TechSpot

Critical problem.. shutting down in one minute

Inactive
By Tommythe5th
Aug 31, 2012
  1. I recently had one of the false virus protection software viruses. After I got rid of it, I installed MSE and now every time I boot up I get this critical error alert then my system shuts down. This ven happens in safe-mode. I am running in 7 64bit. Any help would be great.
  2. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Hello, and welcome to TechSpot.


    [​IMG] Please see here for the board rules and other FAQ.

    Please feel free to introduce yourself, after you follow the steps below to get started.

    Information
    • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
    • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
    • If you have already asked for help somewhere, please post the link to the topic you were helped.
    • We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
    • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

    Download Farbar Recovery Scan Tool and save it to a flash drive.

    Please make sure to download the 64-bit version.

    Plug the flashdrive into the infected PC.

    Enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Choose your language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.
    To enter System Recovery Options by using Windows installation disc:
    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Choose your language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.
    On the System Recovery Options menu you will get the following options:
      • Startup Repair
        System Restore
        Windows Complete PC Restore
        Windows Memory Diagnostic Tool
        Command Prompt
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst64 and press Enter
      Note: Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to the disclaimer.
    • Place a check next to List Drivers MD5 as well as the default check marks that are already there (if necessary)
    • Press Scan button. It will do its scan and save a log on your flash drive.
    • Close out of the message after that, then type in the text services.exe in to the "Search:" text box. Then, press the Search file(s) button, just as below:
      [​IMG]
      When done searching, FRST makes a log, Search.txt, on the C:\ drive or on your flash drive.
    • Type exit in the Command Prompt window and reboot the computer normally
    • FRST will make a log (FRST.txt) on the flash drive and also the search.txt logfile, please copy and paste the logs in your reply.
  3. Tommythe5th

    Tommythe5th TS Rookie Topic Starter

    Thanks for the reply, DragonMasterJay. Here's the search.txt

    Farbar Recovery Scan Tool Version: 31-08-2012
    Ran by SYSTEM at 2012-08-30 23:49:32
    Running from I:\

    ================== Search: "services.exe" ===================

    C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
    [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

    C:\Windows\System32\services.exe
    [2009-07-13 15:19] - [2012-08-30 18:05] - 0328704 ____A (Microsoft Corporation) 014A9CB92514E27C0107614DF764BC06

    ====== End Of Search ======
  4. Tommythe5th

    Tommythe5th TS Rookie Topic Starter

    Scan result of Farbar Recovery Scan Tool Version: 31-08-2012
    Ran by SYSTEM at 30-08-2012 23:40:34
    Running from I:\
    Windows 7 Professional (X64) OS Language: English(US)
    The current controlset is ControlSet001

    ==================== Registry (Whitelisted) ===================

    HKLM\...\Run: [M-Audio Taskbar Icon] C:\Windows\system32\M-AudioTaskBarIcon.exe [798216 2009-10-02] (Avid Technology, Inc.)
    HKLM\...\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2320752 2009-11-11] (Microsoft Corporation)
    HKLM\...\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun [825184 2009-09-30] (Microsoft Corporation)
    HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation)
    HKLM-x32\...\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2009-11-08] (PowerISO Computing, Inc.)
    HKLM-x32\...\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin [611712 2008-08-14] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" [x]
    HKLM-x32\...\Run: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [642856 2008-12-12] (Cisco Systems, Inc.)
    HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2010-03-17] (Apple Inc.)
    HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1164584 2010-09-16] ()
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2012-03-27] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
    HKU\Mcx1-TOMMYV-PC\...\Winlogon: [Shell] C:\Windows\eHome\McrMgr.exe [343552 2009-07-13] (Microsoft Corporation)
    HKU\Tommy V\...\Run: [Google Update] "C:\Users\Tommy V\AppData\Local\Google\Update\GoogleUpdate.exe" /c [135664 2010-02-18] (Google Inc.)
    HKU\Tommy V\...\Run: [googletalk] "C:\Program Files (x86)\Google\Google Talk\googletalk.exe" /autostart [3289088 2007-11-20] (Google)
    HKU\Tommy V\...\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent [1353080 2012-08-05] (Valve Corporation)
    HKU\Tommy V\...\Run: [uTorrent] "C:\Users\Tommy V\Downloads\uTorrent.exe" /MINIMIZED [1020816 2012-06-12] (BitTorrent, Inc.)
    HKU\Tommy V\...\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
    HKU\Tommy V\...\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2969496 2010-09-10] ()
    HKU\Tommy V\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [14940040 2010-10-11] (Skype Technologies S.A.)
    HKU\Tommy V\...\Run: [DownloadAccelerator] "C:\Program Files (x86)\DAP\DAP.EXE" /STARTUP [3721432 2012-06-15] (Speedbit Ltd.)
    HKU\Tommy V\...\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager 611\IDMan.exe /onboot [3491264 2012-06-24] (Tonec Inc.)
    Tcpip\..\Interfaces\{03B8BA7A-8B00-4F3F-91D7-E69AE9DF0F42}: [NameServer]192.168.1.1
    Tcpip\..\Interfaces\{641E6EE3-2B43-4A52-9CBF-BA294B87D0A0}: [NameServer]8.8.8.8 8.8.4.4
    Startup: C:\Users\All Users\Start Menu\Programs\Startup\Orbit.lnk
    ShortcutTarget: Orbit.lnk -> C:\Program Files (x86)\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
    Startup: C:\Users\Tommy V\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
    Startup: C:\Users\Tommy V\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> (No File)
    Startup: C:\Users\Tommy V\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
    ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE (Microsoft Corporation)
    Startup: C:\Users\Tommy V\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
    ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
    Startup: C:\Users\Tommy V\Start Menu\Programs\Startup\PdaNet Desktop.lnk
    ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for BlackBerry\PdaNetPC.exe ()

    ==================== Services (Whitelisted) ======

    2 DAZContentManagementService; "C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe" [22528 2011-05-05] ()
    2 mi-raysat_3dsmax2010_32; "C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe" [86016 2009-03-12] ()
    2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [12600 2012-03-26] (Microsoft Corporation)
    2 MSSQL$SQLEXPRESS; "C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS [57617752 2009-03-30] (Microsoft Corporation)
    3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [291696 2012-03-26] (Microsoft Corporation)
    2 nmservice; "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe" [642856 2008-12-12] (Cisco Systems, Inc.)
    2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2010-06-30] ()
    2 SentinelKeysServer; "C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe" [369952 2009-09-16] (SafeNet, Inc.)
    2 SentinelProtectionServer; "C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe" [1246496 2009-09-17] (SafeNet, Inc)
    2 SentinelSecurityRuntime; "C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe" [292128 2009-09-16] (SafeNet, Inc.)
    4 SQLAgent$SQLEXPRESS; "C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE" -I SQLEXPRESS [427880 2009-03-30] (Microsoft Corporation)
    2 LinksysUpdater; "C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe" -s "C:\Program Files (x86)\Linksys\Linksys Updater\conf\wrapper.conf" [x]

    ==================== Drivers (Whitelisted) ===================

    3 MADFUXPONENT; C:\Windows\System32\DRIVERS\MAudioXponent_DFU.sys [46088 2009-10-02] (M-Audio)
    3 MAUSBXPONENT; C:\Windows\System32\DRIVERS\MAudioXponent.sys [187912 2009-10-02] (Avid Technology, Inc.)
    3 mbamchameleon; C:\Windows\System32\Drivers\mbamchameleon.sys [36168 2012-08-29] ()
    3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-28] ()
    3 RTCore64; \??\C:\Program Files (x86)\EVGA Precision\RTCore64.sys [14440 2010-09-07] ()
    2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
    3 sftfs; \??\C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftfslh.sys [712536 2009-09-23] (Microsoft Corporation)
    3 sftplay; \??\C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftplaylh.sys [261480 2009-09-23] (Microsoft Corporation)
    3 sftvol; \??\C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftvollh.sys [17752 2009-09-23] (Microsoft Corporation)
    0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-03-06] (Duplex Secure Ltd.)
    3 dump_wmimmc; \??\C:\Program Files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys [x]
    3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x]

