Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avast and 000000cb.@


  • This topic is locked This topic is locked
20 replies to this topic

#1 jean945

jean945

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 07 July 2012 - 09:00 AM

I'm pretty sure I got this virus by random clicking ads. That's what I get for trying to support people... Anyways, Avast has been CONSTANTLY quarantining these virus that keep appearing, I get these:

Posted Image
Posted Image
Posted Image

I think it's useless to say that my PC has become slow as crap. Hell, even IDM knows I have a virus and it ain't an antivirus!

Posted Image

Well I tried to run DDS, but it keeps freezing my PC when the "#" arrives a little bit halfway. If I do anything it freezes my PC and have to hard-reset.

I managed to run Gmer.
Attached File  gmer.log   77.41KB   4 downloads

Thanks in advance :)

BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:21 PM

Posted 07 July 2012 - 09:28 AM

Hi,

Please run the following:


download Farbar Recovery Scan Tool and save it to a flash drive.
(you need the 32bit version)
Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to the disclaimer.
[*]Place a check next to List Drivers MD5 as well as the default check marks that are already there
[*]Press Scan button.
[*]type exit and reboot the computer normally
[*]FRST will make a log (FRST.txt) on the flash drive, please copy and paste the log in your reply.[/list]

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 jean945

jean945
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 07 July 2012 - 10:21 AM

Here it is Attached File  FRST.txt   56.08KB   1 downloads :

Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 07-07-2012 03
Ran by SYSTEM at 07-07-2012 17:15:14
Running from F:\
Windows 7 Enterprise (X86) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [307200 2005-12-18] (Team H2O)
HKLM\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4241512 2012-03-06] (AVAST Software)
HKLM\...\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe" [278016 2009-02-27] ()
HKLM\...\Run: [FileZilla Server Interface] "C:\Program Files\FileZilla Server\FileZilla Server Interface.exe" [1044992 2012-02-26] (FileZilla Project)
HKLM\...\Run: [XSECVA] C:\Users\Jean Luca\AppData\Roaming\xsecva\xsecva.exe -s [186880 2012-07-06] (System)
HKLM\...\Run: [brant] rundll32.exe "C:\Users\Jean Luca\AppData\Roaming\brant.dll",HrStreamToByte [119808 2012-07-06] (DT Soft Ltd)
HKLM\...\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup [6061056 2012-01-30] (Crystal Rich Ltd)
HKU\Jean Luca\...\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot [3491264 2012-06-28] (Tonec Inc.)
HKU\Jean Luca\...\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" [495616 2007-09-02] ()
HKU\Jean Luca\...\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [3481408 2012-02-13] (DT Soft Ltd)
HKU\Jean Luca\...\Run: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe -mini [112400 2012-04-27] (www.motioninjoy.com)
HKU\Jean Luca\...\Run: [Xpadder] "C:\Users\Jean Luca\Desktop\Programas\stefan-te_Xpadder.v2012.01.19.Retail.WaLMaRT.DM999\Xpadder.exe" /m [1165312 2012-01-19] ()
HKU\Jean Luca\...\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet [6595928 2012-05-24] (Yahoo! Inc.)
HKU\LogMeInRemoteUser\...\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" [880496 2012-06-27] (BitTorrent, Inc.)
HKU\LogMeInRemoteUser\...\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot [3491264 2012-06-28] (Tonec Inc.)
HKU\LogMeInRemoteUser\...\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [3481408 2012-02-13] (DT Soft Ltd)
HKU\LogMeInRemoteUser\...\Run: [Google Update] "C:\Users\Jean Luca\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2010-12-24] (Google Inc.)
HKU\LogMeInRemoteUser\...\Run: [DiffVueUpdate] "C:\Program Files\DiffVue\DiffVueUpdate.exe" [98304 2011-08-07] (DiffVue Software)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A14B8482-481D-4B5B-A0CC-46F116978BAB}: [NameServer]208.67.222.222,208.67.220.220

================================ Services (Whitelisted) ==================

2 ABBYY.Licensing.FineReader.Professional.9.0; "C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe" -service [566560 2007-09-24] (ABBYY (BIT Software))
2 AdobeActiveFileMonitor9.0; C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-29] (Adobe Systems Incorporated)
2 AHDDC2; C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518976 2011-04-05] ()
2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [44768 2012-03-06] (AVAST Software)
2 BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [850432 2009-02-27] ()
3 BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [98407 2009-02-27] ()
2 BsMobileCS; C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [143467 2009-02-27] ()
3 DfSdkS; C:\Program Files\Ashampoo\Ashampoo HDD Control 2\DfSdkS.exe [406016 2009-08-24] (mst software GmbH, Germany)
2 DVBVRecorder; "C:\Program Files\DVBViewer\DVBVservice.exe" [617600 2010-10-16] (CM & V)
2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
2 FileZilla Server; "C:\Program Files\FileZilla Server\FileZilla Server.exe" [632320 2012-02-26] (FileZilla Project)
2 hshld; C:\Program Files\Hotspot Shield\bin\openvpnas.exe [542552 2012-04-10] ()
2 HssSrv; C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe [363336 2011-11-15] (AnchorFree Inc.)
3 HssTrayService; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [77520 2012-04-10] ()
2 HssWd; C:\Program Files\Hotspot Shield\bin\hsswd.exe -product HSS [329544 2012-04-02] ()
2 HTTPDebugger; C:\Program Files\HTTP Debugger Pro\mfnsvc.exe [66600 2011-10-23] (MadeForNet.com)
2 LMIGuardianSvc; "C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe" [374152 2010-12-08] (LogMeIn, Inc.)
4 LMIMaint; "C:\Program Files\LogMeIn\x86\RaMaint.exe" [136584 2010-12-08] (LogMeIn, Inc.)
4 LogMeIn; "C:\Program Files\LogMeIn\x86\LogMeIn.exe" [390528 2010-11-08] (LogMeIn, Inc.)
2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [654408 2012-04-04] (Malwarebytes Corporation)
3 ose; "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [149352 2010-01-09] (Microsoft Corporation)
3 osppsvc; "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" [4640000 2010-01-09] (Microsoft Corporation)
2 SbieSvc; "C:\Program Files\Sandboxie\SbieSvc.exe" [74512 2012-02-06] (SANDBOXIE L.T.D)
2 Skype C2C Service; "C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe" [3048136 2012-06-19] (Skype Technologies S.A.)
2 SkypeUpdate; "C:\Program Files\Skype\Updater\Updater.exe" [160944 2012-06-05] (Skype Technologies)
3 SwitchBoard; "C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [517096 2010-02-19] (Adobe Systems Incorporated)
2 USBSafelyRemoveService; C:\Program Files\USB Safely Remove\USBSRService.exe [742744 2012-01-30] ()
4 NetMsmqActivator; "c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [x]
4 NetPipeActivator; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [x]
4 NetTcpActivator; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [x]
4 NetTcpPortSharing; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [x]
3 rpcapd; "C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini" [x]

