Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ran Farbar, have log, HELP!


  • This topic is locked This topic is locked
2 replies to this topic

#1 acfathome

acfathome

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:06:07 PM

Posted 21 September 2012 - 02:54 PM

Ok, computer had been getting worse but kid had been using it *head slap* . But it will not boot up past anything . I did my own research as far as i could but can not seem to figure out how you guys come up with this fixlogs for farbar >.<. So, here is my log, and please help me doc!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2012
Ran by SYSTEM at 21-09-2012 15:03:34
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL [59248 2011-05-26] (Microsoft Corporation)
HKLM\...\Run: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe [635784 2010-01-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ATT-SST_McciTrayApp] "C:\Program Files\ATT-SST\pcTrayApp.exe" [2727936 2012-06-07] (Alcatel-Lucent)
HKLM-x32\...\Run: [MDS_Menu] "C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\MediaShowEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.0" [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl9] "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe" [50472 2009-04-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" [210216 2009-11-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6998656 2009-10-26] (ASUS)
HKLM-x32\...\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd [x]
HKLM-x32\...\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL [32112 2011-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [343168 2011-09-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4282728 2012-08-21] (AVAST Software)
HKU\Adam\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [17417904 2012-07-03] (Skype Technologies S.A.)
HKU\Adam\...\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\Adam\...\RunOnce: [SpybotDeletingB8209] command.com /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\DisableStatus.xml" [x]
HKU\Adam\...\RunOnce: [SpybotDeletingD980] cmd.exe /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\DisableStatus.xml" [x]
HKU\Adam\...\RunOnce: [SpybotDeletingB9649] command.com /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\DisableStatusDirection.xml" [x]
HKU\Adam\...\RunOnce: [SpybotDeletingD8867] cmd.exe /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\DisableStatusDirection.xml" [x]
HKU\Adam\...\RunOnce: [SpybotDeletingB3449] command.com /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\GenericPopup.xml" [x]
HKU\Adam\...\RunOnce: [SpybotDeletingD1409] cmd.exe /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\GenericPopup.xml" [x]
HKU\Adam\...\RunOnce: [SpybotDeletingB5267] command.com /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\MainStatus.xml" [x]
HKU\Adam\...\RunOnce: [SpybotDeletingD9954] cmd.exe /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\MainStatus.xml" [x]
HKU\Adam\...\RunOnce: [SpybotDeletingB9343] command.com /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\ShoppingConfirmation.xml" [x]
HKU\Adam\...\RunOnce: [SpybotDeletingD8485] cmd.exe /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\ShoppingConfirmation.xml" [x]
HKLM-x32\...\Runonce: [SpybotDeletingA8110] command.com /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\DisableStatus.xml" [x]
HKLM-x32\...\Runonce: [SpybotDeletingC5767] cmd.exe /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\DisableStatus.xml" [x]
HKLM-x32\...\Runonce: [SpybotDeletingA5659] command.com /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\DisableStatusDirection.xml" [x]
HKLM-x32\...\Runonce: [SpybotDeletingC6251] cmd.exe /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\DisableStatusDirection.xml" [x]
HKLM-x32\...\Runonce: [SpybotDeletingA4357] command.com /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\GenericPopup.xml" [x]
HKLM-x32\...\Runonce: [SpybotDeletingC3434] cmd.exe /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\GenericPopup.xml" [x]
HKLM-x32\...\Runonce: [SpybotDeletingA7112] command.com /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\MainStatus.xml" [x]
HKLM-x32\...\Runonce: [SpybotDeletingC6633] cmd.exe /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\MainStatus.xml" [x]
HKLM-x32\...\Runonce: [SpybotDeletingA5326] command.com /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\ShoppingConfirmation.xml" [x]
HKLM-x32\...\Runonce: [SpybotDeletingC9299] cmd.exe /c del "C:\Program Files (x86)\Shop To Win\TestFeeds\ShoppingConfirmation.xml" [x]
HKLM-x32\...\RunOnce: [SpybotSnD] "C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe" /autocheck [5365592 2009-01-26] (Safer Networking Limited)
HKLM-x32\...\Winlogon: [Shell] explorer.exe, [x ] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
SubSystems: [Windows] ATTENTION! ====> ZeroAccess
Startup: C:\Users\Adam\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Services (Whitelisted) ===================

2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [44808 2012-08-21] (AVAST Software)
2 Browser Manager; C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [1701400 2012-09-16] ()
2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [399432 2012-09-07] (Malwarebytes Corporation)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 2012-09-07] (Malwarebytes Corporation)
2 OberonGameConsoleService; "C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe" [44312 2009-09-14] ()
2 pcCMService64; "C:\Program Files\Common Files\Motive\pcCMService.exe" [441344 2012-07-06] (Alcatel-Lucent)
2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-01-30] ()
3 RichVideo; "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" [244904 2009-05-26] ()
2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
4 SfCtlCom; "C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe" [859712 2010-10-09] (Trend Micro Inc.)
4 TMBMServer; "C:\Program Files\Trend Micro\BM\TMBMSRV.exe" /service [570632 2009-09-29] (Trend Micro Inc.)
4 TmProxy; "C:\Program Files\Trend Micro\Internet Security\TmProxy.exe" [917768 2009-09-29] (Trend Micro Inc.)