    ==================== NetSvcs (Whitelisted) =================


    ==================== One Month Created Files and Folders ======================

    2012-08-30 19:06 - 2012-08-30 19:06 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.7AF86E6CEA2CEAB6
    2012-08-30 19:06 - 2012-08-30 19:06 - 00049872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ytuiflvz.sys
    2012-08-30 18:57 - 2012-08-30 18:57 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.2DF26F1C6FC8D516
    2012-08-30 16:23 - 2012-08-30 16:23 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.70FF705560EDC01D
    2012-08-30 14:50 - 2012-08-30 14:50 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.EBA82A11EA3A630E
    2012-08-30 10:54 - 2012-08-30 10:54 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.205E6491C6333084
    2012-08-30 10:53 - 2012-08-30 10:54 - 00000000 ____D C:\Users\Music Only\AppData\Roaming\Orbit
    2012-08-30 10:53 - 2012-08-30 10:53 - 00000000 ____D C:\Users\Music Only\AppData\Roaming\ProgSense
    2012-08-30 10:38 - 2012-08-30 10:38 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.87522A1881E9C611
    2012-08-30 09:27 - 2012-08-30 09:27 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.CA77E290D2B19315
    2012-08-30 09:12 - 2012-08-30 09:12 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.48BA08CED2CA7C25
    2012-08-29 23:25 - 2012-08-29 23:25 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.5875EFE0BE37BF47
    2012-08-29 23:10 - 2012-08-29 23:10 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.99FD543A9AE67998
    2012-08-29 17:54 - 2012-08-30 10:44 - 00002243 ____A C:\Windows\epplauncher.mif
    2012-08-29 17:52 - 2012-08-29 17:53 - 00000000 ____D C:\Program Files\Microsoft Security Client
    2012-08-29 17:52 - 2012-08-29 17:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
    2012-08-28 21:59 - 2012-08-29 15:57 - 00036168 ____A C:\Windows\System32\Drivers\mbamchameleon.sys
    2012-08-28 21:54 - 2012-08-28 21:54 - 00102393 ____A C:\Users\Tommy V\Desktop\Security Shield Virus - Removal Instructions.htm
    2012-08-28 21:54 - 2012-08-28 21:54 - 00000000 ____D C:\Users\Tommy V\Desktop\Security Shield Virus - Removal Instructions_files
    2012-08-28 19:36 - 2012-08-28 19:37 - 00000000 ____D C:\dosgames
    2012-08-28 19:29 - 2012-08-28 19:30 - 00000000 ____D C:\Users\Tommy V\D-Fend Reloaded
    2012-08-28 19:29 - 2012-08-28 19:29 - 00001081 ____A C:\Users\Public\Desktop\D-Fend Reloaded.lnk
    2012-08-28 19:29 - 2012-08-28 19:29 - 00000000 ____D C:\Program Files (x86)\D-Fend Reloaded
    2012-08-28 19:13 - 2012-08-28 21:06 - 00000000 ____D C:\Users\Tommy V\Downloads\Dos Emu & Games
    2012-08-28 18:51 - 2012-08-28 19:11 - 15805134 ____A (Written by Alexander Herzog) C:\Users\Tommy V\Downloads\D-Fend-Reloaded-1.3.1-Setup.exe
    2012-08-28 15:15 - 2012-08-28 15:15 - 00001601 ____A C:\Users\Tommy V\Desktop\Unity.exe - 2.5.2 crack.lnk
    2012-08-28 14:18 - 2012-08-28 14:22 - 00000000 ____D C:\Program Files (x86)\Unity 3.5.2F2
    2012-08-27 16:19 - 2012-08-27 16:19 - 00000557 ____A C:\Users\Tommy V\Desktop\launcher.exe - Shortcut (2).lnk
    2012-08-22 21:16 - 2012-08-22 21:16 - 00000000 ____D C:\Users\Tommy V\Downloads\PlayUpTools
    2012-08-22 20:48 - 2012-08-22 20:56 - 14427303 ____A C:\Users\Tommy V\Downloads\PlayUpTools.zip
    2012-08-22 17:32 - 2012-08-22 17:37 - 04861330 ____A C:\Users\Tommy V\Downloads\47
    2012-08-22 12:25 - 2012-08-22 12:25 - 00000193 ____A C:\Windows\WORDPAD.INI
    2012-08-21 21:39 - 2012-08-21 21:39 - 00000218 ____A C:\Users\Tommy V\.recently-used.xbel
    2012-08-21 12:10 - 2012-08-21 12:10 - 00000000 ____D C:\Users\Public\Documents\MudBox Models
    2012-08-21 00:18 - 2012-08-21 00:18 - 00001228 ____A C:\Users\Tommy V\Desktop\WowModelViewer64.exe - Shortcut.lnk
    2012-08-21 00:16 - 2012-08-22 13:33 - 00000000 ____D C:\Program Files\World of Warcraft Model Viewer 2012
    2012-08-21 00:08 - 2012-08-21 00:14 - 07558144 ____A C:\Users\Tommy V\Downloads\WMV_Installer_v0704_Win64.msi
    2012-08-20 22:12 - 2012-08-22 16:34 - 00000000 ____D C:\Users\Public\Documents\WoW Models
    2012-08-20 17:21 - 2012-08-20 17:21 - 00028618 ____A C:\Users\Tommy V\AppData\Local\recently-used.xbel
    2012-08-20 14:15 - 2012-08-20 16:21 - 00000017 ____A C:\Users\Tommy V\Desktop\Teserect.txt
    2012-08-19 04:59 - 2012-08-19 05:00 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager 611
    2012-08-19 01:56 - 2012-08-19 01:56 - 00438179 ____A C:\Users\Tommy V\Documents\4f45271b2bb32-full-5cut.xcf
    2012-08-18 14:14 - 2012-08-18 14:14 - 00002260 ____A C:\Users\Tommy V\Desktop\My Music - Shortcut.lnk
    2012-08-18 13:15 - 2012-08-18 14:04 - 00000000 ____D C:\Users\Tommy V\AppData\Local\AudioMulch 2.1.0
    2012-08-18 08:40 - 2012-08-18 08:40 - 00000000 ____D C:\Users\Tommy V\Downloads\nifskope
    2012-08-18 07:21 - 2012-08-18 08:23 - 00022944 ____A C:\Users\Tommy V\Downloads\nifskope-1.1.0-rc7-i686-w32.7z
    2012-08-18 07:20 - 2012-08-19 05:35 - 1004848016 ____A C:\Users\Public\Documents\theHunterSetup.exe
    2012-08-17 01:32 - 2012-08-17 01:32 - 00001663 ____A C:\Users\Tommy V\Desktop\BlackMarketEditor.exe - Shortcut.lnk
    2012-08-17 01:32 - 2012-08-17 01:32 - 00000000 ____D C:\Program Files (x86)\BlackMarketEditor2_0
    2012-08-17 01:31 - 2012-08-17 01:31 - 00000000 ____D C:\Users\Tommy V\Downloads\BlackMarketEditor2_0
    2012-08-17 01:29 - 2012-08-17 01:30 - 00240824 ____A C:\Users\Tommy V\Downloads\BlackMarketEditor2_0.zip
    2012-08-15 10:58 - 2012-08-15 10:58 - 00000000 ____D C:\Users\Tommy V\Documents\3DReaperDX
    2012-08-15 10:55 - 2012-08-15 10:58 - 00000000 ____D C:\Program Files (x86)\3DRipperDX
    2012-08-15 10:55 - 2012-08-15 10:55 - 00000967 ____A C:\Users\User_2\Desktop\3D Ripper DX.lnk
    2012-08-15 10:55 - 2012-08-15 10:55 - 00000967 ____A C:\Users\UpdatusUser\Desktop\3D Ripper DX.lnk
    2012-08-15 10:55 - 2012-08-15 10:55 - 00000967 ____A C:\Users\Tommy V\Desktop\3D Ripper DX.lnk
    2012-08-15 10:55 - 2012-08-15 10:55 - 00000967 ____A C:\Users\Music Only\Desktop\3D Ripper DX.lnk
    2012-08-15 10:55 - 2012-08-15 10:55 - 00000967 ____A C:\Users\Mcx1-TOMMYV-PC\Desktop\3D Ripper DX.lnk
