Corporation)
2 SQLWriter; "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [157720 2008-07-09] (Microsoft Corporation)
4 sscdbus; C:\Windows\System32\avinitnt.dll [6656 2009-07-13] (Oak Technology Inc.)
3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [736104 2012-02-13] (Tunngle.net GmbH)
2 UNS; "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" [2656280 2010-12-20] (Intel Corporation)
2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [77312 2010-08-20] ()
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]

========================== Drivers (Whitelisted) =============

2 ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [15416 2009-07-02] (ASUS)
2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [24408 2012-03-06] (AVAST Software)
2 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [69976 2012-03-06] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [53080 2012-03-06] (AVAST Software)
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [819032 2012-03-06] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [337240 2012-03-06] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59224 2012-03-06] (AVAST Software)
3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [36000 2011-03-13] (Atheros)
1 ATKWMIACPIIO; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17024 2010-07-26] (ASUS)
3 BTATH_A2DP; C:\Windows\System32\Drivers\BTATH_A2DP.sys [298656 2011-03-13] (Atheros)
3 BTATH_BUS; C:\Windows\System32\Drivers\BTATH_BUS.sys [28832 2011-03-13] (Atheros)
3 BTATH_HCRP; C:\Windows\System32\Drivers\BTATH_HCRP.sys [201376 2011-03-13] (Atheros)
3 BTATH_LWFLT; C:\Windows\System32\Drivers\BTATH_LWFLT.sys [55456 2011-03-13] (Atheros)
3 BTATH_RCP; C:\Windows\System32\Drivers\BTATH_RCP.sys [154272 2011-03-13] (Atheros)
3 BtFilter; C:\Windows\System32\Drivers\BtFilter.sys [280224 2011-03-13] (Atheros)
3 CorsairCAHS1; C:\Windows\System32\drivers\CAHS164.sys [1308160 2011-06-15] (C-Media Electronics Inc)
1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [279616 2011-12-25] (DT Soft Ltd)
3 FLxHCIc; C:\Windows\System32\Drivers\FLxHCIc.sys [302592 2011-02-24] (Fresco Logic)
3 FLxHCIh; C:\Windows\System32\Drivers\FLxHCIh.sys [81920 2011-02-24] (Fresco Logic)
3 hamachi; C:\Windows\System32\Drivers\hamachi.sys [33856 2009-03-17] (LogMeIn, Inc.)
3 kbfiltr; C:\Windows\System32\Drivers\kbfiltr.sys [15416 2009-07-20] ( )
3 LADF_CaptureOnly; C:\Windows\System32\DRIVERS\ladfGSCamd64.sys [410184 2011-04-11] (Logitech)
3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-28] (Logitech)
3 LADF_RenderOnly; C:\Windows\System32\DRIVERS\ladfGSRamd64.sys [341832 2011-04-11] (Logitech)
3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-28] (Logitech)
3 LGBusEnum; C:\Windows\System32\Drivers\LGBusEnum.sys [22408 2009-11-23] (Logitech Inc.)
3 LGVirHid; C:\Windows\System32\Drivers\LGVirHid.sys [16008 2009-11-23] (Logitech Inc.)
3 mcdbus; C:\Windows\System32\Drivers\mcdbus.sys [255552 2009-02-24] (MagicISO, Inc.)
4 RsFx0103; C:\Windows\System32\Drivers\RsFx0103.sys [311656 2009-03-29] (Microsoft Corporation)
3 RzSynapse; C:\Windows\System32\Drivers\RzSynapse.sys [126464 2011-11-14] (Razer USA Ltd)
3 SNP2UVC; C:\Windows\System32\Drivers\SNP2UVC.sys [1800832 2010-09-07] (Sonix Technology Co., Ltd.)
3 tap0901t; C:\Windows\System32\Drivers\tap0901t.sys [31232 2009-09-15] (Tunngle.net)
3 TsUsbGD; C:\Windows\System32\Drivers\TsUsbGD.sys [31232 2010-11-20] (Microsoft Corporation)
2 TurboB; C:\Windows\System32\Drivers\TurboB.sys [16120 2010-11-29] (Intel® Corporation)
3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x]
3 X6va005; \??\C:\Users\Noxien\AppData\Local\Temp\005ADFC.tmp [x]

