Solved Serifef.ab and p
- Thread starter Sistrunk
- Start date
Broni
Posts: 56,041 +516
It looks like MBAM is reporting some non-existing file.
That's why all other scans come up clean.
As to why I'm not sure.
1. Uninstall Malwarebytes' Anti-Malware using Add/Remove programs in the control panel.
2. Restart your computer (very important).
3. Download and run this utility.
4. It will ask to restart your computer (please allow it to).
5. After the computer restarts, install the latest version from here.
Run fresh scan afterwards.
That's why all other scans come up clean.
As to why I'm not sure.
1. Uninstall Malwarebytes' Anti-Malware using Add/Remove programs in the control panel.
2. Restart your computer (very important).
3. Download and run this utility.
4. It will ask to restart your computer (please allow it to).
5. After the computer restarts, install the latest version from here.
Run fresh scan afterwards.
Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
Database version: v2013.01.01.04
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Jose :: RYAN-LAPTOP [administrator]
Protection: Enabled
1/1/2013 8:49:29 PM
MBAM-log-2013-01-01 (21-06-50).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 218079
Time elapsed: 16 minute(s), 1 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
c:\users\jose\appdata\local\temp\ms0cfg32.exe (Exploit.Drop.GS) -> No action taken.
(end)
www.malwarebytes.org
Database version: v2013.01.01.04
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Jose :: RYAN-LAPTOP [administrator]
Protection: Enabled
1/1/2013 8:49:29 PM
MBAM-log-2013-01-01 (21-06-50).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 218079
Time elapsed: 16 minute(s), 1 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
c:\users\jose\appdata\local\temp\ms0cfg32.exe (Exploit.Drop.GS) -> No action taken.
(end)
Broni
Posts: 56,041 +516
It must be some MBAM glitch.
I don't see anything malicious anywhere else and I assume your computer is behaving properly?
Let's run one more check with FRST.
For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.
Plug the flashdrive into the infected PC.
If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.
If you are using Vista or Windows 7 enter System Recovery Options.
To enter System Recovery Options from the Advanced Boot Options:
To enter System Recovery Options by using Windows installation disc:
On the System Recovery Options menu you will get the following options:
I don't see anything malicious anywhere else and I assume your computer is behaving properly?
Let's run one more check with FRST.
For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.
Plug the flashdrive into the infected PC.
If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.
If you are using Vista or Windows 7 enter System Recovery Options.
To enter System Recovery Options from the Advanced Boot Options:
- Restart the computer.
- As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
- Use the arrow keys to select the Repair your computer menu item.
- Select US as the keyboard language settings, and then click Next.
- Select the operating system you want to repair, and then click Next.
- Select your user account an click Next.
To enter System Recovery Options by using Windows installation disc:
- Insert the installation disc.
- Restart your computer.
- If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
- Click Repair your computer.
- Select US as the keyboard language settings, and then click Next.
- Select the operating system you want to repair, and then click Next.
- Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
- Select Command Prompt
- In the command window type in notepad and press Enter.
- The notepad opens. Under File menu select Open.
- Select "Computer" and find your flash drive letter and close the notepad.
- In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive. - The tool will start to run.
- When the tool opens click Yes to disclaimer.
- Press Scan button.
- It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2012 (ATTENTION: FRST version is 21 days old)
Ran by SYSTEM at 01-01-2013 21:45:42
Running from E:\
Windows Vista (TM) Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1289704 2012-09-12] (Microsoft Corporation)
HKLM-x32\...\Run: [ThreatFire] "C:\Program Files (x86)\ThreatFire\TFTray.exe" [378128 2010-01-14] (PC Tools)
HKU\Default\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [972080 2008-09-30] (Hewlett-Packard)
HKU\Default User\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [972080 2008-09-30] (Hewlett-Packard)
HKU\Jose\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent [512360 2012-12-14] (Malwarebytes Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{117FB9A4-AC77-4B87-888C-04DCEBA4D039}: [NameServer]8.26.56.26,156.154.70.22
Tcpip\..\Interfaces\{4C8822D5-7D54-4BE8-B6EF-DEA9659094A3}: [NameServer]8.26.56.26,156.154.70.22
==================== Services (Whitelisted) ===================
4 AcrSch2Svc; "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe" [1054568 2010-03-27] (Acronis)
2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_1b06afce\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2480048 2010-11-21] (Acronis)
2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1868432 2012-12-19] ()
4 HauppaugeTVServer; C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE [602624 2010-03-29] (Hauppauge Computer Works)
2 jjtAutoLaunch; "C:\Program Files (x86)\Sound Devices\USBPre\Services\jjtAutoLaunch.exe" [114688 2002-01-22] (Sound Devices, LLC)
2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [398184 2012-12-14] (Malwarebytes Corporation)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [682344 2012-12-14] (Malwarebytes Corporation)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [22072 2012-09-12] (Microsoft Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [368896 2012-09-12] (Microsoft Corporation)
2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-07-24] ()
2 Recovery Service for Windows; C:\Program Files (x86)\SMINST\BLService.exe [365952 2008-10-06] ()
2 RichVideo; "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" [241734 2008-06-29] ()
4 ScrybeUpdater; "C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe" [1300264 2011-05-27] (Synaptics, Inc.)
2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_1b06afce\STacSV64.exe [240640 2009-08-13] (IDT, Inc.)
2 ThreatFire; C:\Program Files (x86)\ThreatFire\TFService.exe service [70928 2010-01-14] (PC Tools)
4 TVCapSvc; "C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe" [296320 2008-09-24] ()
4 TVSched; "C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe" [116096 2008-09-24] ()
3 w7Svc; C:\Program Files (x86)\webcam 7\wService.exe /startedbyscm:5053B757-40E35B3B-webcam7SRV [4999680 2011-07-27] (Moonware Studios)
2 AGCoreService; "C:\Program Files (x86)\AGI\core\4.2.0.10753\AGCoreService.exe" [x]
==================== Drivers (Whitelisted) =====================
3 hcw72ADFilter; C:\Windows\System32\Drivers\hcw72ADFilter.sys [38656 2010-04-23] (Hauppauge Computer Works, Inc.)
3 hcw72ATV; C:\Windows\System32\Drivers\hcw72ATV.sys [1631488 2010-04-23] (Hauppauge Computer Works, Inc.)
3 hcw72DTV; C:\Windows\System32\Drivers\hcw72DTV.sys [1634176 2010-04-23] (Hauppauge Computer Works, Inc.)
3 libusb0; C:\Windows\SysWow64\Drivers\libusb0.sys [28672 2011-08-26] (http://libusb-win32.sourceforge.net)
3 Linksys_adapter; C:\Windows\System32\DRIVERS\AE1200vista64.sys [1227840 2011-03-30] (Broadcom Corporation)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation)
0 MpFilter; C:\Windows\System32\Drivers\MpFilter.sys [228768 2012-08-30] (Microsoft Corporation)
2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [128456 2012-08-30] (Microsoft Corporation)
0 tdrpman258; C:\Windows\System32\DRIVERS\tdrpm258.sys [1477728 2010-11-21] (Acronis)
0 TfFsMon; C:\Windows\System32\Drivers\TfFsMon.sys [65072 2010-01-14] (PC Tools)
3 TfNetMon; C:\Windows\System32\Drivers\TfNetMon.sys [41888 2010-01-14] (PC Tools)
0 TfSysMon; C:\Windows\System32\Drivers\TfSysMon.sys [59880 2010-01-14] (PC Tools)
2 {55662437-DA8C-40c0-AADA-2C816A897A49}; \??\C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [27632 2008-09-25] (Cyberlink Corp.)