    2012-08-14 20:55 - 2012-08-14 20:56 - 01423009 ____A (Roman Lut ) C:\Users\Tommy V\Downloads\3DRipperDXSetup.exe
    2012-08-14 12:22 - 2012-08-14 12:24 - 207888824 ____A C:\Users\Tommy V\Downloads\Friday-The-13th-3D-V1.2.zip.dap
    2012-08-13 04:36 - 2012-08-13 04:36 - 00000281 ____A C:\Users\Tommy V\Downloads\rsapi.cgi.dap
    2012-08-13 04:32 - 2012-08-13 05:11 - 17967100 ____A C:\Users\Tommy V\Downloads\WhiteDay (1).zip
    2012-08-13 04:30 - 2012-08-13 04:30 - 00823648 ____A (Bandoo Media Inc) C:\Users\Tommy V\Downloads\iLividSetupV1.exe.dap
    2012-08-12 15:16 - 2012-08-12 15:16 - 00000000 ____A C:\Users\Tommy V\Desktop\Tut 36 at 8-37.txt
    2012-08-11 11:08 - 2012-08-11 11:10 - 00000048 ____A C:\Users\Tommy V\Desktop\camera location.txt
    2012-08-11 10:35 - 2012-08-11 10:35 - 00000000 ____D C:\Users\Tommy V\Downloads\educational_3d models_249HumanAnimated
    2012-08-11 04:19 - 2012-08-19 00:37 - 533970712 ____A (Unity Technologies ApS) C:\Users\Tommy V\Downloads\UnitySetup-3.5.5.exe.dap
    2012-08-11 02:59 - 2012-08-11 02:59 - 00000221 ____A C:\Users\Tommy V\Desktop\Operation Flashpoint Dragon Rising.url
    2012-08-10 05:20 - 2012-08-10 05:20 - 00000199 ____A C:\Users\Tommy V\Desktop\Source SDK Base 2007.url
    2012-08-10 01:53 - 2012-08-10 01:53 - 01614028 ____A C:\Users\Tommy V\Downloads\educational_3d models_249HumanAnimated.zip
    2012-08-10 01:49 - 2012-08-10 01:49 - 00015778 ____A C:\Users\Tommy V\Downloads\purchased-files.dap
    2012-08-09 20:03 - 2012-08-09 20:03 - 00000222 ____A C:\Users\Tommy V\Desktop\Quantum Conundrum Demo.url
    2012-08-08 20:42 - 2012-08-08 20:57 - 06537856 ____A C:\Users\Tommy V\Downloads\Update 9 [BETA].rar
    2012-08-08 20:37 - 2012-08-08 20:37 - 00009005 ____A C:\Users\Tommy V\Downloads\Internet Download Manager 6.05 Build Serial [H33T] [h33t].torrent
    2012-08-08 18:49 - 2012-08-08 20:30 - 140675562 ____A C:\Users\Tommy V\Downloads\Update 9 [BETA]_1.rar.dap
    2012-08-08 18:42 - 2012-08-08 18:42 - 00000000 ____D C:\Users\Public\Documents\machinima studio folder
    2012-08-08 18:41 - 2012-08-08 18:41 - 00002301 ____A C:\Users\Tommy V\Desktop\Machinima Studio.lnk
    2012-08-08 13:41 - 2012-08-08 13:41 - 00001682 ____A C:\Users\Tommy V\Desktop\GECK.exe - Shortcut.lnk
    2012-08-08 03:41 - 2012-08-08 08:14 - 00000000 ____D C:\Users\Public\Documents\Skyrim Creation Kit Tutorials
    2012-08-08 03:25 - 2012-08-08 03:26 - 01318466 ____A C:\Users\Tommy V\Downloads\Fallout3_GECK_1.5_Update.exe
    2012-08-08 03:24 - 2012-08-08 03:28 - 08891219 ____A (Macrovision Corporation) C:\Users\Tommy V\Downloads\Fallout3_GECK.exe
    2012-08-07 20:30 - 2012-08-07 20:43 - 54179488 ____A C:\Users\Tommy V\Downloads\Fallout3_1.7_English_US.exe
    2012-08-07 19:48 - 2012-08-08 21:17 - 00000000 ____D C:\Users\Tommy V\Downloads\Skyrim update 9
    2012-08-07 19:48 - 2012-08-07 19:48 - 00000000 ____D C:\Users\Tommy V\Downloads\New folder (2)
    2012-08-07 13:29 - 2012-08-07 13:29 - 00001675 ____A C:\Users\Tommy V\Desktop\CreationKit.exe - Shortcut (2).lnk
    2012-08-07 03:38 - 2012-08-07 03:41 - 00000671 ____A C:\Users\Tommy V\Desktop\directions to the tanning yards.txt
    2012-08-07 01:37 - 2012-08-07 01:37 - 00001767 ____A C:\Users\Tommy V\Desktop\FalloutLauncher.exe - Shortcut.lnk
    2012-08-07 01:37 - 2012-08-07 01:37 - 00001702 ____A C:\Users\Tommy V\Desktop\Fallout3.exe - Shortcut.lnk
    2012-08-06 00:05 - 2012-08-06 00:16 - 00000000 ____D C:\Program Files (x86)\Project64 1.6
    2012-08-05 23:42 - 2012-08-07 19:47 - 00000000 ____D C:\Users\Public\Documents\N64 Roms
    2012-08-03 23:35 - 2012-08-03 23:35 - 00005555 ____A C:\Users\Tommy V\Desktop\interesting facts.txt
    2012-08-03 03:01 - 2012-08-07 20:19 - 00000490 ____A C:\Users\Tommy V\Desktop\new plot.txt
    2012-08-03 02:32 - 2012-08-03 02:47 - 00000798 ____A C:\Users\Tommy V\Desktop\call out to officers.txt
    2012-08-03 00:06 - 2012-08-05 23:51 - 00000000 ____D C:\Users\Public\Documents\Blender Models
    2012-08-02 18:43 - 2012-08-02 18:43 - 00007993 ____A C:\Users\Tommy V\Downloads\Autodesk_Building_Design_Suite_Ultimate_2013_English_Win_32-64bit.part01.exe
    2012-08-02 18:35 - 2012-08-02 18:35 - 00008002 ____A C:\Users\Tommy V\Downloads\Autodesk_Maya_2013_English_Japanese_SimplifiedChinese_Win_64bit.exe.dap
    2012-08-02 18:23 - 2012-08-02 18:25 - 03185162 ____A C:\Users\Tommy V\Downloads\AUTODESK_2013_PRODUCTS_UNIVERSAL_KEYGEN-XFORCE_WIN_OSX.rar
    2012-08-02 16:33 - 2012-08-02 16:33 - 00001348 ____A C:\Users\Tommy V\Desktop\SCP - Containment Breach v0.2.1.exe - Shortcut.lnk
    2012-08-02 01:49 - 2012-08-02 01:49 - 00001522 ____A C:\Users\Tommy V\Desktop\Launcher.exe - Shortcut.lnk
    2012-08-02 01:49 - 2012-08-02 01:49 - 00001502 ____A C:\Users\Tommy V\Desktop\Editor.exe - Shortcut.lnk
    2012-08-02 01:28 - 2012-08-02 01:49 - 00000000 ____D C:\Program Files\CryEngine3
    2012-08-01 23:47 - 2012-08-02 00:02 - 00000925 ____A C:\Users\Tommy V\Desktop\PauseDownloadLoop.ahk
    2012-08-01 23:26 - 2012-08-01 23:26 - 00001352 ____A C:\Users\Tommy V\Documents\AutoHotkey.ahk
    2012-08-01 23:22 - 2012-08-01 23:22 - 00000000 ____D C:\Program Files (x86)\AutoHotkey
    2012-08-01 22:11 - 2012-08-01 22:11 - 00000000 ____D C:\Users\Tommy V\Downloads\SCP - Containment Breach v0.2.1
    2012-08-01 21:45 - 2012-08-01 21:54 - 31044328 ____A C:\Users\Tommy V\Downloads\SCP - Containment Breach v0.2.1.zip
    2012-08-01 21:44 - 2012-08-01 21:44 - 00000000 ____D C:\Users\Tommy V\Downloads\freaky_science
    2012-08-01 20:52 - 2012-08-01 20:52 - 00001859 ____A C:\Users\Public\Desktop\Desura.lnk
    2012-08-01 20:52 - 2012-08-01 20:52 - 00000000 ____D C:\Users\All Users\Desura
    2012-08-01 20:52 - 2012-08-01 20:52 - 00000000 ____D C:\Program Files (x86)\Desura
    2012-08-01 20:45 - 2012-08-02 01:27 - 1076809322 ____A C:\Users\Tommy V\Downloads\CryENGINE_PC_v3_4_0_3696_freeSDK.zip
    2012-08-01 20:38 - 2012-08-01 20:40 - 01252424 ____A C:\Users\Tommy V\Downloads\DesuraInstaller.exe
    2012-08-01 01:07 - 2012-08-01 20:40 - 00000000 ____D C:\Users\Public\Documents\Unity_SOUNDS
    2012-08-01 00:53 - 2012-08-03 23:53 - 00000000 ____D C:\Users\Tommy V\Desktop\Ideas For Games
  5. Tommythe5th