========================== Drivers (Whitelisted) =============

3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [121464 2011-06-09] (SlySoft, Inc.)
3 appliand; C:\Windows\System32\DRIVERS\appliand.sys [28256 2011-06-25] (Applian Technologies Inc.)
3 appliandMP; C:\Windows\System32\DRIVERS\appliand.sys [28256 2011-06-25] (Applian Technologies Inc.)
2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [20696 2012-03-06] (AVAST Software)
2 aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [57688 2012-03-06] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [44376 2012-03-06] (AVAST Software)
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [612184 2012-03-06] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [337880 2012-03-06] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [53848 2012-03-06] (AVAST Software)
3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [768896 2010-09-20] (AVerMedia TECHNOLOGIES, Inc.)
3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [33800 2008-11-25] (IVT Corporation.)
3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [39304 2009-01-03] (IVT Corporation.)
0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [20744 2009-01-07] (IVT Corporation.)
3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [30088 2008-12-07] ()
3 BTNetFilter; \??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys [22416 2006-11-22] (IVT Corporation.)
3 CLEDX; C:\Windows\System32\DRIVERS\cledx.sys [33792 2005-05-09] (Team H2O)
1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
3 epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [14216 2011-07-29] ()
3 EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [8456 2011-07-29] ()
0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
3 HssDrv; C:\Windows\System32\DRIVERS\HssDrv.sys [37376 2012-04-11] (AnchorFree Inc.)
2 IDMWFP; C:\Windows\System32\DRIVERS\idmwfp.sys [96056 2012-04-23] (Tonec Inc.)
3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [26248 2008-07-02] (IVT Corporation.)
3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [55848 2010-03-29] (Atheros Communications, Inc.)
3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [35392 2010-10-02] (http://libusb-win32.sourceforge.net)
2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [12856 2010-09-17] (LogMeIn, Inc.)
3 lmimirr; C:\Windows\System32\DRIVERS\lmimirr.sys [10144 2010-09-17] (LogMeIn, Inc.)
2 LMIRfsDriver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [47640 2010-09-17] (LogMeIn, Inc.)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [22344 2012-04-04] (Malwarebytes Corporation)
3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [97552 2012-04-27] (MotioninJoy)
3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
3 NPF; C:\Windows\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.)
3 pspdisp; C:\Windows\System32\DRIVERS\pspdisp.sys [3072 2011-01-18] (JJS)
0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [45968 2011-11-02] (Rovi Corporation)
3 SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [133392 2012-02-06] (SANDBOXIE L.T.D)
0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
0 sptd; C:\Windows\System32\Drivers\sptd.sys [473656 2012-01-26] (Duplex Secure Ltd.)
3 Stmatm; C:\Windows\System32\DRIVERS\stmatm.sys [60533 2007-01-21] (STMicroelectronics )
3 tap0801co; C:\Windows\System32\DRIVERS\tap0801co.sys [25856 2006-08-30] (The OpenVPN Project)
3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-12-15] (The OpenVPN Project)
3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-04-06] (AnchorFree Inc)
3 TaurusUsb; C:\Windows\System32\DRIVERS\torususb.sys [684672 2007-02-06] ()
3 VCam_WDM; C:\Windows\System32\DRIVERS\VCam_WDM.sys [104376 2011-02-03] (e2eSoft)
3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [14856 2008-01-21] (IVT Corporation.)
3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [31880 2009-01-07] (IVT Corporation.)
3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1143920 2010-08-04] (VIA Technologies, Inc.)
3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
3 xusb21; C:\Windows\System32\DRIVERS\xusb21.sys [61984 2010-08-19] (Microsoft Corporation)
3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [x]
3 BTCOM; C:\Windows\System32\DRIVERS\btcomport.sys [x]
3 BTCOMBUS; C:\Windows\System32\Drivers\btcombus.sys [x]
3 catchme; \??\C:\Users\JEANLU~1\AppData\Local\Temp\catchme.sys [x]
4 LMIRfsClientNP; [x]
3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [x]
3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [x]
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]
0 vmci; C:\Windows\System32\DRIVERS\vmci.sys [x]
3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-07-07 17:14 - 2012-07-07 17:15 - 00000000 ____D C:\FRST
2012-07-07 06:20 - 2012-07-07 06:20 - 00000144 ____A C:\Users\Jean Luca\Downloads\40423baf-2aa3-4671-b420-1572ad672d33.htm
2012-07-07 06:19 - 2012-07-07 06:19 - 00000037 ____A C:\Users\Jean Luca\Desktop\ul.to
2012-07-07 04:47 - 2012-07-07 04:47 - 00079271 ____A C:\Users\Jean Luca\Desktop\gmer.log
2012-07-07 02:45 - 2012-07-07 02:45 - 00607260 ____R (Swearware) C:\Users\Jean Luca\Downloads\dds.com
2012-07-07 02:43 - 2012-07-07 02:43 - 00302592 ____A C:\Users\Jean Luca\Desktop\ivh71hj0.exe
2012-07-06 17:53 - 2012-07-06 17:53 - 00119808 ____A (DT Soft Ltd) C:\Users\Jean Luca\AppData\Roaming\brant.dll
2012-07-06 17:53 - 2012-07-06 17:53 - 00000012 ____A C:\Windows\srun.log
2012-07-06 17:53 - 2012-07-06 17:53 - 00000000 ____D C:\Users\Jean Luca\AppData\Roaming\xsecva
2012-07-06 16:13 - 2012-07-06 16:13 - 06917425 ____A C:\Users\Jean Luca\Desktop\01 WWE_ Wreck (Mick Foley).m4a
2012-07-06 16:13 - 2012-07-06 16:13 - 06842504 ____A C:\Users\Jean Luca\Desktop\01 Insatiable (Layla) [feat. Patsy G.m4a
2012-07-06 12:50 - 2012-07-06 13:07 - 00000000 ____D C:\Users\Jean Luca\Desktop\FileUploader
2012-07-06 12:48 - 2012-07-06 12:48 - 00000172 ____A C:\Users\Jean Luca\Desktop\Premiumleecher.com_iMPACT.Wrestling.2012.07.05.720p.HDTV.x264-NWCHD.part1.rar
2012-07-06 08:26 - 2012-07-06 08:26 - 00993505 ____A C:\Users\Jean Luca\Desktop\rl23_v43_SVN409.zip
2012-07-05 13:48 - 2012-07-05 21:26 - 00014424 ____A C:\Users\Jean Luca\Desktop\Velocity 2002.txt
2012-07-05 13:48 - 2012-07-05 13:48 - 00000008 ____A C:\Users\Jean Luca\Desktop\final4eve.txt
2012-07-05 11:58 - 2012-07-05 11:58 - 00000670 ____A C:\Users\Jean Luca\Desktop\Filehosters list.txt
2012-07-04 15:52 - 2012-07-07 03:32 - 00001680 ____A C:\Windows\PFRO.log
2012-07-04 15:49 - 2012-07-04 15:49 - 00000429 ____A C:\Users\Jean Luca\Desktop\nhb links.txt
2012-07-04 15:24 - 2012-07-04 15:24 - 01180093 ____A C:\Users\Jean Luca\Desktop\NeembuuUploader.v2.7_2.zip
2012-07-04 15:21 - 2012-07-04 15:21 - 01180093 ____A C:\Users\Jean Luca\Desktop\NeembuuUploader.v2.7.zip
2012-07-04 14:53 - 2012-07-04 12:48 - 51716527 ____A C:\Users\Jean Luca\Desktop\snooki_converted_2.mp4
2012-07-04 14:51 - 2012-07-04 12:48 - 63252169 ____A C:\Users\Jean Luca\Desktop\snooki_converted.mp4
2012-07-04 14:50 - 2012-07-04 14:50 - 00000000 ____D C:\Users\Jean Luca\Desktop\SFTP4.0.1231.0x86
2012-07-04 13:51 - 2012-07-04 13:51 - 00000128 ____A C:\Users\Jean Luca\Desktop\cash.txt
2012-07-04 07:48 - 2012-07-04 07:48 - 00000000 ____D C:\Users\Jean Luca\Desktop\zoom
2012-07-04 07:23 - 2012-07-04 07:23 - 00006643 ____A C:\Users\Jean Luca\Desktop\accounts.php
2012-07-04 07:09 - 2012-07-04 07:09 - 00002659 ____A C:\Users\Public\Desktop\SmartFTP Client.lnk
2012-07-04 07:08 - 2012-07-04 07:08 - 15780585 ____A C:\Users\Jean Luca\Desktop\SFTP4.0.1231.0x86.rar
2012-07-04 07:04 - 2012-07-04 05:01 - 00000000 ____A C:\Users\Jean Luca\Desktop\Notes.txt
2012-07-04 06:55 - 2012-07-04 03:17 - 00019759 ____A C:\Users\Jean Luca\FileUploader.log
2012-07-04 06:44 - 2012-07-04 06:46 - 66303148 ____A C:\Users\Jean Luca\Desktop\xampp-win32-1.7.4-VC6-installer.exe
2012-07-04 06:03 - 2012-07-06 08:27 - 00000000 ____D C:\Users\Jean Luca\Desktop\rl23_v43_SVN409
2012-07-04 04:38 - 2012-07-04 04:38 - 00010733 ____A C:\Users\Jean Luca\Downloads\detail.htm
2012-07-04 03:19 - 2012-07-04 03:19 - 00006110 ____A C:\Users\Jean Luca\Desktop\new 15.txt
2012-07-03 16:53 - 2012-07-03 17:12 - 00345610 ____A C:\fmle_session_20120704_025341.log
2012-07-03 16:51 - 2012-07-03 16:51 - 00004924 ____A C:\Users\Jean Luca\Downloads\jtv.500k.4.3.xml
2012-07-03 16:09 - 2012-07-03 16:09 - 00146981 ____A C:\Users\Jean Luca\Downloads\index.htm
2012-07-03 16:02 - 2012-07-03 16:02 - 00047245 ____A C:\Users\Jean Luca\Downloads\dyn-postdownload.htm
2012-07-03 16:01 - 2012-07-03 16:01 - 00054048 ____A C:\Users\Jean Luca\Downloads\FalseCamera.shtml
2012-07-03 15:54 - 2012-07-03 15:54 - 00001071 ____A C:\Users\Public\Desktop\Adobe Flash Media Live Encoder 3.2.lnk
2012-07-03 15:54 - 2012-07-03 15:54 - 00001035 ____A C:\Users\Public\Desktop\e2eSoft VCam.lnk
2012-07-03 15:54 - 2012-07-03 15:54 - 00000072 ____A C:\Users\Jean Luca\Downloads\e2esoft-vcam-4-7-11-TeamSD_inc_crack.htm
2012-07-03 15:54 - 2012-07-03 15:54 - 00000000 ____D C:\Users\Jean Luca\AppData\Roaming\e2eSoft
2012-07-03 15:54 - 2011-02-03 06:31 - 00104376 ____A (e2eSoft) C:\Windows\System32\Drivers\VCam_WDM.sys
2012-07-03 15:53 - 2012-07-03 15:53 - 00000000 ____D C:\Program Files\e2eSoft
2012-07-03 13:34 - 2012-07-03 13:44 - 73663250 ____A C:\Users\Jean Luca\Downloads\TNA Today (June 25) Interview with Madison Rayne.480p
2012-07-03 07:05 - 2012-07-04 14:20 - 00000000 ____D C:\Users\Jean Luca\Desktop\Broken Out in Love stems (1)
2012-07-03 07:04 - 2012-07-03 07:04 - 00140674 ____A C:\Users\Jean Luca\Downloads\viewtopic.htm
2012-06-30 08:21 - 2012-06-30 08:22 - 06757923 ____A C:\Users\Jean Luca\Desktop\Treasured.zip
2012-06-30 08:16 - 2012-06-30 08:17 - 40047200 ____A C:\Users\Jean Luca\Desktop\videorepair.zip
2012-06-30 06:08 - 2012-06-30 06:08 - 48157984 ____A C:\Users\Jean Luca\Downloads\WWE Promo - Kane (2012).mp4
2012-06-30 06:08 - 2012-06-30 06:08 - 30217159 ____A C:\Users\Jean Luca\Downloads\WWE Promo - John Cena (2012).mp4
2012-06-30 06:04 - 2012-06-30 06:04 - 39375857 ____A C:\Users\Jean Luca\Downloads\WWE Promo - Alberto Del Rio (2011).mp4
2012-06-30 05:57 - 2012-06-30 05:57 - 00000000 ____D C:\Users\Jean Luca\Documents\VideoReDo
2012-06-30 04:56 - 2012-07-01 13:38 - 00000012 ____A C:\Users\Jean Luca\Desktop\cuty.txt
2012-06-29 14:50 - 2012-07-03 08:14 - 00000304 ____A C:\Users\Jean Luca\Desktop\Difference Sizes Post Threads.txt
2012-06-29 07:42 - 2012-06-29 07:44 - 00001200 ____A C:\Users\Jean Luca\Desktop\rs.txt
2012-06-29 06:49 - 2012-07-06 15:57 - 00001560 ____A C:\Users\Jean Luca\Desktop\zoom passes.txt
2012-06-29 04:02 - 2012-06-29 04:03 - 00000000 ____D C:\Windows\B3528A48121E44A8B6D2BE8825145659.TMP
2012-06-29 03:33 - 2012-06-29 03:33 - 00098103 ____A (MadeForNet.com) C:\Windows\System32\uninstall.exe
2012-06-29 03:33 - 2012-06-29 03:33 - 00000000 ____D C:\Program Files\HTTP Debugger Pro
2012-06-29 03:32 - 2012-06-29 03:32 - 00000000 ____D C:\Users\Jean Luca\Desktop\HTTPDebuggerPro
2012-06-28 11:29 - 2012-06-29 06:06 - 00000072 ____A C:\Users\Jean Luca\Desktop\Jdownloader doesn't recognize.txt
2012-06-28 10:58 - 2012-06-28 11:09 - 00006193 ____A C:\Users\Jean Luca\Desktop\new 2.nfo
2012-06-27 13:20 - 2012-07-07 07:09 - 00003778 ____A C:\Windows\setupact.log
2012-06-27 13:20 - 2012-06-27 13:20 - 00000000 ____A C:\Windows\setuperr.log
2012-06-27 05:57 - 2012-06-27 06:34 - 00000000 ____D C:\Users\Jean Luca\Desktop\PSP PSN Game Decrypt
2012-06-27 04:57 - 2012-06-27 04:57 - 00000000 ____D C:\Users\Jean Luca\Desktop\RemoteJoyLite_019_for_6xx_01g
2012-06-27 04:19 - 2012-06-27 12:59 - 00000000 ____D C:\Windows\LastGood
2012-06-27 03:32 - 2012-06-27 03:34 - 00000000 ___SD C:\ComboFix
2012-06-27 03:32 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe
2012-06-27 03:32 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe
2012-06-27 03:32 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-06-27 03:32 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-06-27 03:32 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-06-27 03:32 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe
2012-06-27 03:32 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe
2012-06-27 03:32 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe
2012-06-27 03:30 - 2012-06-27 03:32 - 00000000 ___SD C:\32788R22FWJFW