========================== NetSvcs (Whitelisted) ===========
NETSVC: sscdbus

============ One Month Created Files and Folders ==============

2012-04-18 15:04 - 2011-09-14 03:24 - 0000000 ____D C:\FRST
2012-04-16 02:03 - 2009-02-18 14:54 - 0044196 ____A C:\Users\Noxien\Documents\IMG_15042012_231240.png
2012-04-14 19:48 - 2012-03-06 16:04 - 0337240 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2012-04-14 19:48 - 2012-03-06 16:04 - 0059224 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2012-04-14 19:48 - 2012-03-06 16:02 - 0819032 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2012-04-14 19:48 - 2012-03-06 16:01 - 0069976 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2012-04-14 19:48 - 2012-03-06 16:01 - 0053080 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2012-04-14 19:48 - 2011-12-24 06:59 - 0001843 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2012-04-14 19:48 - 2010-03-17 23:23 - 0258520 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2012-04-14 19:48 - 2009-07-13 19:20 - 0000000 ____A C:\Windows\SysWOW64\config.nt
2012-04-14 19:48 - 2009-07-13 17:52 - 0024408 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2012-04-14 19:47 - 2011-09-14 18:37 - 0041184 ____A (AVAST Software) C:\Windows\avastSS.scr
2012-04-14 19:47 - 2011-09-14 18:03 - 0201352 ____A (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
2012-04-12 03:08 - 2012-04-15 13:24 - 0000000 ____D C:\Users\All Users\AVAST Software
2012-04-12 03:08 - 2012-04-15 13:24 - 0000000 ____D C:\ProgramData\AVAST Software
2012-04-12 03:08 - 2011-09-14 18:03 - 0000000 ____D C:\Program Files\AVAST Software
2012-04-11 19:22 - 2012-04-11 19:22 - 0000174 ___SH C:\Users\Default\Start Menu\Programs\Startup\desktop.ini
2012-04-11 19:22 - 2012-04-11 19:22 - 0000174 ___SH C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-04-11 19:22 - 2012-04-11 19:22 - 0000174 ___SH C:\Users\Default User\Start Menu\Programs\Startup\desktop.ini
2012-04-11 19:22 - 2012-04-11 19:22 - 0000174 ___SH C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-04-11 19:22 - 2012-03-22 09:50 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\Ahody
2012-04-11 19:22 - 2012-03-17 21:18 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\Isqoda
2012-04-11 19:22 - - 0141824 ____A C:\Users\UpdatusUser\Start Menu\Programs\Startup\heizy.exe
2012-04-11 19:22 - - 0141824 ____A C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\heizy.exe
2012-04-11 19:22 - - 0141824 ____A C:\Users\Default\Start Menu\Programs\Startup\anywy.exe
2012-04-11 19:22 - - 0141824 ____A C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\anywy.exe
2012-04-11 19:22 - - 0141824 ____A C:\Users\Default User\Start Menu\Programs\Startup\anywy.exe
2012-04-11 19:22 - - 0141824 ____A C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\anywy.exe
2012-04-11 19:12 - 2009-07-13 17:40 - 0000000 __ASH C:\Windows\System32\dds_trash_log.cmd
2012-04-11 19:11 - 2012-04-14 22:42 - 0000000 ____D C:\Windows\system64
2012-04-10 22:37 - 2011-12-24 19:01 - 0000000 ____D C:\Users\Noxien\AppData\Local\CrashDumps
2012-04-10 01:11 - 2012-03-18 04:44 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\UDP Software
2012-04-10 01:00 - 2011-12-25 07:21 - 23327407 ____A C:\Users\Noxien\Downloads\LazyNewbPack [0.34.07] [V12].zip
2012-04-06 00:31 - 2012-01-01 16:38 - 0146163 ____A C:\Users\Noxien\Documents\Shaco_Splash_0.jpg
2012-03-31 12:42 - 2012-02-11 11:39 - 0000000 ____D C:\Users\Noxien\Documents\Apeture
2012-03-31 07:22 - 2012-03-19 05:56 - 0000000 ____D C:\Users\Noxien\AppData\Local\Eclipse
2012-03-31 07:21 - 2012-01-13 18:33 - 0000000 ____D C:\Users\Noxien\Documents\eclipse-cpp-indigo-SR2-incubation-win32-x86_64
2012-03-31 07:21 - 2011-12-24 19:00 - 0000000 ____D C:\Users\Noxien\workspace
2012-03-30 21:20 - 2012-03-31 07:21 - 113909587 ____A C:\Users\Noxien\Documents\eclipse-cpp-indigo-SR2-incubation-win32-x86_64.zip
2012-03-30 21:15 - 2012-01-22 01:47 - 0000000 ____D C:\Users\Noxien\.towns
2012-03-30 19:36 - 2012-03-30 21:01 - 104011923 ____A C:\Users\Noxien\Documents\eclipse-java-helios-SR2-win32.zip
2012-03-30 19:06 - 2012-03-19 08:51 - 0022376 ____A C:\Users\Noxien\Documents\TexAdvSauceFiles.rar
2012-03-30 16:23 - 2011-12-24 19:01 - 0000000 ____D C:\Users\Noxien\AppData\Local\PreEmptive Solutions
2012-03-30 09:41 - 2009-07-22 00:17 - 0078872 ____A (Microsoft Corporation) C:\Windows\System32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2012-03-30 09:41 - 2009-07-22 00:17 - 0050200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2012-03-30 09:40 - 2012-03-30 09:31 - 0000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2012-03-30 09:40 - 2009-07-13 17:43 - 0000000 ____D C:\Windows\System32\RsFx
2012-03-30 09:40 - 2009-07-13 15:55 - 0111640 ____A (Microsoft Corporation) C:\Windows\System32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
2012-03-30 09:40 - 2009-07-13 15:40 - 0079896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
2012-03-30 09:37 - 2012-04-18 14:07 - 0000000 ____D C:\Users\All Users\PreEmptive Solutions
2012-03-30 09:37 - 2012-04-18 14:07 - 0000000 ____D C:\ProgramData\PreEmptive Solutions
2012-03-30 09:37 - 2012-03-30 09:40 - 0000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2012-03-30 09:37 - 2012-03-30 09:37 - 0000000 ____D C:\Program Files\Microsoft Synchronization Services
2012-03-30 09:37 - 2012-03-30 09:37 - 0000000 ____D C:\Program Files\Microsoft Sync Framework
2012-03-30 09:37 - 2012-03-30 09:37 - 0000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2012-03-30 09:37 - 2012-01-27 05:10 - 0000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2012-03-30 09:37 - 2012-01-10 16:52 - 0000000 ____D C:\Program Files\Microsoft SQL Server
2012-03-30 09:35 - 2012-03-30 09:35 - 0000000 ____D C:\Users\Noxien\Documents\Visual Studio 2010
2012-03-30 09:35 - 2012-03-30 09:33 - 0000000 ____D C:\Program Files (x86)\IIS
2012-03-30 09:35 - 2012-02-27 02:16 - 0000000 ____D C:\Users\Noxien\Documents\Visual Studio 2008
2012-03-30 09:35 - 2011-12-24 19:04 - 0000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2012-03-30 09:35 - 2011-04-01 20:36 - 0000000 ____D C:\Program Files\IIS
2012-03-30 09:33 - 2012-03-30 09:35 - 0000000 ____D C:\Program Files (x86)\Microsoft F#
2012-03-30 09:33 - 2012-01-10 16:53 - 0000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2012-03-30 09:33 - 2011-04-01 20:36 - 0000000 ____D C:\Program Files (x86)\HTML Help Workshop
2012-03-30 09:33 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\SysWOW64\1033
2012-03-30 09:31 - 2012-03-30 09:37 - 0000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2012-03-30 09:31 - 2012-01-25 00:56 - 0000000 ____D C:\Windows\symbols
2012-03-30 09:31 - 2012-01-10 16:53 - 0000000 ____D C:\Program Files (x86)\Microsoft SDKs
2012-03-30 09:31 - 2012-01-10 16:52 - 0000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2012-03-30 09:31 - 2009-07-13 23:45 - 0000000 ____D C:\Program Files\Microsoft Help Viewer
2012-03-30 09:31 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\System32\1033
2012-03-25 17:30 - 2012-03-15 14:37 - 0000507 ____A C:\Users\Public\Desktop\Vampire - The Masquerade Bloodlines.lnk
2012-03-25 17:30 - 2009-07-13 19:20 - 0000267 ____A C:\Windows\vtmb.ini
2012-03-19 08:06 - 2012-01-07 09:48 - 0000618 ____A C:\Users\Public\Desktop\StarCraft II.lnk
2012-03-19 08:06 - 2011-10-01 01:28 - 0000000 ____D C:\Users\Noxien\Documents\StarCraft II
2012-03-19 05:56 - 2012-04-14 20:06 - 0000000 ____D C:\Users\Noxien\AppData\Local\Desura
2012-03-19 05:52 - 2009-07-13 21:08 - 0000000 ____D C:\Users\All Users\Desura
2012-03-19 05:52 - 2009-07-13 21:08 - 0000000 ____D C:\ProgramData\Desura
2012-03-19 05:52 - 2009-07-13 20:54 - 0001861 ____A C:\Users\Public\Desktop\Desura.lnk
2012-03-19 05:52 - 2009-07-13 20:54 - 0000000 ____D C:\Program Files (x86)\Desura
2012-03-19 03:44 - 2012-01-25 01:31 - 0000000 ____D C:\Program Files (x86)\LogMeIn Hamachi