    Tommythe5th TS Rookie Topic Starter

    ==================== 3 Months Modified Files ================================
    2012-08-30 19:06 - 2012-08-30 19:06 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.7AF86E6CEA2CEAB6
    2012-08-30 19:06 - 2012-08-30 19:06 - 00049872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ytuiflvz.sys
    2012-08-30 19:00 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2012-08-30 18:59 - 2012-07-24 14:45 - 00004925 ____A C:\Windows\setupact.log
    2012-08-30 18:57 - 2012-08-30 18:57 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.2DF26F1C6FC8D516
    2012-08-30 18:05 - 2010-02-18 14:58 - 00000916 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-457477009-1174075402-560280912-1001UA.job
    2012-08-30 18:05 - 2010-02-18 14:58 - 00000864 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-457477009-1174075402-560280912-1001Core.job
    2012-08-30 18:05 - 2009-07-13 15:19 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe
    2012-08-30 16:23 - 2012-08-30 16:23 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.70FF705560EDC01D
    2012-08-30 16:23 - 2010-08-20 23:56 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2012-08-30 16:19 - 2010-08-20 23:56 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2012-08-30 14:50 - 2012-08-30 14:50 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.EBA82A11EA3A630E
    2012-08-30 14:38 - 2009-07-13 21:08 - 00032626 ____A C:\Windows\Tasks\SCHEDLGU.TXT
    2012-08-30 10:54 - 2012-08-30 10:54 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.205E6491C6333084
    2012-08-30 10:44 - 2012-08-29 17:54 - 00002243 ____A C:\Windows\epplauncher.mif
    2012-08-30 10:38 - 2012-08-30 10:38 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.87522A1881E9C611
    2012-08-30 10:32 - 2010-02-19 02:05 - 00040608 ____A C:\Windows\PFRO.log
    2012-08-30 09:27 - 2012-08-30 09:27 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.CA77E290D2B19315
    2012-08-30 09:26 - 2010-02-18 17:47 - 01876540 ____A C:\Windows\WindowsUpdate.log
    2012-08-30 09:12 - 2012-08-30 09:12 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.48BA08CED2CA7C25
    2012-08-29 23:25 - 2012-08-29 23:25 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.5875EFE0BE37BF47
    2012-08-29 23:10 - 2012-08-29 23:10 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.99FD543A9AE67998
    2012-08-29 21:35 - 2009-07-13 20:45 - 00014320 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2012-08-29 21:35 - 2009-07-13 20:45 - 00014320 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2012-08-29 17:53 - 2010-02-20 09:11 - 00910596 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
    2012-08-29 15:57 - 2012-08-28 21:59 - 00036168 ____A C:\Windows\System32\Drivers\mbamchameleon.sys
    2012-08-28 21:54 - 2012-08-28 21:54 - 00102393 ____A C:\Users\Tommy V\Desktop\Security Shield Virus - Removal Instructions.htm
    2012-08-28 19:29 - 2012-08-28 19:29 - 00001081 ____A C:\Users\Public\Desktop\D-Fend Reloaded.lnk
    2012-08-28 19:11 - 2012-08-28 18:51 - 15805134 ____A (Written by Alexander Herzog) C:\Users\Tommy V\Downloads\D-Fend-Reloaded-1.3.1-Setup.exe
    2012-08-28 15:15 - 2012-08-28 15:15 - 00001601 ____A C:\Users\Tommy V\Desktop\Unity.exe - 2.5.2 crack.lnk
    2012-08-28 14:21 - 2012-05-02 12:39 - 00001184 ____A C:\Users\Public\Desktop\Unity.lnk
    2012-08-27 16:19 - 2012-08-27 16:19 - 00000557 ____A C:\Users\Tommy V\Desktop\launcher.exe - Shortcut (2).lnk
    2012-08-22 20:57 - 2010-02-18 17:23 - 00375894 ____A C:\Windows\DirectX.log
    2012-08-22 20:56 - 2012-08-22 20:48 - 14427303 ____A C:\Users\Tommy V\Downloads\PlayUpTools.zip
    2012-08-22 17:37 - 2012-08-22 17:32 - 04861330 ____A C:\Users\Tommy V\Downloads\47
    2012-08-22 12:25 - 2012-08-22 12:25 - 00000193 ____A C:\Windows\WORDPAD.INI
    2012-08-21 21:39 - 2012-08-21 21:39 - 00000218 ____A C:\Users\Tommy V\.recently-used.xbel
    2012-08-21 12:22 - 2010-07-15 22:28 - 00056832 __ASH C:\Users\Public\Documents\Thumbs.db
    2012-08-21 00:18 - 2012-08-21 00:18 - 00001228 ____A C:\Users\Tommy V\Desktop\WowModelViewer64.exe - Shortcut.lnk
    2012-08-21 00:17 - 2010-11-25 22:53 - 00002665 ____A C:\Users\Public\Desktop\WoW Model Viewer 64-bit.lnk
    2012-08-21 00:14 - 2012-08-21 00:08 - 07558144 ____A C:\Users\Tommy V\Downloads\WMV_Installer_v0704_Win64.msi
    2012-08-20 17:21 - 2012-08-20 17:21 - 00028618 ____A C:\Users\Tommy V\AppData\Local\recently-used.xbel
    2012-08-20 16:21 - 2012-08-20 14:15 - 00000017 ____A C:\Users\Tommy V\Desktop\Teserect.txt
    2012-08-19 05:35 - 2012-08-18 07:20 - 1004848016 ____A C:\Users\Public\Documents\theHunterSetup.exe
    2012-08-19 01:56 - 2012-08-19 01:56 - 00438179 ____A C:\Users\Tommy V\Documents\4f45271b2bb32-full-5cut.xcf
    2012-08-19 00:37 - 2012-08-11 04:19 - 533970712 ____A (Unity Technologies ApS) C:\Users\Tommy V\Downloads\UnitySetup-3.5.5.exe.dap
    2012-08-18 14:14 - 2012-08-18 14:14 - 00002260 ____A C:\Users\Tommy V\Desktop\My Music - Shortcut.lnk
    2012-08-18 08:23 - 2012-08-18 07:21 - 00022944 ____A C:\Users\Tommy V\Downloads\nifskope-1.1.0-rc7-i686-w32.7z
    2012-08-17 01:32 - 2012-08-17 01:32 - 00001663 ____A C:\Users\Tommy V\Desktop\BlackMarketEditor.exe - Shortcut.lnk
    2012-08-17 01:30 - 2012-08-17 01:29 - 00240824 ____A C:\Users\Tommy V\Downloads\BlackMarketEditor2_0.zip
    2012-08-15 10:55 - 2012-08-15 10:55 - 00000967 ____A C:\Users\User_2\Desktop\3D Ripper DX.lnk
    2012-08-15 10:55 - 2012-08-15 10:55 - 00000967 ____A C:\Users\UpdatusUser\Desktop\3D Ripper DX.lnk
    2012-08-15 10:55 - 2012-08-15 10:55 - 00000967 ____A C:\Users\Tommy V\Desktop\3D Ripper DX.lnk
    2012-08-15 10:55 - 2012-08-15 10:55 - 00000967 ____A C:\Users\Music Only\Desktop\3D Ripper DX.lnk
    2012-08-15 10:55 - 2012-08-15 10:55 - 00000967 ____A C:\Users\Mcx1-TOMMYV-PC\Desktop\3D Ripper DX.lnk
    2012-08-14 20:56 - 2012-08-14 20:55 - 01423009 ____A (Roman Lut ) C:\Users\Tommy V\Downloads\3DRipperDXSetup.exe
    2012-08-14 12:24 - 2012-08-14 12:22 - 207888824 ____A C:\Users\Tommy V\Downloads\Friday-The-13th-3D-V1.2.zip.dap
    2012-08-13 05:11 - 2012-08-13 04:32 - 17967100 ____A C:\Users\Tommy V\Downloads\WhiteDay (1).zip
    2012-08-13 04:36 - 2012-08-13 04:36 - 00000281 ____A C:\Users\Tommy V\Downloads\rsapi.cgi.dap
    2012-08-13 04:30 - 2012-08-13 04:30 - 00823648 ____A (Bandoo Media Inc) C:\Users\Tommy V\Downloads\iLividSetupV1.exe.dap
    2012-08-12 15:16 - 2012-08-12 15:16 - 00000000 ____A C:\Users\Tommy V\Desktop\Tut 36 at 8-37.txt
    2012-08-11 11:10 - 2012-08-11 11:08 - 00000048 ____A C:\Users\Tommy V\Desktop\camera location.txt
    2012-08-11 02:59 - 2012-08-11 02:59 - 00000221 ____A C:\Users\Tommy V\Desktop\Operation Flashpoint Dragon Rising.url
    2012-08-11 01:32 - 2010-06-25 03:03 - 00000362 _RASH C:\Users\All Users\ntuser.pol