2012-06-27 03:30 - 2012-06-27 03:32 - 00000000 ____D C:\Qoobox
2012-06-27 03:30 - 2012-06-27 03:30 - 00000000 ____D C:\Windows\erdnt
2012-06-26 16:24 - 2012-06-26 16:24 - 04731392 ____A (AVAST Software) C:\Users\Jean Luca\Desktop\aswMBR.exe
2012-06-26 16:24 - 2012-06-26 16:24 - 02128984 ____A (Kaspersky Lab ZAO) C:\Users\Jean Luca\Desktop\tdsskiller.exe
2012-06-26 16:22 - 2012-06-26 16:23 - 04569121 ____R (Swearware) C:\Users\Jean Luca\Desktop\ComboFix.exe
2012-06-26 15:48 - 2012-06-27 05:07 - 00000000 ____D C:\Users\Jean Luca\AppData\Roaming\PSPdisp
2012-06-26 15:48 - 2012-06-26 15:49 - 00000000 ____D C:\Program Files\PSPdisp
2012-06-26 15:48 - 2012-06-26 15:48 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_PSPdispSideShow_01_00_00.Wdf
2012-06-26 15:43 - 2012-06-27 04:22 - 00000000 ____D C:\Users\Jean Luca\Desktop\remotejoylite_019_for_62x-63x_b
2012-06-26 15:43 - 2012-06-26 15:43 - 00125131 ____A C:\Users\Jean Luca\Desktop\remotejoylite_019_for_62x-63x_b.zip
2012-06-26 12:21 - 2012-06-26 12:21 - 00001994 ____A C:\Users\Public\Desktop\FileZilla Server Interface.lnk
2012-06-26 12:20 - 2012-06-26 12:21 - 00000000 ____D C:\Program Files\FileZilla Server
2012-06-26 09:17 - 2012-06-26 09:17 - 00001111 ____A C:\Users\Public\Desktop\Copernic Desktop Search - Home.lnk
2012-06-26 09:17 - 2012-06-26 09:17 - 00000000 ____D C:\Program Files\Copernic Desktop Search - Home
2012-06-26 09:16 - 2012-06-26 09:16 - 00000000 ____D C:\Users\Jean Luca\AppData\Roaming\Copernic
2012-06-26 09:16 - 2012-06-26 09:16 - 00000000 ____D C:\Users\Jean Luca\AppData\Local\Copernic
2012-06-26 06:50 - 2012-06-26 16:08 - 04503728 ___AT C:\Users\All Users\l_0_00_re.pad
2012-06-26 05:08 - 2012-06-26 05:08 - 00000000 ____D C:\Users\Jean Luca\AppData\Roaming\WindowsApplication1
2012-06-26 04:59 - 2012-06-26 04:59 - 00005380 ____A C:\Users\Jean Luca\Downloads\WarezBBForumPlugin.jar
2012-06-26 00:34 - 2012-06-26 00:37 - 34439484 ____A C:\Users\Jean Luca\Desktop\Zelda Stage SSBM - 260612.wav
2012-06-25 17:12 - 2012-06-25 17:12 - 00000732 ____A C:\Users\Jean Luca\Desktop\nate.txt
2012-06-25 16:00 - 2012-06-25 16:00 - 00000000 ____D C:\Windows\LastGood.Tmp
2012-06-25 14:01 - 2012-06-29 13:10 - 00000000 ____D C:\Users\Jean Luca\Desktop\Macro
2012-06-25 13:47 - 2012-06-25 16:46 - 00001230 ____A C:\Users\Jean Luca\Desktop\usenet accounts 3.txt
2012-06-25 11:14 - 2012-06-25 11:15 - 00000000 ____D C:\Users\Jean Luca\Desktop\MautoP
2012-06-25 04:34 - 2012-06-25 04:56 - 00002104 ____A C:\Users\Jean Luca\Desktop\usenet accounts 2cha.txt
2012-06-25 04:00 - 2012-06-25 23:09 - 101610554 ____A C:\Users\Jean Luca\Desktop\add.wpr
2012-06-24 20:25 - 2012-06-26 04:30 - 00000000 ____D C:\Users\Jean Luca\sfap
2012-06-24 19:59 - 2012-07-03 07:39 - 00000082 ____A C:\Users\Jean Luca\Desktop\warez-bb.txt
2012-06-24 17:32 - 2012-06-24 17:32 - 00012984 ____A C:\Users\Jean Luca\Desktop\rtmp.txt
2012-06-24 14:18 - 2012-06-24 19:02 - 00002108 ____A C:\Users\Jean Luca\Desktop\usenet accounts 2.txt
2012-06-24 13:08 - 2012-06-25 16:13 - 294649484 ____A C:\Users\Jean Luca\Desktop\hgcjh.wpr
2012-06-24 12:37 - 2012-06-25 23:15 - 00000329 ____A C:\Users\Jean Luca\Downloads\WinParrot.ini
2012-06-24 12:37 - 2012-03-25 11:41 - 01969152 ____A (DPC) C:\Users\Jean Luca\Downloads\WinParrot.exe
2012-06-24 12:33 - 2012-06-24 12:33 - 00000000 ____D C:\Users\Jean Luca\Documents\AutomaticSolution Software
2012-06-24 12:33 - 2012-06-24 12:33 - 00000000 ____D C:\Program Files\GSAutoClicker3
2012-06-24 07:55 - 2012-06-24 07:55 - 00000000 ____D C:\Users\Jean Luca\Desktop\ETWD Stuff
2012-06-24 07:53 - 2012-06-24 07:53 - 00000000 ____D C:\Users\Jean Luca\Desktop\SFAP_win
2012-06-23 13:33 - 2012-07-04 06:59 - 00000000 ____D C:\Users\Jean Luca\Desktop\Zoomnewjean
2012-06-23 03:45 - 2012-06-24 09:07 - 00000402 ____A C:\Users\Jean Luca\Desktop\banned warez-bb host.txt
2012-06-23 03:45 - 2012-06-23 03:45 - 00001508 ____A C:\Users\Jean Luca\Desktop\mtv links.txt
2012-06-23 03:10 - 2012-06-23 03:13 - 68180498 ____A C:\Users\Jean Luca\Desktop\Coheed and Cambria - Welcome Home.wav
2012-06-22 14:53 - 2012-06-25 18:23 - 00000000 ____D C:\Users\Jean Luca\Desktop\Welcome Home - Coheed and Cambria (Multitrack)
2012-06-22 05:52 - 2012-06-22 05:52 - 00000000 ____D C:\Program Files\Fotosizer
2012-06-21 08:47 - 2012-06-21 08:48 - 00000000 ____D C:\Users\Jean Luca\AppData\Roaming\WinFF
2012-06-21 08:47 - 2012-06-21 08:47 - 00000000 ____D C:\Program Files\WinFF
2012-06-21 08:27 - 2012-06-21 08:28 - 00000000 ____D C:\Users\Jean Luca\AppData\Roaming\Mp3tag
2012-06-21 08:25 - 2012-06-21 08:25 - 00000000 ____D C:\Program Files\Mp3tag
2012-06-21 08:24 - 2012-06-21 08:26 - 00000000 ____D C:\Program Files\AtomicParsley Win32 GUI
2012-06-21 02:20 - 2012-06-21 02:20 - 00000267 ____A C:\Windows\System32\SHORTCUT.INI
2012-06-21 02:14 - 2012-07-07 06:28 - 00000142 ____A C:\Windows\System32\REMOTEDEVICE.INI
2012-06-20 19:27 - 2012-06-02 14:19 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-20 19:27 - 2012-06-02 14:19 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-20 19:27 - 2012-06-02 14:19 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-20 19:27 - 2012-06-02 14:19 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-20 19:27 - 2012-06-02 14:19 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-20 19:27 - 2012-06-02 14:12 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-20 19:27 - 2012-06-02 14:12 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-20 19:26 - 2012-06-02 05:19 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-20 19:26 - 2012-06-02 05:12 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-20 16:56 - 2012-06-20 16:56 - 01326778 ____A C:\Users\Jean Luca\Desktop\Move - Censore1.wav
2012-06-20 12:32 - 2012-06-20 12:32 - 00000000 ____D C:\Users\Jean Luca\AppData\Local\bluesoleil
2012-06-20 06:08 - 2012-07-07 07:12 - 00005816 ____A C:\Windows\System32\LOCALSERVICE.INI
2012-06-20 06:08 - 2012-07-07 07:12 - 00000103 ____A C:\Windows\System32\LOCALDEVICE.INI
2012-06-20 06:03 - 2012-06-20 06:03 - 00000000 ____A C:\Windows\System32\BSPRINT.INI
2012-06-20 06:00 - 2012-06-20 06:00 - 00000000 ____D C:\Program Files\IVT Corporation
2012-06-19 05:53 - 2012-07-04 15:49 - 00000307 ____A C:\Users\Jean Luca\Desktop\etwd ftp.txt
2012-06-19 05:31 - 2012-06-19 09:38 - 00000000 ____D C:\Users\Jean Luca\AppData\Roaming\Unzbin
2012-06-19 05:31 - 2012-06-19 05:31 - 00000000 ____D C:\Users\Jean Luca\AppData\Local\Unzbin.com
2012-06-19 05:30 - 2012-06-19 05:30 - 00000902 ____A C:\Users\LogMeInRemoteUser\Desktop\Unzbin.lnk
2012-06-19 05:30 - 2012-06-19 05:30 - 00000000 ____D C:\Program Files\Unzbin
2012-06-18 08:11 - 2012-06-18 08:13 - 00000000 ____D C:\Users\Jean Luca\AppData\Roaming\Yahoo!
2012-06-18 08:11 - 2012-06-18 08:12 - 00000000 ____D C:\Users\All Users\Yahoo! Companion
2012-06-18 08:10 - 2012-06-18 08:11 - 00000000 ____D C:\Users\All Users\Yahoo!
2012-06-18 08:06 - 2012-06-18 08:11 - 00000000 ____D C:\Program Files\Yahoo!
2012-06-18 05:00 - 2012-06-18 05:00 - 00006405 ____A C:\Users\Jean Luca\Desktop\encodes.txt
2012-06-18 04:39 - 2012-06-18 05:53 - 00000020 ____A C:\Users\Jean Luca\Desktop\178.33.156.104.txt
2012-06-18 03:25 - 2012-07-07 07:04 - 00002054 ___AH C:\Users\Jean Luca\Documents\Default.rdp
2012-06-18 03:11 - 2012-06-18 03:12 - 00000060 ____A C:\Users\Jean Luca\Desktop\DVDs.txt
2012-06-18 03:09 - 2012-06-18 03:09 - 00000000 ____D C:\Program Files\UFU
2012-06-17 05:57 - 2012-06-17 07:09 - 00000000 ____D C:\Program Files\PS3 Game Updates
2012-06-17 05:57 - 2012-06-17 05:57 - 00000988 ____A C:\Users\LogMeInRemoteUser\Desktop\PS3 Game Updates.lnk
2012-06-16 13:08 - 2012-06-16 14:29 - 00000446 ____A C:\Users\Jean Luca\Desktop\Binge Eating Disorder.txt
2012-06-16 03:31 - 2012-06-16 03:31 - 00000000 ____D C:\Windows\System32\Adobe
2012-06-15 12:08 - 2012-06-15 12:08 - 00000000 ____D C:\Users\Jean Luca\AppData\Local\Macromedia
2012-06-14 11:21 - 2012-06-14 11:21 - 00000024 ____A C:\Users\Jean Luca\Desktop\post-workout.txt
2012-06-14 07:43 - 2012-06-14 07:43 - 00000000 ____D C:\Users\Jean Luca\AppData\Roaming\Luxand
2012-06-14 07:42 - 2012-06-14 07:42 - 00000000 ____D C:\Program Files\Luxand
2012-06-14 07:42 - 2012-02-07 13:56 - 00792384 ____A C:\Windows\System32\LuxandCredentialProvider.dll
2012-06-14 07:42 - 2012-02-07 13:55 - 00665920 ____A C:\Windows\System32\LuxandBlink.dll
2012-06-14 07:42 - 2011-07-28 04:54 - 06943744 ____A (Luxand, Inc.) C:\Windows\System32\LuxandBlinkLib11.dll
2012-06-14 07:42 - 2011-07-28 04:54 - 06943744 ____A (Luxand, Inc.) C:\Windows\System32\LuxandBlinkLib1.dll
2012-06-14 07:37 - 2012-05-17 15:11 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-14 07:37 - 2012-05-17 14:48 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-14 07:37 - 2012-05-17 14:45 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-14 07:37 - 2012-05-17 14:36 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-14 07:37 - 2012-05-17 14:35 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-14 07:37 - 2012-05-17 14:35 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-14 07:37 - 2012-05-17 14:33 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-14 07:37 - 2012-05-17 14:31 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-14 07:37 - 2012-05-17 14:29 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-14 07:37 - 2012-05-17 14:29 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-14 07:37 - 2012-05-17 14:27 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-14 07:37 - 2012-05-17 14:25 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-14 07:37 - 2012-05-17 14:24 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-14 07:37 - 2012-05-17 14:20 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-14 01:43 - 2012-04-27 20:41 - 00919040 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2012-06-14 01:43 - 2012-04-27 19:17 - 00183808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-14 01:43 - 2012-04-25 20:45 - 00129536 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-06-14 01:43 - 2012-04-25 20:45 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-06-14 01:43 - 2012-04-25 20:41 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-06-14 01:42 - 2012-05-14 17:05 - 02343936 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-14 01:42 - 2012-04-30 20:44 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-06-14 01:42 - 2012-04-23 20:36 - 01158656 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-06-14 01:42 - 2012-04-23 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-06-14 01:42 - 2012-04-23 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-06-14 01:42 - 2012-04-07 03:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-06-11 03:52 - 2012-06-11 03:53 - 00000000 ____D C:\Program Files\Common Files\DVBViewer Shared
2012-06-11 03:51 - 2012-06-11 03:53 - 00000000 ____D C:\Program Files\DVBViewer
2012-06-11 03:51 - 2012-06-11 03:51 - 00000000 ____D C:\Users\All Users\CMUV
2012-06-10 10:24 - 2012-06-11 08:06 - 00000604 ____A C:\Users\Jean Luca\Desktop\stuff to do.txt
2012-06-10 10:21 - 2012-06-10 10:21 - 00000160 ____A C:\Users\Jean Luca\Desktop\stuff to sell.txt
2012-06-10 03:08 - 2012-06-10 03:08 - 00001414 ____A C:\Users\Jean Luca\Desktop\kn0ck0ut_readme.txt - Shortcut.lnk
2012-06-09 09:39 - 2012-06-09 09:39 - 00000000 ____D C:\Users\All Users\Hotspot Shield
2012-06-09 09:38 - 2012-06-09 09:39 - 00000000 ____D C:\Hotspot Shield
2012-06-09 09:36 - 2012-06-25 15:03 - 00000000 ____D C:\Program Files\Hotspot Shield
2012-06-08 23:45 - 2012-06-08 23:45 - 00000000 ____D C:\Users\Jean Luca\AppData\Local\{F5EFB606-CA3D-4029-B648-B5658A571B15}
2012-06-08 23:45 - 2012-06-08 23:45 - 00000000 ____D C:\Users\Jean Luca\AppData\Local\{CDED2826-1510-466E-AA7A-C17BF3A3ABB5}
2012-06-08 23:43 - 2012-06-08 23:43 - 00000000 ____D C:\Users\Jean Luca\AppData\Local\{F8D72AEF-E44F-4A78-84CC-679F8ADC20DF}
2012-06-08 23:43 - 2012-06-08 23:43 - 00000000 ____D C:\Users\Jean Luca\AppData\Local\{6B2DB20E-207A-4EB8-90B2-5E2838168F44}
2012-06-08 08:06 - 2012-06-08 08:06 - 00000000 ____D C:\Users\Jean Luca\Documents\iZotope RX 2 Presets
2012-06-08 04:14 - 2012-06-08 04:14 - 60763266 ____A C:\Users\Jean Luca\Desktop\Pokemon Game Room - YouTube.avi
2012-06-07 07:02 - 2012-06-07 07:02 - 00000092 ____A C:\Users\Jean Luca\Desktop\quiero.txt