==================== Drivers (Whitelisted) =====================

2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-08-21] (AVAST Software)
2 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [71600 2012-08-21] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [54072 2012-08-21] (AVAST Software)
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [969200 2012-08-21] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [359464 2012-08-21] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-08-21] (AVAST Software)
3 kbfiltr; C:\Windows\System32\Drivers\kbfiltr.sys [15416 2009-07-20] ( )
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [25928 2012-09-07] (Malwarebytes Corporation)
3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [43008 2012-06-14] (Printing Communications Assoc., Inc. (PCAUSA))
3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [40960 2012-06-14] (Printing Communications Assoc., Inc. (PCAUSA))
3 SNP2UVC; C:\Windows\System32\Drivers\SNP2UVC.sys [1800192 2009-08-19] ()
3 sscdserd; C:\Windows\System32\Drivers\sscdserd.sys [141384 2010-11-10] (MCCI Corporation)
2 tmpreflt; C:\Windows\System32\Drivers\tmpreflt.sys [42576 2010-07-30] (Trend Micro Inc.)
1 tmtdi; C:\Windows\System32\Drivers\tmtdi.sys [107536 2009-09-29] (Trend Micro Inc.)
2 tmxpflt; C:\Windows\System32\Drivers\tmxpflt.sys [309840 2010-07-30] (Trend Micro Inc.)
2 TurboB; C:\Windows\System32\Drivers\TurboB.sys [13784 2009-08-06] ()
2 vsapint; C:\Windows\System32\Drivers\vsapint.sys [1988176 2010-07-30] (Trend Micro Inc.)
3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [x]
3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [x]
3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x]
3 tmlwf; [x]
3 tmwfp; [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-09-21 09:45 - 2012-09-21 09:45 - 00000469 ____A C:\Windows\wininit.ini
2012-09-21 01:36 - 2012-09-21 01:36 - 00001924 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2012-09-21 01:36 - 2012-09-21 01:36 - 00001861 ____A C:\Users\Adam\Desktop\avast! Free Antivirus.lnk
2012-09-21 01:36 - 2012-09-21 01:36 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2012-09-21 01:36 - 2012-08-21 01:13 - 00969200 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2012-09-21 01:36 - 2012-08-21 01:13 - 00359464 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2012-09-21 01:36 - 2012-08-21 01:13 - 00071600 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2012-09-21 01:36 - 2012-08-21 01:13 - 00059728 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2012-09-21 01:36 - 2012-08-21 01:13 - 00054072 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2012-09-21 01:36 - 2012-08-21 01:13 - 00025232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2012-09-21 01:36 - 2012-08-21 01:12 - 00285328 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2012-09-21 01:35 - 2012-09-21 01:35 - 00000000 ____D C:\Users\All Users\AVAST Software
2012-09-21 01:35 - 2012-09-21 01:35 - 00000000 ____D C:\Program Files\AVAST Software
2012-09-21 01:35 - 2012-08-21 01:12 - 00227648 ____A (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
2012-09-21 01:35 - 2012-08-21 01:12 - 00041224 ____A (AVAST Software) C:\Windows\avastSS.scr
2012-09-21 01:31 - 2012-09-21 01:33 - 93654616 ____A C:\Users\Adam\Downloads\avast_free_antivirus_setup.exe
2012-09-21 01:30 - 2012-09-21 01:31 - 16409960 ____A (Safer Networking Limited ) C:\Users\Adam\Downloads\spybotsd162 (2).exe
2012-09-18 18:18 - 2012-09-18 18:18 - 00477168 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\npdeployJava1.dll
2012-09-18 18:18 - 2012-09-18 18:18 - 00157680 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2012-09-18 18:18 - 2012-09-18 18:18 - 00149488 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2012-09-18 18:18 - 2012-09-18 18:18 - 00149488 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2012-09-18 18:18 - 2012-09-18 18:18 - 00000000 ____D C:\Program Files (x86)\Java
2012-09-18 18:17 - 2012-09-18 18:17 - 00000000 ____D C:\Users\All Users\McAfee
2012-09-18 16:51 - 2012-09-18 16:51 - 00000000 ____D C:\Program Files (x86)\AppGraffiti
2012-09-18 16:49 - 2012-09-18 16:49 - 01941552 ____A (Inbox.com, Inc. ) C:\Users\Adam\Downloads\GamesSetup (2).exe