    2012-08-10 05:20 - 2012-08-10 05:20 - 00000199 ____A C:\Users\Tommy V\Desktop\Source SDK Base 2007.url
    2012-08-10 01:53 - 2012-08-10 01:53 - 01614028 ____A C:\Users\Tommy V\Downloads\educational_3d models_249HumanAnimated.zip
    2012-08-10 01:49 - 2012-08-10 01:49 - 00015778 ____A C:\Users\Tommy V\Downloads\purchased-files.dap
    2012-08-09 20:03 - 2012-08-09 20:03 - 00000222 ____A C:\Users\Tommy V\Desktop\Quantum Conundrum Demo.url
    2012-08-08 22:13 - 2012-06-06 17:11 - 00000220 ____A C:\Users\Tommy V\Desktop\Star Wars - Battlefront II.url
    2012-08-08 20:57 - 2012-08-08 20:42 - 06537856 ____A C:\Users\Tommy V\Downloads\Update 9 [BETA].rar
    2012-08-08 20:37 - 2012-08-08 20:37 - 00009005 ____A C:\Users\Tommy V\Downloads\Internet Download Manager 6.05 Build Serial [H33T] [h33t].torrent
    2012-08-08 20:30 - 2012-08-08 18:49 - 140675562 ____A C:\Users\Tommy V\Downloads\Update 9 [BETA]_1.rar.dap
    2012-08-08 18:41 - 2012-08-08 18:41 - 00002301 ____A C:\Users\Tommy V\Desktop\Machinima Studio.lnk
    2012-08-08 13:41 - 2012-08-08 13:41 - 00001682 ____A C:\Users\Tommy V\Desktop\GECK.exe - Shortcut.lnk
    2012-08-08 03:28 - 2012-08-08 03:24 - 08891219 ____A (Macrovision Corporation) C:\Users\Tommy V\Downloads\Fallout3_GECK.exe
    2012-08-08 03:26 - 2012-08-08 03:25 - 01318466 ____A C:\Users\Tommy V\Downloads\Fallout3_GECK_1.5_Update.exe
    2012-08-07 20:43 - 2012-08-07 20:30 - 54179488 ____A C:\Users\Tommy V\Downloads\Fallout3_1.7_English_US.exe
    2012-08-07 20:19 - 2012-08-03 03:01 - 00000490 ____A C:\Users\Tommy V\Desktop\new plot.txt
    2012-08-07 13:29 - 2012-08-07 13:29 - 00001675 ____A C:\Users\Tommy V\Desktop\CreationKit.exe - Shortcut (2).lnk
    2012-08-07 03:41 - 2012-08-07 03:38 - 00000671 ____A C:\Users\Tommy V\Desktop\directions to the tanning yards.txt
    2012-08-07 01:37 - 2012-08-07 01:37 - 00001767 ____A C:\Users\Tommy V\Desktop\FalloutLauncher.exe - Shortcut.lnk
    2012-08-07 01:37 - 2012-08-07 01:37 - 00001702 ____A C:\Users\Tommy V\Desktop\Fallout3.exe - Shortcut.lnk
    2012-08-03 23:35 - 2012-08-03 23:35 - 00005555 ____A C:\Users\Tommy V\Desktop\interesting facts.txt
    2012-08-03 02:47 - 2012-08-03 02:32 - 00000798 ____A C:\Users\Tommy V\Desktop\call out to officers.txt
    2012-08-02 18:43 - 2012-08-02 18:43 - 00007993 ____A C:\Users\Tommy V\Downloads\Autodesk_Building_Design_Suite_Ultimate_2013_English_Win_32-64bit.part01.exe
    2012-08-02 18:35 - 2012-08-02 18:35 - 00008002 ____A C:\Users\Tommy V\Downloads\Autodesk_Maya_2013_English_Japanese_SimplifiedChinese_Win_64bit.exe.dap
    2012-08-02 18:25 - 2012-08-02 18:23 - 03185162 ____A C:\Users\Tommy V\Downloads\AUTODESK_2013_PRODUCTS_UNIVERSAL_KEYGEN-XFORCE_WIN_OSX.rar
    2012-08-02 16:33 - 2012-08-02 16:33 - 00001348 ____A C:\Users\Tommy V\Desktop\SCP - Containment Breach v0.2.1.exe - Shortcut.lnk
    2012-08-02 01:49 - 2012-08-02 01:49 - 00001522 ____A C:\Users\Tommy V\Desktop\Launcher.exe - Shortcut.lnk
    2012-08-02 01:49 - 2012-08-02 01:49 - 00001502 ____A C:\Users\Tommy V\Desktop\Editor.exe - Shortcut.lnk
    2012-08-02 01:27 - 2012-08-01 20:45 - 1076809322 ____A C:\Users\Tommy V\Downloads\CryENGINE_PC_v3_4_0_3696_freeSDK.zip
    2012-08-02 00:02 - 2012-08-01 23:47 - 00000925 ____A C:\Users\Tommy V\Desktop\PauseDownloadLoop.ahk
    2012-08-01 23:26 - 2012-08-01 23:26 - 00001352 ____A C:\Users\Tommy V\Documents\AutoHotkey.ahk
    2012-08-01 21:54 - 2012-08-01 21:45 - 31044328 ____A C:\Users\Tommy V\Downloads\SCP - Containment Breach v0.2.1.zip
    2012-08-01 20:52 - 2012-08-01 20:52 - 00001859 ____A C:\Users\Public\Desktop\Desura.lnk
    2012-08-01 20:40 - 2012-08-01 20:38 - 01252424 ____A C:\Users\Tommy V\Downloads\DesuraInstaller.exe
    2012-07-29 21:19 - 2012-07-29 21:18 - 00998720 ____A (Solid State Networks) C:\Users\Tommy V\Downloads\install_flashplayer11x32_mssd_aih.exe
    2012-07-29 20:49 - 2012-07-29 20:49 - 00627684 ____A C:\Users\Tommy V\Downloads\7-29-12 922 PM Voicemail.mp4
    2012-07-27 19:47 - 2012-07-27 19:46 - 02239270 ____A C:\Users\Tommy V\Downloads\minecraft.jar
    2012-07-27 19:47 - 2012-07-27 19:42 - 11443389 ____A C:\Users\Tommy V\Downloads\judith_win.zip
    2012-07-27 12:11 - 2012-07-27 12:11 - 00002287 ____A C:\Users\Tommy V\Desktop\Skinny Puppy Video Chest - Shortcut.lnk
    2012-07-27 00:08 - 2012-07-26 20:54 - 499143286 ____A C:\Users\Tommy V\Downloads\WhiteDay.zip
    2012-07-26 23:40 - 2012-07-27 18:48 - 11332702 ____A C:\Users\Public\Documents\The4thWall.zip
    2012-07-26 23:40 - 2012-07-26 23:37 - 11332702 ____A C:\Users\Tommy V\Downloads\The4thWall.zip
    2012-07-26 23:17 - 2012-07-26 22:54 - 92931866 ____A () C:\Users\Tommy V\Downloads\The Fourth Wall.exe
    2012-07-26 21:57 - 2012-07-26 21:36 - 45039123 ____A C:\Users\Tommy V\Downloads\Warcraft Adventures - Lord of the Clans.zip
    2012-07-26 21:02 - 2012-07-26 20:44 - 29692384 ____A C:\Users\Tommy V\Downloads\gameEditor.zip
    2012-07-26 20:03 - 2012-07-26 20:01 - 06797565 ____A C:\Users\Tommy V\Downloads\freaky_science.zip
    2012-07-26 00:08 - 2012-07-26 00:08 - 00001127 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2012-07-25 22:12 - 2012-07-25 22:12 - 00012146 ____A C:\Users\Tommy V\Desktop\AVGIDSAgent
    2012-07-25 15:41 - 2012-07-25 15:41 - 00733186 ____A C:\Program Files (x86)\AutumnTree.trd
    2012-07-25 13:27 - 2012-07-25 13:27 - 00001184 ____A C:\Users\Tommy V\Desktop\tree[d].lnk
    2012-07-25 00:21 - 2012-07-25 00:21 - 00733988 ____A C:\Users\Tommy V\Downloads\Mineblock2D.jar
    2012-07-25 00:20 - 2012-07-25 00:14 - 22015443 ____A C:\Users\Tommy V\Downloads\Which.zip
    2012-07-24 14:45 - 2012-07-24 14:45 - 00000000 ____A C:\Windows\setuperr.log
    2012-07-23 21:40 - 2012-07-23 21:36 - 16420864 ____A C:\Users\Tommy V\Downloads\python-2.7.3.amd64.msi
    2012-07-23 21:33 - 2012-07-23 21:33 - 00001907 ____A C:\Users\Public\Desktop\Blender.lnk
    2012-07-23 21:24 - 2012-07-23 21:04 - 33231558 ____A C:\Users\Tommy V\Downloads\blender-2.63a-release-windows64.exe
    2012-07-23 19:25 - 2012-07-23 19:25 - 00002116 ____A C:\Users\Public\Desktop\Planet Calypso.lnk
    2012-07-23 18:50 - 2012-07-22 21:51 - 378465600 ____A C:\Users\Tommy V\Downloads\fr11pe.exe.dap
    2012-07-22 21:09 - 2012-07-22 21:09 - 00086016 ____A (HOME) C:\Users\Tommy V\Downloads\JOCR.exe
    2012-07-22 20:11 - 2012-07-20 17:53 - 55374464 ____A C:\Users\Tommy V\Downloads\Unexplained Deep Sea Sounds.rar
    2012-07-20 20:16 - 2012-07-20 20:16 - 00002167 ____A C:\Users\Public\Desktop\Autodesk FBX Converter x64 2013.lnk
    2012-07-20 19:50 - 2012-07-20 19:24 - 26924824 ____A C:\Users\Tommy V\Downloads\fbx20132_converter_win_x64.exe
    2012-07-20 19:24 - 2012-06-24 18:10 - 00000143 ____A C:\ConverterVersion.xml
    2012-07-19 21:41 - 2012-07-19 21:41 - 00001215 ____A C:\Users\Tommy V\Desktop\SSBump_Generator_5_3.exe - Shortcut.lnk