============ 3 Months Modified Files ========================

2012-07-07 07:12 - 2012-06-20 06:08 - 00005816 ____A C:\Windows\System32\LOCALSERVICE.INI
2012-07-07 07:12 - 2012-06-20 06:08 - 00000103 ____A C:\Windows\System32\LOCALDEVICE.INI
2012-07-07 07:12 - 2009-02-27 07:04 - 00000989 ____A C:\Windows\System32\bscs.ini
2012-07-07 07:10 - 2011-09-07 21:45 - 00001134 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-07-07 07:09 - 2012-06-27 13:20 - 00003778 ____A C:\Windows\setupact.log
2012-07-07 07:09 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-07-07 07:05 - 2012-01-21 17:26 - 01737740 ____A C:\Windows\WindowsUpdate.log
2012-07-07 07:05 - 2011-09-07 21:45 - 00001138 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-07-07 07:04 - 2012-06-18 03:25 - 00002054 ___AH C:\Users\Jean Luca\Documents\Default.rdp
2012-07-07 07:02 - 2011-06-21 19:06 - 00747936 ____A C:\Windows\System32\perfh010.dat
2012-07-07 07:02 - 2011-06-21 19:06 - 00150638 ____A C:\Windows\System32\perfc010.dat
2012-07-07 07:02 - 2010-12-13 11:29 - 02590048 ____A C:\Windows\System32\PerfStringBackup.INI
2012-07-07 07:00 - 2009-07-13 20:34 - 00018672 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-07-07 07:00 - 2009-07-13 20:34 - 00018672 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-07-07 06:39 - 2012-02-16 05:56 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-07-07 06:28 - 2012-06-21 02:14 - 00000142 ____A C:\Windows\System32\REMOTEDEVICE.INI
2012-07-07 06:20 - 2012-07-07 06:20 - 00000144 ____A C:\Users\Jean Luca\Downloads\40423baf-2aa3-4671-b420-1572ad672d33.htm
2012-07-07 06:19 - 2012-07-07 06:19 - 00000037 ____A C:\Users\Jean Luca\Desktop\ul.to
2012-07-07 04:47 - 2012-07-07 04:47 - 00079271 ____A C:\Users\Jean Luca\Desktop\gmer.log
2012-07-07 03:33 - 2011-01-03 10:03 - 00000440 _RASH C:\Users\All Users\ntuser.pol
2012-07-07 03:32 - 2012-07-04 15:52 - 00001680 ____A C:\Windows\PFRO.log
2012-07-07 02:45 - 2012-07-07 02:45 - 00607260 ____R (Swearware) C:\Users\Jean Luca\Downloads\dds.com
2012-07-07 02:43 - 2012-07-07 02:43 - 00302592 ____A C:\Users\Jean Luca\Desktop\ivh71hj0.exe
2012-07-07 02:37 - 2012-01-28 15:32 - 00000944 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-70511670-633675951-1585645760-1001UA.job
2012-07-06 17:53 - 2012-07-06 17:53 - 00119808 ____A (DT Soft Ltd) C:\Users\Jean Luca\AppData\Roaming\brant.dll
2012-07-06 17:53 - 2012-07-06 17:53 - 00000012 ____A C:\Windows\srun.log
2012-07-06 16:13 - 2012-07-06 16:13 - 06917425 ____A C:\Users\Jean Luca\Desktop\01 WWE_ Wreck (Mick Foley).m4a
2012-07-06 16:13 - 2012-07-06 16:13 - 06842504 ____A C:\Users\Jean Luca\Desktop\01 Insatiable (Layla) [feat. Patsy G.m4a
2012-07-06 15:57 - 2012-06-29 06:49 - 00001560 ____A C:\Users\Jean Luca\Desktop\zoom passes.txt
2012-07-06 14:37 - 2012-01-28 15:32 - 00000922 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-70511670-633675951-1585645760-1001Core.job
2012-07-06 12:48 - 2012-07-06 12:48 - 00000172 ____A C:\Users\Jean Luca\Desktop\Premiumleecher.com_iMPACT.Wrestling.2012.07.05.720p.HDTV.x264-NWCHD.part1.rar
2012-07-06 08:26 - 2012-07-06 08:26 - 00993505 ____A C:\Users\Jean Luca\Desktop\rl23_v43_SVN409.zip
2012-07-05 21:26 - 2012-07-05 13:48 - 00014424 ____A C:\Users\Jean Luca\Desktop\Velocity 2002.txt
2012-07-05 13:48 - 2012-07-05 13:48 - 00000008 ____A C:\Users\Jean Luca\Desktop\final4eve.txt
2012-07-05 11:58 - 2012-07-05 11:58 - 00000670 ____A C:\Users\Jean Luca\Desktop\Filehosters list.txt
2012-07-04 15:49 - 2012-07-04 15:49 - 00000429 ____A C:\Users\Jean Luca\Desktop\nhb links.txt
2012-07-04 15:49 - 2012-06-19 05:53 - 00000307 ____A C:\Users\Jean Luca\Desktop\etwd ftp.txt
2012-07-04 15:24 - 2012-07-04 15:24 - 01180093 ____A C:\Users\Jean Luca\Desktop\NeembuuUploader.v2.7_2.zip
2012-07-04 15:21 - 2012-07-04 15:21 - 01180093 ____A C:\Users\Jean Luca\Desktop\NeembuuUploader.v2.7.zip
2012-07-04 13:51 - 2012-07-04 13:51 - 00000128 ____A C:\Users\Jean Luca\Desktop\cash.txt
2012-07-04 12:48 - 2012-07-04 14:53 - 51716527 ____A C:\Users\Jean Luca\Desktop\snooki_converted_2.mp4
2012-07-04 12:48 - 2012-07-04 14:51 - 63252169 ____A C:\Users\Jean Luca\Desktop\snooki_converted.mp4
2012-07-04 07:23 - 2012-07-04 07:23 - 00006643 ____A C:\Users\Jean Luca\Desktop\accounts.php
2012-07-04 07:09 - 2012-07-04 07:09 - 00002659 ____A C:\Users\Public\Desktop\SmartFTP Client.lnk
2012-07-04 07:08 - 2012-07-04 07:08 - 15780585 ____A C:\Users\Jean Luca\Desktop\SFTP4.0.1231.0x86.rar
2012-07-04 06:46 - 2012-07-04 06:44 - 66303148 ____A C:\Users\Jean Luca\Desktop\xampp-win32-1.7.4-VC6-installer.exe
2012-07-04 05:01 - 2012-07-04 07:04 - 00000000 ____A C:\Users\Jean Luca\Desktop\Notes.txt
2012-07-04 04:38 - 2012-07-04 04:38 - 00010733 ____A C:\Users\Jean Luca\Downloads\detail.htm
2012-07-04 03:19 - 2012-07-04 03:19 - 00006110 ____A C:\Users\Jean Luca\Desktop\new 15.txt
2012-07-04 03:17 - 2012-07-04 06:55 - 00019759 ____A C:\Users\Jean Luca\FileUploader.log
2012-07-03 17:12 - 2012-07-03 16:53 - 00345610 ____A C:\fmle_session_20120704_025341.log
2012-07-03 16:51 - 2012-07-03 16:51 - 00004924 ____A C:\Users\Jean Luca\Downloads\jtv.500k.4.3.xml
2012-07-03 16:44 - 2010-12-28 16:27 - 00026112 ____A C:\Users\Jean Luca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-07-03 16:09 - 2012-07-03 16:09 - 00146981 ____A C:\Users\Jean Luca\Downloads\index.htm
2012-07-03 16:02 - 2012-07-03 16:02 - 00047245 ____A C:\Users\Jean Luca\Downloads\dyn-postdownload.htm
2012-07-03 16:01 - 2012-07-03 16:01 - 00054048 ____A C:\Users\Jean Luca\Downloads\FalseCamera.shtml
2012-07-03 15:54 - 2012-07-03 15:54 - 00001071 ____A C:\Users\Public\Desktop\Adobe Flash Media Live Encoder 3.2.lnk
2012-07-03 15:54 - 2012-07-03 15:54 - 00001035 ____A C:\Users\Public\Desktop\e2eSoft VCam.lnk
2012-07-03 15:54 - 2012-07-03 15:54 - 00000072 ____A C:\Users\Jean Luca\Downloads\e2esoft-vcam-4-7-11-TeamSD_inc_crack.htm
2012-07-03 13:44 - 2012-07-03 13:34 - 73663250 ____A C:\Users\Jean Luca\Downloads\TNA Today (June 25) Interview with Madison Rayne.480p
2012-07-03 08:14 - 2012-06-29 14:50 - 00000304 ____A C:\Users\Jean Luca\Desktop\Difference Sizes Post Threads.txt
2012-07-03 07:39 - 2012-06-24 19:59 - 00000082 ____A C:\Users\Jean Luca\Desktop\warez-bb.txt
2012-07-03 07:04 - 2012-07-03 07:04 - 00140674 ____A C:\Users\Jean Luca\Downloads\viewtopic.htm
2012-07-02 16:05 - 2012-04-20 11:16 - 00001177 ____A C:\Users\Jean Luca\.swfinfo
2012-07-01 13:38 - 2012-06-30 04:56 - 00000012 ____A C:\Users\Jean Luca\Desktop\cuty.txt
2012-06-30 17:56 - 2010-12-26 12:11 - 00000471 ____A C:\Windows\System32\Datei4
2012-06-30 17:56 - 2010-12-26 12:11 - 00000471 ____A C:\Windows\System32\Datei2
2012-06-30 17:56 - 2010-12-26 12:11 - 00000470 ____A C:\Windows\System32\Datei3
2012-06-30 17:56 - 2010-12-26 12:11 - 00000470 ____A C:\Windows\System32\Datei1
2012-06-30 17:56 - 2010-12-26 12:11 - 00000469 ____A C:\Windows\System32\Datei7
2012-06-30 17:56 - 2010-12-26 12:11 - 00000469 ____A C:\Windows\System32\Datei5
2012-06-30 17:56 - 2010-12-26 12:11 - 00000468 ____A C:\Windows\System32\Datei0
2012-06-30 17:56 - 2010-12-26 12:11 - 00000467 ____A C:\Windows\System32\Datei9
2012-06-30 17:56 - 2010-12-26 12:11 - 00000467 ____A C:\Windows\System32\Datei8
2012-06-30 17:56 - 2010-12-26 12:11 - 00000467 ____A C:\Windows\System32\Datei10
2012-06-30 17:56 - 2010-12-26 12:11 - 00000465 ____A C:\Windows\System32\Datei6
2012-06-30 08:22 - 2012-06-30 08:21 - 06757923 ____A C:\Users\Jean Luca\Desktop\Treasured.zip
2012-06-30 08:17 - 2012-06-30 08:16 - 40047200 ____A C:\Users\Jean Luca\Desktop\videorepair.zip
2012-06-30 06:08 - 2012-06-30 06:08 - 48157984 ____A C:\Users\Jean Luca\Downloads\WWE Promo - Kane (2012).mp4
2012-06-30 06:08 - 2012-06-30 06:08 - 30217159 ____A C:\Users\Jean Luca\Downloads\WWE Promo - John Cena (2012).mp4
2012-06-30 06:04 - 2012-06-30 06:04 - 39375857 ____A C:\Users\Jean Luca\Downloads\WWE Promo - Alberto Del Rio (2011).mp4
2012-06-29 07:44 - 2012-06-29 07:42 - 00001200 ____A C:\Users\Jean Luca\Desktop\rs.txt
2012-06-29 06:06 - 2012-06-28 11:29 - 00000072 ____A C:\Users\Jean Luca\Desktop\Jdownloader doesn't recognize.txt
2012-06-29 03:33 - 2012-06-29 03:33 - 00098103 ____A (MadeForNet.com) C:\Windows\System32\uninstall.exe
2012-06-28 11:09 - 2012-06-28 10:58 - 00006193 ____A C:\Users\Jean Luca\Desktop\new 2.nfo
2012-06-27 13:20 - 2012-06-27 13:20 - 00000000 ____A C:\Windows\setuperr.log
2012-06-26 16:24 - 2012-06-26 16:24 - 04731392 ____A (AVAST Software) C:\Users\Jean Luca\Desktop\aswMBR.exe
2012-06-26 16:24 - 2012-06-26 16:24 - 02128984 ____A (Kaspersky Lab ZAO) C:\Users\Jean Luca\Desktop\tdsskiller.exe
2012-06-26 16:23 - 2012-06-26 16:22 - 04569121 ____R (Swearware) C:\Users\Jean Luca\Desktop\ComboFix.exe
2012-06-26 16:08 - 2012-06-26 06:50 - 04503728 ___AT C:\Users\All Users\l_0_00_re.pad
2012-06-26 15:48 - 2012-06-26 15:48 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_PSPdispSideShow_01_00_00.Wdf
2012-06-26 15:43 - 2012-06-26 15:43 - 00125131 ____A C:\Users\Jean Luca\Desktop\remotejoylite_019_for_62x-63x_b.zip
2012-06-26 12:21 - 2012-06-26 12:21 - 00001994 ____A C:\Users\Public\Desktop\FileZilla Server Interface.lnk
2012-06-26 09:17 - 2012-06-26 09:17 - 00001111 ____A C:\Users\Public\Desktop\Copernic Desktop Search - Home.lnk
2012-06-26 07:00 - 2009-08-15 06:30 - 00001324 ____A C:\Users\Jean Luca\Desktop\sites.txt
2012-06-26 04:59 - 2012-06-26 04:59 - 00005380 ____A C:\Users\Jean Luca\Downloads\WarezBBForumPlugin.jar
2012-06-26 00:37 - 2012-06-26 00:34 - 34439484 ____A C:\Users\Jean Luca\Desktop\Zelda Stage SSBM - 260612.wav
2012-06-25 23:15 - 2012-06-24 12:37 - 00000329 ____A C:\Users\Jean Luca\Downloads\WinParrot.ini
2012-06-25 23:09 - 2012-06-25 04:00 - 101610554 ____A C:\Users\Jean Luca\Desktop\add.wpr
2012-06-25 17:12 - 2012-06-25 17:12 - 00000732 ____A C:\Users\Jean Luca\Desktop\nate.txt
2012-06-25 16:46 - 2012-06-25 13:47 - 00001230 ____A C:\Users\Jean Luca\Desktop\usenet accounts 3.txt
2012-06-25 16:13 - 2012-06-24 13:08 - 294649484 ____A C:\Users\Jean Luca\Desktop\hgcjh.wpr
2012-06-25 04:56 - 2012-06-25 04:34 - 00002104 ____A C:\Users\Jean Luca\Desktop\usenet accounts 2cha.txt
2012-06-24 19:02 - 2012-06-24 14:18 - 00002108 ____A C:\Users\Jean Luca\Desktop\usenet accounts 2.txt
2012-06-24 17:32 - 2012-06-24 17:32 - 00012984 ____A C:\Users\Jean Luca\Desktop\rtmp.txt
2012-06-24 09:07 - 2012-06-23 03:45 - 00000402 ____A C:\Users\Jean Luca\Desktop\banned warez-bb host.txt
2012-06-23 06:05 - 2012-03-31 07:37 - 00000339 ____A C:\Windows\maketorrent.ini
2012-06-23 03:45 - 2012-06-23 03:45 - 00001508 ____A C:\Users\Jean Luca\Desktop\mtv links.txt
2012-06-23 03:13 - 2012-06-23 03:10 - 68180498 ____A C:\Users\Jean Luca\Desktop\Coheed and Cambria - Welcome Home.wav
2012-06-22 23:09 - 2012-03-02 16:11 - 00237568 ____A C:\Windows\System32\rmc_rtspdl.dll
2012-06-22 23:09 - 2012-03-02 16:11 - 00156672 ____A (Radioactive) C:\Windows\System32\rmc_fixasf.exe
2012-06-22 19:39 - 2012-02-16 05:56 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-06-22 19:39 - 2011-06-12 05:30 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-06-22 04:25 - 2011-09-21 00:38 - 00000918 ____A C:\Users\LogMeInRemoteUser\Desktop\MiPony.lnk
2012-06-21 07:22 - 2010-12-25 10:06 - 00002788 ____A C:\Windows\Sandboxie.ini
2012-06-21 02:20 - 2012-06-21 02:20 - 00000267 ____A C:\Windows\System32\SHORTCUT.INI
2012-06-20 16:56 - 2012-06-20 16:56 - 01326778 ____A C:\Users\Jean Luca\Desktop\Move - Censore1.wav
2012-06-20 06:03 - 2012-06-20 06:03 - 00000000 ____A C:\Windows\System32\BSPRINT.INI
2012-06-20 06:03 - 2012-04-27 09:48 - 00000032 ____A C:\Windows\0
2012-06-19 05:30 - 2012-06-19 05:30 - 00000902 ____A C:\Users\LogMeInRemoteUser\Desktop\Unzbin.lnk
2012-06-18 05:53 - 2012-06-18 04:39 - 00000020 ____A C:\Users\Jean Luca\Desktop\178.33.156.104.txt
2012-06-18 05:00 - 2012-06-18 05:00 - 00006405 ____A C:\Users\Jean Luca\Desktop\encodes.txt
2012-06-18 03:12 - 2012-06-18 03:11 - 00000060 ____A C:\Users\Jean Luca\Desktop\DVDs.txt
2012-06-17 06:50 - 2010-12-25 12:43 - 00012354 ____A C:\Users\Jean Luca\dsp_stereo_tool.ini
2012-06-17 05:57 - 2012-06-17 05:57 - 00000988 ____A C:\Users\LogMeInRemoteUser\Desktop\PS3 Game Updates.lnk
2012-06-16 14:29 - 2012-06-16 13:08 - 00000446 ____A C:\Users\Jean Luca\Desktop\Binge Eating Disorder.txt
2012-06-16 07:29 - 2010-12-30 20:15 - 01392244 ___AH C:\Windows\System32\mlfcache.dat
2012-06-15 07:13 - 2009-07-13 20:53 - 00032620 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-06-14 11:21 - 2012-06-14 11:21 - 00000024 ____A C:\Users\Jean Luca\Desktop\post-workout.txt
2012-06-14 09:27 - 2009-07-13 20:33 - 05387064 ____A C:\Windows\System32\FNTCACHE.DAT
2012-06-14 07:45 - 2010-12-13 11:35 - 56731752 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-06-11 08:06 - 2012-06-10 10:24 - 00000604 ____A C:\Users\Jean Luca\Desktop\stuff to do.txt
2012-06-11 05:57 - 2012-03-30 02:27 - 00001975 ____A C:\Users\Jean Luca\Desktop\bleep.txt
2012-06-10 12:03 - 2012-06-06 11:13 - 00001611 ____A C:\Users\Jean Luca\AppData\Roaming\pacemaker.ini
2012-06-10 10:21 - 2012-06-10 10:21 - 00000160 ____A C:\Users\Jean Luca\Desktop\stuff to sell.txt
2012-06-10 03:08 - 2012-06-10 03:08 - 00001414 ____A C:\Users\Jean Luca\Desktop\kn0ck0ut_readme.txt - Shortcut.lnk
2012-06-08 04:14 - 2012-06-08 04:14 - 60763266 ____A C:\Users\Jean Luca\Desktop\Pokemon Game Room - YouTube.avi
2012-06-07 07:02 - 2012-06-07 07:02 - 00000092 ____A C:\Users\Jean Luca\Desktop\quiero.txt
2012-06-06 11:12 - 2012-06-06 11:13 - 00000010 ____A C:\Users\Jean Luca\AppData\Roaming\pacemaker_songparams.txt
2012-06-06 10:22 - 2012-06-06 10:22 - 00000355 ____A C:\Users\Jean Luca\Homegroup - Shortcut.lnk
2012-06-05 19:44 - 2012-06-05 19:44 - 00000038 ____A C:\Users\Jean Luca\Desktop\xdcc.txt
2012-06-04 11:16 - 2012-06-04 11:16 - 00022080 ____A C:\Users\Jean Luca\Documents\Cuenta2.xlsx
2012-06-04 10:15 - 2012-01-31 09:09 - 00021827 ____A C:\Users\Jean Luca\Documents\Cuenta.xlsx
2012-06-02 14:19 - 2012-06-20 19:27 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-06-20 19:27 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 14:19 - 2012-06-20 19:27 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-06-20 19:27 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:19 - 2012-06-20 19:27 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 14:12 - 2012-06-20 19:27 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 14:12 - 2012-06-20 19:27 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 05:19 - 2012-06-20 19:26 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 05:12 - 2012-06-20 19:26 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-05-31 05:22 - 2012-05-31 05:15 - 00000374 ____A C:\Users\Jean Luca\Desktop\lista2.txt
2012-05-30 06:17 - 2012-05-30 06:17 - 00000398 ____A C:\Users\Jean Luca\Desktop\trata.txt
2012-05-28 02:37 - 2012-05-28 02:37 - 00000878 ____A C:\Users\LogMeInRemoteUser\Desktop\CDisplay.lnk
2012-05-26 09:32 - 2012-05-26 09:32 - 00000902 ____A C:\Users\LogMeInRemoteUser\Desktop\Hybrid.lnk
2012-05-20 08:42 - 2012-05-20 08:42 - 00000000 ____A C:\Windows\System32\debug.log
2012-05-18 16:38 - 2012-05-18 16:29 - 00001696 ____A C:\Users\Jean Luca\Desktop\ayuda.txt
2012-05-17 15:11 - 2012-06-14 07:37 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-05-17 14:48 - 2012-06-14 07:37 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-05-17 14:45 - 2012-06-14 07:37 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-05-17 14:36 - 2012-06-14 07:37 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-05-17 14:35 - 2012-06-14 07:37 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-05-17 14:35 - 2012-06-14 07:37 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-05-17 14:33 - 2012-06-14 07:37 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-05-17 14:31 - 2012-06-14 07:37 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-05-17 14:29 - 2012-06-14 07:37 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-05-17 14:29 - 2012-06-14 07:37 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-05-17 14:27 - 2012-06-14 07:37 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-05-17 14:25 - 2012-06-14 07:37 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-05-17 14:24 - 2012-06-14 07:37 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-05-17 14:20 - 2012-06-14 07:37 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-05-16 05:22 - 2012-05-16 05:22 - 00000086 ____A C:\mbr.log
2012-05-16 05:16 - 2012-05-16 05:15 - 00089088 ____A C:\mbr.exe
2012-05-14 17:05 - 2012-06-14 01:42 - 02343936 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-05-09 05:04 - 2012-02-28 04:56 - 00002528 ____A C:\Users\Jean Luca\Desktop\premium link generator lists.txt
2012-04-30 20:44 - 2012-06-14 01:42 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-04-27 20:41 - 2012-06-14 01:43 - 00919040 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2012-04-27 19:17 - 2012-06-14 01:43 - 00183808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-04-27 10:00 - 2011-06-12 15:04 - 00097552 ____A (MotioninJoy) C:\Windows\System32\Drivers\MijXfilt.sys
2012-04-27 09:48 - 2012-04-27 09:48 - 00000000 ____A C:\Windows\System32\0
2012-04-25 20:45 - 2012-06-14 01:43 - 00129536 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-04-25 20:45 - 2012-06-14 01:43 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-04-25 20:41 - 2012-06-14 01:43 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-04-23 20:36 - 2012-06-14 01:42 - 01158656 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-04-23 20:36 - 2012-06-14 01:42 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-04-23 20:36 - 2012-06-14 01:42 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-04-23 03:26 - 2012-06-06 22:18 - 00096056 ____A (Tonec Inc.) C:\Windows\System32\Drivers\idmwfp.sys
2012-04-22 17:21 - 2012-04-22 17:21 - 00001112 ____A C:\Users\LogMeInRemoteUser\Desktop\Platinum Notes 3.0.lnk
2012-04-22 17:20 - 2012-04-22 17:20 - 00000094 ____A C:\Users\All Users\Microsoft.SqlServer.Compact.400.32.bc
2012-04-22 17:18 - 2012-04-22 17:18 - 00001064 ____A C:\Users\LogMeInRemoteUser\Desktop\Mixed In Key 4.lnk
2012-04-22 12:45 - 2011-06-18 14:03 - 02755072 ____A (Microsoft Corporation) C:\Windows\System32\themeui.dll
2012-04-22 12:45 - 2009-07-13 15:40 - 00249856 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2012-04-22 12:45 - 2009-07-13 15:39 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\themeservice.dll
2012-04-21 16:53 - 2012-04-21 16:53 - 00000897 ____A C:\Users\Jean Luca\Desktop\Downloads.lnk
2012-04-19 02:52 - 2009-07-13 18:04 - 00002577 ____A C:\Windows\System32\config.nt
2012-04-17 01:26 - 2012-04-17 01:26 - 00000036 ____A C:\Windows\DTLite.INI
2012-04-12 02:45 - 2009-07-13 18:04 - 00000588 ____A C:\Windows\win.ini
2012-04-11 08:02 - 2012-03-28 08:06 - 00052167 ____A C:\Users\Jean Luca\Documents\Gimnasio y Comida book.xlsx
2012-04-11 07:40 - 2012-04-11 07:40 - 00037376 ____A (AnchorFree Inc.) C:\Windows\System32\Drivers\HssDrv.sys
2012-04-10 07:55 - 2012-04-10 03:13 - 00013972 ____A C:\Users\Jean Luca\Documents\Dinero.xlsx