1 Beep; [x]
4 eabfiltr; [x]
3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]
3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]
3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ====================
==================== One Month Created Files and Folders ========
2013-01-01 17:38 - 2013-01-01 17:38 - 00000000 ____D C:\Users\Jose\Application Data\Malwarebytes
2013-01-01 17:38 - 2013-01-01 17:38 - 00000000 ____D C:\Users\Jose\AppData\Roaming\Malwarebytes
2013-01-01 17:37 - 2013-01-01 17:37 - 00000948 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-01-01 17:37 - 2013-01-01 17:37 - 00000948 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-01-01 17:37 - 2013-01-01 17:37 - 00000000 ____D C:\Users\All Users\Malwarebytes
2013-01-01 17:37 - 2013-01-01 17:37 - 00000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2013-01-01 17:36 - 2013-01-01 17:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-01 17:36 - 2012-12-14 13:49 - 00024176 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-01-01 17:32 - 2013-01-01 17:35 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Jose\Desktop\mbam-setup-1.70.0.1100.exe
2013-01-01 17:26 - 2013-01-01 17:28 - 00080456 ____A (Malwarebytes Corporation) C:\Users\Jose\Desktop\mbam-clean-1.60.2.0003.exe
2013-01-01 16:22 - 2013-01-01 16:27 - 00000426 ____A C:\Users\Jose\Desktop\SystemLook.txt
2013-01-01 16:21 - 2013-01-01 16:21 - 00165376 ____A C:\Users\Jose\Desktop\SystemLook_x64.exe
2013-01-01 15:12 - 2013-01-01 15:13 - 00002218 ____A C:\Users\Jose\Desktop\Result.txt
2013-01-01 15:12 - 2013-01-01 15:12 - 00815681 ____A (Farbar) C:\Users\Jose\Downloads\ListParts64(1).exe
2013-01-01 15:10 - 2013-01-01 15:11 - 00815681 ____A (Farbar) C:\Users\Jose\Desktop\ListParts64.exe
2013-01-01 12:04 - 2013-01-01 12:05 - 15952832 ____A (Foxit Corporation ) C:\Users\Jose\Desktop\FoxitReader544.1128_enu_Setup(1).exe
2013-01-01 11:47 - 2013-01-01 12:10 - 00000000 ____D C:\Users\Jose\Desktop\New Folder (3)
2012-12-31 09:51 - 2012-12-31 09:51 - 00062539 ____A C:\ComboFix.txt
2012-12-31 09:03 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-12-31 08:55 - 2012-12-31 08:55 - 00000000 ____A C:\Users\Jose\Desktop\New Text Document (2).txt
2012-12-29 21:04 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe
2012-12-29 21:04 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe
2012-12-29 21:04 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-12-29 21:04 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-12-29 21:04 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe
2012-12-29 21:04 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe
2012-12-29 21:04 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe
2012-12-29 21:02 - 2012-12-31 09:51 - 00000000 ____D C:\Qoobox
2012-12-29 21:00 - 2012-12-29 20:58 - 05015826 ____R (Swearware) C:\Users\Jose\Desktop\ComboFix.exe
2012-12-29 20:59 - 2012-12-29 21:00 - 05015826 ____A (Swearware) C:\Users\Jose\Downloads\ComboFix(1).exe
2012-12-29 20:58 - 2012-12-29 20:58 - 05015826 ____A (Swearware) C:\Users\Jose\Downloads\ComboFix.exe
2012-12-29 19:30 - 2012-12-29 19:31 - 00000000 ____D C:\Users\Jose\Desktop\New Folder (2)
2012-12-29 17:36 - 2012-12-29 17:50 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-12-29 17:36 - 2012-12-29 17:50 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-12-29 15:03 - 2012-12-29 15:03 - 00000000 ____D C:\Users\Jose\{0999de33-b52b-4756-9832-f0780bd5e174}
2012-12-29 15:01 - 2012-12-29 15:01 - 00000000 ____D C:\Users\Jose\{4ed2df66-902c-44a9-a5ca-073f4f97296f}
2012-12-29 14:50 - 2012-12-29 14:51 - 00271867 ____A C:\Users\Jose\Desktop\Windows6.0-KB2347290-x86.msu
2012-12-29 14:49 - 2012-12-29 14:49 - 01131376 ____A C:\Users\Jose\Desktop\Windows6.0-KB975560-x86.msu
2012-12-29 14:43 - 2012-12-29 14:44 - 00333195 ____A C:\Users\Jose\Downloads\Windows6.1-KB2347290-x86.msu
2012-12-29 11:04 - 2012-07-25 20:55 - 00785512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2012-12-29 11:04 - 2012-07-25 20:55 - 00054376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2012-12-29 11:04 - 2012-07-25 19:08 - 00744448 ____A (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2012-12-29 11:04 - 2012-07-25 19:08 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2012-12-29 11:04 - 2012-07-25 19:08 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2012-12-29 11:04 - 2012-07-25 19:08 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2012-12-29 11:04 - 2012-07-25 19:08 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2012-12-29 11:04 - 2012-07-25 18:36 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2012-12-29 11:04 - 2012-07-25 18:26 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2012-12-29 11:04 - 2012-07-25 18:26 - 00087040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2012-12-29 11:04 - 2012-06-02 06:57 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2012-12-29 11:04 - 2012-06-02 06:35 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2012-12-29 11:04 - 2009-07-14 04:19 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\winusb.dll
2012-12-29 11:04 - 2009-07-14 04:12 - 00016896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winusb.dll
2012-12-29 10:32 - 2012-11-13 22:11 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-12-29 10:32 - 2012-11-13 22:04 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-12-29 10:32 - 2012-11-13 22:04 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-12-29 10:32 - 2012-11-13 22:02 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-12-29 10:32 - 2012-11-13 22:02 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-12-29 10:32 - 2012-11-13 21:59 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-12-29 10:32 - 2012-11-13 21:57 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-12-29 10:32 - 2012-11-13 21:55 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-12-29 10:32 - 2012-11-13 21:53 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-12-29 10:32 - 2012-11-13 21:52 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-12-29 10:32 - 2012-11-13 21:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-12-29 10:32 - 2012-11-13 17:58 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-12-29 10:32 - 2012-11-13 17:57 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-12-29 10:32 - 2012-11-13 17:57 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-12-29 10:32 - 2012-11-13 17:55 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-12-29 10:32 - 2012-11-13 17:51 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-12-29 10:32 - 2012-11-13 17:49 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-12-29 10:32 - 2012-11-13 17:48 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-12-29 10:32 - 2012-11-13 17:47 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-12-29 10:32 - 2012-11-13 17:45 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-12-29 10:32 - 2012-11-13 17:44 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-12-29 10:32 - 2012-11-13 17:41 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-12-29 10:31 - 2012-11-13 23:06 - 17811968 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-12-29 10:31 - 2012-11-13 22:32 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-12-29 10:31 - 2012-11-13 21:58 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-12-29 10:31 - 2012-11-13 21:57 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-12-29 10:31 - 2012-11-13 21:55 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-12-29 10:31 - 2012-11-13 18:48 - 12320256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-12-29 10:31 - 2012-11-13 18:14 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-12-29 10:31 - 2012-11-13 18:09 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-12-29 10:31 - 2012-11-13 17:49 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-12-29 10:31 - 2012-11-13 17:46 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-12-29 10:28 - 2012-12-16 05:31 - 00048128 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-29 10:28 - 2012-12-16 05:12 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2012-12-29 10:28 - 2012-12-16 03:08 - 00368128 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-29 10:28 - 2012-12-16 02:50 - 00293376 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2012-12-29 10:26 - 2012-11-12 17:55 - 02770432 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-12-29 10:26 - 2012-11-12 17:45 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-12-29 10:26 - 2012-11-12 17:29 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-12-29 10:26 - 2012-09-28 08:34 - 01210368 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-12-29 10:26 - 2012-09-28 08:13 - 00860160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-12-29 10:26 - 2012-09-25 08:31 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2012-12-29 10:26 - 2012-09-25 08:19 - 00075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2012-12-29 10:26 - 2012-08-21 03:50 - 00267648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2012-12-29 10:21 - 2012-11-02 02:45 - 00477696 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2012-12-29 10:21 - 2012-11-02 02:45 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\dpnathlp.dll