    2012-07-18 19:22 - 2012-07-18 19:22 - 00000103 ____A C:\Users\Tommy V\Desktop\httpwww.flickr.comphotosandymilford5370989236inset-72157614981478949.URL
    2012-07-17 16:14 - 2012-07-15 06:28 - 00000637 ____A C:\Users\Tommy V\Desktop\startex dir.txt
    2012-07-17 06:37 - 2012-07-17 06:37 - 00001007 ____A C:\Users\Public\Desktop\Inkscape.lnk
    2012-07-17 00:48 - 2012-07-17 00:36 - 35746429 ____A (inkscape.org) C:\Users\Tommy V\Downloads\Inkscape-0.48.2-1-win32.exe
    2012-07-17 00:07 - 2012-06-20 17:47 - 00000264 ____A C:\Users\Tommy V\Desktop\Maya 2013 64bit codes.txt
    2012-07-16 22:30 - 2012-07-16 22:30 - 00001135 ____A C:\Users\Tommy V\Desktop\Sweet Home 3D.lnk
    2012-07-16 21:19 - 2012-07-16 21:06 - 33555949 ____A (eTeks ) C:\Users\Tommy V\Downloads\SweetHome3D-3.5-windows-oc.exe
    2012-07-14 17:51 - 2012-07-14 17:14 - 56448112 ____A () C:\Users\Tommy V\Downloads\Yume Nikki 0.10 English v3.exe
    2012-07-10 10:48 - 2012-07-10 10:48 - 00001567 ____A C:\Users\Tommy V\Desktop\CreationKit.exe - Shortcut.lnk
    2012-07-08 05:32 - 2012-07-08 05:29 - 00000019 ____A C:\Users\Tommy V\Desktop\phone # (2).txt
    2012-07-08 01:46 - 2012-07-08 01:46 - 00000208 ____A C:\Users\Tommy V\Desktop\A Valley Without Wind Demo.url
    2012-07-07 08:07 - 2012-07-07 08:07 - 00001961 ____A C:\Users\Public\Desktop\Draft IT.lnk
    2012-07-07 07:42 - 2012-07-07 06:08 - 162602938 ____A (CADlogic Limited ) C:\Users\Tommy V\Downloads\DraftITV3Setup.exe
    2012-07-07 04:18 - 2012-07-07 03:51 - 76225536 ____A (The GIMP Team ) C:\Users\Tommy V\Downloads\gimp-2.8.0-setup.exe
    2012-07-07 04:10 - 2012-07-07 03:51 - 24460600 ____A ( ) C:\Users\Tommy V\Downloads\gimp-help-2-2.6.0-en-setup.exe
    2012-07-06 02:04 - 2012-07-06 01:51 - 58366405 ____A C:\Users\Tommy V\Downloads\Slender_v0_9_1.zip
    2012-07-06 01:48 - 2012-07-06 01:43 - 24400862 ____A C:\Users\Tommy V\Downloads\Mariner's Revenge Song (Lyrics!) -The Decemberists.mp4
    2012-07-05 17:01 - 2012-07-05 17:01 - 00000676 ____A C:\Users\Public\Desktop\Counter-Strike 2D.lnk
    2012-07-05 09:15 - 2012-07-05 09:15 - 00000039 ____A C:\Windows\SysWOW64\temporaryFile-Walker.txt
    2012-07-05 05:33 - 2012-07-05 03:46 - 07664478 ____A (Unreal Software ) C:\Users\Tommy V\Downloads\cs2d_0120_setup.exe
    2012-07-05 02:18 - 2012-07-05 02:18 - 00000200 ____A C:\Users\Tommy V\Desktop\Blackwell's Asylum.url
    2012-07-04 23:19 - 2012-07-04 22:54 - 00000989 ____A C:\Users\Public\Desktop\Steam.lnk
    2012-07-04 22:52 - 2010-02-18 18:36 - 01606656 ____A C:\Users\Tommy V\Downloads\SteamInstall.msi
    2012-07-04 21:54 - 2012-07-04 21:54 - 00196470 ____A C:\Users\Tommy V\Downloads\ePSXeCutor1060.zip
    2012-07-04 21:53 - 2012-07-04 21:53 - 00529265 ____A C:\Users\Tommy V\Downloads\epsxe170.zip
    2012-07-04 21:45 - 2012-07-04 21:45 - 00000679 ____A C:\Users\Tommy V\Desktop\SR2_pc.exe - Shortcut.lnk
    2012-07-04 09:08 - 2012-07-04 09:08 - 00001601 ____A C:\Users\Tommy V\Desktop\JustCause2.exe - Shortcut.lnk
    2012-07-04 09:05 - 2012-07-01 22:23 - 00002053 ____A C:\Users\User_2\Desktop\Void.lnk
    2012-07-04 09:05 - 2012-07-01 22:23 - 00002053 ____A C:\Users\UpdatusUser\Desktop\Void.lnk
    2012-07-04 09:05 - 2012-07-01 22:23 - 00002053 ____A C:\Users\Tommy V\Desktop\Void.lnk
    2012-07-04 09:05 - 2012-07-01 22:23 - 00002053 ____A C:\Users\Music Only\Desktop\Void.lnk
    2012-07-04 09:05 - 2012-07-01 22:23 - 00002053 ____A C:\Users\Mcx1-TOMMYV-PC\Desktop\Void.lnk
    2012-07-04 08:58 - 2012-07-04 08:58 - 00000036 ____A C:\Windows\Errors.txt
    2012-07-04 07:17 - 2012-07-04 07:17 - 00001113 ____A C:\Users\Public\Desktop\AEscher.lnk
    2012-07-04 07:10 - 2012-07-04 07:29 - 13971007 ____A C:\Users\Public\Documents\SCP-087-E.rar
    2012-07-04 07:10 - 2012-07-04 07:03 - 13971007 ____A C:\Users\Tommy V\Downloads\SCP-087-E.rar
    2012-07-04 07:07 - 2012-07-04 07:07 - 00000814 ____A C:\Users\User_2\Desktop\Agamemnon's Curse.lnk
    2012-07-04 07:07 - 2012-07-04 07:07 - 00000814 ____A C:\Users\UpdatusUser\Desktop\Agamemnon's Curse.lnk
    2012-07-04 07:07 - 2012-07-04 07:07 - 00000814 ____A C:\Users\Tommy V\Desktop\Agamemnon's Curse.lnk
    2012-07-04 07:07 - 2012-07-04 07:07 - 00000814 ____A C:\Users\Music Only\Desktop\Agamemnon's Curse.lnk
    2012-07-04 07:07 - 2012-07-04 07:07 - 00000814 ____A C:\Users\Mcx1-TOMMYV-PC\Desktop\Agamemnon's Curse.lnk
    2012-07-04 06:11 - 2012-07-04 06:09 - 00002014 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
    2012-07-04 05:35 - 2012-07-04 02:50 - 08663696 ____A C:\Users\Tommy V\Documents\AutoSave_Untitled_1.skp
    2012-07-04 04:14 - 2012-07-04 04:14 - 00002673 ____A C:\Users\Public\Desktop\D2DMapEditor(Beta).lnk
    2012-07-04 03:34 - 2012-07-04 02:53 - 13794214 ____A C:\Users\Tommy V\Downloads\house_max2009.zip.dap
    2012-07-04 01:18 - 2012-07-04 01:12 - 25986265 ____A C:\Users\Tommy V\Downloads\free-animated-person-textures.zip
    2012-07-03 21:53 - 2012-07-03 21:50 - 10580992 ____A C:\Users\Tommy V\Downloads\SlimDX Runtime Net20 (June 2010).msi
    2012-07-03 21:44 - 2012-07-03 21:43 - 05877760 ____A C:\Users\Tommy V\Downloads\SlimDX Runtime .NET 4.0 x64 (January 2012).msi
    2012-07-03 09:46 - 2012-07-26 00:08 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
    2012-07-03 07:35 - 2012-07-03 07:34 - 00000012 ____A C:\Users\Tommy V\Desktop\phone #.txt
    2012-07-03 06:46 - 2012-07-03 06:45 - 02631680 ____A C:\Users\Tommy V\Downloads\D2DMapEditor_Beta2_5_1.msi
    2012-07-03 05:55 - 2012-07-01 22:40 - 535852600 ____A (Unity Technologies ApS) C:\Users\Tommy V\Downloads\UnitySetup-3.5.3.exe
    2012-07-03 01:32 - 2012-07-03 01:29 - 13583870 ____A C:\Users\Tommy V\Downloads\Henry Hall- _Here Comes The Boogeyman_.mp4
    2012-07-03 01:27 - 2012-07-03 01:27 - 00278561 ____A C:\Users\Tommy V\Downloads\Minecraft_1.exe
    2012-07-02 21:11 - 2012-07-02 21:11 - 00000000 ____A C:\Users\Tommy V\Downloads\license.aspx.dap
    2012-07-02 20:07 - 2012-07-02 19:55 - 28264960 ____A C:\Users\Tommy V\Downloads\MachinimaStudio_x64.msi
    2012-07-02 04:12 - 2012-07-02 04:11 - 00122668 ____A C:\Users\Tommy V\Downloads\toolbox.zip
    2012-07-02 04:09 - 2012-07-02 04:09 - 00000748 ____A C:\Users\Tommy V\Downloads\obj_to_ase_rescale.ms
    2012-07-02 02:49 - 2012-07-02 02:49 - 00023226 ____A C:\Users\Tommy V\Downloads\Minecraft Multi-Version Installer v1.7 [h33t].torrent
    2012-07-01 23:48 - 2012-07-01 23:04 - 191746913 ____A C:\Users\Tommy V\Downloads\eclipse-SDK-4.2-win32-x86_64.zip
    2012-07-01 22:40 - 2012-07-01 22:26 - 100904666 ____A (DigiPen Institute of Technology ) C:\Users\Tommy V\Downloads\AetherSetup.exe.dap
    2012-07-01 21:45 - 2012-07-01 20:08 - 193742407 ____A C:\Users\Tommy V\Downloads\Void-Setup.exe
    2012-07-01 07:34 - 2009-07-13 21:13 - 00891180 ____A C:\Windows\System32\PerfStringBackup.INI
    2012-07-01 07:31 - 2012-07-01 07:31 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