ZeroAccess:
C:\Windows\Installer\{b1f4eea5-c15f-49ae-2545-7e5d15023312}
C:\Windows\Installer\{b1f4eea5-c15f-49ae-2545-7e5d15023312}\@
C:\Windows\Installer\{b1f4eea5-c15f-49ae-2545-7e5d15023312}\L
C:\Windows\Installer\{b1f4eea5-c15f-49ae-2545-7e5d15023312}\U
C:\Windows\Installer\{b1f4eea5-c15f-49ae-2545-7e5d15023312}\U\00000004.@
C:\Windows\Installer\{b1f4eea5-c15f-49ae-2545-7e5d15023312}\U\00000008.@
C:\Windows\Installer\{b1f4eea5-c15f-49ae-2545-7e5d15023312}\U\000000cb.@

ZeroAccess:
C:\Users\Jean Luca\AppData\Local\{b1f4eea5-c15f-49ae-2545-7e5d15023312}
C:\Users\Jean Luca\AppData\Local\{b1f4eea5-c15f-49ae-2545-7e5d15023312}\@
C:\Users\Jean Luca\AppData\Local\{b1f4eea5-c15f-49ae-2545-7e5d15023312}\L
C:\Users\Jean Luca\AppData\Local\{b1f4eea5-c15f-49ae-2545-7e5d15023312}\U

ZeroAccess:
C:\Windows\assembly\GAC\Desktop.ini

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe A302BBFF2A7278C0E239EE5D471D86A9 ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 19%
Total physical RAM: 2038.18 MB
Available physical RAM: 1630.69 MB
Total Pagefile: 2038.18 MB
Available Pagefile: 1635.58 MB
Total Virtual: 2047.88 MB
Available Virtual: 1963.55 MB

======================= Partitions =========================

1 Drive c: (Windows 7) (Fixed) (Total:134.06 GB) (Free:5.2 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (Temp) (Fixed) (Total:15 GB) (Free:11.45 GB) NTFS
4 Drive f: () (Removable) (Total:1.97 GB) (Free:1.97 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 149 GB 0 B
Disk 1 Online 2023 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 134 GB 2048 B
Partition 0 Extended 14 GB 134 GB
Partition 2 Logical 14 GB 134 GB

==================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C Windows 7 NTFS Partition 134 GB Healthy

==================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D Temp NTFS Partition 14 GB Healthy

==================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 2022 MB 31 KB

==================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F FAT32 Removable 2022 MB Healthy

==================================================================================

==========================================================

Last Boot: 2012-06-27 19:11

======================= End Of Log ==========================

Edited by jean945, 07 July 2012 - 10:21 AM.


#4 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:21 PM

Posted 07 July 2012 - 10:38 AM

Hi

Please do the following:


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

start
SubSystems: [Windows] ==> ZeroAccess
C:\Windows\Installer\{b1f4eea5-c15f-49ae-2545-7e5d15023312}
C:\Users\Jean Luca\AppData\Local\{b1f4eea5-c15f-49ae-2545-7e5d15023312}
C:\Windows\assembly\GAC\Desktop.ini
end

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options then select Command Prompt

Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Now restart, let it boot normally and tell me how it went.


NEXT


(if you have a copy of ComboFix on your desktop already, please delete it and download a fresh copy)

Refer to the ComboFix User's Guide

  • Download ComboFix from one of these locations:

    Link

    * IMPORTANT !!! Place ComboFix.exe on your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
    You can get help on disabling your protection programs here
  • Double click on ComboFix.exe & follow the prompts.
  • Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
  • When finished, it shall produce a log for you. Post that log in your next reply

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


    ---------------------------------------------------------------------------------------------
  • Ensure your AntiVirus and AntiSpyware applications are re-enabled.

    ---------------------------------------------------------------------------------------------

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#5 jean945

jean945
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 07 July 2012 - 11:52 AM

Ok, Combofix has literally sitted for 47 minutes on the "Autoscan" window doing nothing. I think it stalled. Don't know if it has to do with the fact that I run it earlier this mode in safe, and after 15 minutes hard-reset the pc while it was scanning.

#6 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:21 PM

Posted 07 July 2012 - 11:56 AM

give it another 15 minutes, if it still appears to be stalled, then close the window and we will use FRST to find and replace the infected file, we need to find the replacement first

please do the following:

  • Boot back into the System Recovery Options and run FRST.

    Type the following in the edit box after "Search:" so it looks like this:

    Search: services.exe

    Click Search button and post the log it makes to your reply.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#7 jean945

jean945
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 07 July 2012 - 01:11 PM

Farbar Recovery Scan Tool Version: 07-07-2012 03
Ran by SYSTEM at 2012-07-07 20:00:54
Running from F:\

================== Search: "services.exe" ===================

C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2009-07-13 15:11] - [2009-07-13 17:14] - 0259072 ____A (Microsoft Corporation) 5F1B6A9C35D3D5CA72D6D6FDEF9747D6

C:\Windows\System32\services.exe
[2009-07-13 15:11] - [2009-07-13 17:14] - 0259072 ____A (Microsoft Corporation) A302BBFF2A7278C0E239EE5D471D86A9

=== End Of Search ===

#8 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:21 PM

Posted 07 July 2012 - 01:24 PM

Hi

Please do the following:


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

start
replace: C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe C:\Windows\System32\services.exe
end

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options then select Command Prompt

Run FRST (or FRST64 if you have the 64bit version) and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Reboot your computer.

Now please retry ComboFix, post the resulting log.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#9 jean945

jean945
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 07 July 2012 - 04:08 PM

Here's the log but Combofix keeps stalling. I keep seeing this iexplorer.exe's running every time I turn on my pc, never happened before the virus.

Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 07-07-2012 03
Ran by SYSTEM at 2012-07-07 22:44:53 Run:2
Running from F:\

==============================================

C:\Windows\System32\services.exe moved successfully.
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe copied successfully to C:\Windows\System32\services.exe

==== End of Fixlog ====

#10 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:21 PM

Posted 07 July 2012 - 04:17 PM

hi,

delete the copy of ComboFix that you have on your desktop and download a fresh copy, but rename it to svchost.exe before saving it to your desktop.

now boot into safe mode and run it from safe mode, give it lots of time to complete

To Enter Safemode
  • Go to Start> Shut off your Computer> Restart
  • As the computer starts to boot-up, Tap the F8 KEY repeatedly,
  • this will bring up a menu.
  • Use the Up and Down Arrow Keys to scroll up to Safemode
  • Then press the Enter Key on your Keyboard
  • go into your usual account

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#11 jean945

jean945
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 07 July 2012 - 05:28 PM

Left it half an hour running and it froze my PC again. What it does is, the PC is still running but if I go to press a pinned program for example it will remain with button pressed and freeze everything.