2012-09-18 10:52 - 2012-09-18 10:52 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\bob-the-builder-can-do-zoo_s1_l1_gF2743T1L1_d1865546348.exe
2012-09-18 10:51 - 2012-09-18 10:51 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\bob-the-builder-can-do-zoo_s1_l1_gF2743T1L1_d1865546063.exe
2012-09-18 10:51 - 2012-09-18 10:51 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\bob-the-builder-can-do-zoo_s1_l1_gF2743T1L1_d1865545891.exe
2012-09-18 10:50 - 2012-09-18 10:50 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\bob-the-builder-can-do-zoo_s1_l1_gF2743T1L1_d1865545226.exe
2012-09-18 10:50 - 2012-09-18 10:50 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\bob-the-builder-can-do-zoo_s1_l1_gF2743T1L1_d1865544878.exe
2012-09-18 10:50 - 2012-09-18 10:50 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\bob-the-builder-can-do-zoo_s1_l1_gF2743T1L1_d1865544589.exe
2012-09-18 10:49 - 2012-09-18 10:49 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\bob-the-builder-can-do-zoo_s1_l1_gF2743T1L1_d1865544192.exe
2012-09-17 14:19 - 2012-09-18 10:59 - 00001286 ____A C:\Users\Public\Desktop\More Great Games.lnk
2012-09-17 14:19 - 2012-09-17 14:20 - 00000000 ____D C:\Program Files (x86)\Ride!
2012-09-17 14:19 - 2012-09-17 14:19 - 00431104 ____A (Creative Labs) C:\Windows\System32\wrap_oal.dll
2012-09-17 14:19 - 2012-09-17 14:19 - 00409600 ____A (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2012-09-17 14:19 - 2012-09-17 14:19 - 00136192 ____A (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\System32\OpenAL32.dll
2012-09-17 14:19 - 2012-09-17 14:19 - 00114688 ____A (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2012-09-17 14:19 - 2012-09-17 14:19 - 00001880 ____A C:\Users\Public\Desktop\Play Ride!.lnk
2012-09-17 14:19 - 2012-09-17 14:19 - 00000000 ____D C:\Program Files (x86)\OpenAL
2012-09-16 11:05 - 2012-09-16 11:05 - 00035644 ____A C:\Users\Adam\Downloads\play_little_mermaid_love_story.html
2012-09-16 10:07 - 2012-09-16 10:07 - 01100640 ____A C:\Users\Adam\Downloads\super-mario-kart (2).exe
2012-09-16 10:07 - 2012-09-16 10:07 - 00000314 ____A C:\user.js
2012-09-16 10:07 - 2012-09-16 10:07 - 00000000 ____D C:\Users\All Users\Browser Manager
2012-09-16 10:07 - 2012-09-16 10:07 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Shop to Win 36
2012-09-16 10:07 - 2012-09-16 10:07 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Qwiklinx
2012-09-16 10:07 - 2012-09-16 10:07 - 00000000 ____D C:\Program Files (x86)\Shop to Win 36
2012-09-16 10:07 - 2012-09-16 10:07 - 00000000 ____D C:\Program Files (x86)\Qwiklinx
2012-09-16 10:06 - 2012-09-16 10:07 - 01100640 ____A C:\Users\Adam\Downloads\super-mario-kart (1).exe
2012-09-16 10:06 - 2012-09-16 10:06 - 01100640 ____A C:\Users\Adam\Downloads\super-mario-kart.exe
2012-09-15 13:05 - 2012-09-15 13:22 - 00000000 ____D C:\Program Files (x86)\SpongeBob SquarePants Krabby Quest
2012-09-15 13:05 - 2012-09-15 13:05 - 00002187 ____A C:\Users\Public\Desktop\Play SpongeBob SquarePants Krabby Quest.lnk
2012-09-15 11:44 - 2012-09-15 11:44 - 00466760 ____A C:\Users\Adam\Downloads\incredibar_install.exe
2012-09-15 11:44 - 2012-09-15 11:44 - 00466760 ____A C:\Users\Adam\Downloads\incredibar_install (5).exe
2012-09-15 11:44 - 2012-09-15 11:44 - 00466760 ____A C:\Users\Adam\Downloads\incredibar_install (4).exe
2012-09-15 11:44 - 2012-09-15 11:44 - 00466760 ____A C:\Users\Adam\Downloads\incredibar_install (3).exe
2012-09-15 11:44 - 2012-09-15 11:44 - 00466760 ____A C:\Users\Adam\Downloads\incredibar_install (2).exe
2012-09-15 11:44 - 2012-09-15 11:44 - 00466760 ____A C:\Users\Adam\Downloads\incredibar_install (1).exe
2012-09-15 10:34 - 2012-09-15 10:34 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\planet-horse_s1_l1_gF6023T1L1_d1862798695.exe
2012-09-15 10:33 - 2012-09-15 10:33 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\planet-horse_s1_l1_gF6023T1L1_d1862798557.exe
2012-09-11 16:37 - 2012-09-11 16:37 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\spongebob-atlantis-squareoff_s1_l1_gF2284T1L1_d1859504276.exe