    2012-07-01 07:08 - 2012-07-01 06:10 - 168454136 ____A (NVIDIA Corporation) C:\Users\Tommy V\Downloads\301.42-desktop-win7-winvista-64bit-english-whql.exe
    2012-07-01 04:56 - 2012-07-01 04:55 - 02059296 ____A C:\Users\Tommy V\Downloads\SSbump_Generator_5_3_Bugfix.zip
    2012-06-24 19:14 - 2012-07-04 07:06 - 72637685 ____A (Team Shock Step ) C:\Users\Tommy V\Downloads\Agamemnons_Curse_Installer.exe
    2012-06-24 18:02 - 2012-06-24 17:57 - 05802290 ____A C:\Users\Public\Documents\fbx20102_converter_win.exe
    2012-06-24 17:06 - 2012-06-24 16:52 - 22948486 ____A C:\Users\Public\Documents\MetaMorph Animation Kit.zip
    2012-06-24 14:48 - 2012-06-24 14:47 - 00527423 ____A ( ) C:\Users\Public\Documents\Lame_v3.99.3_for_Windows.exe
    2012-06-24 14:48 - 2012-06-24 14:46 - 03016826 ____A ( ) C:\Users\Public\Documents\FFmpeg_v0.6.2_for_Audacity_on_Windows.exe
    2012-06-23 17:16 - 2012-06-23 17:16 - 00002088 ____A C:\Users\Public\Desktop\NaturalReader 9.lnk
    2012-06-22 21:40 - 2012-06-22 21:40 - 00010302 ____A C:\Users\Tommy V\Downloads\Internet Download Manager 6.11 Build 8 [h33t] [ku92] Full.torrent
    2012-06-22 17:24 - 2012-06-22 17:24 - 00001057 ____A C:\Users\Tommy V\Desktop\Orbit.lnk
    2012-06-22 17:20 - 2012-06-22 17:14 - 04533264 ____A (www.orbitdownloader.com ) C:\Users\Public\Documents\Orbit_Downloader4.1.1.0.exe
    2012-06-22 17:10 - 2012-06-22 17:01 - 01614923 ____A (Conduit) C:\Users\Public\Documents\bs_Orbit_Downloader.exe
    2012-06-22 10:28 - 2012-06-22 10:23 - 06073253 ____A C:\Users\Public\Documents\ffmpeg-0.11.1.tar.bz2
    2012-06-21 20:26 - 2012-06-21 20:26 - 00002061 ____A C:\Users\User_2\Desktop\SPEEDbit Video Downloader.lnk
    2012-06-21 20:26 - 2012-06-21 20:26 - 00002061 ____A C:\Users\Tommy V\Desktop\SPEEDbit Video Downloader.lnk
    2012-06-21 20:26 - 2012-06-21 20:26 - 00002061 ____A C:\Users\Music Only\Desktop\SPEEDbit Video Downloader.lnk
    2012-06-21 20:26 - 2012-06-21 20:26 - 00002061 ____A C:\Users\Mcx1-TOMMYV-PC\Desktop\SPEEDbit Video Downloader.lnk
    2012-06-21 20:26 - 2012-06-21 20:26 - 00001663 ____A C:\Users\User_2\Desktop\My Video Downloads.lnk
    2012-06-21 20:26 - 2012-06-21 20:26 - 00001663 ____A C:\Users\Music Only\Desktop\My Video Downloads.lnk
    2012-06-21 20:26 - 2012-06-21 20:26 - 00001663 ____A C:\Users\Mcx1-TOMMYV-PC\Desktop\My Video Downloads.lnk
    2012-06-21 20:26 - 2012-06-21 20:26 - 00001641 ____A C:\Users\Tommy V\Desktop\My Video Downloads.lnk
    2012-06-21 20:03 - 2012-06-21 19:58 - 06258360 ____A C:\Users\Tommy V\Downloads\svd3_dapvideo.exe
    2012-06-21 02:45 - 2012-06-21 02:45 - 00001066 ____A C:\Users\Public\Desktop\VLC media player.lnk
    2012-06-21 01:30 - 2012-06-21 01:25 - 22259528 ____A C:\Users\Tommy V\Downloads\vlc-2.0.1-win32.exe
    2012-06-21 00:40 - 2012-06-21 00:40 - 00016630 ____A C:\Users\Tommy V\Downloads\Autodesk Maya 2013 64bit.torrent
    2012-06-21 00:29 - 2012-06-20 17:48 - 1630552088 ____A C:\Users\Tommy V\Downloads\.exe.dap
    2012-06-20 17:32 - 2012-06-20 17:32 - 00118981 ____A C:\Users\Tommy V\Downloads\Autodesk Maya v2013 (32 Bit) - Cool Release [h33t].torrent
    2012-06-20 16:12 - 2012-06-20 20:51 - 00127141 ____A C:\Users\Public\Documents\Autodesk Maya v2013 (64 Bit) - Cool Release [h33t].torrent
    2012-06-20 16:12 - 2012-06-20 16:12 - 00127141 ____A C:\Users\Tommy V\Downloads\Autodesk Maya v2013 (64 Bit) - Cool Release [h33t].torrent
    2012-06-20 09:36 - 2012-06-20 09:36 - 00001059 ____A C:\Users\Tommy V\Desktop\AudioMulch.lnk
    2012-06-20 09:36 - 2012-06-20 09:36 - 00000001 ___AH C:\Windows\mulch200.ini
    2012-06-20 04:09 - 2012-06-20 04:01 - 16074272 ____A C:\Users\Tommy V\Downloads\Unity_TPCS_S01_008_OverviewOfLightMaps.rar
    2012-06-20 04:09 - 2012-06-20 03:57 - 29409918 ____A C:\Users\Tommy V\Downloads\Unity_TPCS_S01_001_Intro.rar
    2012-06-19 21:04 - 2012-06-19 21:04 - 00017561 ____A C:\Users\Tommy V\Downloads\Game Development Using Unity 3D Complete Pack [h33t] [mildpoison].torrent
    2012-06-19 01:08 - 2012-06-17 21:46 - 00786940 ____A C:\Users\Tommy V\Downloads\SkyrimCreationKit.rar.crdownload
    2012-06-19 01:08 - 2012-06-15 21:40 - 05924375 ____A C:\Users\Tommy V\Downloads\Unconfirmed 57838.crdownload
    2012-06-19 01:08 - 2012-06-15 03:16 - 07001134 ____A (Stonetrip) C:\Users\Tommy V\Downloads\Unconfirmed 15074.crdownload
    2012-06-17 22:30 - 2012-06-17 22:30 - 00001502 ____A C:\Users\Tommy V\Desktop\TESV - Shortcut.lnk
    2012-06-17 22:04 - 2012-06-17 21:47 - 35183408 ____A C:\Users\Tommy V\Downloads\SkyrimCreationKit.rar
    2012-06-17 21:05 - 2012-06-17 21:05 - 00013558 ____A C:\Users\Tommy V\Downloads\TES_V__Skyrim_-_Construction_Kit-_www.Demonoid.me_-_8664945.torrent
    2012-06-17 18:38 - 2012-06-17 18:43 - 00001213 ____A C:\Users\Tommy V\Desktop\The Elder Scrolls V Skyrim.lnk
    2012-06-17 16:57 - 2012-06-17 16:57 - 00027008 ____A C:\Users\Tommy V\Downloads\The Elder Scrolls V Skyrim-Razor1911 [h33t].torrent
    2012-06-16 22:52 - 2012-06-16 22:52 - 00007743 __RSH C:\Windows\PCGWIN32.LI5
    2012-06-16 20:07 - 2012-06-16 20:06 - 03094469 ____A C:\Users\Tommy V\Downloads\How to make a small town.flv
    2012-06-16 19:08 - 2012-06-16 19:05 - 12076053 ____A C:\Users\Tommy V\Downloads\SketchUp Photomodelling Creating a 3D City Building in less than 5 mins..webm
    2012-06-16 00:55 - 2012-06-15 22:44 - 346970605 ____A (Pantaray Research Ltd.) C:\Users\Tommy V\Downloads\RealmCrafter_DEMO2.exe
    2012-06-15 22:19 - 2012-06-15 21:42 - 116888148 ____A C:\Users\Tommy V\Downloads\QGIS-OSGeo4W-1.7.4-d211b16-Setup.exe
    2012-06-15 21:27 - 2012-06-15 21:27 - 00001222 ____A C:\Users\Public\Desktop\ShiVa.lnk
    2012-06-15 15:23 - 2012-06-15 03:29 - 668028336 ____A (Stonetrip) C:\Users\Tommy V\Downloads\ShiVa_1.9.1.0.WEB.exe
    2012-06-15 03:25 - 2012-06-15 03:25 - 00001604 ____A C:\Users\User_2\Desktop\My DAP Downloads.lnk
    2012-06-15 03:25 - 2012-06-15 03:25 - 00001604 ____A C:\Users\Music Only\Desktop\My DAP Downloads.lnk
    2012-06-15 03:25 - 2012-06-15 03:25 - 00001604 ____A C:\Users\Mcx1-TOMMYV-PC\Desktop\My DAP Downloads.lnk
    2012-06-15 03:25 - 2012-06-15 03:25 - 00001582 ____A C:\Users\Tommy V\Desktop\My DAP Downloads.lnk
    2012-06-15 03:25 - 2012-06-15 03:25 - 00000935 ____A C:\Users\User_2\Desktop\Download Accelerator Plus (DAP).lnk
    2012-06-15 03:25 - 2012-06-15 03:25 - 00000935 ____A C:\Users\Tommy V\Desktop\Download Accelerator Plus (DAP).lnk
    2012-06-15 03:25 - 2012-06-15 03:25 - 00000935 ____A C:\Users\Music Only\Desktop\Download Accelerator Plus (DAP).lnk
    2012-06-15 03:25 - 2012-06-15 03:25 - 00000935 ____A C:\Users\Mcx1-TOMMYV-PC\Desktop\Download Accelerator Plus (DAP).lnk
    2012-06-15 03:21 - 2012-06-15 03:24 - 00109256 ____A C:\Windows\SysWOW64\EasyHook64.dll
    2012-06-15 03:21 - 2012-06-15 03:24 - 00090824 ____A C:\Windows\SysWOW64\EasyHook32.dll