2012-12-29 10:21 - 2012-11-02 02:18 - 00376320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2012-12-29 10:21 - 2012-11-02 00:59 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\dpnsvr.exe
2012-12-29 10:21 - 2012-11-02 00:26 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2012-12-29 10:14 - 2012-12-29 10:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-12-29 09:43 - 2012-12-29 09:43 - 00000490 ____A C:\JavaRa.log
2012-12-29 09:39 - 2012-12-29 09:39 - 00000000 ____D C:\Users\All Users\Sun
2012-12-29 09:39 - 2012-12-29 09:39 - 00000000 ____D C:\Users\All Users\Application Data\Sun
2012-12-29 09:39 - 2012-12-29 09:37 - 00859072 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-12-29 09:39 - 2012-12-29 09:37 - 00779704 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-12-29 09:39 - 2012-12-29 09:37 - 00260528 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-12-29 09:38 - 2012-12-29 09:37 - 00174000 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-12-29 09:38 - 2012-12-29 09:37 - 00173992 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-12-29 09:38 - 2012-12-29 09:37 - 00095184 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-12-29 09:33 - 2012-12-29 09:34 - 00896016 ____A (Oracle Corporation) C:\Users\Jose\Downloads\jxpiinstall.exe
2012-12-29 09:29 - 2012-12-29 09:31 - 15952832 ____A (Foxit Corporation ) C:\Users\Jose\Downloads\FoxitReader544.1128_enu_Setup.exe
2012-12-29 08:41 - 2012-12-29 08:43 - 00856731 ____A C:\Users\Jose\Downloads\SecurityCheck.exe
2012-12-28 22:18 - 2012-12-28 22:18 - 02322184 ____A (ESET) C:\Users\Jose\Downloads\esetsmartinstaller_enu.exe
2012-12-28 22:11 - 2012-12-28 22:11 - 00448512 ____A (OldTimer Tools) C:\Users\Jose\Downloads\TFC.exe
2012-12-28 20:15 - 2012-12-28 20:15 - 00998752 ____A (Solid State Networks) C:\Users\Jose\Downloads\install_reader10_en_mssd_aih(1).exe
2012-12-28 18:43 - 2012-12-28 18:43 - 00602112 ____A (OldTimer Tools) C:\Users\Jose\Downloads\OTL(1).exe
2012-12-28 18:37 - 2012-12-28 18:38 - 00602112 ____A (OldTimer Tools) C:\Users\Jose\Downloads\OTL.exe
2012-12-28 18:06 - 2012-12-28 18:07 - 00998752 ____A (Solid State Networks) C:\Users\Jose\Downloads\install_reader10_en_mssd_aih.exe
2012-12-28 17:18 - 2012-12-28 17:18 - 00000104 ____A C:\Users\Jose\Computer - Shortcut.lnk
2012-12-28 16:53 - 2012-12-28 16:55 - 00000000 ____D C:\Users\Jose\Desktop\Souswitch
2012-12-28 14:23 - 2012-12-28 16:11 - 00000000 ____D C:\Windows\erdnt
2012-12-28 13:14 - 2012-12-28 16:36 - 00054024 ____A (COMODO CA Limited) C:\Windows\System32\certsentry.dll
2012-12-28 13:14 - 2012-12-28 16:36 - 00045832 ____A (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2012-12-27 17:59 - 2012-12-27 17:59 - 00758784 ____A C:\Users\Jose\Downloads\RogueKiller.exe
2012-12-27 17:46 - 2012-12-27 17:46 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_AE1200vista64_01005.Wdf
2012-12-27 17:44 - 2011-03-30 19:54 - 01227840 ____A (Broadcom Corporation) C:\Windows\System32\Drivers\AE1200vista64.sys
2012-12-27 17:44 - 2011-03-30 19:54 - 00095544 ____A (Broadcom Corporation) C:\Windows\System32\bcmwlcoi.dll
2012-12-27 17:44 - 2011-03-30 19:51 - 03900928 ____A (Broadcom Corporation) C:\Windows\System32\bcmihvsrv64.dll
2012-12-27 17:44 - 2011-03-30 19:51 - 03566592 ____A (Broadcom Corporation) C:\Windows\System32\bcmihvui64.dll
2012-12-27 17:44 - 2007-11-05 04:23 - 00040464 ___RA (CACE Technologies) C:\Windows\System32\Drivers\npf.sys
2012-12-27 17:44 - 2006-11-02 06:04 - 01919968 ____A (Microsoft Corporation) C:\Windows\System32\WdfCoInstaller01005.dll
2012-12-18 19:21 - 2012-12-18 19:21 - 00000000 ____D C:\Windows\System32\config\HiveBackup
2012-12-09 18:52 - 2012-12-09 18:52 - 00688992 ____A (Swearware) C:\Users\Jose\Downloads\dds.com
==================== One Month Modified Files and Folders =======
2013-01-01 21:45 - 2013-01-01 21:45 - 00000000 ____D C:\FRST
2013-01-01 18:35 - 2010-02-03 13:04 - 00196608 ____A C:\Windows\System32\Ikeext.etl
2013-01-01 18:35 - 2009-02-12 14:44 - 01723920 ____A C:\Windows\WindowsUpdate.log
2013-01-01 18:35 - 2006-11-02 07:42 - 00032628 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-01-01 18:35 - 2006-11-02 07:42 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-01-01 18:35 - 2006-11-02 07:22 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-01-01 18:35 - 2006-11-02 07:22 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-01-01 18:34 - 2006-11-02 07:27 - 00191080 ____A C:\Windows\setupact.log
2013-01-01 17:38 - 2013-01-01 17:38 - 00000000 ____D C:\Users\Jose\Application Data\Malwarebytes
2013-01-01 17:38 - 2013-01-01 17:38 - 00000000 ____D C:\Users\Jose\AppData\Roaming\Malwarebytes
2013-01-01 17:37 - 2013-01-01 17:37 - 00000948 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-01-01 17:37 - 2013-01-01 17:37 - 00000948 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-01-01 17:37 - 2013-01-01 17:37 - 00000000 ____D C:\Users\All Users\Malwarebytes
2013-01-01 17:37 - 2013-01-01 17:37 - 00000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2013-01-01 17:37 - 2013-01-01 17:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-01 17:35 - 2013-01-01 17:32 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Jose\Desktop\mbam-setup-1.70.0.1100.exe
2013-01-01 17:31 - 2011-02-23 13:21 - 00000434 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-01-01 17:30 - 2008-01-20 19:26 - 00235018 ____A C:\Windows\PFRO.log
2013-01-01 17:28 - 2013-01-01 17:26 - 00080456 ____A (Malwarebytes Corporation) C:\Users\Jose\Desktop\mbam-clean-1.60.2.0003.exe
2013-01-01 17:09 - 2006-11-02 05:34 - 00000000 ____D C:\Windows\tracing
2013-01-01 16:27 - 2013-01-01 16:22 - 00000426 ____A C:\Users\Jose\Desktop\SystemLook.txt
2013-01-01 16:21 - 2013-01-01 16:21 - 00165376 ____A C:\Users\Jose\Desktop\SystemLook_x64.exe
2013-01-01 15:13 - 2013-01-01 15:12 - 00002218 ____A C:\Users\Jose\Desktop\Result.txt
2013-01-01 15:12 - 2013-01-01 15:12 - 00815681 ____A (Farbar) C:\Users\Jose\Downloads\ListParts64(1).exe
2013-01-01 15:11 - 2013-01-01 15:10 - 00815681 ____A (Farbar) C:\Users\Jose\Desktop\ListParts64.exe
2013-01-01 12:10 - 2013-01-01 11:47 - 00000000 ____D C:\Users\Jose\Desktop\New Folder (3)
2013-01-01 12:05 - 2013-01-01 12:04 - 15952832 ____A (Foxit Corporation ) C:\Users\Jose\Desktop\FoxitReader544.1128_enu_Setup(1).exe
2012-12-31 09:51 - 2012-12-31 09:51 - 00062539 ____A C:\ComboFix.txt
2012-12-31 09:51 - 2012-12-29 21:02 - 00000000 ____D C:\Qoobox
2012-12-31 09:36 - 2006-11-02 04:34 - 00000215 ____A C:\Windows\system.ini
2012-12-31 08:55 - 2012-12-31 08:55 - 00000000 ____A C:\Users\Jose\Desktop\New Text Document (2).txt
2012-12-29 21:00 - 2012-12-29 20:59 - 05015826 ____A (Swearware) C:\Users\Jose\Downloads\ComboFix(1).exe
2012-12-29 20:58 - 2012-12-29 21:00 - 05015826 ____R (Swearware) C:\Users\Jose\Desktop\ComboFix.exe
2012-12-29 20:58 - 2012-12-29 20:58 - 05015826 ____A (Swearware) C:\Users\Jose\Downloads\ComboFix.exe
2012-12-29 19:31 - 2012-12-29 19:30 - 00000000 ____D C:\Users\Jose\Desktop\New Folder (2)