2012-09-11 16:37 - 2012-09-11 16:37 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\spongebob-atlantis-squareoff_s1_l1_gF2284T1L1_d1859504265.exe
2012-09-11 16:34 - 2012-09-11 16:34 - 01941248 ____A (Inbox.com, Inc. ) C:\Users\Adam\Downloads\GamesSetup.exe
2012-09-11 16:34 - 2012-09-11 16:34 - 01941248 ____A (Inbox.com, Inc. ) C:\Users\Adam\Downloads\GamesSetup (1).exe
2012-09-10 15:51 - 2012-09-10 15:51 - 00002181 ____A C:\Users\Public\Desktop\Play SpongeBob SquarePants Obstacle Odyssey 2.lnk
2012-09-10 15:51 - 2012-09-10 15:51 - 00000000 ____D C:\Program Files (x86)\SpongeBob SquarePants Obstacle Odyssey 2
2012-09-10 15:50 - 2012-09-10 15:50 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\spongebob-squarepants-obstacle-odyssey-2_s1_l1_gF1554T1L1_d1858631799.exe
2012-09-10 15:50 - 2012-09-10 15:50 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\spongebob-squarepants-obstacle-odyssey-2_s1_l1_gF1554T1L1_d1858631773.exe
2012-09-10 15:50 - 2012-09-10 15:50 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\spongebob-squarepants-obstacle-odyssey-2_s1_l1_gF1554T1L1_d1858631751.exe
2012-09-10 15:50 - 2012-09-10 15:50 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\spongebob-squarepants-obstacle-odyssey-2_s1_l1_gF1554T1L1_d1858631726.exe
2012-09-04 08:58 - 2012-09-04 08:58 - 00000000 __SHD C:\found.002
2012-09-03 13:17 - 2012-09-03 13:17 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\wonder-pets-save-the-puppy_s1_l1_gF2654T1L1_d1852173871.exe
2012-09-03 13:17 - 2012-09-03 13:17 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\wonder-pets-save-the-puppy_s1_l1_gF2654T1L1_d1852173795.exe
2012-09-03 13:17 - 2012-09-03 13:17 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\wonder-pets-save-the-puppy_s1_l1_gF2654T1L1_d1852173783.exe
2012-09-03 13:17 - 2012-09-03 13:17 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\wonder-pets-save-the-puppy_s1_l1_gF2654T1L1_d1852173688.exe
2012-09-03 12:54 - 2012-09-03 12:54 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\lacasadedora_s1_l1_gF1063T1L1_d1852154963.exe
2012-09-02 10:26 - 2012-09-02 10:26 - 00000000 ____D C:\Users\All Users\Curse Client
2012-09-01 09:56 - 2012-09-01 10:40 - 00001293 ____A C:\Users\Public\Desktop\World of Warcraft.lnk
2012-08-26 13:19 - 2012-09-15 17:11 - 00000000 ____D C:\Users\Adam\AppData\Roaming\.minecraft
2012-08-26 12:44 - 2012-08-26 13:28 - 00000000 ____D C:\Users\Adam\Desktop\minecraft(buildcraft)
2012-08-25 20:16 - 2012-05-21 22:53 - 01060864 ____A (AnjoCaido) C:\Users\Adam\Desktop\MinecraftSP.exe
2012-08-25 20:08 - 2012-08-26 13:28 - 00000000 ____D C:\Users\Adam\Desktop\minecraft1(norm)
2012-08-25 20:07 - 2012-08-25 20:13 - 00000567 ____A C:\Users\Adam\Desktop\New WinRAR archive.lnk
2012-08-25 20:07 - 2012-08-25 20:12 - 47690872 ____A C:\Users\Adam\Desktop\New WinRAR archive.rar
2012-08-25 12:00 - 2012-08-25 12:00 - 06212795 ____A C:\Users\Adam\Downloads\MC-BC125 (2).rar
2012-08-25 11:59 - 2012-08-25 11:59 - 06212795 ____A C:\Users\Adam\Downloads\MC-BC125 (1).rar
2012-08-25 11:57 - 2012-08-25 11:57 - 00001015 ____A C:\Users\Adam\Desktop\.minecraft - Shortcut.lnk
2012-08-25 11:56 - 2012-08-25 11:56 - 06212795 ____A C:\Users\Adam\Downloads\MC-BC125.rar
2012-08-23 14:25 - 2012-08-23 14:25 - 00000000 ____D C:\Users\Adam\AppData\Roaming\WinRAR
2012-08-23 14:25 - 2012-08-23 14:25 - 00000000 ____D C:\Program Files (x86)\WinRAR
2012-08-23 14:24 - 2012-08-23 14:24 - 02045984 ____A (GetNow) C:\Users\Adam\Downloads\WinRAR Powered By GetNow.exe
2012-08-23 14:11 - 2012-08-25 11:16 - 00000000 ____D C:\Users\Adam\Desktop\minecraft stuff
2012-08-22 08:41 - 2012-08-22 08:41 - 00002169 ____A C:\Users\Public\Desktop\AT&T Troubleshoot & Resolve Tool.lnk
2012-08-22 08:41 - 2012-08-22 08:41 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Motive
2012-08-22 08:40 - 2012-08-22 08:40 - 00000000 ____D C:\Program Files\ATT-SST
2012-08-22 08:40 - 2012-08-22 08:40 - 00000000 ____D C:\Program Files (x86)\ATT-SST
2012-08-22 08:38 - 2012-08-22 08:40 - 00000000 ____D C:\Program Files\Common Files\Motive
2012-08-22 08:37 - 2012-08-22 08:40 - 00000000 ____D C:\Users\All Users\Motive
2012-08-22 08:36 - 2012-08-22 08:36 - 00385904 ____A C:\Users\Adam\Downloads\ATT_SST.exe