#12 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:21 PM

Posted 07 July 2012 - 05:36 PM

do you see a blue DOS box and does it progress through any stages?

Try running it with this command:

Press the WinKey + R to open a run box:

Copy/paste the following text into the open run box > Click OK

ComboFix /nombr

please don't open any other windows while ComboFix is running

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#13 jean945

jean945
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 07 July 2012 - 07:56 PM

It worked but now I'm runing thru another problem. Internet won't work. What I mean is any browser when I try to load a page it won't load, it will just appear to start to connect for one millisec and then return like I never hit enter. That's with Firefox, with Chrome is the same thing "This webpage is not available".IE too . The icon in the low right bar says it's connected. I managed to get the log in here thru my phone.

ComboFix 12-07-07.04 - Jean Luca 08/07/2012 1:56.1.1 - x86
Microsoft Windows 7 Enterprise 6.1.7601.1.1252.39.1033.18.2038.1280 [GMT 2:00]
Eseguito da: c:\users\Jean Luca\Desktop\ComboFix.exe
Opzioni usate :: /nombr
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\program files\HTTP Debugger Pro\mfNCom.dll
c:\program files\HTTP Debugger Pro\mfnsvc.exe
c:\users\Jean Luca\AppData\Roaming\brant.dll
c:\windows\assembly\GAC\Desktop.ini
c:\windows\mfnhks32.dll
c:\windows\mfnhks64.dll
c:\windows\mfnspadv32.dll
c:\windows\mfnspadv64.dll
c:\windows\mfnspinst32.exe
c:\windows\mfnspinst64.exe
c:\windows\mfnspstd32.dll
c:\windows\mfnspstd64.dll
c:\windows\mfnswitch.exe
c:\windows\system32\DEBUG.log
c:\windows\system32\setup.ini
c:\windows\system32\uninstall.exe
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_HTTPDebugger
.
.
((((((((((((((((((((((((( Files Creati Da 2012-06-08 al 2012-07-08 )))))))))))))))))))))))))))))))))))
.
.
2012-07-08 01:14 . 2012-07-08 01:15--------d-----w-C:\FRST
2012-07-08 00:12 . 2012-07-08 00:15--------d-----w-c:\users\Jean Luca\AppData\Local\temp
2012-07-08 00:12 . 2012-07-08 00:12--------d-----w-c:\users\LogMeInRemoteUser\AppData\Local\temp
2012-07-08 00:12 . 2012-07-08 00:12--------d-----w-c:\users\Default\AppData\Local\temp
2012-07-07 01:53 . 2012-07-07 01:53--------d-----w-c:\users\Jean Luca\AppData\Roaming\xsecva
2012-07-06 17:31 . 2012-06-18 01:146762896----a-w-c:\programdata\Microsoft\Windows Defender\Definition Updates\{AFEA8561-F976-4553-9A34-CF6C6D08C8D6}\mpengine.dll
2012-07-03 23:54 . 2011-02-03 14:31104376----a-w-c:\windows\system32\drivers\VCam_WDM.sys
2012-07-03 23:54 . 2012-07-03 23:54--------d-----w-c:\users\Jean Luca\AppData\Roaming\e2eSoft
2012-07-03 23:53 . 2012-07-03 23:53--------d-----w-c:\program files\e2eSoft
2012-06-29 12:02 . 2012-06-29 12:03--------d-----w-c:\windows\B3528A48121E44A8B6D2BE8825145659.TMP
2012-06-29 11:33 . 2012-07-08 00:11--------d-----w-c:\program files\HTTP Debugger Pro
2012-06-27 12:19 . 2012-06-27 20:59--------d-----w-c:\windows\LastGood
2012-06-26 23:48 . 2012-06-27 13:07--------d-----w-c:\users\Jean Luca\AppData\Roaming\PSPdisp
2012-06-26 23:48 . 2012-06-26 23:49--------d-----w-c:\program files\PSPdisp
2012-06-26 20:20 . 2012-06-26 20:21--------d-----w-c:\program files\FileZilla Server
2012-06-26 17:17 . 2012-06-26 17:17--------d-----w-c:\program files\Copernic Desktop Search - Home
2012-06-26 17:16 . 2012-06-26 17:16--------d-----w-c:\users\Jean Luca\AppData\Local\Copernic
2012-06-26 17:16 . 2012-06-26 17:16--------d-----w-c:\users\Jean Luca\AppData\Roaming\Copernic
2012-06-26 13:08 . 2012-06-26 13:08--------d-----w-c:\users\Jean Luca\AppData\Roaming\WindowsApplication1
2012-06-25 04:25 . 2012-06-26 12:30--------d-----w-c:\users\Jean Luca\sfap
2012-06-24 20:33 . 2012-06-24 20:33--------d-----w-c:\program files\GSAutoClicker3
2012-06-22 13:52 . 2012-06-22 13:52--------d-----w-c:\program files\Fotosizer
2012-06-21 16:47 . 2012-06-21 16:48--------d-----w-c:\users\Jean Luca\AppData\Roaming\WinFF
2012-06-21 16:47 . 2012-06-21 16:47--------d-----w-c:\program files\WinFF
2012-06-21 16:27 . 2012-06-21 16:28--------d-----w-c:\users\Jean Luca\AppData\Roaming\Mp3tag
2012-06-21 16:25 . 2012-06-21 16:25--------d-----w-c:\program files\Mp3tag
2012-06-21 16:24 . 2012-06-21 16:26--------d-----w-c:\program files\AtomicParsley Win32 GUI
2012-06-21 03:27 . 2012-06-02 22:1945080----a-w-c:\windows\system32\wups2.dll
2012-06-21 03:27 . 2012-06-02 22:1953784----a-w-c:\windows\system32\wuauclt.exe
2012-06-21 03:27 . 2012-06-02 22:122422272----a-w-c:\windows\system32\wucltux.dll
2012-06-21 03:27 . 2012-06-02 22:191933848----a-w-c:\windows\system32\wuaueng.dll
2012-06-21 03:27 . 2012-06-02 22:1935864----a-w-c:\windows\system32\wups.dll
2012-06-21 03:27 . 2012-06-02 22:19577048----a-w-c:\windows\system32\wuapi.dll
2012-06-21 03:27 . 2012-06-02 22:1288576----a-w-c:\windows\system32\wudriver.dll
2012-06-21 03:26 . 2012-06-02 13:19171904----a-w-c:\windows\system32\wuwebv.dll
2012-06-21 03:26 . 2012-06-02 13:1233792----a-w-c:\windows\system32\wuapp.exe
2012-06-20 20:32 . 2012-06-20 20:32--------d-----w-c:\users\Jean Luca\AppData\Local\bluesoleil
2012-06-20 14:00 . 2012-06-20 14:00--------d-----w-c:\program files\IVT Corporation
2012-06-19 15:35 . 2012-06-19 15:354967624----a-w-c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2012-06-19 13:31 . 2012-06-19 17:38--------d-----w-c:\users\Jean Luca\AppData\Roaming\Unzbin
2012-06-19 13:31 . 2012-06-19 13:31--------d-----w-c:\users\Jean Luca\AppData\Local\Unzbin.com
2012-06-19 13:30 . 2012-06-19 13:30--------d-----w-c:\program files\Unzbin
2012-06-18 16:11 . 2012-06-18 16:13--------d-----w-c:\users\Jean Luca\AppData\Roaming\Yahoo!
2012-06-18 16:11 . 2012-06-18 16:12--------d-----w-c:\programdata\Yahoo! Companion
2012-06-18 16:10 . 2012-06-18 16:11--------d-----w-c:\programdata\Yahoo!
2012-06-18 16:06 . 2012-06-18 16:11--------d-----w-c:\program files\Yahoo!
2012-06-18 11:09 . 2012-06-18 11:09--------d-----w-c:\program files\UFU
2012-06-17 13:57 . 2012-06-17 15:09--------d-----w-c:\program files\PS3 Game Updates
2012-06-16 11:31 . 2012-06-16 11:31--------d-----w-c:\windows\system32\Adobe
2012-06-15 20:08 . 2012-06-15 20:08--------d-----w-c:\users\Jean Luca\AppData\Local\Macromedia
2012-06-14 15:43 . 2012-06-14 15:43--------d-----w-c:\users\Jean Luca\AppData\Roaming\Luxand
2012-06-14 15:42 . 2012-02-07 21:56792384----a-w-c:\windows\system32\LuxandCredentialProvider.dll
2012-06-14 15:42 . 2011-07-28 12:546943744----a-w-c:\windows\system32\LuxandBlinkLib11.dll
2012-06-14 15:42 . 2011-07-28 12:546943744----a-w-c:\windows\system32\LuxandBlinkLib1.dll
2012-06-14 15:42 . 2012-02-07 21:55665920----a-w-c:\windows\system32\LuxandBlink.dll
2012-06-14 15:42 . 2012-06-14 15:42--------d-----w-c:\program files\Luxand
2012-06-14 09:43 . 2012-04-28 04:41919040----a-w-c:\windows\system32\rdpcorets.dll
2012-06-14 09:43 . 2012-04-28 03:17183808----a-w-c:\windows\system32\drivers\rdpwd.sys
2012-06-14 09:43 . 2012-04-26 04:45129536----a-w-c:\windows\system32\rdpcorekmts.dll
2012-06-14 09:43 . 2012-04-26 04:4558880----a-w-c:\windows\system32\rdpwsx.dll
2012-06-14 09:43 . 2012-04-26 04:418192----a-w-c:\windows\system32\rdrmemptylst.exe
2012-06-14 09:42 . 2012-05-15 01:052343936----a-w-c:\windows\system32\win32k.sys
2012-06-14 09:42 . 2012-04-07 11:262342400----a-w-c:\windows\system32\msi.dll
2012-06-14 09:42 . 2012-05-01 04:44164352----a-w-c:\windows\system32\profsvc.dll
2012-06-14 09:42 . 2012-04-24 04:361158656----a-w-c:\windows\system32\crypt32.dll
2012-06-14 09:42 . 2012-04-24 04:36140288----a-w-c:\windows\system32\cryptsvc.dll
2012-06-14 09:42 . 2012-04-24 04:36103936----a-w-c:\windows\system32\cryptnet.dll
2012-06-11 11:52 . 2012-06-11 11:53--------d-----w-c:\program files\Common Files\DVBViewer Shared
2012-06-11 11:51 . 2012-06-11 11:53--------d-----w-c:\program files\DVBViewer
2012-06-11 11:51 . 2012-06-11 11:51--------d-----w-c:\programdata\CMUV
2012-06-09 17:39 . 2012-06-09 17:39--------d-----w-c:\programdata\Hotspot Shield
2012-06-09 17:38 . 2012-06-09 17:39--------d-----w-C:\Hotspot Shield
2012-06-09 17:36 . 2012-06-25 23:03--------d-----w-c:\program files\Hotspot Shield
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-23 07:09 . 2012-03-03 00:11156672----a-w-c:\windows\system32\rmc_fixasf.exe
2012-06-23 07:09 . 2012-03-03 00:11237568----a-w-c:\windows\system32\rmc_rtspdl.dll
2012-06-23 03:39 . 2012-02-16 13:56426184----a-w-c:\windows\system32\FlashPlayerApp.exe
2012-06-23 03:39 . 2011-06-12 13:3070344----a-w-c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-16 13:16 . 2012-05-16 13:1589088----a-w-C:\mbr.exe
2012-04-27 18:00 . 2011-06-12 23:0497552----a-w-c:\windows\system32\drivers\MijXfilt.sys
2012-04-23 11:26 . 2012-06-07 06:1896056----a-w-c:\windows\system32\drivers\idmwfp.sys
2012-04-22 20:45 . 2011-06-18 22:032755072----a-w-c:\windows\system32\themeui.dll
2012-04-22 20:45 . 2009-07-13 23:3937376----a-w-c:\windows\system32\themeservice.dll
2012-04-22 20:45 . 2009-07-13 23:40249856----a-w-c:\windows\system32\uxtheme.dll
2012-04-11 15:40 . 2012-04-11 15:4037376----a-w-c:\windows\system32\drivers\HssDrv.sys
2012-07-07 13:52 . 2011-06-11 20:39136672----a-w-c:\program files\mozilla firefox\components\browsercomps.dll
2006-05-03 10:06163328--sha-r-c:\windows\System32\flvDX.dll
2007-02-21 11:4731232--sha-r-c:\windows\System32\msfDX.dll
2008-03-16 13:30216064--sha-r-c:\windows\System32\nbDX.dll
2010-01-06 22:00107520--sha-r-c:\windows\System32\TAKDSDecoder.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15123536----a-w-c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:1294208----a-w-c:\users\Jean Luca\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:1294208----a-w-c:\users\Jean Luca\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:1294208----a-w-c:\users\Jean Luca\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:1294208----a-w-c:\users\Jean Luca\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-02-08 00:4922376----a-w-c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2012-06-28 3491264]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"DS3 Tool"="c:\program files\MotioninJoy\ds3\DS3_Tool.exe" [2012-04-27 112400]
"Xpadder"="c:\users\Jean Luca\Desktop\Programas\stefan-te_Xpadder.v2012.01.19.Retail.WaLMaRT.DM999\Xpadder.exe" [2012-01-19 1165312]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2012-05-25 6595928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-12-18 307200]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2009-02-27 278016]
"FileZilla Server Interface"="c:\program files\FileZilla Server\FileZilla Server Interface.exe" [2012-02-26 1044992]
"XSECVA"="c:\users\Jean Luca\AppData\Roaming\xsecva\xsecva.exe" [2012-07-07 186880]
"USB Safely Remove"="c:\program files\USB Safely Remove\USBSafelyRemove.exe" [2012-01-30 6061056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 1 (0x1)
"SynchronousUserGroupPolicy"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"DisableThumbnails"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984D045-52CF-49cd-DB77-08F378FEA4DB}"= "c:\program files\Stardock\ObjectDockPlus2\ODMenu.dll" [2010-03-24 511344]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security PackagesREG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
R2 gupdate;Servizio Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 hshld;Hotspot Shield Service;c:\program files\Hotspot Shield\bin\openvpnas.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 appliand;Applian Network Service;c:\windows\system32\DRIVERS\appliand.sys [x]
R3 AVerAF35;AVerMedia A867 USB DVB-T;c:\windows\system32\Drivers\AVerAF35.sys [x]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo HDD Control 2\DfSdkS.exe [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [x]
R3 gupdatem;Servizio Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver 03/20/2007, 0.1.12.1;c:\windows\system32\DRIVERS\libusb0.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 tap0801co;TAP-Win32 Adapter V8 (coLinux);c:\windows\system32\DRIVERS\tap0801co.sys [x]
R3 TaurusUsb;ADSL Modem USB Service;c:\windows\system32\DRIVERS\torususb.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;c:\program files\ABBYY FineReader 9.0\NetworkLicenseServer.exe [x]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 AHDDC2;Ashampoo HDD Control 2 Service;c:\program files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [x]
S2 DVBVRecorder;DVBViewer Recording Service;c:\program files\DVBViewer\DVBVservice.exe [x]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe [x]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 USBSafelyRemoveService;USB Safely Remove Assistant;c:\program files\USB Safely Remove\USBSRService.exe [x]
S3 appliandMP;appliandMP;c:\windows\system32\DRIVERS\appliand.sys [x]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [x]
S3 CLEDX;Team H2O CLEDX service;c:\windows\system32\DRIVERS\cledx.sys [x]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 pspdisp;pspdisp;c:\windows\system32\DRIVERS\pspdisp.sys [x]
S3 Stmatm;ATM/ADSL miniport;c:\windows\system32\DRIVERS\stmatm.sys [x]
S3 VCam_WDM;e2eSoft VCam;c:\windows\system32\DRIVERS\VCam_WDM.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmtREG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-07-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-02-16 03:39]
.
2012-07-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-70511670-633675951-1585645760-1001Core.job
- c:\users\Jean Luca\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-28 23:32]
.
2012-07-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-70511670-633675951-1585645760-1001UA.job
- c:\users\Jean Luca\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-28 23:32]
.
2012-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-12 16:24]
.
2012-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-12 16:24]
.
.
------- Scansione supplementare -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = 199.195.109.21:9090
uInternet Settings,ProxyOverride = local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Descargar con Mipony - file://c:\program files\MiPony\Browser\IEContext.htm
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\Jean Luca\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Scarica con Mipony - file://c:\program files\MiPony\Browser\IEContext.htm
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send by Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: Send via &Message... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
LSP: c:\windows\mfnspstd32.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{A14B8482-481D-4B5B-A0CC-46F116978BAB}: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\Jean Luca\AppData\Roaming\Mozilla\Firefox\Profiles\ysstnvv3.default\
FF - prefs.js: browser.search.selectedEngine - NutritionData.com
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: network.proxy.ftp - 10.138.160.98
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.http - 10.138.160.98
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - 10.138.160.98
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - 10.138.160.98
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
.
------- Associazioni dei file -------
.
.txt=DiffEditor.exe
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
HKLM-Run-brant - c:\users\Jean Luca\AppData\Roaming\brant.dll
AddRemove-HTTP Debugger Pro - c:\windows\system32\uninstall.exe
AddRemove-Lion 2011 - c:\program files\Skin Pack\Lion\Uninstall.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-70511670-633675951-1585645760-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*S*q]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-70511670-633675951-1585645760-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*S*q\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-70511670-633675951-1585645760-1001_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):c7,7a,ea,6d,a8,91,e1,46,3e,4d,56,43,8e,0e,62,af,b0,15,1a,a4,7e,
34,d8,36,a3,0d,ad,43,1d,4f,6d,c1,95,75,1e,98,79,62,c2,94,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'Explorer.exe'(3188)
c:\program files\RocketDock\RocketDock.dll
c:\users\Jean Luca\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
c:\windows\system32\BsMobileSDK.dll
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
c:\program files\Stardock\ObjectDockPlus2\ODMenu.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files\Sandboxie\SbieSvc.exe
c:\windows\system32\WUDFHost.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\FileZilla Server\FileZilla Server.exe
c:\program files\Hotspot Shield\HssWPR\hsssrv.exe
c:\windows\system32\conhost.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\IVT Corporation\BlueSoleil\BsHelpCS.exe
c:\windows\system32\rundll32.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Yahoo!\Messenger\YahooMessenger.exe
c:\program files\Yahoo!\Messenger\YahooMessenger.exe
c:\windows\system32\WerFault.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Ora fine scansione: 2012-07-08 02:27:12 - Il pc stato riavviato
ComboFix-quarantined-files.txt 2012-07-08 00:27
.
Pre-Run: 4.838.883.328 bytes free
Post-Run: 5.689.065.472 bytes free
.
- - End Of File - - 6A76B30A1BD6836A42B0AF12E8F6350F