2012-12-29 17:50 - 2012-12-29 17:36 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-12-29 17:50 - 2012-12-29 17:36 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-12-29 17:50 - 2008-10-23 01:21 - 00000000 ____D C:\Users\All Users\Application Data\Adobe
2012-12-29 17:50 - 2008-10-23 01:21 - 00000000 ____D C:\Users\All Users\Adobe
2012-12-29 16:58 - 2010-11-17 17:12 - 00000000 ____D C:\Program Files (x86)\ThreatFire
2012-12-29 15:30 - 2010-11-07 18:34 - 00000000 ____D C:\Windows\pss
2012-12-29 15:11 - 2009-03-01 17:29 - 00000000 ____D C:\users\Jose
2012-12-29 15:03 - 2012-12-29 15:03 - 00000000 ____D C:\Users\Jose\{0999de33-b52b-4756-9832-f0780bd5e174}
2012-12-29 15:01 - 2012-12-29 15:01 - 00000000 ____D C:\Users\Jose\{4ed2df66-902c-44a9-a5ca-073f4f97296f}
2012-12-29 14:51 - 2012-12-29 14:50 - 00271867 ____A C:\Users\Jose\Desktop\Windows6.0-KB2347290-x86.msu
2012-12-29 14:49 - 2012-12-29 14:49 - 01131376 ____A C:\Users\Jose\Desktop\Windows6.0-KB975560-x86.msu
2012-12-29 14:44 - 2012-12-29 14:43 - 00333195 ____A C:\Users\Jose\Downloads\Windows6.1-KB2347290-x86.msu
2012-12-29 13:20 - 2008-10-22 23:45 - 00000012 ____A C:\Windows\bthservsdp.dat
2012-12-29 12:02 - 2006-11-02 05:33 - 00000000 ____D C:\Windows\rescache
2012-12-29 11:41 - 2006-11-02 07:21 - 00325464 ____A C:\Windows\System32\FNTCACHE.DAT
2012-12-29 11:39 - 2012-05-04 03:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2012-12-29 11:21 - 2006-11-02 04:46 - 00771898 ____A C:\Windows\System32\PerfStringBackup.INI
2012-12-29 11:15 - 2008-10-23 01:11 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-12-29 11:15 - 2008-10-23 01:11 - 00000000 ____D C:\Users\All Users\Application Data\Microsoft Help
2012-12-29 10:16 - 2012-12-29 10:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-12-29 10:07 - 2009-03-01 17:37 - 00080864 ____A C:\Users\Jose\Local Settings\GDIPFONTCACHEV1.DAT
2012-12-29 10:07 - 2009-03-01 17:37 - 00080864 ____A C:\Users\Jose\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2012-12-29 10:07 - 2009-03-01 17:37 - 00080864 ____A C:\Users\Jose\AppData\Local\GDIPFONTCACHEV1.DAT
2012-12-29 09:43 - 2012-12-29 09:43 - 00000490 ____A C:\JavaRa.log
2012-12-29 09:43 - 2008-10-23 01:43 - 00000000 ____D C:\Program Files (x86)\Java
2012-12-29 09:39 - 2012-12-29 09:39 - 00000000 ____D C:\Users\All Users\Sun
2012-12-29 09:39 - 2012-12-29 09:39 - 00000000 ____D C:\Users\All Users\Application Data\Sun
2012-12-29 09:37 - 2012-12-29 09:39 - 00859072 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-12-29 09:37 - 2012-12-29 09:39 - 00779704 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-12-29 09:37 - 2012-12-29 09:39 - 00260528 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-12-29 09:37 - 2012-12-29 09:38 - 00174000 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-12-29 09:37 - 2012-12-29 09:38 - 00173992 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-12-29 09:37 - 2012-12-29 09:38 - 00095184 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-12-29 09:34 - 2012-12-29 09:33 - 00896016 ____A (Oracle Corporation) C:\Users\Jose\Downloads\jxpiinstall.exe
2012-12-29 09:31 - 2012-12-29 09:29 - 15952832 ____A (Foxit Corporation ) C:\Users\Jose\Downloads\FoxitReader544.1128_enu_Setup.exe
2012-12-29 09:23 - 2008-10-23 01:21 - 00000000 ____D C:\Program Files (x86)\Adobe
2012-12-29 08:43 - 2012-12-29 08:41 - 00856731 ____A C:\Users\Jose\Downloads\SecurityCheck.exe
2012-12-28 22:18 - 2012-12-28 22:18 - 02322184 ____A (ESET) C:\Users\Jose\Downloads\esetsmartinstaller_enu.exe
2012-12-28 22:11 - 2012-12-28 22:11 - 00448512 ____A (OldTimer Tools) C:\Users\Jose\Downloads\TFC.exe
2012-12-28 20:19 - 2009-05-27 04:40 - 00000000 ____D C:\Users\Jose\Local Settings\Application Data\Adobe
2012-12-28 20:19 - 2009-05-27 04:40 - 00000000 ____D C:\Users\Jose\Local Settings\Adobe
2012-12-28 20:19 - 2009-05-27 04:40 - 00000000 ____D C:\Users\Jose\AppData\Local\Adobe
2012-12-28 20:15 - 2012-12-28 20:15 - 00998752 ____A (Solid State Networks) C:\Users\Jose\Downloads\install_reader10_en_mssd_aih(1).exe
2012-12-28 18:43 - 2012-12-28 18:43 - 00602112 ____A (OldTimer Tools) C:\Users\Jose\Downloads\OTL(1).exe
2012-12-28 18:38 - 2012-12-28 18:37 - 00602112 ____A (OldTimer Tools) C:\Users\Jose\Downloads\OTL.exe
2012-12-28 18:07 - 2012-12-28 18:06 - 00998752 ____A (Solid State Networks) C:\Users\Jose\Downloads\install_reader10_en_mssd_aih.exe
2012-12-28 17:18 - 2012-12-28 17:18 - 00000104 ____A C:\Users\Jose\Computer - Shortcut.lnk
2012-12-28 16:57 - 2010-06-13 21:28 - 00000000 ____D C:\Users\Jose\Application Data\vlc
2012-12-28 16:57 - 2010-06-13 21:28 - 00000000 ____D C:\Users\Jose\AppData\Roaming\vlc
2012-12-28 16:55 - 2012-12-28 16:53 - 00000000 ____D C:\Users\Jose\Desktop\Souswitch
2012-12-28 16:55 - 2011-10-27 05:26 - 00000000 ___RD C:\Users\Jose\Desktop\Processor presets
2012-12-28 16:51 - 2012-04-23 16:27 - 00000000 ____D C:\Users\Jose\Desktop\RYAN
2012-12-28 16:50 - 2012-06-29 15:18 - 00000000 ____D C:\Users\Jose\Desktop\Alliance music fri
2012-12-28 16:36 - 2012-12-28 13:14 - 00054024 ____A (COMODO CA Limited) C:\Windows\System32\certsentry.dll
2012-12-28 16:36 - 2012-12-28 13:14 - 00045832 ____A (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2012-12-28 16:31 - 2006-11-02 05:33 - 00000000 __RHD C:\users\Default
2012-12-28 16:11 - 2012-12-28 14:23 - 00000000 ____D C:\Windows\erdnt
2012-12-28 13:14 - 2012-11-23 05:47 - 00000000 ____D C:\Program Files (x86)\Comodo
2012-12-27 21:10 - 2006-11-02 05:34 - 00000000 ____D C:\Windows\System32\spool
2012-12-27 21:10 - 2006-11-02 05:33 - 00000000 ____D C:\Windows\registration
2012-12-27 21:10 - 2006-11-02 04:33 - 85721088 ____A C:\Windows\System32\config\software_previous
2012-12-27 21:10 - 2006-11-02 04:33 - 55574528 ____A C:\Windows\System32\config\components_previous
2012-12-27 21:10 - 2006-11-02 04:33 - 26214400 ____A C:\Windows\System32\config\system_previous
2012-12-27 21:10 - 2006-11-02 04:33 - 00327680 ____A C:\Windows\System32\config\default_previous
2012-12-27 21:10 - 2006-11-02 04:33 - 00057344 ____A C:\Windows\System32\config\sam_previous
2012-12-27 21:10 - 2006-11-02 04:33 - 00024576 ____A C:\Windows\System32\config\security_previous
2012-12-27 17:59 - 2012-12-27 17:59 - 00758784 ____A C:\Users\Jose\Downloads\RogueKiller.exe
2012-12-27 17:46 - 2012-12-27 17:46 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_AE1200vista64_01005.Wdf
2012-12-18 19:21 - 2012-12-18 19:21 - 00000000 ____D C:\Windows\System32\config\HiveBackup
2012-12-16 05:31 - 2012-12-29 10:28 - 00048128 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-16 05:12 - 2012-12-29 10:28 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2012-12-16 03:08 - 2012-12-29 10:28 - 00368128 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-16 02:50 - 2012-12-29 10:28 - 00293376 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2012-12-14 13:49 - 2013-01-01 17:36 - 00024176 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-12-09 21:45 - 2012-09-25 21:20 - 00000000 ____D C:\Users\Jose\Local Settings\Windows Live
2012-12-09 21:45 - 2012-09-25 21:20 - 00000000 ____D C:\Users\Jose\Local Settings\Application Data\Windows Live
2012-12-09 21:45 - 2012-09-25 21:20 - 00000000 ____D C:\Users\Jose\AppData\Local\Windows Live
2012-12-09 20:48 - 2012-11-23 05:50 - 00000000 ____D C:\Users\Jose\{945e8b33-257c-47a6-a7b1-1bea1374f118}
2012-12-09 18:52 - 2012-12-09 18:52 - 00688992 ____A (Swearware) C:\Users\Jose\Downloads\dds.com
2012-12-09 18:29 - 2006-11-02 07:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2012-12-09 18:28 - 2006-11-02 07:07 - 00000000 ____D C:\Program Files\Windows Journal
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2012-12-29 10:26] - [2012-08-21 03:50] - 0267648 ____A (Microsoft Corporation) 582F710097B46140F5A89A19A6573D4B
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2012-11-23 05:51:24
Restore point made on: 2012-12-09 15:07:43
Restore point made on: 2012-12-27 17:45:49
Restore point made on: 2012-12-27 18:09:51
Restore point made on: 2012-12-27 18:17:52
Restore point made on: 2012-12-27 20:48:54
Restore point made on: 2012-12-28 16:12:22
Restore point made on: 2012-12-29 06:49:22