==================== 3 Months Modified Files ==================

2012-09-21 09:46 - 2011-05-10 17:24 - 00069258 ____A C:\Windows\PFRO.log
2012-09-21 09:46 - 2010-01-14 19:30 - 01920625 ____A C:\Windows\WindowsUpdate.log
2012-09-21 09:46 - 2009-07-13 20:45 - 00009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-09-21 09:46 - 2009-07-13 20:45 - 00009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-09-21 09:45 - 2012-09-21 09:45 - 00000469 ____A C:\Windows\wininit.ini
2012-09-21 09:28 - 2011-12-24 12:20 - 00000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-09-21 09:28 - 2010-01-14 20:34 - 00002562 ____A C:\Windows\System32\AutoRunFilter.ini
2012-09-21 09:28 - 2010-01-14 20:34 - 00001739 ____A C:\Windows\System32\ServiceFilter.ini
2012-09-21 09:27 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-09-21 09:27 - 2009-07-13 20:51 - 00104014 ____A C:\Windows\setupact.log
2012-09-21 01:36 - 2012-09-21 01:36 - 00001924 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2012-09-21 01:36 - 2012-09-21 01:36 - 00001861 ____A C:\Users\Adam\Desktop\avast! Free Antivirus.lnk
2012-09-21 01:36 - 2012-09-21 01:36 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2012-09-21 01:33 - 2012-09-21 01:31 - 93654616 ____A C:\Users\Adam\Downloads\avast_free_antivirus_setup.exe
2012-09-21 01:32 - 2011-12-13 07:02 - 00001264 ____A C:\Users\Adam\Desktop\Spybot - Search & Destroy.lnk
2012-09-21 01:31 - 2012-09-21 01:30 - 16409960 ____A (Safer Networking Limited ) C:\Users\Adam\Downloads\spybotsd162 (2).exe
2012-09-21 01:20 - 2012-05-05 16:10 - 00000924 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2129326077-2640308905-1471060912-1000UA.job
2012-09-21 01:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At10.job
2012-09-21 01:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At9.job
2012-09-21 00:55 - 2011-12-24 12:20 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-09-21 00:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At8.job
2012-09-21 00:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At7.job
2012-09-20 23:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At6.job
2012-09-20 23:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At5.job
2012-09-20 22:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At4.job
2012-09-20 22:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At3.job
2012-09-20 21:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At2.job
2012-09-20 21:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At1.job
2012-09-20 20:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At48.job
2012-09-20 20:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At47.job
2012-09-20 19:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At46.job
2012-09-20 19:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At45.job
2012-09-20 18:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At44.job
2012-09-20 18:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At43.job
2012-09-20 17:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At42.job
2012-09-20 17:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At41.job
2012-09-20 16:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At40.job
2012-09-20 16:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At39.job
2012-09-20 15:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At38.job
2012-09-20 15:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At37.job
2012-09-20 14:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At36.job
2012-09-20 14:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At35.job
2012-09-20 13:20 - 2012-05-05 16:10 - 00000902 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2129326077-2640308905-1471060912-1000Core.job
2012-09-20 13:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At34.job
2012-09-20 13:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At33.job
2012-09-20 12:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At32.job
2012-09-20 12:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At31.job
2012-09-20 11:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At30.job
2012-09-20 11:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At29.job
2012-09-20 10:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At28.job
2012-09-20 10:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At27.job
2012-09-19 02:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At12.job
2012-09-19 02:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At11.job
2012-09-18 18:18 - 2012-09-18 18:18 - 00477168 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\npdeployJava1.dll
2012-09-18 18:18 - 2012-09-18 18:18 - 00157680 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2012-09-18 18:18 - 2012-09-18 18:18 - 00149488 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2012-09-18 18:18 - 2012-09-18 18:18 - 00149488 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2012-09-18 18:18 - 2011-06-16 20:26 - 00473072 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2012-09-18 16:49 - 2012-09-18 16:49 - 01941552 ____A (Inbox.com, Inc. ) C:\Users\Adam\Downloads\GamesSetup (2).exe
2012-09-18 10:59 - 2012-09-17 14:19 - 00001286 ____A C:\Users\Public\Desktop\More Great Games.lnk
2012-09-18 10:52 - 2012-09-18 10:52 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\bob-the-builder-can-do-zoo_s1_l1_gF2743T1L1_d1865546348.exe
2012-09-18 10:51 - 2012-09-18 10:51 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\bob-the-builder-can-do-zoo_s1_l1_gF2743T1L1_d1865546063.exe
2012-09-18 10:51 - 2012-09-18 10:51 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\bob-the-builder-can-do-zoo_s1_l1_gF2743T1L1_d1865545891.exe
2012-09-18 10:50 - 2012-09-18 10:50 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\bob-the-builder-can-do-zoo_s1_l1_gF2743T1L1_d1865545226.exe
2012-09-18 10:50 - 2012-09-18 10:50 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\bob-the-builder-can-do-zoo_s1_l1_gF2743T1L1_d1865544878.exe
