TechSpot

Windows has encountered a critical problem

Inactive
By larry32
Oct 10, 2012
  1. Hi there, I seem to have contracted the "Windows has encountered a critical problem" issue.
    I read through your replies and decided to follow your first instructions then wait for your reply.
    I have downloaded the farbar tool for my 64 bit Windows 7 OS and here are the logs for the two files you requested from other posters. Looking forward to your reply


    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-10-2012
    Ran by SYSTEM at 10-10-2012 16:00:17
    Running from H:\
    Windows 7 Home Premium (X64) OS Language: English(US)
    The current controlset is ControlSet001
    ==================== Registry (Whitelisted) ===================
    HKLM-x32\...\Run: [] [x]
    Tcpip\Parameters: [DhcpNameServer] 129.96.176.70 129.96.252.31
    ==================== Services (Whitelisted) ===================
    4 AlotService; C:\Users\Lanre\AppData\LocalLow\alotservice\alotservice.exe [255880 2012-06-25] (Vertro Inc.)
    4 BTHSSecurityMgr; "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe" [134928 2011-04-20] (Intel(R) Corporation)
    4 ERDAS; C:\Program Files (x86)\Leica Geosystems\Shared\Bin\NTx86\lmgrd.exe [630272 2006-07-06] (Macrovision Corporation)
    4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-02-04] ()
    4 NitroDriverReadSpool2; "C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe" [216072 2012-05-15] (Nitro PDF Software)
    4 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [69640 2012-05-15] (Nalpeiron Ltd.)
    4 Printer Control; C:\Windows\system32\PrintCtrl.exe [77824 2011-01-02] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM)
    4 i2p; "C:\Program Files\i2p\I2Psvc.exe" -s "C:\Program Files\i2p\wrapper.config" [x]
    2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\diMaster.dll" /prefetch:1 [x]
    ==================== Drivers (Whitelisted) =====================
    1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\BASHDefs\20120928.001\BHDrvx64.sys [1385120 2012-08-31] (Symantec Corporation)
    1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309000.009\ccSetx64.sys [167072 2012-06-06] (Symantec Corporation)
    1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-09] (Symantec Corporation)
    1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\IPSDefs\20121005.002\IDSvia64.sys [513184 2012-09-05] (Symantec Corporation)
    1 ISODrive; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-28] (EZB Systems, Inc.)
    3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\VirusDefs\20121006.007\ENG64.SYS [126112 2012-10-06] (Symantec Corporation)
    3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\VirusDefs\20121006.007\EX64.SYS [2084000 2012-10-06] (Symantec Corporation)
    3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309000.009\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation)
    1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309000.009\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation)
    0 SymDS; C:\Windows\System32\drivers\NISx64\1309000.009\SYMDS64.SYS [451192 2012-03-28] (Symantec Corporation)
    0 SymEFA; C:\Windows\System32\drivers\NISx64\1309000.009\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)
    3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-07-29] (Symantec Corporation)
    1 SymIRON; C:\Windows\system32\drivers\NISx64\1309000.009\Ironx64.SYS [190072 2012-04-17] (Symantec Corporation)
    1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309000.009\SYMNETS.SYS [405624 2012-04-17] (Symantec Corporation)
    ==================== NetSvcs (Whitelisted) ====================