============ 3 Months Modified Files and Folders =============

2012-04-18 15:06 - 2012-04-18 15:04 - 0000000 ____D C:\FRST
2012-04-18 14:07 - 2012-04-10 01:11 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\UDP Software
2012-04-18 14:07 - 2012-01-06 07:31 - 0000000 ____D C:\Users\All Users\PMB Files
2012-04-18 14:07 - 2012-01-06 07:31 - 0000000 ____D C:\ProgramData\PMB Files
2012-04-18 14:07 - 2011-12-25 07:03 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\Skype
2012-04-18 14:07 - 2011-12-24 06:59 - 0000000 ____D C:\users\Noxien
2012-04-18 14:07 - 2011-09-14 18:05 - 0000000 ___HD C:\ExpressGateUtil
2012-04-18 14:07 - 2011-09-14 17:51 - 0000000 ____D C:\users\UpdatusUser
2012-04-18 14:07 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2012-04-18 14:07 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\AppCompat
2012-04-17 20:48 - 2011-09-14 17:38 - 4220301312 __ASH C:\hiberfil.sys
2012-04-17 20:08 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\config\TxR
2012-04-17 19:24 - 2012-01-06 07:31 - 0000000 ____D C:\Users\Noxien\AppData\Local\PMB Files
2012-04-17 17:06 - 2012-02-23 17:11 - 0000000 ____D C:\Users\Noxien\riotsGamesLogs
2012-04-16 02:03 - 2012-04-16 02:03 - 0044196 ____A C:\Users\Noxien\Documents\IMG_15042012_231240.png
2012-04-15 13:24 - 2012-01-22 10:48 - 0000000 ____D C:\Windows\System32\Macromed
2012-04-15 13:24 - 2011-09-14 17:58 - 0000000 ____D C:\Users\All Users\Atheros
2012-04-15 13:24 - 2011-09-14 17:58 - 0000000 ____D C:\ProgramData\Atheros
2012-04-15 13:24 - 2011-04-01 20:47 - 0000000 ____D C:\Windows\SysWOW64\Macromed
2012-04-15 13:24 - 2009-07-13 23:44 - 0000000 ___RD C:\Users\Public\Recorded TV
2012-04-15 05:41 - 2012-01-19 08:20 - 0000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-04-15 05:16 - 2011-04-01 20:36 - 0000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-04-14 23:16 - 2011-04-01 20:36 - 0000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-04-14 22:44 - 2011-12-25 07:03 - 0000000 ___RD C:\Program Files (x86)\Skype
2012-04-14 22:44 - 2011-12-25 07:03 - 0000000 ____D C:\Users\All Users\Skype
2012-04-14 22:44 - 2011-12-25 07:03 - 0000000 ____D C:\ProgramData\Skype
2012-04-14 22:42 - 2009-07-13 21:13 - 0901802 ____A C:\Windows\System32\PerfStringBackup.INI
2012-04-14 20:41 - 2012-01-22 11:41 - 8741536 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2012-04-14 20:41 - 2012-01-19 08:20 - 0418464 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-04-14 20:41 - 2012-01-19 08:20 - 0070304 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-04-14 20:31 - 2012-01-13 01:02 - 0000000 ____D C:\Users\Noxien\AppData\Local\ElevatedDiagnostics
2012-04-14 20:06 - 2012-04-10 22:37 - 0000000 ____D C:\Users\Noxien\AppData\Local\CrashDumps
2012-04-14 20:05 - 2011-09-14 17:53 - 0000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-04-14 19:48 - 2012-04-14 19:48 - 0001843 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2012-04-14 19:48 - 2012-04-14 19:48 - 0000000 ____A C:\Windows\SysWOW64\config.nt
2012-04-14 19:47 - 2012-04-12 03:08 - 0000000 ____D C:\Users\All Users\AVAST Software
2012-04-14 19:47 - 2012-04-12 03:08 - 0000000 ____D C:\ProgramData\AVAST Software
2012-04-14 19:47 - 2012-04-12 03:08 - 0000000 ____D C:\Program Files\AVAST Software
2012-04-14 19:40 - 2012-04-11 19:22 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\Ahody
2012-04-14 19:33 - 2009-07-13 20:45 - 0009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-04-14 19:33 - 2009-07-13 20:45 - 0009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-04-14 19:29 - 2011-09-14 17:43 - 1118091 ____A C:\Windows\WindowsUpdate.log
2012-04-14 19:27 - 2012-01-29 04:28 - 0000000 ____D C:\Users\Noxien\AppData\Local\LogMeIn Hamachi
2012-04-14 19:27 - 2012-01-03 04:10 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\uTorrent
2012-04-14 19:27 - 2011-12-24 06:59 - 0000000 ___HD C:\ASUS.DAT
2012-04-14 19:26 - 2012-04-11 19:12 - 0000000 __ASH C:\Windows\System32\dds_trash_log.cmd
2012-04-14 19:25 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-04-14 19:25 - 2009-07-13 20:51 - 0071471 ____A C:\Windows\setupact.log
2012-04-12 14:48 - 2011-12-24 19:05 - 0000000 ____D C:\Users\Noxien\AppData\Local\Google
2012-04-11 19:22 - 2012-04-11 19:22 - 0141824 ____A C:\Users\UpdatusUser\Start Menu\Programs\Startup\heizy.exe
2012-04-11 19:22 - 2012-04-11 19:22 - 0141824 ____A C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\heizy.exe
2012-04-11 19:22 - 2012-04-11 19:22 - 0141824 ____A C:\Users\Default\Start Menu\Programs\Startup\anywy.exe
2012-04-11 19:22 - 2012-04-11 19:22 - 0141824 ____A C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\anywy.exe
2012-04-11 19:22 - 2012-04-11 19:22 - 0141824 ____A C:\Users\Default User\Start Menu\Programs\Startup\anywy.exe
2012-04-11 19:22 - 2012-04-11 19:22 - 0141824 ____A C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\anywy.exe
2012-04-11 19:22 - 2012-04-11 19:22 - 0000174 ___SH C:\Users\Default\Start Menu\Programs\Startup\desktop.ini
2012-04-11 19:22 - 2012-04-11 19:22 - 0000174 ___SH C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-04-11 19:22 - 2012-04-11 19:22 - 0000174 ___SH C:\Users\Default User\Start Menu\Programs\Startup\desktop.ini
2012-04-11 19:22 - 2012-04-11 19:22 - 0000174 ___SH C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-04-11 19:22 - 2012-04-11 19:22 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\Isqoda
2012-04-11 19:11 - 2012-04-11 19:11 - 0000000 ____D C:\Windows\system64
2012-04-10 01:02 - 2012-04-10 01:00 - 23327407 ____A C:\Users\Noxien\Downloads\LazyNewbPack [0.34.07] [V12].zip
2012-04-06 00:31 - 2012-04-06 00:31 - 0146163 ____A C:\Users\Noxien\Documents\Shaco_Splash_0.jpg
2012-04-03 00:04 - 2011-12-24 19:12 - 0000000 ____D C:\Program Files (x86)\Opera
2012-04-03 00:01 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\NDF
2012-04-03 00:00 - 2011-12-24 06:59 - 0045056 ____A C:\Windows\System32\acovcnt.exe
2012-04-03 00:00 - 2011-09-14 18:03 - 0001354 ____A C:\Windows\System32\ServiceFilter.ini
2012-04-02 23:58 - 2012-03-19 05:52 - 0000000 ____D C:\Program Files (x86)\Desura
2012-04-02 23:57 - 2011-12-24 23:05 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\.purple
2012-03-31 13:58 - 2012-03-31 12:42 - 0000000 ____D C:\Users\Noxien\Documents\Apeture
2012-03-31 09:47 - 2012-03-31 07:22 - 0000000 ____D C:\Users\Noxien\AppData\Local\Eclipse
2012-03-31 07:39 - 2012-03-31 07:21 - 0000000 ____D C:\Users\Noxien\workspace
2012-03-31 07:21 - 2012-03-31 07:21 - 0000000 ____D C:\Users\Noxien\Documents\eclipse-cpp-indigo-SR2-incubation-win32-x86_64
2012-03-30 21:15 - 2012-03-30 21:15 - 0000000 ____D C:\Users\Noxien\.towns
2012-03-30 21:01 - 2012-03-30 21:20 - 113909587 ____A C:\Users\Noxien\Documents\eclipse-cpp-indigo-SR2-incubation-win32-x86_64.zip
2012-03-30 19:06 - 2012-03-30 19:06 - 0022376 ____A C:\Users\Noxien\Documents\TexAdvSauceFiles.rar