2012-09-18 10:50 - 2012-09-18 10:50 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\bob-the-builder-can-do-zoo_s1_l1_gF2743T1L1_d1865544589.exe
2012-09-18 10:49 - 2012-09-18 10:49 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\bob-the-builder-can-do-zoo_s1_l1_gF2743T1L1_d1865544192.exe
2012-09-17 17:28 - 2012-04-30 11:22 - 00001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-09-17 16:35 - 2009-07-13 21:13 - 00726316 ____A C:\Windows\System32\PerfStringBackup.INI
2012-09-17 14:19 - 2012-09-17 14:19 - 00431104 ____A (Creative Labs) C:\Windows\System32\wrap_oal.dll
2012-09-17 14:19 - 2012-09-17 14:19 - 00409600 ____A (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2012-09-17 14:19 - 2012-09-17 14:19 - 00136192 ____A (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\System32\OpenAL32.dll
2012-09-17 14:19 - 2012-09-17 14:19 - 00114688 ____A (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2012-09-17 14:19 - 2012-09-17 14:19 - 00001880 ____A C:\Users\Public\Desktop\Play Ride!.lnk
2012-09-17 14:19 - 2011-05-07 15:40 - 00705650 ____A C:\Windows\DirectX.log
2012-09-16 11:05 - 2012-09-16 11:05 - 00035644 ____A C:\Users\Adam\Downloads\play_little_mermaid_love_story.html
2012-09-16 10:07 - 2012-09-16 10:07 - 01100640 ____A C:\Users\Adam\Downloads\super-mario-kart (2).exe
2012-09-16 10:07 - 2012-09-16 10:07 - 00000314 ____A C:\user.js
2012-09-16 10:07 - 2012-09-16 10:06 - 01100640 ____A C:\Users\Adam\Downloads\super-mario-kart (1).exe
2012-09-16 10:06 - 2012-09-16 10:06 - 01100640 ____A C:\Users\Adam\Downloads\super-mario-kart.exe
2012-09-16 09:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At26.job
2012-09-16 09:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At25.job
2012-09-16 08:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At24.job
2012-09-16 08:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At23.job
2012-09-16 07:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At22.job
2012-09-16 07:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At21.job
2012-09-16 06:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At20.job
2012-09-16 06:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At19.job
2012-09-15 13:05 - 2012-09-15 13:05 - 00002187 ____A C:\Users\Public\Desktop\Play SpongeBob SquarePants Krabby Quest.lnk
2012-09-15 11:44 - 2012-09-15 11:44 - 00466760 ____A C:\Users\Adam\Downloads\incredibar_install.exe
2012-09-15 11:44 - 2012-09-15 11:44 - 00466760 ____A C:\Users\Adam\Downloads\incredibar_install (5).exe
2012-09-15 11:44 - 2012-09-15 11:44 - 00466760 ____A C:\Users\Adam\Downloads\incredibar_install (4).exe
2012-09-15 11:44 - 2012-09-15 11:44 - 00466760 ____A C:\Users\Adam\Downloads\incredibar_install (3).exe
2012-09-15 11:44 - 2012-09-15 11:44 - 00466760 ____A C:\Users\Adam\Downloads\incredibar_install (2).exe
2012-09-15 11:44 - 2012-09-15 11:44 - 00466760 ____A C:\Users\Adam\Downloads\incredibar_install (1).exe
2012-09-15 10:34 - 2012-09-15 10:34 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\planet-horse_s1_l1_gF6023T1L1_d1862798695.exe
2012-09-15 10:33 - 2012-09-15 10:33 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\planet-horse_s1_l1_gF6023T1L1_d1862798557.exe
2012-09-11 16:37 - 2012-09-11 16:37 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\spongebob-atlantis-squareoff_s1_l1_gF2284T1L1_d1859504276.exe
2012-09-11 16:37 - 2012-09-11 16:37 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\spongebob-atlantis-squareoff_s1_l1_gF2284T1L1_d1859504265.exe
2012-09-11 16:34 - 2012-09-11 16:34 - 01941248 ____A (Inbox.com, Inc. ) C:\Users\Adam\Downloads\GamesSetup.exe
2012-09-11 16:34 - 2012-09-11 16:34 - 01941248 ____A (Inbox.com, Inc. ) C:\Users\Adam\Downloads\GamesSetup (1).exe
2012-09-11 05:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At18.job
2012-09-11 05:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At17.job
2012-09-11 04:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At16.job
2012-09-11 04:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At15.job
2012-09-11 03:16 - 2011-12-24 05:05 - 00000350 ____A C:\Windows\Tasks\At14.job
2012-09-11 03:16 - 2011-12-24 05:05 - 00000348 ____A C:\Windows\Tasks\At13.job
2012-09-10 15:51 - 2012-09-10 15:51 - 00002181 ____A C:\Users\Public\Desktop\Play SpongeBob SquarePants Obstacle Odyssey 2.lnk
2012-09-10 15:50 - 2012-09-10 15:50 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\spongebob-squarepants-obstacle-odyssey-2_s1_l1_gF1554T1L1_d1858631799.exe
2012-09-10 15:50 - 2012-09-10 15:50 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\spongebob-squarepants-obstacle-odyssey-2_s1_l1_gF1554T1L1_d1858631773.exe
2012-09-10 15:50 - 2012-09-10 15:50 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\spongebob-squarepants-obstacle-odyssey-2_s1_l1_gF1554T1L1_d1858631751.exe
2012-09-10 15:50 - 2012-09-10 15:50 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\spongebob-squarepants-obstacle-odyssey-2_s1_l1_gF1554T1L1_d1858631726.exe
2012-09-07 14:04 - 2011-12-12 22:08 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-09-03 13:17 - 2012-09-03 13:17 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\wonder-pets-save-the-puppy_s1_l1_gF2654T1L1_d1852173871.exe
2012-09-03 13:17 - 2012-09-03 13:17 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\wonder-pets-save-the-puppy_s1_l1_gF2654T1L1_d1852173795.exe
2012-09-03 13:17 - 2012-09-03 13:17 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\wonder-pets-save-the-puppy_s1_l1_gF2654T1L1_d1852173783.exe
2012-09-03 13:17 - 2012-09-03 13:17 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\wonder-pets-save-the-puppy_s1_l1_gF2654T1L1_d1852173688.exe
2012-09-03 12:54 - 2012-09-03 12:54 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\lacasadedora_s1_l1_gF1063T1L1_d1852154963.exe