Restore point made on: 2012-12-29 09:16:24
Restore point made on: 2012-12-29 09:22:07
Restore point made on: 2012-12-29 09:36:49
Restore point made on: 2012-12-29 09:49:41
Restore point made on: 2012-12-29 10:27:40
Restore point made on: 2012-12-29 12:15:42
Restore point made on: 2012-12-29 15:03:21
Restore point made on: 2012-12-29 15:05:17
Restore point made on: 2012-12-29 15:11:39
Restore point made on: 2012-12-29 19:36:22
Restore point made on: 2012-12-31 10:17:09
Restore point made on: 2013-01-01 12:45:17
==================== Memory info ===========================
Percentage of memory in use: 32%
Total physical RAM: 1789.02 MB
Available physical RAM: 1209.38 MB
Total Pagefile: 1535.46 MB
Available Pagefile: 1186.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB
==================== Partitions =============================
1 Drive c: () (Fixed) (Total:285.18 GB) (Free:117.91 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (RECOVERY) (Fixed) (Total:12.9 GB) (Free:2.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive e: (My 1GB) (Removable) (Total:0.93 GB) (Free:0.73 GB) FAT
4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 298 GB 1024 KB
Disk 1 Online 954 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 285 GB 1024 KB
Partition 2 Primary 13 GB 285 GB
==================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 0 C NTFS Partition 285 GB Healthy
=========================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 D RECOVERY NTFS Partition 13 GB Healthy
=========================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 953 MB 4096 B
==================================================================================
Disk: 1
Partition 1
Type : 0E
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 E My 1GB FAT Removable 953 MB Healthy
=========================================================
Last Boot: 2013-01-01 17:37
==================== End Of Log =============================
Ran by SYSTEM at 01-01-2013 21:45:42
Running from E:\
Windows Vista (TM) Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1289704 2012-09-12] (Microsoft Corporation)
HKLM-x32\...\Run: [ThreatFire] "C:\Program Files (x86)\ThreatFire\TFTray.exe" [378128 2010-01-14] (PC Tools)
HKU\Default\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [972080 2008-09-30] (Hewlett-Packard)
HKU\Default User\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [972080 2008-09-30] (Hewlett-Packard)
HKU\Jose\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent [512360 2012-12-14] (Malwarebytes Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{117FB9A4-AC77-4B87-888C-04DCEBA4D039}: [NameServer]8.26.56.26,156.154.70.22
Tcpip\..\Interfaces\{4C8822D5-7D54-4BE8-B6EF-DEA9659094A3}: [NameServer]8.26.56.26,156.154.70.22
==================== Services (Whitelisted) ===================
4 AcrSch2Svc; "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe" [1054568 2010-03-27] (Acronis)
2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_1b06afce\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2480048 2010-11-21] (Acronis)
2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1868432 2012-12-19] ()
4 HauppaugeTVServer; C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE [602624 2010-03-29] (Hauppauge Computer Works)
2 jjtAutoLaunch; "C:\Program Files (x86)\Sound Devices\USBPre\Services\jjtAutoLaunch.exe" [114688 2002-01-22] (Sound Devices, LLC)
2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [398184 2012-12-14] (Malwarebytes Corporation)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [682344 2012-12-14] (Malwarebytes Corporation)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [22072 2012-09-12] (Microsoft Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [368896 2012-09-12] (Microsoft Corporation)
2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-07-24] ()
2 Recovery Service for Windows; C:\Program Files (x86)\SMINST\BLService.exe [365952 2008-10-06] ()
2 RichVideo; "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" [241734 2008-06-29] ()
4 ScrybeUpdater; "C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe" [1300264 2011-05-27] (Synaptics, Inc.)
2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_1b06afce\STacSV64.exe [240640 2009-08-13] (IDT, Inc.)
2 ThreatFire; C:\Program Files (x86)\ThreatFire\TFService.exe service [70928 2010-01-14] (PC Tools)
4 TVCapSvc; "C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe" [296320 2008-09-24] ()
4 TVSched; "C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe" [116096 2008-09-24] ()
3 w7Svc; C:\Program Files (x86)\webcam 7\wService.exe /startedbyscm:5053B757-40E35B3B-webcam7SRV [4999680 2011-07-27] (Moonware Studios)
2 AGCoreService; "C:\Program Files (x86)\AGI\core\4.2.0.10753\AGCoreService.exe" [x]
==================== Drivers (Whitelisted) =====================
3 hcw72ADFilter; C:\Windows\System32\Drivers\hcw72ADFilter.sys [38656 2010-04-23] (Hauppauge Computer Works, Inc.)
3 hcw72ATV; C:\Windows\System32\Drivers\hcw72ATV.sys [1631488 2010-04-23] (Hauppauge Computer Works, Inc.)
3 hcw72DTV; C:\Windows\System32\Drivers\hcw72DTV.sys [1634176 2010-04-23] (Hauppauge Computer Works, Inc.)
3 libusb0; C:\Windows\SysWow64\Drivers\libusb0.sys [28672 2011-08-26] (http://libusb-win32.sourceforge.net)
3 Linksys_adapter; C:\Windows\System32\DRIVERS\AE1200vista64.sys [1227840 2011-03-30] (Broadcom Corporation)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation)
0 MpFilter; C:\Windows\System32\Drivers\MpFilter.sys [228768 2012-08-30] (Microsoft Corporation)
2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [128456 2012-08-30] (Microsoft Corporation)
0 tdrpman258; C:\Windows\System32\DRIVERS\tdrpm258.sys [1477728 2010-11-21] (Acronis)
0 TfFsMon; C:\Windows\System32\Drivers\TfFsMon.sys [65072 2010-01-14] (PC Tools)
3 TfNetMon; C:\Windows\System32\Drivers\TfNetMon.sys [41888 2010-01-14] (PC Tools)
0 TfSysMon; C:\Windows\System32\Drivers\TfSysMon.sys [59880 2010-01-14] (PC Tools)
2 {55662437-DA8C-40c0-AADA-2C816A897A49}; \??\C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [27632 2008-09-25] (Cyberlink Corp.)
1 Beep; [x]
4 eabfiltr; [x]
3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]
3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]
3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ====================
==================== One Month Created Files and Folders ========
2013-01-01 17:38 - 2013-01-01 17:38 - 00000000 ____D C:\Users\Jose\Application Data\Malwarebytes
2013-01-01 17:38 - 2013-01-01 17:38 - 00000000 ____D C:\Users\Jose\AppData\Roaming\Malwarebytes
2013-01-01 17:37 - 2013-01-01 17:37 - 00000948 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-01-01 17:37 - 2013-01-01 17:37 - 00000948 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-01-01 17:37 - 2013-01-01 17:37 - 00000000 ____D C:\Users\All Users\Malwarebytes
2013-01-01 17:37 - 2013-01-01 17:37 - 00000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2013-01-01 17:36 - 2013-01-01 17:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-01 17:36 - 2012-12-14 13:49 - 00024176 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-01-01 17:32 - 2013-01-01 17:35 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Jose\Desktop\mbam-setup-1.70.0.1100.exe
2013-01-01 17:26 - 2013-01-01 17:28 - 00080456 ____A (Malwarebytes Corporation) C:\Users\Jose\Desktop\mbam-clean-1.60.2.0003.exe
2013-01-01 16:22 - 2013-01-01 16:27 - 00000426 ____A C:\Users\Jose\Desktop\SystemLook.txt
2013-01-01 16:21 - 2013-01-01 16:21 - 00165376 ____A C:\Users\Jose\Desktop\SystemLook_x64.exe
2013-01-01 15:12 - 2013-01-01 15:13 - 00002218 ____A C:\Users\Jose\Desktop\Result.txt
2013-01-01 15:12 - 2013-01-01 15:12 - 00815681 ____A (Farbar) C:\Users\Jose\Downloads\ListParts64(1).exe
2013-01-01 15:10 - 2013-01-01 15:11 - 00815681 ____A (Farbar) C:\Users\Jose\Desktop\ListParts64.exe
2013-01-01 12:04 - 2013-01-01 12:05 - 15952832 ____A (Foxit Corporation ) C:\Users\Jose\Desktop\FoxitReader544.1128_enu_Setup(1).exe
2013-01-01 11:47 - 2013-01-01 12:10 - 00000000 ____D C:\Users\Jose\Desktop\New Folder (3)