2012-03-30 16:23 - 2012-03-30 16:23 - 0000000 ____D C:\Users\Noxien\AppData\Local\PreEmptive Solutions
2012-03-30 14:28 - 2012-03-30 09:35 - 0000000 ____D C:\Users\Noxien\Documents\Visual Studio 2010
2012-03-30 09:40 - 2012-03-30 09:40 - 0000000 ____D C:\Windows\System32\RsFx
2012-03-30 09:40 - 2012-03-30 09:40 - 0000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2012-03-30 09:40 - 2012-03-30 09:37 - 0000000 ____D C:\Program Files\Microsoft SQL Server
2012-03-30 09:40 - 2012-03-30 09:37 - 0000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2012-03-30 09:40 - 2012-03-30 09:33 - 0000000 ____D C:\Windows\SysWOW64\1033
2012-03-30 09:40 - 2012-03-30 09:31 - 0000000 ____D C:\Windows\System32\1033
2012-03-30 09:40 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\Microsoft Shared
2012-03-30 09:37 - 2012-03-30 09:37 - 0000000 ____D C:\Users\All Users\PreEmptive Solutions
2012-03-30 09:37 - 2012-03-30 09:37 - 0000000 ____D C:\ProgramData\PreEmptive Solutions
2012-03-30 09:37 - 2012-03-30 09:37 - 0000000 ____D C:\Program Files\Microsoft Synchronization Services
2012-03-30 09:37 - 2012-03-30 09:37 - 0000000 ____D C:\Program Files\Microsoft Sync Framework
2012-03-30 09:37 - 2012-03-30 09:37 - 0000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2012-03-30 09:37 - 2012-03-30 09:37 - 0000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2012-03-30 09:37 - 2012-03-30 09:33 - 0000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2012-03-30 09:37 - 2012-03-30 09:31 - 0000000 ____D C:\Program Files (x86)\Microsoft SDKs
2012-03-30 09:37 - 2011-04-01 20:43 - 0000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-03-30 09:36 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\MSBuild
2012-03-30 09:35 - 2012-03-30 09:35 - 0000000 ____D C:\Users\Noxien\Documents\Visual Studio 2008
2012-03-30 09:35 - 2012-03-30 09:35 - 0000000 ____D C:\Program Files\IIS
2012-03-30 09:35 - 2012-03-30 09:35 - 0000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2012-03-30 09:35 - 2012-03-30 09:35 - 0000000 ____D C:\Program Files (x86)\IIS
2012-03-30 09:34 - 2012-03-30 09:33 - 0000000 ____D C:\Program Files (x86)\Microsoft F#
2012-03-30 09:33 - 2012-03-30 09:33 - 0000000 ____D C:\Program Files (x86)\HTML Help Workshop
2012-03-30 09:33 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files (x86)\MSBuild
2012-03-30 09:31 - 2012-03-30 09:31 - 0000000 ____D C:\Windows\symbols
2012-03-30 09:31 - 2012-03-30 09:31 - 0000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2012-03-30 09:31 - 2012-03-30 09:31 - 0000000 ____D C:\Program Files\Microsoft Help Viewer
2012-03-30 09:31 - 2012-03-30 09:31 - 0000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2012-03-25 17:30 - 2012-03-25 17:30 - 0000507 ____A C:\Users\Public\Desktop\Vampire - The Masquerade Bloodlines.lnk
2012-03-25 17:30 - 2012-03-25 17:30 - 0000267 ____A C:\Windows\vtmb.ini
2012-03-22 09:50 - 2011-12-24 19:05 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\Adobe
2012-03-22 09:13 - 2012-01-23 03:52 - 0000000 ____D C:\Users\Noxien\AppData\Local\Adobe
2012-03-19 08:51 - 2012-03-19 08:06 - 0000000 ____D C:\Users\Noxien\Documents\StarCraft II
2012-03-19 08:15 - 2012-03-19 08:06 - 0000618 ____A C:\Users\Public\Desktop\StarCraft II.lnk
2012-03-19 08:15 - 2012-01-30 10:24 - 0000000 ____D C:\Users\All Users\Blizzard Entertainment
2012-03-19 08:15 - 2012-01-30 10:24 - 0000000 ____D C:\ProgramData\Blizzard Entertainment
2012-03-19 06:39 - 2011-04-01 20:38 - 0539134 ____A C:\Windows\DirectX.log
2012-03-19 05:56 - 2012-03-19 05:56 - 0000000 ____D C:\Users\Noxien\AppData\Local\Desura
2012-03-19 05:52 - 2012-03-19 05:52 - 0001861 ____A C:\Users\Public\Desktop\Desura.lnk
2012-03-19 05:52 - 2012-03-19 05:52 - 0000000 ____D C:\Users\All Users\Desura
2012-03-19 05:52 - 2012-03-19 05:52 - 0000000 ____D C:\ProgramData\Desura
2012-03-19 03:44 - 2012-03-19 03:44 - 0000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2012-03-18 05:18 - 2011-04-01 20:17 - 0321540 ____A C:\Windows\PFRO.log
2012-03-18 04:45 - 2011-12-30 00:05 - 0000000 ____D C:\Users\All Users\Tunngle
2012-03-18 04:45 - 2011-12-30 00:05 - 0000000 ____D C:\ProgramData\Tunngle
2012-03-18 04:44 - 2011-12-30 00:05 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\Tunngle
2012-03-18 03:59 - 2012-03-17 05:05 - 0000285 ____A C:\Windows\EReg072.dat
2012-03-18 03:59 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Help
2012-03-18 03:54 - 2012-03-18 03:54 - 0007667 ____A C:\Users\Noxien\AppData\Local\Resmon.ResmonCfg
2012-03-18 00:33 - 2012-03-18 00:18 - 0000548 ____A C:\Users\Noxien\Desktop\Terraria.lnk
2012-03-18 00:26 - 2011-12-25 21:29 - 0000000 ____D C:\Users\Noxien\Documents\My games
2012-03-17 21:27 - 2012-03-17 21:27 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\My Games
2012-03-17 21:26 - 2012-03-17 21:18 - 0000791 ____A C:\Users\UpdatusUser\Desktop\Launch Sid Meier's Civilization 4.lnk
2012-03-17 21:26 - 2012-03-17 21:18 - 0000791 ____A C:\Users\Noxien\Desktop\Launch Sid Meier's Civilization 4.lnk
2012-03-17 21:18 - 2012-03-17 21:18 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\InstallShield Installation Information
2012-03-17 10:56 - 2011-12-25 18:31 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\DAEMON Tools Lite
2012-03-17 05:37 - 2012-03-17 05:37 - 0000000 ____D C:\Program Files (x86)\Ligos
2012-03-17 05:12 - 2012-03-17 05:12 - 0011819 ____A C:\Windows\EAConfigInfo.txt
2012-03-17 05:04 - 2012-03-17 05:04 - 0004608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\w95inf32.dll
2012-03-17 05:04 - 2012-03-17 05:04 - 0002272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\w95inf16.dll
2012-03-17 01:14 - 2012-03-17 01:14 - 0000000 ____D C:\Users\Noxien\AppData\Local\SKIDROW
2012-03-17 01:12 - 2012-03-17 01:12 - 0000713 ____A C:\Users\Public\Desktop\E.Y.E Divine Cybermancy.lnk
2012-03-17 00:58 - 2012-01-09 01:04 - 0043520 ____A C:\Windows\SysWOW64\CmdLineExt03.dll
2012-03-17 00:56 - 2012-01-09 01:04 - 0000000 ____D C:\Users\Noxien\Documents\Thief - Deadly Shadows
2012-03-16 06:48 - 2012-03-16 06:39 - 0000000 ____D C:\Users\Noxien\3079Saves
2012-03-15 15:12 - 2012-03-15 15:11 - 0000000 ____D C:\Users\Noxien\AppData\Local\TERA-Diagnostic
2012-03-15 14:38 - 2012-03-15 14:37 - 0000000 ____D C:\Users\Noxien\AppData\Local\TERA
2012-03-15 14:37 - 2012-03-15 14:37 - 0000403 ____A C:\Users\Public\Desktop\TERA-Launcher.lnk
2012-03-12 08:37 - 2012-03-12 08:37 - 0000571 ____A C:\Users\Public\Desktop\Call of Duty® 4 - Modern Warfare™ Singleplayer.lnk
2012-03-12 08:37 - 2012-03-12 08:37 - 0000571 ____A C:\Users\Public\Desktop\Call of Duty® 4 - Modern Warfare™ Multiplayer.lnk
2012-03-12 08:37 - 2012-03-12 08:37 - 0000300 ____A C:\Windows\game.ini
2012-03-11 22:56 - 2012-03-11 22:56 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\gtk-2.0
2012-03-11 22:38 - 2012-01-03 04:11 - 0000000 ____D C:\Program Files (x86)\uTorrent