2012-09-01 14:51 - 2012-07-03 07:18 - 00002346 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2012-09-01 10:40 - 2012-09-01 09:56 - 00001293 ____A C:\Users\Public\Desktop\World of Warcraft.lnk
2012-08-25 20:13 - 2012-08-25 20:07 - 00000567 ____A C:\Users\Adam\Desktop\New WinRAR archive.lnk
2012-08-25 20:12 - 2012-08-25 20:07 - 47690872 ____A C:\Users\Adam\Desktop\New WinRAR archive.rar
2012-08-25 12:00 - 2012-08-25 12:00 - 06212795 ____A C:\Users\Adam\Downloads\MC-BC125 (2).rar
2012-08-25 11:59 - 2012-08-25 11:59 - 06212795 ____A C:\Users\Adam\Downloads\MC-BC125 (1).rar
2012-08-25 11:57 - 2012-08-25 11:57 - 00001015 ____A C:\Users\Adam\Desktop\.minecraft - Shortcut.lnk
2012-08-25 11:56 - 2012-08-25 11:56 - 06212795 ____A C:\Users\Adam\Downloads\MC-BC125.rar
2012-08-23 14:24 - 2012-08-23 14:24 - 02045984 ____A (GetNow) C:\Users\Adam\Downloads\WinRAR Powered By GetNow.exe
2012-08-22 08:41 - 2012-08-22 08:41 - 00002169 ____A C:\Users\Public\Desktop\AT&T Troubleshoot & Resolve Tool.lnk
2012-08-22 08:36 - 2012-08-22 08:36 - 00385904 ____A C:\Users\Adam\Downloads\ATT_SST.exe
2012-08-22 08:35 - 2012-08-14 21:14 - 00000003 ____A C:\Windows\System32\HRUPPROG.TXT
2012-08-21 01:13 - 2012-09-21 01:36 - 00969200 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2012-08-21 01:13 - 2012-09-21 01:36 - 00359464 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2012-08-21 01:13 - 2012-09-21 01:36 - 00071600 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2012-08-21 01:13 - 2012-09-21 01:36 - 00059728 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2012-08-21 01:13 - 2012-09-21 01:36 - 00054072 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2012-08-21 01:13 - 2012-09-21 01:36 - 00025232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2012-08-21 01:12 - 2012-09-21 01:36 - 00285328 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2012-08-21 01:12 - 2012-09-21 01:35 - 00227648 ____A (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
2012-08-21 01:12 - 2012-09-21 01:35 - 00041224 ____A (AVAST Software) C:\Windows\avastSS.scr
2012-08-14 21:15 - 2012-08-14 21:15 - 00000003 ____A C:\Windows\System32\HRUPPROG.DIE.NOW
2012-08-10 21:51 - 2011-05-14 00:23 - 00007606 ____A C:\Users\Adam\AppData\Local\Resmon.ResmonCfg
2012-08-10 21:46 - 2012-08-10 21:46 - 00000956 ____A C:\Users\Adam\Desktop\RKreport[7].txt
2012-08-10 21:43 - 2012-08-10 21:43 - 01558528 ____A C:\Users\Adam\Downloads\RogueKiller (3).exe
2012-08-10 21:43 - 2012-08-10 21:43 - 01558528 ____A C:\Users\Adam\Downloads\RogueKiller (2).exe
2012-08-10 21:43 - 2012-08-10 21:42 - 01558528 ____A C:\Users\Adam\Downloads\RogueKiller (1).exe
2012-08-10 05:33 - 2009-07-13 21:08 - 00032590 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-08-09 12:15 - 2012-08-09 12:14 - 24662646 ____A C:\Users\Adam\Downloads\ProjectZomboid-PublicTechDemo_0_1_4c-batchfix.zip
2012-08-05 16:21 - 2012-08-05 16:21 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\go-diego-go-ultimate-rescue-league_s1_l1_gF6320T1L1_d1824797403.exe
2012-08-05 16:21 - 2012-08-05 16:21 - 00233120 ____A (Big Fish Games) C:\Users\Adam\Downloads\go-diego-go-ultimate-rescue-league_s1_l1_gF6320T1L1_d1824797388.exe
2012-08-03 20:35 - 2012-08-03 20:35 - 00002179 ____A C:\Users\Adam\Desktop\RKreport[2].txt
2012-08-03 20:35 - 2012-08-03 20:35 - 00001967 ____A C:\Users\Adam\Desktop\RKreport[3].txt
2012-08-03 20:34 - 2012-08-03 20:34 - 01552384 ____A C:\Users\Adam\Downloads\RogueKiller.exe
2012-08-03 20:33 - 2012-08-03 20:32 - 02136664 ____A (Kaspersky Lab ZAO) C:\Users\Adam\Downloads\tdsskiller.exe
2012-08-03 20:22 - 2012-08-03 20:22 - 00448512 ____A (OldTimer Tools) C:\Users\Adam\Downloads\TFC.exe
2012-07-31 09:55 - 2012-01-20 22:07 - 00003322 ____A C:\Users\Adam\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2012-07-31 09:30 - 2012-07-18 10:49 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-07-31 09:30 - 2011-06-01 19:29 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-07-28 21:05 - 2012-07-28 21:05 - 01424103 ____A C:\Users\Adam\Downloads\LOLReplay-0.7.9.34.exe
2012-07-24 22:43 - 2012-07-24 22:43 - 00002039 ____A C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
2012-07-24 22:43 - 2012-07-24 22:43 - 00002030 ____A C:\Users\Public\Desktop\Smite.lnk
2012-07-24 22:42 - 2012-07-24 22:42 - 13846728 ____A (Hi-Rez Studios) C:\Users\Adam\Downloads\InstallHiRezGamesEnglish (2).exe
2012-07-24 22:05 - 2012-07-24 22:05 - 13846728 ____A (Hi-Rez Studios) C:\Users\Adam\Downloads\InstallHiRezGamesEnglish.exe
2012-07-24 22:05 - 2012-07-24 22:05 - 13846728 ____A (Hi-Rez Studios) C:\Users\Adam\Downloads\InstallHiRezGamesEnglish (1).exe
2012-07-24 21:37 - 2012-07-24 21:37 - 19879272 ____A (Trion Worlds, Inc.) C:\Users\Adam\Downloads\eon-installer (1).exe
2012-07-21 23:22 - 2012-07-21 23:22 - 00000771 ____A C:\Users\Public\Desktop\World of Tanks.lnk
2012-07-21 22:38 - 2012-07-21 22:17 - 3315937376 ____A C:\Users\Adam\Downloads\WoT_0.7.4_us_setup.exe
2012-07-20 20:48 - 2012-07-20 20:48 - 19879304 ____A (Trion Worlds, Inc.) C:\Users\Adam\Downloads\eon-installer.exe
2012-07-15 18:13 - 2012-07-15 18:13 - 01388527 ____A C:\Users\Adam\Downloads\LOLReplay-0.7.9.25.exe
2012-07-05 09:07 - 2012-07-05 09:07 - 00275968 ____A C:\Windows\Minidump\070512-45037-01.dmp
2012-07-05 09:07 - 2011-09-30 20:29 - 563179134 ____A C:\Windows\MEMORY.DMP
2012-07-04 07:03 - 2012-07-04 07:03 - 01505524 ____A C:\Users\Adam\Downloads\LOLReplay-0.7.9.17.exe
2012-07-04 07:03 - 2012-07-04 07:03 - 00001907 ____A C:\Users\Public\Desktop\LOL Recorder.lnk
2012-07-03 07:17 - 2012-07-03 07:17 - 00740008 ____A (Google Inc.) C:\Users\Adam\Downloads\googleupdatesetup.exe
2012-07-03 05:55 - 2012-07-03 05:55 - 00000219 ____A C:\Users\Adam\Desktop\Counter-Strike Source.url
2012-07-01 13:38 - 2012-07-01 13:38 - 00001921 ____A C:\Users\Public\Desktop\Play Bus Driver.lnk
2012-06-27 23:28 - 2012-06-27 23:28 - 04383656 ____A (Photodex Corporation) C:\Users\Adam\Downloads\pxsetup.exe