2012-12-31 09:51 - 2012-12-31 09:51 - 00062539 ____A C:\ComboFix.txt
2012-12-31 09:03 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-12-31 08:55 - 2012-12-31 08:55 - 00000000 ____A C:\Users\Jose\Desktop\New Text Document (2).txt
2012-12-29 21:04 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe
2012-12-29 21:04 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe
2012-12-29 21:04 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-12-29 21:04 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-12-29 21:04 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe
2012-12-29 21:04 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe
2012-12-29 21:04 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe
2012-12-29 21:02 - 2012-12-31 09:51 - 00000000 ____D C:\Qoobox
2012-12-29 21:00 - 2012-12-29 20:58 - 05015826 ____R (Swearware) C:\Users\Jose\Desktop\ComboFix.exe
2012-12-29 20:59 - 2012-12-29 21:00 - 05015826 ____A (Swearware) C:\Users\Jose\Downloads\ComboFix(1).exe
2012-12-29 20:58 - 2012-12-29 20:58 - 05015826 ____A (Swearware) C:\Users\Jose\Downloads\ComboFix.exe
2012-12-29 19:30 - 2012-12-29 19:31 - 00000000 ____D C:\Users\Jose\Desktop\New Folder (2)
2012-12-29 17:36 - 2012-12-29 17:50 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-12-29 17:36 - 2012-12-29 17:50 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-12-29 15:03 - 2012-12-29 15:03 - 00000000 ____D C:\Users\Jose\{0999de33-b52b-4756-9832-f0780bd5e174}
2012-12-29 15:01 - 2012-12-29 15:01 - 00000000 ____D C:\Users\Jose\{4ed2df66-902c-44a9-a5ca-073f4f97296f}
2012-12-29 14:50 - 2012-12-29 14:51 - 00271867 ____A C:\Users\Jose\Desktop\Windows6.0-KB2347290-x86.msu
2012-12-29 14:49 - 2012-12-29 14:49 - 01131376 ____A C:\Users\Jose\Desktop\Windows6.0-KB975560-x86.msu
2012-12-29 14:43 - 2012-12-29 14:44 - 00333195 ____A C:\Users\Jose\Downloads\Windows6.1-KB2347290-x86.msu
2012-12-29 11:04 - 2012-07-25 20:55 - 00785512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2012-12-29 11:04 - 2012-07-25 20:55 - 00054376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2012-12-29 11:04 - 2012-07-25 19:08 - 00744448 ____A (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2012-12-29 11:04 - 2012-07-25 19:08 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2012-12-29 11:04 - 2012-07-25 19:08 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2012-12-29 11:04 - 2012-07-25 19:08 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2012-12-29 11:04 - 2012-07-25 19:08 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2012-12-29 11:04 - 2012-07-25 18:36 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2012-12-29 11:04 - 2012-07-25 18:26 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2012-12-29 11:04 - 2012-07-25 18:26 - 00087040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2012-12-29 11:04 - 2012-06-02 06:57 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2012-12-29 11:04 - 2012-06-02 06:35 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2012-12-29 11:04 - 2009-07-14 04:19 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\winusb.dll
2012-12-29 11:04 - 2009-07-14 04:12 - 00016896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winusb.dll
2012-12-29 10:32 - 2012-11-13 22:11 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-12-29 10:32 - 2012-11-13 22:04 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-12-29 10:32 - 2012-11-13 22:04 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-12-29 10:32 - 2012-11-13 22:02 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-12-29 10:32 - 2012-11-13 22:02 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-12-29 10:32 - 2012-11-13 21:59 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-12-29 10:32 - 2012-11-13 21:57 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-12-29 10:32 - 2012-11-13 21:55 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-12-29 10:32 - 2012-11-13 21:53 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-12-29 10:32 - 2012-11-13 21:52 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-12-29 10:32 - 2012-11-13 21:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-12-29 10:32 - 2012-11-13 17:58 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-12-29 10:32 - 2012-11-13 17:57 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-12-29 10:32 - 2012-11-13 17:57 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-12-29 10:32 - 2012-11-13 17:55 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-12-29 10:32 - 2012-11-13 17:51 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-12-29 10:32 - 2012-11-13 17:49 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-12-29 10:32 - 2012-11-13 17:48 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-12-29 10:32 - 2012-11-13 17:47 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-12-29 10:32 - 2012-11-13 17:45 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-12-29 10:32 - 2012-11-13 17:44 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-12-29 10:32 - 2012-11-13 17:41 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-12-29 10:31 - 2012-11-13 23:06 - 17811968 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-12-29 10:31 - 2012-11-13 22:32 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-12-29 10:31 - 2012-11-13 21:58 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-12-29 10:31 - 2012-11-13 21:57 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-12-29 10:31 - 2012-11-13 21:55 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-12-29 10:31 - 2012-11-13 18:48 - 12320256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-12-29 10:31 - 2012-11-13 18:14 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-12-29 10:31 - 2012-11-13 18:09 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-12-29 10:31 - 2012-11-13 17:49 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-12-29 10:31 - 2012-11-13 17:46 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-12-29 10:28 - 2012-12-16 05:31 - 00048128 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-29 10:28 - 2012-12-16 05:12 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2012-12-29 10:28 - 2012-12-16 03:08 - 00368128 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-29 10:28 - 2012-12-16 02:50 - 00293376 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2012-12-29 10:26 - 2012-11-12 17:55 - 02770432 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-12-29 10:26 - 2012-11-12 17:45 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-12-29 10:26 - 2012-11-12 17:29 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-12-29 10:26 - 2012-09-28 08:34 - 01210368 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-12-29 10:26 - 2012-09-28 08:13 - 00860160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-12-29 10:26 - 2012-09-25 08:31 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2012-12-29 10:26 - 2012-09-25 08:19 - 00075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2012-12-29 10:26 - 2012-08-21 03:50 - 00267648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2012-12-29 10:21 - 2012-11-02 02:45 - 00477696 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2012-12-29 10:21 - 2012-11-02 02:45 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\dpnathlp.dll
2012-12-29 10:21 - 2012-11-02 02:18 - 00376320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2012-12-29 10:21 - 2012-11-02 00:59 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\dpnsvr.exe
2012-12-29 10:21 - 2012-11-02 00:26 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2012-12-29 10:14 - 2012-12-29 10:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-12-29 09:43 - 2012-12-29 09:43 - 00000490 ____A C:\JavaRa.log
2012-12-29 09:39 - 2012-12-29 09:39 - 00000000 ____D C:\Users\All Users\Sun
2012-12-29 09:39 - 2012-12-29 09:39 - 00000000 ____D C:\Users\All Users\Application Data\Sun