2012-03-09 08:02 - 2012-03-09 08:02 - 0000201 ____A C:\Users\Noxien\Desktop\Call of Duty Modern Warfare 2.url
2012-03-09 08:02 - 2012-03-09 08:02 - 0000201 ____A C:\Users\Noxien\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.url
2012-03-08 17:28 - 2012-03-08 17:28 - 0141459 ____A C:\Users\Noxien\Documents\combined_02.gif
2012-03-08 04:24 - 2012-01-23 03:15 - 0000000 ____D C:\Users\Noxien\Downloads\Dungeons & Dragons - 4th Edition
2012-03-08 04:24 - 2012-01-18 05:11 - 0000000 ____D C:\Users\Noxien\Downloads\Infinity Engine Ultimate Collection
2012-03-08 04:22 - 2012-03-08 04:22 - 0040902 ____A C:\Users\Noxien\Documents\[]Demonoid.me[]-Mass_Effect_3_RELOADED.torrent
2012-03-08 01:20 - 2012-03-08 01:20 - 0000202 ____A C:\Users\Noxien\Desktop\Realm of the Mad God.url
2012-03-06 16:15 - 2012-04-14 19:48 - 0258520 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2012-03-06 16:15 - 2012-04-14 19:47 - 0201352 ____A (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
2012-03-06 16:15 - 2012-04-14 19:47 - 0041184 ____A (AVAST Software) C:\Windows\avastSS.scr
2012-03-06 16:04 - 2012-04-14 19:48 - 0819032 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2012-03-06 16:04 - 2012-04-14 19:48 - 0337240 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2012-03-06 16:02 - 2012-04-14 19:48 - 0053080 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2012-03-06 16:01 - 2012-04-14 19:48 - 0069976 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2012-03-06 16:01 - 2012-04-14 19:48 - 0059224 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2012-03-06 16:01 - 2012-04-14 19:48 - 0024408 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2012-03-06 05:27 - 2012-03-06 05:27 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\WinRAR
2012-03-06 05:26 - 2012-03-06 05:26 - 0000000 ____D C:\Program Files\WinRAR
2012-03-04 05:42 - 2012-03-04 05:42 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\RotMG.Production
2012-03-02 04:20 - 2012-03-02 04:20 - 0193960 ___AH C:\Windows\SysWOW64\mlfcache.dat
2012-02-29 17:53 - 2012-02-29 06:16 - 0000000 ____D C:\Users\Noxien\Desktop\SERVERMC
2012-02-29 06:20 - 2012-01-28 09:57 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\.minecraft
2012-02-27 02:16 - 2012-02-27 02:15 - 3740072 ____A (Tunngle.net GmbH ) C:\Users\Noxien\Documents\Tunngle_Setup_v4.4.0.1.exe
2012-02-27 02:16 - 2011-12-30 00:04 - 0000000 ____D C:\Program Files (x86)\Tunngle
2012-02-27 02:04 - 2012-02-27 02:03 - 3934973 ____A C:\Users\Noxien\Documents\minecraft.jar
2012-02-27 02:04 - 2012-02-27 02:03 - 1246111 ____A C:\Users\Noxien\Documents\faithful32pack.zip
2012-02-23 17:11 - 2012-02-23 17:11 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\LolClient
2012-02-22 18:39 - 2012-02-05 10:51 - 0000000 ____D C:\Users\Noxien\Downloads\WOWADDONS
2012-02-22 18:27 - 2012-02-22 18:27 - 2288128 ____A C:\Users\Noxien\Downloads\LeagueofLegends.exe
2012-02-21 15:59 - 2012-02-21 15:59 - 0014400 ____A C:\Users\Noxien\Documents\Mah Schedule tiemtable.xlsx
2012-02-21 15:59 - 2012-02-21 15:59 - 0000165 ___AH C:\Users\Noxien\Documents\~$Mah Schedule tiemtable.xlsx
2012-02-12 15:24 - 2012-02-12 14:56 - 0000000 ____D C:\Users\Noxien\Downloads\The League Of Extraordinary Gentlemen BDRip XviD AC3-DEA
2012-02-12 14:02 - 2012-02-12 13:23 - 0000000 ____D C:\Users\Noxien\Downloads\Queen Of The Damned 2002 H264 DVDRip-Pcconsultant2007
2012-02-11 11:39 - 2012-02-11 11:39 - 0011597 ____A C:\Users\Noxien\Documents\Achievements.docx
2012-02-09 13:57 - 2012-02-09 13:57 - 0000964 ____A C:\Users\Noxien\Desktop\win.txt
2012-02-08 17:01 - 2012-01-28 05:29 - 0000000 ____D C:\Users\Noxien\Downloads\Minecraft
2012-01-31 10:32 - 2012-01-31 10:27 - 14537619 ____A C:\Users\Noxien\Downloads\Griz2(ver1.04).zip
2012-01-31 08:51 - 2012-01-31 08:47 - 15342587 ____A C:\Users\Noxien\Downloads\GrizwaldAndThePyramid.Ver1.41.zip
2012-01-31 05:35 - 2012-01-31 05:34 - 6345685 ____A C:\Users\Noxien\Downloads\CUBEception reloaded multiplayer.zip
2012-01-31 03:45 - 2012-02-18 13:48 - 0000000 ____D C:\Users\Noxien\Desktop\Release
2012-01-31 00:28 - 2012-01-31 00:28 - 0001780 ____A C:\Users\Noxien\Desktop\Bloodline Champions.lnk
2012-01-30 07:36 - 2012-01-30 07:36 - 0000165 ____A C:\Users\Noxien\Desktop\NEEDED FOR INTERVIEW.txt
2012-01-30 07:35 - 2012-01-30 03:16 - 0049809 ____A C:\Users\Noxien\Downloads\RD2.png
2012-01-30 07:33 - 2009-07-13 19:18 - 0000000 __SHD C:\$Recycle.Bin
2012-01-30 07:26 - 2012-01-30 07:26 - 0081335 ____A C:\Users\Noxien\Downloads\megasweet rainbow_dash.jpg
2012-01-30 04:07 - 2012-01-30 04:07 - 0525462 ____A C:\Users\Noxien\Downloads\fiarel Friendship rainbow_dash shipping.jpeg
2012-01-30 04:07 - 2012-01-30 04:07 - 0322134 ____A C:\Users\Noxien\Downloads\xhazard78x lesbian rainbow_dash shipping.jpeg
2012-01-30 04:06 - 2012-01-30 04:06 - 0561984 ____A C:\Users\Noxien\Downloads\C4tspesbian bed rainbow_dashajamas.jpeg
2012-01-30 04:06 - 2012-01-30 04:06 - 0223544 ____A C:\Users\Noxien\Downloads\C4tspajamas cuddling rainbow_dash.jpeg
2012-01-30 04:06 - 2012-01-30 04:06 - 0186535 ____A C:\Users\Noxien\Downloads\john_joseco rainbow_dash.jpg
2012-01-30 04:06 - 2012-01-30 04:06 - 0125817 ____A C:\Users\Noxien\Downloads\john_joseco kissing lesbian rainbow_dash.jpg
2012-01-30 03:07 - 2012-01-30 03:07 - 0000530 ____A C:\Users\Noxien\Downloads\RD.png
2012-01-30 02:46 - 2012-01-30 02:46 - 0000482 ____A C:\Users\Noxien\Downloads\apple.png
2012-01-30 02:24 - 2012-01-28 11:10 - 0000517 ____A C:\Users\Noxien\Downloads\default.png
2012-01-30 01:23 - 2012-01-30 01:20 - 13725314 ____A C:\Users\Noxien\Downloads\Calmere Nightmare Episode II - A Roleplay Adventure.zip
2012-01-29 04:27 - 2012-01-29 04:26 - 3819520 ____A C:\Users\Noxien\Downloads\hamachi.msi
2012-01-28 23:23 - 2012-01-28 23:23 - 0383051 ____A C:\Users\Noxien\Downloads\minecraftforge-client-1.3.0.zip
2012-01-28 14:28 - 2012-01-28 14:28 - 0019831 ____A C:\Users\Noxien\Desktop\hs_err_pid5304.log
2012-01-28 11:08 - 2012-01-28 10:31 - 0000527 ____A C:\Users\Noxien\Downloads\skin.png
2012-01-28 10:14 - 2012-01-28 10:14 - 0113206 ____A C:\Users\Noxien\Downloads\Mine Little Pony 1.1 for ModLoader.zip
2012-01-28 08:16 - 2012-01-28 08:16 - 0750488 ____A (Oracle Corporation) C:\Windows\System32\npdeployJava1.dll
2012-01-28 08:16 - 2012-01-28 08:16 - 0660368 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2012-01-28 08:16 - 2012-01-28 08:16 - 0263560 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-01-28 08:16 - 2012-01-28 08:16 - 0188808 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-01-28 08:16 - 2012-01-28 08:16 - 0188808 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-01-28 08:16 - 2012-01-28 08:16 - 0000000 ____D C:\Program Files\Java
2012-01-28 08:15 - 2012-01-28 08:08 - 21449608 ____A (Oracle Corporation) C:\Users\Noxien\Downloads\jre-7u2-windows-x64.exe
2012-01-28 08:08 - 2012-01-28 05:45 - 17159968 ____A (Sun Microsystems, Inc.) C:\Users\Noxien\Downloads\jre-6u30-windows-i586-s.exe