    2012-06-15 03:21 - 2012-06-15 03:21 - 00172032 ____A (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
    2012-06-15 03:21 - 2012-06-15 03:19 - 10284272 ____A C:\Users\Tommy V\Downloads\dap10.exe
    2012-06-14 23:29 - 2012-06-14 23:26 - 00000312 ____A C:\Windows\SoftWriting.ini
    2012-06-14 23:26 - 2012-06-14 23:26 - 00001035 ____A C:\Users\User_2\Desktop\SimpleOCR.lnk
    2012-06-14 23:26 - 2012-06-14 23:26 - 00001035 ____A C:\Users\Tommy V\Desktop\SimpleOCR.lnk
    2012-06-14 23:26 - 2012-06-14 23:26 - 00001035 ____A C:\Users\Music Only\Desktop\SimpleOCR.lnk
    2012-06-14 23:26 - 2012-06-14 23:26 - 00001035 ____A C:\Users\Mcx1-TOMMYV-PC\Desktop\SimpleOCR.lnk
    2012-06-14 22:50 - 2012-06-14 22:48 - 09739116 ____A C:\Users\Tommy V\Downloads\InstSocr.exe
    2012-06-14 21:12 - 2012-06-14 21:12 - 00000000 ____A C:\Users\Public\Documents\QuickTimeInstaller.exe
    2012-06-14 12:39 - 2012-06-14 12:39 - 00000909 ____A C:\Users\Tommy V\Desktop\bf3 - Shortcut.lnk
    2012-06-12 22:46 - 2012-06-12 22:46 - 00000706 ____A C:\Users\Public\Desktop\ĀµTorrent.lnk
    2012-06-12 22:45 - 2010-02-18 19:06 - 01020816 ____A (BitTorrent, Inc.) C:\Users\Tommy V\Downloads\utorrent.exe
    2012-06-11 13:38 - 2012-06-11 13:38 - 00001220 ____A C:\Users\Public\Desktop\Dead Island.lnk
    2012-06-02 02:57 - 2012-06-02 02:57 - 00000222 ____A C:\Users\Tommy V\Desktop\Hacker Evolution Duality Demo.url
    ZeroAccess:
    C:\Windows\Installer\{ce0e9ffe-dd8a-ed0f-efbe-52c019d6a981}
    C:\Windows\Installer\{ce0e9ffe-dd8a-ed0f-efbe-52c019d6a981}\@
    C:\Windows\Installer\{ce0e9ffe-dd8a-ed0f-efbe-52c019d6a981}\L
    C:\Windows\Installer\{ce0e9ffe-dd8a-ed0f-efbe-52c019d6a981}\U
    C:\Windows\Installer\{ce0e9ffe-dd8a-ed0f-efbe-52c019d6a981}\U\00000001.@
    ZeroAccess:
    C:\Users\Tommy V\AppData\Local\{ce0e9ffe-dd8a-ed0f-efbe-52c019d6a981}
    C:\Users\Tommy V\AppData\Local\{ce0e9ffe-dd8a-ed0f-efbe-52c019d6a981}\@
    C:\Users\Tommy V\AppData\Local\{ce0e9ffe-dd8a-ed0f-efbe-52c019d6a981}\L
    C:\Users\Tommy V\AppData\Local\{ce0e9ffe-dd8a-ed0f-efbe-52c019d6a981}\U
    ==================== Known DLLs (Whitelisted) =================
    ==================== Bamital & volsnap Check =================
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe 014A9CB92514E27C0107614DF764BC06 ZeroAccess <==== ATTENTION!.
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
    ==================== EXE ASSOCIATION =====================
    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK
    ==================== Restore Points =========================
    ==================== Memory info ===========================
    Percentage of memory in use: 10%
    Total physical RAM: 8190.49 MB
    Available physical RAM: 7315.84 MB
    Total Pagefile: 8188.64 MB
    Available Pagefile: 7321.82 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.9 MB
    ==================== Partitions ============================
    2 Drive c: () (Fixed) (Total:446.37 GB) (Free:17 GB) NTFS
    3 Drive d: (Backup) (Fixed) (Total:17.58 GB) (Free:3.12 GB) NTFS
    4 Drive f: (10-450-01-1) (CDROM) (Total:1.39 GB) (Free:0 GB) CDFS
    5 Drive g: (HDD-USB138) (Fixed) (Total:136.39 GB) (Free:56.76 GB) NTFS
    6 Drive h: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
    7 Drive I: () (Removable) (Total:1.9 GB) (Free:1.88 GB) FAT
    8 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
    9 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 465 GB 1753 MB
    Disk 1 Online 149 GB 0 B
    Disk 2 Online 1952 MB 0 B
    Partitions of Disk 0:
    ===============
    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 100 MB 1024 KB
    Partition 2 Primary 446 GB 1853 MB
    Partition 0 Extended 17 GB 448 GB
    Partition 3 Logical 17 GB 448 GB
    ==================================================================================
    Disk: 0
    Partition 1
    Type : 07
    Hidden: No
    Active: Yes
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 Y System Rese NTFS Partition 100 MB Healthy
    ==================================================================================
    Disk: 0
    Partition 2
    Type : 07
    Hidden: No
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 C NTFS Partition 446 GB Healthy
    ==================================================================================
    Disk: 0
    Partition 3
    Type : 07
    Hidden: No
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 4 D Backup NTFS Partition 17 GB Healthy
    ==================================================================================
    Partitions of Disk 1:
    ===============
    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 136 GB 1024 KB
    Partition 2 OEM 12 GB 136 GB
    ==================================================================================
    Disk: 1
    Partition 1
    Type : 07
    Hidden: No
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 5 G HDD-USB138 NTFS Partition 136 GB Healthy
    ==================================================================================
    Disk: 1
    Partition 2
    Type : 12
    Hidden: Yes
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 7 IBM_SERVICE FAT32 Partition 12 GB Healthy Hidden
    ==================================================================================
    Partitions of Disk 2:
    ===============
    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 1950 MB 122 KB
    ==================================================================================
    Disk: 2
    Partition 1
    Type : 06
    Hidden: No
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 6 I FAT Removable 1950 MB Healthy
    ==================================================================================
    Last Boot: 2012-08-26 20:23
    ==================== End Of Log =============================
  6. Tommythe5th

    Tommythe5th TS Rookie Topic Starter

    I had to split the frst.txt file into 2 replies. Is thee any other information that you need?
  7. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    FRST64 Fixlist

    Please run the following:

    Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste. Make sure that are no blank lines between the text parts.). Save it on the flashdrive as fixlist.txt

    NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

    Now, please enter System Recovery Options then select Command Prompt.

    Run FRST64 and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

    Now restart, let it boot normally and tell me how it went.
  8. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Hello. Are you still with us?

    Your thread has been marked as "Inactive" because of your lack of reply. Please let us know how your computer is running, or if you want to continue in this topic.

    Thanks.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.