Also avast says it "will not be able to protect mail/news (error 10106)".

#14 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:21 PM

Posted 07 July 2012 - 08:12 PM

Do you have access to another machine that you can download and then transfer to the infected machine via USB?

please download the following and run it



Please download MiniToolBox, save it to your desktop and run it.

Place a checkmark in the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.


[color

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#15 jean945

jean945
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 07 July 2012 - 08:56 PM

I'm using my Blackberry phone.

iniToolBox by Farbar Version: 25-06-2012
Ran by Jean Luca (administrator) on 08-07-2012 at 03:51:31
Microsoft Windows 7 Enterprise Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: 199.195.109.21:9090

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.ftp", "10.138.160.98"
"network.proxy.ftp_port", 3128
"network.proxy.http", "10.138.160.98"
"network.proxy.http_port", 3128
"network.proxy.network.proxy.socks_remote_dns", 1
"network.proxy.socks", "10.138.160.98"
"network.proxy.socks_port", 3128
"network.proxy.ssl", "10.138.160.98"
"network.proxy.ssl_port", 3128
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller = Local Area Connection (Connected)
WAN/ATM/ADSL miniport = Local Area Connection 2 (Connected)
TAP-Win32 Adapter V9 = Local Area Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Local Area Connection* 2-WFP LightWeight Filter-0000" address=192.168.11.1 mask=255.255.255.0
add address name="Local Area Connection* 9" address=192.168.117.1 mask=255.255.255.0
add address name="Local Area Connection 3" address=192.168.86.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : JeanLuca-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9
Physical Address. . . . . . . . . : 00-FF-4C-9D-BA-F8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Anchorfree HSS Adapter
Physical Address. . . . . . . . . : 00-FF-C7-77-B8-4B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
Physical Address. . . . . . . . . : 20-CF-30-90-1B-ED
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::aca3:6188:6089:364c%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : domenica 8 luglio 2012 02:49:33
Lease Expires . . . . . . . . . . : mercoled 18 luglio 2012 02:49:10
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 253808432
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-A6-94-AD-20-CF-30-90-1B-ED
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{C777B84B-6041-4E9E-95BD-A45529021442}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{4C9DBAF8-02E6-4E3A-B3D7-7E5A608AF983}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A14B8482-481D-4B5B-A0CC-46F116978BAB}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: 192.168.1.1

Ping request could not find host yahoo.com. Please check the name and try again.
Server: UnKnown
Address: 192.168.1.1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.

Pinging with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for u7瘘(:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
26...00 ff 4c 9d ba f8 ......TAP-Win32 Adapter V9
22...00 ff c7 77 b8 4b ......Anchorfree HSS Adapter
10...20 cf 30 90 1b ed ......Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
1...........................Software Loopback Interface 1
30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
25...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
31...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 286
192.168.1.2 255.255.255.255 On-link 192.168.1.2 286
192.168.1.255 255.255.255.255 On-link 192.168.1.2 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 286 fe80::/64 On-link
10 286 fe80::aca3:6188:6089:364c/128
On-link
1 306 ff00::/8 On-link
10 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\mfnspstd32.dll [File Not found] ()
Catalog9 02 C:\Windows\mfnspstd32.dll [File Not found] ()
Catalog9 03 C:\Windows\mfnspstd32.dll [File Not found] ()
Catalog9 04 C:\Windows\mfnspstd32.dll [File Not found] ()
Catalog9 05 C:\Windows\mfnspstd32.dll [File Not found] ()
Catalog9 06 C:\Windows\mfnspstd32.dll [File Not found] ()
Catalog9 07 C:\Windows\mfnspstd32.dll [File Not found] ()
Catalog9 08 C:\Windows\mfnspstd32.dll [File Not found] ()
Catalog9 09 C:\Windows\mfnspstd32.dll [File Not found] ()
Catalog9 10 C:\Windows\mfnspstd32.dll [File Not found] ()
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\mfnspstd32.dll [File Not found] ()
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/08/2012 03:17:19 AM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2012-07-15T00:56:19Z. Error Code: 0x80070032.

Error: (07/08/2012 03:02:22 AM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2012-07-15T00:56:22Z. Error Code: 0x80070032.

Error: (07/08/2012 02:50:06 AM) (Source: hshld) (User: )
Description: hshld error: 0OPENVPNAS: as_open failed

Error: (07/08/2012 02:48:43 AM) (Source: Schedule) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (07/08/2012 02:36:36 AM) (Source: hshld) (User: )
Description: hshld error: 0OPENVPNAS: as_open failed

Error: (07/08/2012 02:36:18 AM) (Source: Schedule) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (07/08/2012 02:27:12 AM) (Source: Schedule) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (07/08/2012 02:18:53 AM) (Source: Application Error) (User: )
Description: Faulting application name: YahooMessenger.exe, version: 11.5.0.228, time stamp: 0x4fbf6b79
Faulting module name: YahooMessenger.exe, version: 11.5.0.228, time stamp: 0x4fbf6b79
Exception code: 0xc0000005
Fault offset: 0x00049211
Faulting process id: 0xa74
Faulting application start time: 0xYahooMessenger.exe0
Faulting application path: YahooMessenger.exe1
Faulting module path: YahooMessenger.exe2
Report Id: YahooMessenger.exe3

Error: (07/08/2012 02:14:37 AM) (Source: hshld) (User: )
Description: hshld error: 0OPENVPNAS: as_open failed

Error: (07/08/2012 02:14:22 AM) (Source: Schedule) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out


System errors:
=============
Error: (07/08/2012 02:52:16 AM) (Source: Service Control Manager) (User: )
Description: The Windows Update service terminated with the following error:
%%-2147014790

Error: (07/08/2012 02:52:10 AM) (Source: Service Control Manager) (User: )
Description: The Background Intelligent Transfer Service service terminated with service-specific error %%-2147014790.

Error: (07/08/2012 02:52:10 AM) (Source: Microsoft-Windows-Bits-Client) (User: NT AUTHORITY)
Description: The BITS service failed to start. Error 2147952506.

Error: (07/08/2012 02:50:47 AM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%10106

Error: (07/08/2012 02:50:47 AM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%10106

Error: (07/08/2012 02:50:44 AM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%10106

Error: (07/08/2012 02:50:44 AM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%10106

Error: (07/08/2012 02:50:41 AM) (Source: DCOM) (User: )
Description: {4991D34B-80A1-4291-83B6-3328366B9097}

Error: (07/08/2012 02:50:34 AM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%10106

Error: (07/08/2012 02:50:34 AM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%10106


Microsoft Office Sessions:
=========================
Error: (07/08/2012 03:17:19 AM) (Source: Software Protection Platform Service)(User: )
Description: 0x800700322012-07-15T00:56:19Z

Error: (07/08/2012 03:02:22 AM) (Source: Software Protection Platform Service)(User: )
Description: 0x800700322012-07-15T00:56:22Z

Error: (07/08/2012 02:50:06 AM) (Source: hshld)(User: )
Description: hshld error: 0OPENVPNAS: as_open failed

Error: (07/08/2012 02:48:43 AM) (Source: Schedule)(User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (07/08/2012 02:36:36 AM) (Source: hshld)(User: )
Description: hshld error: 0OPENVPNAS: as_open failed

Error: (07/08/2012 02:36:18 AM) (Source: Schedule)(User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (07/08/2012 02:27:12 AM) (Source: Schedule)(User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (07/08/2012 02:18:53 AM) (Source: Application Error)(User: )
Description: YahooMessenger.exe11.5.0.2284fbf6b79YahooMessenger.exe11.5.0.2284fbf6b79c000000500049211a7401cd5c9f1f0b0ec3C:\Program Files\Yahoo!\Messenger\YahooMessenger.exeC:\Program Files\Yahoo!\Messenger\YahooMessenger.exe7f33120e-c892-11e1-a679-20cf30901bed

Error: (07/08/2012 02:14:37 AM) (Source: hshld)(User: )
Description: hshld error: 0OPENVPNAS: as_open failed

Error: (07/08/2012 02:14:22 AM) (Source: Schedule)(User: )
Description: Schedule error: 10106Initialize call failed, bailing out