2012-01-28 07:13 - 2012-01-28 07:13 - 1254515 ____A C:\Users\Noxien\Downloads\minecraft_server.jar
2012-01-28 06:27 - 2012-01-28 06:27 - 0024683 ____A C:\Users\Noxien\Downloads\ModLoaderMp 1.1 v2.zip
2012-01-28 06:26 - 2012-01-28 06:26 - 0046898 ____A C:\Users\Noxien\Downloads\AudioMod.zip
2012-01-28 06:25 - 2012-01-28 06:25 - 0089249 ____A C:\Users\Noxien\Downloads\ModLoader.zip
2012-01-28 06:21 - 2012-01-28 06:21 - 0268698 ____A C:\Users\Noxien\Downloads\minecraftforge-server-1.3.1.zip
2012-01-28 06:21 - 2012-01-28 06:20 - 0385285 ____A C:\Users\Noxien\Downloads\minecraftforge-client-1.3.1.zip
2012-01-28 06:14 - 2012-01-28 06:14 - 0121800 ____A C:\Users\Noxien\Downloads\Metallurgy 1.2.3b Client.zip
2012-01-28 05:47 - 2012-01-28 05:48 - 0157472 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2012-01-28 05:47 - 2012-01-28 05:48 - 0149280 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2012-01-28 05:47 - 2012-01-28 05:48 - 0149280 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2012-01-28 05:47 - 2012-01-28 05:47 - 0000000 ____D C:\Program Files (x86)\Java
2012-01-28 05:47 - 2012-01-16 20:49 - 0472808 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2012-01-28 05:27 - 2012-01-28 05:15 - 0270142 ____A C:\Users\Noxien\Desktop\Minecraft.exe
2012-01-28 00:09 - 2012-01-13 17:02 - 0000000 ____D C:\Users\Noxien\AppData\Local\ApplicationHistory
2012-01-27 12:08 - 2012-01-27 12:08 - 0000000 ___AH C:\Users\Noxien\Documents\Default.rdp
2012-01-27 05:11 - 2011-09-14 18:03 - 0002438 ____A C:\Windows\System32\AutoRunFilter.ini
2012-01-27 05:10 - 2011-04-01 20:37 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-01-27 05:10 - 2011-04-01 20:36 - 0000000 ____D C:\Users\All Users\Partner
2012-01-27 05:10 - 2011-04-01 20:36 - 0000000 ____D C:\ProgramData\Partner
2012-01-27 05:10 - 2009-07-13 20:45 - 4987240 ____A C:\Windows\System32\FNTCACHE.DAT
2012-01-26 17:38 - 2012-01-19 02:11 - 0000670 ____A C:\Users\Noxien\Documents\builder_known_files.txt
2012-01-26 02:57 - 2012-01-22 12:05 - 0000000 ____D C:\Users\Noxien\Downloads\D&D 4th Edition Upload
2012-01-26 02:49 - 2012-01-26 02:49 - 0410501 ____A C:\Users\Noxien\Downloads\4ept_latest.zip
2012-01-25 10:05 - 2012-01-25 10:05 - 0000000 ____D C:\Users\Noxien\AppData\Local\{7148F0A6-6813-11D6-A77B-00B0D0142020}
2012-01-25 01:32 - 2012-01-25 01:32 - 0000000 ____D C:\Users\Noxien\AppData\Local\Logitech
2012-01-25 01:32 - 2012-01-25 01:31 - 0000000 ____D C:\Program Files\Logitech Gaming Software
2012-01-25 01:31 - 2012-01-25 01:31 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\Logitech
2012-01-25 01:31 - 2012-01-25 01:31 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\Logishrd
2012-01-25 01:31 - 2011-12-24 19:09 - 0000000 ____D C:\Program Files (x86)\Logitech
2012-01-25 01:30 - 2012-01-25 01:29 - 51616256 ____A (Logitech Inc.) C:\Users\Noxien\Downloads\lgs820_x64.exe
2012-01-25 01:28 - 2012-01-25 01:28 - 0211291 ____A C:\Users\Noxien\Downloads\LCDSirReal-285.exe
2012-01-25 01:28 - 2012-01-25 01:28 - 0000000 ____D C:\Users\Noxien\Documents\LCDSirReal
2012-01-25 00:56 - 2012-01-25 00:56 - 0000000 ____D C:\Windows\Sun
2012-01-24 22:26 - 2012-01-11 08:50 - 0000000 ____D C:\Tutorial
2012-01-24 08:17 - 2012-01-24 08:17 - 0051158 ____A C:\Users\Noxien\Downloads\earlysigdj4.gif
2012-01-24 01:04 - 2012-01-24 01:04 - 0000194 ____A C:\INSTALL.LOG
2012-01-24 00:57 - 2012-01-19 05:45 - 0797186 ____A C:\Users\Noxien\Downloads\widescreen-v3.05.exe
2012-01-24 00:40 - 2012-01-13 21:21 - 0000000 ____D C:\Program Files (x86)\Black Isle
2012-01-23 08:00 - 2012-01-10 17:02 - 0000000 ____D C:\Users\All Users\Adobe
2012-01-23 08:00 - 2012-01-10 17:02 - 0000000 ____D C:\ProgramData\Adobe
2012-01-23 07:38 - 2011-12-25 05:28 - 0000000 ____D C:\TV
2012-01-23 05:30 - 2012-01-23 05:30 - 2777827 ____A C:\Users\Noxien\Downloads\DnD Miniatures.zip
2012-01-23 05:25 - 2012-01-23 05:33 - 0000000 ____D C:\Users\Noxien\Downloads\Creatures
2012-01-23 04:28 - 2011-12-24 06:59 - 0000000 ____D C:\Users\Noxien\AppData\LocalLow
2012-01-23 04:25 - 2012-01-23 04:25 - 0002021 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk
2012-01-23 04:25 - 2012-01-23 03:55 - 0000000 ____D C:\Program Files (x86)\Adobe
2012-01-23 04:15 - 2012-01-23 04:12 - 0000000 ____D C:\Users\All Users\regid.1986-12.com.adobe
2012-01-23 04:15 - 2012-01-23 04:12 - 0000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2012-01-23 04:15 - 2011-12-24 06:59 - 0115192 ____A C:\Users\Noxien\AppData\Local\GDIPFONTCACHEV1.DAT
2012-01-23 04:02 - 2012-01-23 03:56 - 0000000 ____D C:\Program Files\Common Files\Adobe
2012-01-23 04:02 - 2012-01-23 03:56 - 0000000 ____D C:\Program Files\Adobe
2012-01-23 04:01 - 2012-01-23 04:01 - 0000000 ____D C:\Users\All Users\ALM
2012-01-23 04:01 - 2012-01-23 04:01 - 0000000 ____D C:\ProgramData\ALM
2012-01-23 03:58 - 2012-01-23 03:58 - 0001087 ____A C:\Users\Public\Desktop\Adobe Content Viewer.lnk
2012-01-23 03:58 - 2012-01-23 03:58 - 0000000 ____D C:\Program Files (x86)\Adobe Story
2012-01-23 03:55 - 2012-01-23 03:55 - 0000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2012-01-23 03:55 - 2012-01-23 03:55 - 0000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2012-01-23 02:46 - 2012-01-23 02:44 - 15187565 ____A C:\Users\Noxien\Downloads\FreeRPGDay.zip
2012-01-23 00:28 - 2012-01-23 00:28 - 0036163 ____A C:\Users\Noxien\Downloads\Website design requirements.pdf
2012-01-23 00:28 - 2012-01-23 00:28 - 0016622 ____A C:\Users\Noxien\Downloads\Website design requirements.docx
2012-01-22 22:50 - 2012-01-22 22:50 - 0002085 ____A C:\Users\Public\Desktop\Icewind Dale II.lnk
2012-01-22 22:40 - 2012-01-22 22:40 - 0012104 ____A C:\Users\Noxien\Documents\Website prerequisites.docx
2012-01-22 11:52 - 2012-01-22 11:52 - 3992577 ____A C:\Users\Noxien\Documents\Keep on the ShadowFell.pdf
2012-01-22 02:10 - 2012-01-22 02:10 - 4274163 ____A C:\Users\Noxien\Downloads\DungeonTilesMapper120.zip
2012-01-22 01:47 - 2012-01-22 01:47 - 0000000 ____D C:\Users\Noxien\.maptool
2012-01-22 01:47 - 2012-01-22 01:46 - 18759995 ____A C:\Users\Noxien\Downloads\maptool-1.3.b87.zip
2012-01-22 01:13 - 2012-01-18 10:19 - 0000000 ____D C:\Users\Noxien\AppData\Roaming\Fantasy Grounds II
2012-01-21 10:37 - 2012-01-21 10:05 - 67250749 ____A C:\Users\Noxien\Downloads\D&D - 4th Edition - Eberron Campaign Guide.pdf
2012-01-21 10:26 - 2012-01-21 10:05 - 40576294 ____A C:\Users\Noxien\Downloads\DND 4E Eberron Player's Guide (OCR, Bookmarked).pdf
2012-01-20 09:30 - 2012-01-20 09:30 - 0000000 ____D C:\Program Files\Canon
2012-01-20 09:25 - 2012-01-20 09:24 - 0000000 ____D C:\Users\Noxien\Downloads\LBP5050N_R105_V103_W64_uk_EN
2012-01-20 09:24 - 2012-01-20 09:24 - 14753792 ____A C:\Users\Noxien\Downloads\LBP5050N_R105_V103_W64_uk_EN.exe
2012-01-20 07:22 - 2012-01-19 01:12 - 0000000 ____D C:\Users\Noxien\AppData\Local\Wizards_of_the_Coast