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================


==================== Memory info ===========================

Percentage of memory in use: 15%
Total physical RAM: 4014.3 MB
Available physical RAM: 3399.71 MB
Total Pagefile: 4012.45 MB
Available Pagefile: 3398.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:283.44 GB) (Free:49.69 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
3 Drive e: () (Removable) (Total:1.85 GB) (Free:0.01 GB) FAT
4 Drive f: () (Removable) (Total:3.72 GB) (Free:3.71 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 298 GB 0 B
Disk 1 Online 1898 MB 0 B
Disk 2 Online 3815 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 14 GB 1024 KB
Partition 2 Primary 283 GB 14 GB

==================================================================================

Disk: 0
Partition 1
Type : 1C
Hidden: Yes
Active: No

There is no volume associated with this partition.

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C OS NTFS Partition 283 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1897 MB 65 KB

==================================================================================

Disk: 1
Partition 1
Type : 06
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 E FAT Removable 1897 MB Healthy

=========================================================

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3814 MB 8 KB

==================================================================================

Disk: 2
Partition 1
Type : 0B
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F FAT32 Removable 3814 MB Healthy

=========================================================

Last Boot: 2012-09-16 10:39

==================== End Of Log =============================

Edited by acfathome, 21 September 2012 - 03:09 PM.


BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:07 PM

Posted 21 September 2012 - 05:38 PM

Please do the following:


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

start
SubSystems: [Windows] ATTENTION! ====> ZeroAccess
C:\Windows\System32\consrv.dll
cmd: del /a/f/q c:\windows\tasks\at*.job
cmd: bootrec /FixMbr
end

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options then select Command Prompt

Run FRST (or FRST64 if you have the 64bit version) and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Reboot Normally.


NEXT


Refer to the ComboFix User's Guide

  • Download ComboFix from the following location:

    Link

    * IMPORTANT !!! Place ComboFix.exe on your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
    You can get help on disabling your protection programs here
  • Double click on ComboFix.exe & follow the prompts.
  • Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
  • When finished, it shall produce a log for you. Post that log in your next reply

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


    ---------------------------------------------------------------------------------------------
  • Ensure your AntiVirus and AntiSpyware applications are re-enabled.

    ---------------------------------------------------------------------------------------------

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:07 PM

Posted 27 September 2012 - 08:08 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users