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 6.1.2)
7-Zip 9.22beta
ABBYY FineReader 9.0 Professional Edition (Version: 9.00.662.5506)
AC-3 ACM Codec
AC3Filter 2.1a (Version: 2.1a)
Adobe AIR (Version: 3.1.0.4880)
Adobe Audition CS6 (Version: 5.0)
Adobe Flash Media Live Encoder 3.2 (Version: 3.2.0)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Help Manager (Version: 4.0.244)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Photoshop Elements 9 (Version: 9.0.3.0)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
ADSL Modem
Advanced EFS Data Recovery (Version: 4.42)
Alarm (Version: 2.0.6)
Angry Birds (Version: 2.0.2)
Antares Auto-Tune Evo VST (Version: 6.00.0009)
Antares Harmony Engine VST RTAS v1.0
AnyDVD (Version: 6.8.1.0)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Ares 2.1.8 (Version: 2.1.8-Build#3042)
Ashampoo HDD Control 2 2.07 (Version: 3.1.1)
ASIO4ALL (Version: 2.10)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.22)
AtomicParsley GUI 0.01
Torrent (Version: 3.1.3)
Audacity 2.0
avast! Free Antivirus (Version: 7.0.1426.0)
AVCHDCoder (Version: 11.08.03)
AVerMedia A867 USB DVB-T 8.0.0.60 (Version: 8.0.0.60)
Avidemux 2.6 (32-bit) (Version: 2.6.0.7719)
AviSynth 2.6 (Version: 2.6.0.2)
AviSynth Batch Scripter 1.0.1
Bass Audio Decoder (remove only)
bl (Version: 1.0.0)
BlackBerry App World Browser Plugin (Version: 3.1.0.6)
BlackBerry Desktop Software 6.1 (Version: 6.1.0.35)
BlackBerry Device Manager 6.0.1 (Version: 6.0.1.9)
BlackBerry Device Software Updater (Version: 6.0.1.37)
Bluesoleil 6.4.249.0 (Version: 6.4.249.0)
BluffTitler
Boilsoft Video Cutter 1.23
Boilsoft Video Joiner 6.34
Boilsoft Video Splitter 6.11
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 140.0.212.000)
Captcha.trader Mipony Plugin 1.0 (Version: 1.0)
CCleaner (Version: 3.15)
CD Audio Reader Filter (remove only)
CDCheck
CDisplay 1.8
CL-Eye Driver (Version: 4.0.2.1017)
ClickRepair 3.7
Copernic Desktop Search - Home
Copy (Version: 140.0.212.000)
Cracklock 3.9.44 (Version: 3.9.44)
CreateInstall Free (Version: 4.14.5)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.3.0297)
DCoder Image Source (remove only)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler (Version: 2.09)
Destinations (Version: 140.0.77.000)
DevExtras - Print Screen (Version: 2.1.1)
Device Doctor v1.0 (Version: 1.0)
DeviceDiscovery (Version: 140.0.212.000)
DiffVue (Version: 4.7.5.12)
DirectVobSub (remove only)
DJ_AIO_06_F2400_SW_Min (Version: 140.0.690.000)
Dropbox (Version: 1.2.52)
DScaler 5 Mpeg Decoders
DVBViewer Pro (Version: 4.5.0)
DVBViewer Recording Service (Version: 1.6.5.2)
DVDInfoPro 6.5.2.5
e2eSoft VCam v5.1
EASEUS Partition Master 9.1.1 Home Edition
EasyBCD 2.1.2 (Version: 2.1.2)
Elements 9 Organizer (Version: 9.0)
Elements STI Installer (Version: 1.0)
Elevayta Choir Boy v4.92d VST
Elevayta Clone Boy v4.92d VST
Elevayta Convo Boy v5.02 VST
Elevayta Extra Boy v4.91d VST
Elevayta FreqEq Boy v4.90d VST
Elevayta Space Boy v4.90d VST
Elevayta Stream Boy v4.90d VST
Elevayta Wider Boy v4.92d VST
erLT (Version: 1.20.0137)
EWQL Orchestra Free Content Part 2 (Version: 1.0.0)
EWQL Orchestra Free Content Part 3 (Version: 1.0.0)
EWQL Orchestra Free Edition (Version: 1.2.5)
F2400 (Version: 140.0.690.000)
Facebook Messenger 2.1.4554.0 (Version: 2.1.4554.0)
ffdshow v1.2.4436 [2012-04-22] (Version: 1.2.4436.0)
FFMPEG Core Files (remove only)
FFmpeg for Audacity on Windows
FFmpeg v0.6.2 for Audacity
FFMpegSource Plugin
File Renamer - Basic (Version: 6.0.1)
FileHippo.com Update Checker
FileZilla Client 3.5.3 (Version: 3.5.3)
FL Studio 10
FLAC 1.2.1b (remove only) (Version: 1.2.1b)
FlashFXP v4.2 (Version: 4.2.4.1783)
Fotosizer 1.34 (Version: 1.34)
Foxit Reader (Version: 5.3.1.606)
Free YouTube to MP3 Converter version 3.11.18.403 (Version: 3.11.18.403)
Gabest MPEG Splitter (remove only)
Game Booster (Version: 2.1.0.0)
Google Chrome (Version: 20.0.1132.17)
Google Earth (Version: 6.1.0.5001)
Google Earth Plug-in (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.111)
GPBaseService2 (Version: 140.0.211.000)
GS Auto Clicker (Version: V3.1)
Haali Media Splitter
HandBrake 0.9.6 (Version: 0.9.6)
HashCheck Shell Extension (x86-32) (Version: 2.1.11.1)
HDD Health v3.3 Beta
HiJackThis (Version: 1.0.0)
Hotspot Shield 2.53 (Version: 2.53)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.002.002.002)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.212.000)
Huffyuv AVI lossless video codec (Remove Only)
HxD Hex Editor version 1.7.7.0 (Version: 1.7.7.0)
Hybrid (remove only) (Version: 2012.5.23.1)
IL Download Manager
ImgBurn (Version: 2.5.7.0)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1930)
Intel® TV Wizard
Interlok driver setup x32 (Version: 5.8.10)
Internet Download Manager
iTunes (Version: 10.5.3.3)
IWillBeRich RichDB 1.4 (Version: 1.4)
iZotope Iris (Version: 1.00)
iZotope RX 2 (Version: 2.02)
Java Auto Updater (Version: 2.1.5.3)
Java™ 6 Update 26 (Version: 6.0.260)
Java™ 7 Update 2 (Version: 7.0.20)
JDownloader
Joystick 2 Mouse 3
LADSPA_plugins-win-0.4.15
Lame ACM MP3 Codec
LAME v3.98.3 for Audacity
LameXP
LAV Filters (remove only)
LAV Filters 0.50.2 (Version: 0.50.2)
LogMeIn (Version: 4.1.1578)
Luxand Blink! Pro v2.4 (Version: 2.4)
LUXONIX ravity Bundle v1.4.3
Mac OS X Cursors (Version: 1.1)
MakeTorrent v2.1
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
MarketResearch (Version: 140.0.212.000)
Mashup (Version: 1.5.884.0)
Media Player Classic - Home Cinema 1.6.0.4014 (Version: 1.6.0.4014)
MediaFire Express (beta) (Version: 0.9.0.2616)
MediaInfo 0.7.54 (Version: 0.7.54)
Messenger Plus! 5 (Version: 1.0.1.102)
Messenger Plus! Live (Version: 4.90.0.392)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access MUI (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Language Pack 2010 - Italian/Italiano (Version: 14.0.6029.1000)
Microsoft Office O MUI (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office SharePoint Designer MUI (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office X MUI (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft SharePoint Designer 2010 Service Pack 1 (SP1)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
MiPony 1.6.4 (Version: 1.6.4)
Mixed In Key 4 (Version: 4.0.1)
MKV Cutter 1.0
mkv2vob (Version: 2.4.9)
MKVcleaver (Version: 5.0.3)
MKVToolNix 5.2.1 (Version: 5.2.1)
MONOGRAM AMR Splitter/Decoder (remove only)
MotioninJoy ds3 driver version 0.6.0005 (Version: 0.6.00005)
Mozilla Firefox 14.0 (x86 en-US) (Version: 14.0)
Mozilla Maintenance Service (Version: 14.0)
Mp3tag v2.51 (Version: v2.51)
MPEG Video Wizard DVD 5.0.0.113 (09/2010) (Version: 5.0.0.113 (09/2010))
MPEG Video Wizard DVD 5.0.0.113 (09/2010) (Version: 5.0.0.113)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My MP4Box GUI 0.5.6.0 (Version: 0.5.6.0)
Native Instruments Abbey Road Modern Drums
Native Instruments Abbey Road Modern Drums (Version: 1.0.0.002)
Native Instruments Kontakt 4
Native Instruments Kontakt 4 (Version: 4.2.3.4914)
Native Instruments Service Center
Native Instruments Service Center (Version: 2.2.6.676)
Nero
NewBlue 3D Explosions for Windows
NewBlue 3D Transformations for Windows
NewBlue Art Blends for Windows
NewBlue Art Effects for Windows
NewBlue Film Effects for Windows
NewBlue Motion Blends for Windows
NewBlue Motion Effects for Windows
NewBlue Paint Blends for Windows
NewBlue Paint Effects for Windows
NewBlue Video Essentials for Windows
NewBlue Video Essentials II for Windows
NewBlue Video Essentials III for Windows
NewsBin Pro (Version: 5.59)
NirSoft ShellExView
Notepad++ (Version: 5.9.8)
ObjectDock Plus 2 (Version: 1.00)
OnLive
OpenSource AVI Splitter (remove only)
OpenSource DTS/AC3/DD+ Source Filter (remove only)
OpenSource Flash Video Splitter (remove only)
PaceMaker plug-in for Winamp (Version: 2.6)
PCSX2 - Playstation 2 Emulator
PDF Settings CS5 (Version: 10.0)
ph (Version: 1.0.0)
Picasa 3 (Version: 3.8)
Platform (Version: 1.34)
Platinum Notes 3.0 (Version: 3.0)
ProgDVB (Version: 6.8x)
Project64 1.7
proXPN 2.5.0 (Version: 2.5.0)
PS3 Game Updates
PS3 Media Server (Version: 1.52.1)
PS3Merge version 1.0.1.0 (Version: 1.0.1.0)
PS3Muxer 1.30
PS3Splitter version 1.1.5.1 (Version: 1.1.5.1)
PSPdisp v0.6 (Version: v0.6)
QuickPar 0.9 (Version: 0.9)
QuickTime (Version: 7.71.80.42)
Raccolta foto di Windows Live (Version: 15.4.3502.0922)
RAD Video Tools
RapidShare Manager 2 (Version: 2)
RealMedia (remove only)
Recover Data for NTFS
Recover My Files (Version: 4.6.6.830)
Recuva (Version: 1.42)
reFX Nexus VSTi RTAS v2.2.0
Replay Media Catcher 3.11 (Version: 3.11)
Replay Media Catcher 4 (4.3.2) (Version: 4.3.2)
RocketDock 1.3.5
SABnzbd 0.7.0 (Version: 0.7.0)
Sandboxie 3.64 (32-bit) (Version: 3.64)
Scan (Version: 140.0.80.000)
SHOUTcast Source (remove only)
Skype Click to Call (Version: 6.0.10297)
Skype 5.9 (Version: 5.9.123)
SmartFTP Client (Version: 4.0.1231.0)
SmartFTP Client 4.0 Setup Files (remove only) (Version: 4.0)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.213.000)
SolveigMM AVI Trimmer (Version: 2.0.1201.11)
SolveigMM Video Splitter (Version: 3.0.1201.27)
SpeedFan (remove only)
Stardock Software (Version: 1.00)
Status (Version: 140.0.212.000)
Strum Electric GS-1 v1.0.2
Studio Devil VGA II v2.1
SUPER v2011.build.49 (July 1st, 2011) version v2011.build.49 (Version: v2011.build.49)
SWF Opener (Version: 1.3)
swMSM (Version: 12.0.0.1)
Syncrosoft's License Control
SyncroSoft Emu (Remove only)
TeamViewer 7 (Version: 7.0.12799)
The KMPlayer (remove only)
Toolbox (Version: 140.0.428.000)
Topaz Adjust 4 (Version: 4.1.0)
Topaz Clean 3 (Version: 3.0.2)
Topaz DeJpeg 4 (Version: 4.0.2)
Topaz DeNoise 5 (Version: 5.0.1)
Topaz Detail 2 (Version: 2.0.5)
Topaz Fusion Express 2 (Version: 2.0.2)
Topaz InFocus (Version: 1.0.0)
Topaz Lens Effects (Version: 1.1.0)
Topaz ReMask 3 (Version: 3.1.0)
Topaz Simplify 3 (Version: 3.0.2)
Torrent Ratio Keeper
TrayApp (Version: 140.0.212.000)
TreeSize Professional V5.5.4 (Version: 5.5.4)
UltraISO Premium V9.52
Unlocker 1.9.1 (Version: 1.9.1)
Unzbin Usenet NZB Client (Version: Usenet NZB Client)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
USB Safely Remove 5.0
Useful File Utilities (remove only)
Vegas Pro 10.0 (Version: 10.0.669)
VIA Manager Piattaforma (Version: 1.34)
Video Enhancer 1.9.6
VideoLAN Movie Creator
VideoReDo TVSuite Version 4.20.5.600
VirtualDJ Home FREE (Version: 7.0.4)
VirtualDub Filter Pack 1.0
VLC media player 2.0.1 (Version: 2.0.1)
VolkoAlaturkaDrum1.1
VueScan
WebReg (Version: 140.0.212.017)
Winamp (Version: 5.623 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows 7 Manager (Version: 3.0.8.5)
Windows Driver Package - Sony (libusb0) LibUsbDevices (08/27/2006 0.1.12.0) (Version: 08/27/2006 0.1.12.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinFF 1.4.2
WinMerge 2.12.4 (Version: 2.12.4)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR 4.10 (32-bit) (Version: 4.10.0)
WinSplit Revolution (v11.04) (Version: 11.04)
x264vfw - H.264/MPEG-4 AVC codec (remove only)
Xvid Video Codec (Version: 1.3.2)
XviD4PSP 5.10.271.0
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Zoom Player (remove only)

========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 2038.18 MB
Available physical RAM: 1175.61 MB
Total Pagefile: 4076.36 MB
Available Pagefile: 2924.05 MB
Total Virtual: 2047.88 MB
Available Virtual: 1936.36 MB

========================= Partitions: =====================================

1 Drive c: (Windows 7) (Fixed) (Total:134.06 GB) (Free:5.41 GB) NTFS
3 Drive e: (Temp) (Fixed) (Total:15 GB) (Free:11.45 GB) NTFS
5 Drive m: () (Removable) (Total:1.83 GB) (Free:0.15 GB) FAT

========================= Users: ========================================

User accounts for \\JEANLUCA-PC

Administrator ASPNET Guest
Jean Luca LogMeInRemoteUser

========================= Minidump Files ==================================

No minidump file found


**** End of log ****




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users