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 7%
Total physical RAM: 16289.06 MB
Available physical RAM: 15145.77 MB
Total Pagefile: 16287.21 MB
Available Pagefile: 15141.15 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:23.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive d: (DATA) (Fixed) (Total:394.18 GB) (Free:178.16 GB) NTFS
4 Drive f: () (Removable) (Total:7.45 GB) (Free:4.88 GB) NTFS
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 698 GB 1024 KB
Disk 1 Online 7633 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 25 GB 1024 KB
Partition 2 Primary 279 GB 25 GB
Partition 0 Extended 394 GB 304 GB
Partition 3 Logical 394 GB 304 GB

======================================================================================================

Disk: 0
Partition 1
Type : 1C
Hidden: Yes
Active: No

There is no volume associated with this partition.

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C OS NTFS Partition 279 GB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D DATA NTFS Partition 394 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7633 MB 16 KB

======================================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F NTFS Removable 7633 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2012-04-08 09:52

======================= End Of Log ==========================

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:05 AM

Posted 18 April 2012 - 01:10 PM

Hello and Welcome to Bleeping Computer!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.



Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt

SubSystems: [Windows] ==> ZeroAccess
4 sscdbus; C:\Windows\System32\avinitnt.dll [6656 2009-07-13] (Oak Technology Inc.)
C:\Windows\System32\avinitnt.dll
NETSVC: sscdbus


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the BartPE CD.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Gringo[/b]
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Noxien

Noxien
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:05 AM

Posted 18 April 2012 - 04:58 PM

Thank you for your quick reply master Gringo.
I've run the fixt on frst64 and was able to boot my computer successfully.
Here is my Fixlog.txt

Fix result of Farbar Recovery Scan Tool (FRST written by farbar) Version: 16-04-2012
Ran by SYSTEM at 2012-04-19 07:53:16 R:1
Running from F:\

==============================================

HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\SubSystems\\Windows Value was restored.
sscdbus service deleted successfully.
C:\Windows\System32\avinitnt.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs sscdbus Deleted successfully.

==== End of Fixlog ====

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:05 AM

Posted 18 April 2012 - 05:25 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Noxien

Noxien
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:05 AM

Posted 18 April 2012 - 05:59 PM

There were no problems
i've experienced no problems with my computer thus far.
Here is the log from combo fix