2012-12-29 09:39 - 2012-12-29 09:37 - 00859072 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-12-29 09:39 - 2012-12-29 09:37 - 00779704 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-12-29 09:39 - 2012-12-29 09:37 - 00260528 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-12-29 09:38 - 2012-12-29 09:37 - 00174000 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-12-29 09:38 - 2012-12-29 09:37 - 00173992 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-12-29 09:38 - 2012-12-29 09:37 - 00095184 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-12-29 09:33 - 2012-12-29 09:34 - 00896016 ____A (Oracle Corporation) C:\Users\Jose\Downloads\jxpiinstall.exe
2012-12-29 09:29 - 2012-12-29 09:31 - 15952832 ____A (Foxit Corporation ) C:\Users\Jose\Downloads\FoxitReader544.1128_enu_Setup.exe
2012-12-29 08:41 - 2012-12-29 08:43 - 00856731 ____A C:\Users\Jose\Downloads\SecurityCheck.exe
2012-12-28 22:18 - 2012-12-28 22:18 - 02322184 ____A (ESET) C:\Users\Jose\Downloads\esetsmartinstaller_enu.exe
2012-12-28 22:11 - 2012-12-28 22:11 - 00448512 ____A (OldTimer Tools) C:\Users\Jose\Downloads\TFC.exe
2012-12-28 20:15 - 2012-12-28 20:15 - 00998752 ____A (Solid State Networks) C:\Users\Jose\Downloads\install_reader10_en_mssd_aih(1).exe
2012-12-28 18:43 - 2012-12-28 18:43 - 00602112 ____A (OldTimer Tools) C:\Users\Jose\Downloads\OTL(1).exe
2012-12-28 18:37 - 2012-12-28 18:38 - 00602112 ____A (OldTimer Tools) C:\Users\Jose\Downloads\OTL.exe
2012-12-28 18:06 - 2012-12-28 18:07 - 00998752 ____A (Solid State Networks) C:\Users\Jose\Downloads\install_reader10_en_mssd_aih.exe
2012-12-28 17:18 - 2012-12-28 17:18 - 00000104 ____A C:\Users\Jose\Computer - Shortcut.lnk
2012-12-28 16:53 - 2012-12-28 16:55 - 00000000 ____D C:\Users\Jose\Desktop\Souswitch
2012-12-28 14:23 - 2012-12-28 16:11 - 00000000 ____D C:\Windows\erdnt
2012-12-28 13:14 - 2012-12-28 16:36 - 00054024 ____A (COMODO CA Limited) C:\Windows\System32\certsentry.dll
2012-12-28 13:14 - 2012-12-28 16:36 - 00045832 ____A (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2012-12-27 17:59 - 2012-12-27 17:59 - 00758784 ____A C:\Users\Jose\Downloads\RogueKiller.exe
2012-12-27 17:46 - 2012-12-27 17:46 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_AE1200vista64_01005.Wdf
2012-12-27 17:44 - 2011-03-30 19:54 - 01227840 ____A (Broadcom Corporation) C:\Windows\System32\Drivers\AE1200vista64.sys
2012-12-27 17:44 - 2011-03-30 19:54 - 00095544 ____A (Broadcom Corporation) C:\Windows\System32\bcmwlcoi.dll
2012-12-27 17:44 - 2011-03-30 19:51 - 03900928 ____A (Broadcom Corporation) C:\Windows\System32\bcmihvsrv64.dll
2012-12-27 17:44 - 2011-03-30 19:51 - 03566592 ____A (Broadcom Corporation) C:\Windows\System32\bcmihvui64.dll
2012-12-27 17:44 - 2007-11-05 04:23 - 00040464 ___RA (CACE Technologies) C:\Windows\System32\Drivers\npf.sys
2012-12-27 17:44 - 2006-11-02 06:04 - 01919968 ____A (Microsoft Corporation) C:\Windows\System32\WdfCoInstaller01005.dll
2012-12-18 19:21 - 2012-12-18 19:21 - 00000000 ____D C:\Windows\System32\config\HiveBackup
2012-12-09 18:52 - 2012-12-09 18:52 - 00688992 ____A (Swearware) C:\Users\Jose\Downloads\dds.com
==================== One Month Modified Files and Folders =======
2013-01-01 21:45 - 2013-01-01 21:45 - 00000000 ____D C:\FRST
2013-01-01 18:35 - 2010-02-03 13:04 - 00196608 ____A C:\Windows\System32\Ikeext.etl
2013-01-01 18:35 - 2009-02-12 14:44 - 01723920 ____A C:\Windows\WindowsUpdate.log
2013-01-01 18:35 - 2006-11-02 07:42 - 00032628 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-01-01 18:35 - 2006-11-02 07:42 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-01-01 18:35 - 2006-11-02 07:22 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-01-01 18:35 - 2006-11-02 07:22 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-01-01 18:34 - 2006-11-02 07:27 - 00191080 ____A C:\Windows\setupact.log
2013-01-01 17:38 - 2013-01-01 17:38 - 00000000 ____D C:\Users\Jose\Application Data\Malwarebytes
2013-01-01 17:38 - 2013-01-01 17:38 - 00000000 ____D C:\Users\Jose\AppData\Roaming\Malwarebytes
2013-01-01 17:37 - 2013-01-01 17:37 - 00000948 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-01-01 17:37 - 2013-01-01 17:37 - 00000948 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-01-01 17:37 - 2013-01-01 17:37 - 00000000 ____D C:\Users\All Users\Malwarebytes
2013-01-01 17:37 - 2013-01-01 17:37 - 00000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2013-01-01 17:37 - 2013-01-01 17:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-01 17:35 - 2013-01-01 17:32 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Jose\Desktop\mbam-setup-1.70.0.1100.exe
2013-01-01 17:31 - 2011-02-23 13:21 - 00000434 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-01-01 17:30 - 2008-01-20 19:26 - 00235018 ____A C:\Windows\PFRO.log
2013-01-01 17:28 - 2013-01-01 17:26 - 00080456 ____A (Malwarebytes Corporation) C:\Users\Jose\Desktop\mbam-clean-1.60.2.0003.exe
2013-01-01 17:09 - 2006-11-02 05:34 - 00000000 ____D C:\Windows\tracing
2013-01-01 16:27 - 2013-01-01 16:22 - 00000426 ____A C:\Users\Jose\Desktop\SystemLook.txt
2013-01-01 16:21 - 2013-01-01 16:21 - 00165376 ____A C:\Users\Jose\Desktop\SystemLook_x64.exe
2013-01-01 15:13 - 2013-01-01 15:12 - 00002218 ____A C:\Users\Jose\Desktop\Result.txt
2013-01-01 15:12 - 2013-01-01 15:12 - 00815681 ____A (Farbar) C:\Users\Jose\Downloads\ListParts64(1).exe
2013-01-01 15:11 - 2013-01-01 15:10 - 00815681 ____A (Farbar) C:\Users\Jose\Desktop\ListParts64.exe
2013-01-01 12:10 - 2013-01-01 11:47 - 00000000 ____D C:\Users\Jose\Desktop\New Folder (3)
2013-01-01 12:05 - 2013-01-01 12:04 - 15952832 ____A (Foxit Corporation ) C:\Users\Jose\Desktop\FoxitReader544.1128_enu_Setup(1).exe
2012-12-31 09:51 - 2012-12-31 09:51 - 00062539 ____A C:\ComboFix.txt
2012-12-31 09:51 - 2012-12-29 21:02 - 00000000 ____D C:\Qoobox
2012-12-31 09:36 - 2006-11-02 04:34 - 00000215 ____A C:\Windows\system.ini
2012-12-31 08:55 - 2012-12-31 08:55 - 00000000 ____A C:\Users\Jose\Desktop\New Text Document (2).txt
2012-12-29 21:00 - 2012-12-29 20:59 - 05015826 ____A (Swearware) C:\Users\Jose\Downloads\ComboFix(1).exe
2012-12-29 20:58 - 2012-12-29 21:00 - 05015826 ____R (Swearware) C:\Users\Jose\Desktop\ComboFix.exe
2012-12-29 20:58 - 2012-12-29 20:58 - 05015826 ____A (Swearware) C:\Users\Jose\Downloads\ComboFix.exe
2012-12-29 19:31 - 2012-12-29 19:30 - 00000000 ____D C:\Users\Jose\Desktop\New Folder (2)
2012-12-29 17:50 - 2012-12-29 17:36 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-12-29 17:50 - 2012-12-29 17:36 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-12-29 17:50 - 2008-10-23 01:21 - 00000000 ____D C:\Users\All Users\Application Data\Adobe
2012-12-29 17:50 - 2008-10-23 01:21 - 00000000 ____D C:\Users\All Users\Adobe
2012-12-29 16:58 - 2010-11-17 17:12 - 00000000 ____D C:\Program Files (x86)\ThreatFire
2012-12-29 15:30 - 2010-11-07 18:34 - 00000000 ____D C:\Windows\pss
2012-12-29 15:11 - 2009-03-01 17:29 - 00000000 ____D C:\users\Jose
2012-12-29 15:03 - 2012-12-29 15:03 - 00000000 ____D C:\Users\Jose\{0999de33-b52b-4756-9832-f0780bd5e174}
2012-12-29 15:01 - 2012-12-29 15:01 - 00000000 ____D C:\Users\Jose\{4ed2df66-902c-44a9-a5ca-073f4f97296f}
2012-12-29 14:51 - 2012-12-29 14:50 - 00271867 ____A C:\Users\Jose\Desktop\Windows6.0-KB2347290-x86.msu
2012-12-29 14:49 - 2012-12-29 14:49 - 01131376 ____A C:\Users\Jose\Desktop\Windows6.0-KB975560-x86.msu
2012-12-29 14:44 - 2012-12-29 14:43 - 00333195 ____A C:\Users\Jose\Downloads\Windows6.1-KB2347290-x86.msu
2012-12-29 13:20 - 2008-10-22 23:45 - 00000012 ____A C:\Windows\bthservsdp.dat
2012-12-29 12:02 - 2006-11-02 05:33 - 00000000 ____D C:\Windows\rescache
2012-12-29 11:41 - 2006-11-02 07:21 - 00325464 ____A C:\Windows\System32\FNTCACHE.DAT
2012-12-29 11:39 - 2012-05-04 03:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2012-12-29 11:21 - 2006-11-02 04:46 - 00771898 ____A C:\Windows\System32\PerfStringBackup.INI
2012-12-29 11:15 - 2008-10-23 01:11 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-12-29 11:15 - 2008-10-23 01:11 - 00000000 ____D C:\Users\All Users\Application Data\Microsoft Help
2012-12-29 10:16 - 2012-12-29 10:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-12-29 10:07 - 2009-03-01 17:37 - 00080864 ____A C:\Users\Jose\Local Settings\GDIPFONTCACHEV1.DAT
2012-12-29 10:07 - 2009-03-01 17:37 - 00080864 ____A C:\Users\Jose\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2012-12-29 10:07 - 2009-03-01 17:37 - 00080864 ____A C:\Users\Jose\AppData\Local\GDIPFONTCACHEV1.DAT