ComboFix 12-04-18.02 - Noxien 19/04/2012 8:40.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.16289.13720 [GMT 10:00]
Running from: F:\ComboFix.exe
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Noxien\AppData\Roaming\Isqoda
c:\users\Noxien\AppData\Roaming\Isqoda\cohu.exe
c:\windows\AsPatch10430001.exe
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\assembly\temp\@
c:\windows\assembly\temp\cfg.ini
c:\windows\system32\dds_trash_log.cmd
.
.
((((((((((((((((((((((((( Files Created from 2012-03-18 to 2012-04-18 )))))))))))))))))))))))))))))))
.
.
2012-04-18 23:04 . 2012-04-18 23:07 -------- d-----w- C:\FRST
2012-04-18 21:55 . 2012-04-18 22:49 -------- d-----w- c:\users\Noxien\AppData\Local\Temp
2012-04-15 06:44 . 2012-04-15 06:44 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-04-15 03:48 . 2012-03-07 00:04 337240 ----a-w- c:\windows\system32\drivers\aswSP.bak
2012-04-15 03:48 . 2012-03-07 00:02 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.bak
2012-04-15 03:48 . 2012-03-07 00:01 59224 ----a-w- c:\windows\system32\drivers\aswTdi.bak
2012-04-15 03:48 . 2012-03-07 00:01 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.bak
2012-04-15 03:48 . 2012-03-07 00:15 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-04-15 03:48 . 2012-03-07 00:04 819032 ----a-w- c:\windows\system32\drivers\aswSnx.bak
2012-04-15 03:48 . 2012-03-07 00:01 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.bak
2012-04-15 03:47 . 2012-03-07 00:15 41184 ----a-w- c:\windows\avastSS.scr
2012-04-15 03:47 . 2012-03-07 00:15 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-04-12 11:08 . 2012-04-15 03:47 -------- d-----w- c:\programdata\AVAST Software
2012-04-12 03:22 . 2012-04-18 22:33 -------- d-----w- c:\users\Noxien\AppData\Roaming\Ahody
2012-04-12 03:22 . 2012-04-12 03:22 141824 ----a-w- c:\users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\heizy.exe
2012-04-12 03:22 . 2012-04-12 03:22 141824 ----a-w- c:\users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\anywy.exe
2012-04-12 03:11 . 2012-04-12 03:11 -------- d-----we c:\windows\system64
2012-04-11 06:37 . 2012-04-15 04:06 -------- d-----w- c:\users\Noxien\AppData\Local\CrashDumps
2012-04-10 09:11 . 2012-04-18 22:07 -------- d-----w- c:\users\Noxien\AppData\Roaming\UDP Software
2012-03-31 15:22 . 2012-03-31 17:47 -------- d-----w- c:\users\Noxien\AppData\Local\Eclipse
2012-03-31 15:21 . 2012-03-31 15:39 -------- d-----w- c:\users\Noxien\workspace
2012-03-31 05:15 . 2012-03-31 05:15 -------- d-----w- c:\users\Noxien\.towns
2012-03-31 00:23 . 2012-03-31 00:23 -------- d-----w- c:\users\Noxien\AppData\Local\PreEmptive Solutions
2012-03-30 17:41 . 2009-07-22 08:17 78872 ----a-w- c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2012-03-30 17:41 . 2009-07-22 08:17 50200 ----a-w- c:\windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2012-03-30 17:40 . 2009-07-22 08:17 79896 ----a-w- c:\windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
2012-03-30 17:40 . 2009-07-22 08:17 111640 ----a-w- c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
2012-03-30 17:40 . 2012-03-30 17:40 -------- d-----w- c:\windows\system32\RsFx
2012-03-30 17:40 . 2012-03-30 17:40 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2012-03-30 17:40 . 2012-03-30 17:40 -------- d-----w- c:\program files\Microsoft.NET
2012-03-30 17:37 . 2012-03-30 17:40 -------- d-----w- c:\program files\Microsoft SQL Server
2012-03-30 17:37 . 2012-03-30 17:40 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2012-03-30 17:37 . 2012-03-30 17:37 -------- d-----w- c:\program files\Microsoft Sync Framework
2012-03-30 17:37 . 2012-03-30 17:37 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-03-30 17:37 . 2012-03-30 17:37 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-03-30 17:37 . 2012-03-30 17:37 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2012-03-30 17:37 . 2012-03-30 17:37 -------- d-----w- c:\programdata\PreEmptive Solutions
2012-03-30 17:35 . 2012-03-30 17:35 -------- d-----w- c:\program files (x86)\Microsoft ASP.NET
2012-03-30 17:35 . 2012-03-30 17:35 -------- d-----w- c:\program files\IIS
2012-03-30 17:35 . 2012-03-30 17:35 -------- d-----w- c:\program files (x86)\IIS
2012-03-30 17:35 . 2012-03-30 17:43 2377696 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2012-03-30 17:33 . 2012-03-30 17:40 -------- d-----w- c:\windows\SysWow64\1033
2012-03-30 17:33 . 2012-03-30 17:37 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0
2012-03-30 17:33 . 2012-03-30 17:34 -------- d-----w- c:\program files (x86)\Microsoft F#
2012-03-30 17:33 . 2012-03-30 17:34 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules
2012-03-30 17:33 . 2012-03-30 17:33 -------- d-----w- c:\program files (x86)\HTML Help Workshop
2012-03-30 17:31 . 2012-03-30 17:31 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 9.0
2012-03-30 17:31 . 2012-03-30 17:40 -------- d-----w- c:\windows\system32\1033
2012-03-30 17:31 . 2012-03-30 17:37 -------- d-----w- c:\program files (x86)\Microsoft SDKs
2012-03-30 17:31 . 2012-03-30 17:31 -------- d-----w- c:\windows\symbols
2012-03-30 17:31 . 2012-03-30 17:31 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2012-03-30 17:31 . 2012-03-30 17:31 -------- d-----w- c:\program files\Microsoft Help Viewer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-18 22:48 . 2011-12-24 14:59 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-04-15 04:41 . 2012-01-19 16:20 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-15 04:41 . 2012-01-19 16:20 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-15 04:41 . 2012-01-22 19:41 8741536 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-03-17 13:04 . 2012-03-17 13:04 4608 ----a-w- c:\windows\SysWow64\w95inf32.dll
2012-03-17 13:04 . 2012-03-17 13:04 2272 ----a-w- c:\windows\SysWow64\w95inf16.dll
2012-03-17 08:58 . 2012-01-09 09:04 43520 ----a-w- c:\windows\SysWow64\CmdLineExt03.dll
2012-01-28 16:16 . 2012-01-28 16:16 750488 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-01-28 16:16 . 2012-01-28 16:16 660368 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-28 13:47 . 2012-01-17 04:49 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-03-06 740216]
"Desura"="c:\program files (x86)\Desura\desura.exe" [2012-03-19 2529096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-02 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"FLxHCIm"="c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [2011-02-25 40448]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2010-08-13 21504]
"RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-11-24 222504]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Razer Naga Driver"="c:\program files (x86)\Razer\Naga\RazerNagaSysTray.exe" [2011-11-16 953232]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-11 1523360]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 1987976]
.
c:\users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\
heizy.exe [2012-4-12 141824]
.
c:\users\Noxien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel® Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-30 204288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-2 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe [2011-9-15 12862]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
anywy.exe [2012-4-12 141824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /A:* /L:1033 /heur:80 /RA:ask /pup /archives /IA:0 /KBD:6 /wow /dir:C:\Program
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 135664]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-28 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 253088]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 CorsairCAHS1;CA-HS1 Interface;c:\windows\system32\drivers\CAHS164.sys [x]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe [2012-03-19 131912]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 135664]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x]
R3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys [x]
R3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-02-14 736104]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 X6va005;X6va005;c:\users\Noxien\AppData\Local\Temp\005ADFC.tmp [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-29 427880]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-14 2009704]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-08-21 77312]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [x]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys [x]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-01-19 04:41]
.
2012-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 04:36]
.
2012-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 04:36]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-01 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-01 391960]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-01 419096]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-21 2207848]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2010-01-21 909824]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"CAHS1Sound"="c:\windows\Syswow64\CAHS1.dll" [2011-07-08 8724480]
"CNAP2 Launcher"="c:\windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE" [2010-10-14 226784]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-29 499608]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-12-07 5889816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com.au/
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-Toxic Games - c:\users\Noxien\AppData\Roaming\Toxic Games\upd.exe
Wow6432Node-HKCU-Run-{20AC037A-1608-759E-DE5C-8725DFF7B3F6} - c:\users\Noxien\AppData\Roaming\Isqoda\cohu.exe
Wow6432Node-HKLM-Run-SessionLogon - c:\expressgateutil\SessionLogon.exe
Wow6432Node-HKLM-Run-avast - c:\program files\AVAST Software\Avast\avastUI.exe
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - c:\program files\AVAST Software\Avast\ashShA64.dll
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\Noxien\AppData\Local\Temp\005ADFC.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1411749937-345132196-627705365-1001\Software\SecuROM\License information*]
"datasecu"=hex:c0,f8,a2,3a,7b,bd,89,98,85,f5,cd,0a,2c,7e,1a,38,c0,d8,9d,7f,4e,
23,76,8b,38,d9,69,e1,8f,41,bf,82,6f,45,00,66,41,39,2c,1a,08,8c,7e,95,ec,ab,\
"rkeysecu"=hex:00,54,f4,ee,5b,33,c2,84,e1,11,1b,db,f3,d7,17,3f
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\windows\SysWOW64\rundll32.exe
c:\windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
c:\windows\system32\spool\DRIVERS\x64\3\CNAC8SWK.EXE
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2012-04-19 08:54:17 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-18 22:54
.
Pre-Run: 26,479,808,512 bytes free
Post-Run: 26,690,031,616 bytes free
.
- - End Of File - - D8554B3838096AF8B588B4C23B9E5B85

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:05 AM

Posted 18 April 2012 - 06:29 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:05 AM

Posted 21 April 2012 - 07:25 AM

Hello


Just checking in on you as it has been a couple of days since I have heard from you.

Are you having any troubles or just need more time?




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:05 AM

Posted 23 April 2012 - 11:35 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:05 AM

Posted 26 April 2012 - 11:12 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users