2012-12-29 09:43 - 2012-12-29 09:43 - 00000490 ____A C:\JavaRa.log
2012-12-29 09:43 - 2008-10-23 01:43 - 00000000 ____D C:\Program Files (x86)\Java
2012-12-29 09:39 - 2012-12-29 09:39 - 00000000 ____D C:\Users\All Users\Sun
2012-12-29 09:39 - 2012-12-29 09:39 - 00000000 ____D C:\Users\All Users\Application Data\Sun
2012-12-29 09:37 - 2012-12-29 09:39 - 00859072 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-12-29 09:37 - 2012-12-29 09:39 - 00779704 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-12-29 09:37 - 2012-12-29 09:39 - 00260528 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-12-29 09:37 - 2012-12-29 09:38 - 00174000 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-12-29 09:37 - 2012-12-29 09:38 - 00173992 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-12-29 09:37 - 2012-12-29 09:38 - 00095184 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-12-29 09:34 - 2012-12-29 09:33 - 00896016 ____A (Oracle Corporation) C:\Users\Jose\Downloads\jxpiinstall.exe
2012-12-29 09:31 - 2012-12-29 09:29 - 15952832 ____A (Foxit Corporation ) C:\Users\Jose\Downloads\FoxitReader544.1128_enu_Setup.exe
2012-12-29 09:23 - 2008-10-23 01:21 - 00000000 ____D C:\Program Files (x86)\Adobe
2012-12-29 08:43 - 2012-12-29 08:41 - 00856731 ____A C:\Users\Jose\Downloads\SecurityCheck.exe
2012-12-28 22:18 - 2012-12-28 22:18 - 02322184 ____A (ESET) C:\Users\Jose\Downloads\esetsmartinstaller_enu.exe
2012-12-28 22:11 - 2012-12-28 22:11 - 00448512 ____A (OldTimer Tools) C:\Users\Jose\Downloads\TFC.exe
2012-12-28 20:19 - 2009-05-27 04:40 - 00000000 ____D C:\Users\Jose\Local Settings\Application Data\Adobe
2012-12-28 20:19 - 2009-05-27 04:40 - 00000000 ____D C:\Users\Jose\Local Settings\Adobe
2012-12-28 20:19 - 2009-05-27 04:40 - 00000000 ____D C:\Users\Jose\AppData\Local\Adobe
2012-12-28 20:15 - 2012-12-28 20:15 - 00998752 ____A (Solid State Networks) C:\Users\Jose\Downloads\install_reader10_en_mssd_aih(1).exe
2012-12-28 18:43 - 2012-12-28 18:43 - 00602112 ____A (OldTimer Tools) C:\Users\Jose\Downloads\OTL(1).exe
2012-12-28 18:38 - 2012-12-28 18:37 - 00602112 ____A (OldTimer Tools) C:\Users\Jose\Downloads\OTL.exe
2012-12-28 18:07 - 2012-12-28 18:06 - 00998752 ____A (Solid State Networks) C:\Users\Jose\Downloads\install_reader10_en_mssd_aih.exe
2012-12-28 17:18 - 2012-12-28 17:18 - 00000104 ____A C:\Users\Jose\Computer - Shortcut.lnk
2012-12-28 16:57 - 2010-06-13 21:28 - 00000000 ____D C:\Users\Jose\Application Data\vlc
2012-12-28 16:57 - 2010-06-13 21:28 - 00000000 ____D C:\Users\Jose\AppData\Roaming\vlc
2012-12-28 16:55 - 2012-12-28 16:53 - 00000000 ____D C:\Users\Jose\Desktop\Souswitch
2012-12-28 16:55 - 2011-10-27 05:26 - 00000000 ___RD C:\Users\Jose\Desktop\Processor presets
2012-12-28 16:51 - 2012-04-23 16:27 - 00000000 ____D C:\Users\Jose\Desktop\RYAN
2012-12-28 16:50 - 2012-06-29 15:18 - 00000000 ____D C:\Users\Jose\Desktop\Alliance music fri
2012-12-28 16:36 - 2012-12-28 13:14 - 00054024 ____A (COMODO CA Limited) C:\Windows\System32\certsentry.dll
2012-12-28 16:36 - 2012-12-28 13:14 - 00045832 ____A (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2012-12-28 16:31 - 2006-11-02 05:33 - 00000000 __RHD C:\users\Default
2012-12-28 16:11 - 2012-12-28 14:23 - 00000000 ____D C:\Windows\erdnt
2012-12-28 13:14 - 2012-11-23 05:47 - 00000000 ____D C:\Program Files (x86)\Comodo
2012-12-27 21:10 - 2006-11-02 05:34 - 00000000 ____D C:\Windows\System32\spool
2012-12-27 21:10 - 2006-11-02 05:33 - 00000000 ____D C:\Windows\registration
2012-12-27 21:10 - 2006-11-02 04:33 - 85721088 ____A C:\Windows\System32\config\software_previous
2012-12-27 21:10 - 2006-11-02 04:33 - 55574528 ____A C:\Windows\System32\config\components_previous
2012-12-27 21:10 - 2006-11-02 04:33 - 26214400 ____A C:\Windows\System32\config\system_previous
2012-12-27 21:10 - 2006-11-02 04:33 - 00327680 ____A C:\Windows\System32\config\default_previous
2012-12-27 21:10 - 2006-11-02 04:33 - 00057344 ____A C:\Windows\System32\config\sam_previous
2012-12-27 21:10 - 2006-11-02 04:33 - 00024576 ____A C:\Windows\System32\config\security_previous
2012-12-27 17:59 - 2012-12-27 17:59 - 00758784 ____A C:\Users\Jose\Downloads\RogueKiller.exe
2012-12-27 17:46 - 2012-12-27 17:46 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_AE1200vista64_01005.Wdf
2012-12-18 19:21 - 2012-12-18 19:21 - 00000000 ____D C:\Windows\System32\config\HiveBackup
2012-12-16 05:31 - 2012-12-29 10:28 - 00048128 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-16 05:12 - 2012-12-29 10:28 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2012-12-16 03:08 - 2012-12-29 10:28 - 00368128 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-16 02:50 - 2012-12-29 10:28 - 00293376 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2012-12-14 13:49 - 2013-01-01 17:36 - 00024176 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-12-09 21:45 - 2012-09-25 21:20 - 00000000 ____D C:\Users\Jose\Local Settings\Windows Live
2012-12-09 21:45 - 2012-09-25 21:20 - 00000000 ____D C:\Users\Jose\Local Settings\Application Data\Windows Live
2012-12-09 21:45 - 2012-09-25 21:20 - 00000000 ____D C:\Users\Jose\AppData\Local\Windows Live
2012-12-09 20:48 - 2012-11-23 05:50 - 00000000 ____D C:\Users\Jose\{945e8b33-257c-47a6-a7b1-1bea1374f118}
2012-12-09 18:52 - 2012-12-09 18:52 - 00688992 ____A (Swearware) C:\Users\Jose\Downloads\dds.com
2012-12-09 18:29 - 2006-11-02 07:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2012-12-09 18:28 - 2006-11-02 07:07 - 00000000 ____D C:\Program Files\Windows Journal
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2012-12-29 10:26] - [2012-08-21 03:50] - 0267648 ____A (Microsoft Corporation) 582F710097B46140F5A89A19A6573D4B
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2012-11-23 05:51:24
Restore point made on: 2012-12-09 15:07:43
Restore point made on: 2012-12-27 17:45:49
Restore point made on: 2012-12-27 18:09:51
Restore point made on: 2012-12-27 18:17:52
Restore point made on: 2012-12-27 20:48:54
Restore point made on: 2012-12-28 16:12:22
Restore point made on: 2012-12-29 06:49:22
Restore point made on: 2012-12-29 09:16:24
Restore point made on: 2012-12-29 09:22:07
Restore point made on: 2012-12-29 09:36:49
Restore point made on: 2012-12-29 09:49:41
Restore point made on: 2012-12-29 10:27:40
Restore point made on: 2012-12-29 12:15:42
Restore point made on: 2012-12-29 15:03:21
Restore point made on: 2012-12-29 15:05:17
Restore point made on: 2012-12-29 15:11:39
Restore point made on: 2012-12-29 19:36:22
Restore point made on: 2012-12-31 10:17:09
Restore point made on: 2013-01-01 12:45:17
==================== Memory info ===========================
Percentage of memory in use: 32%
Total physical RAM: 1789.02 MB
Available physical RAM: 1209.38 MB
Total Pagefile: 1535.46 MB
Available Pagefile: 1186.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB
==================== Partitions =============================
1 Drive c: () (Fixed) (Total:285.18 GB) (Free:117.91 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (RECOVERY) (Fixed) (Total:12.9 GB) (Free:2.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive e: (My 1GB) (Removable) (Total:0.93 GB) (Free:0.73 GB) FAT
4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 298 GB 1024 KB
Disk 1 Online 954 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 285 GB 1024 KB
Partition 2 Primary 13 GB 285 GB
==================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 0 C NTFS Partition 285 GB Healthy
=========================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 D RECOVERY NTFS Partition 13 GB Healthy
=========================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 953 MB 4096 B
==================================================================================
Disk: 1
Partition 1
Type : 0E
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 E My 1GB FAT Removable 953 MB Healthy
=========================================================
Last Boot: 2013-01-01 17:37
==================== End Of Log =============================