    ==================== One Month Created Files and Folders ========
    2012-10-10 06:02 - 2012-10-10 06:02 - 02957840 ____A (Symantec Corporation) C:\NPE.exe
    2012-10-10 03:19 - 2012-10-10 05:51 - 00000000 ___AD C:\Kaspersky Rescue Disk 10.0
    2012-10-09 21:09 - 2012-10-09 21:12 - 00000000 ___SD C:\ComboFix
    2012-10-09 21:09 - 2012-10-09 21:09 - 00000000 ___SD C:\32788R22FWJFW
    2012-10-09 21:00 - 2012-10-09 21:00 - 00000000 ____D C:\Qoobox
    2012-10-09 20:36 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe
    2012-10-09 20:36 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe
    2012-10-09 20:36 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
    2012-10-09 20:36 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
    2012-10-09 20:36 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
    2012-10-09 20:36 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe
    2012-10-09 20:36 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe
    2012-10-09 20:36 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe
    2012-10-09 20:28 - 2012-10-09 20:28 - 00000000 ____D C:\Windows\erdnt
    2012-10-09 20:27 - 2012-10-09 20:11 - 04764951 ____R (Swearware) C:\Users\Lanre\Desktop\ComboFix.exe
    2012-10-09 06:36 - 2012-10-09 20:56 - 00000000 ____D C:\Windows\System32\%LOCALAPPDATA%
    2012-10-09 06:21 - 2012-10-09 06:27 - 00000000 ____D C:\Users\Lanre\AppData\Local\NPE
    2012-10-09 04:57 - 2012-10-09 04:57 - 00000000 ____D C:\Windows\SysWOW64\SeaPort
    2012-10-09 03:47 - 2012-10-09 03:47 - 00000000 ____D C:\Program Files\Symantec
    2012-10-09 03:46 - 2012-10-09 03:46 - 00000000 ____D C:\Program Files (x86)\Symantec
    2012-10-09 01:28 - 2012-10-09 01:28 - 00000000 ____D C:\Hewlett-Packard
    2012-10-07 18:46 - 2012-10-07 18:46 - 17197056 ____A C:\Users\Lanre\Downloads\Lecture_water_quality_2012(1).ppt
    2012-10-03 16:00 - 2012-10-03 16:00 - 00030208 ____A C:\Users\Lanre\Downloads\GWS1_int_2012_Rev_Rep1_x.xls
    2012-10-02 15:23 - 2012-10-02 15:23 - 00745430 ____A C:\Users\Lanre\Downloads\labs45_wernflow.zip
    2012-10-01 14:07 - 2012-10-01 14:07 - 00012260 ____A C:\Users\Lanre\Downloads\EASC8772_2012_1_students(1).xlsx
    2012-10-01 13:50 - 2012-10-01 13:50 - 00013012 ____A C:\Users\Lanre\Downloads\EASC8772_2012_2_students.xlsx
    2012-09-29 00:20 - 2012-09-29 05:24 - 3861460992 ____A C:\Users\Lanre\Downloads\en_windows_vista_sp2_x64_dvd_342267.iso
    2012-09-28 23:31 - 2012-09-29 00:06 - 761789904 ____A (Microsoft Corporation) C:\Users\Lanre\Downloads\Windows6.0-KB936330-X64-wave0.exe
    2012-09-28 23:29 - 2012-09-29 00:01 - 605410472 ____A (Microsoft Corporation) C:\Users\Lanre\Downloads\Windows6.0-KB948465-X64.exe
    2012-09-28 23:09 - 2012-09-28 23:19 - 00000000 ____D C:\Users\Lanre\Downloads\Vista CD
    2012-09-28 22:56 - 2012-09-28 22:56 - 00000000 ____D C:\Program Files\Windows Imaging
    2012-09-28 22:54 - 2012-09-28 22:56 - 00000000 ____D C:\Program Files\Windows AIK
    2012-09-28 18:19 - 2012-09-28 18:19 - 00294248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\VMM.sys
    2012-09-28 18:06 - 2012-09-28 18:08 - 3970760704 ____A C:\Users\Lanre\Desktop\Vista3.iso
    2012-09-28 18:01 - 2012-09-28 18:01 - 00000000 ____D C:\Users\Lanre\AppData\Roaming\ImgBurn
    2012-09-28 17:56 - 2012-09-28 17:58 - 3970760704 ____A C:\Users\Lanre\Desktop\Vista2.iso
    2012-09-28 17:51 - 2012-09-28 17:51 - 00000000 ____D C:\Users\Lanre\Downloads\Vista
    2012-09-28 17:22 - 2012-09-28 17:25 - 3970760704 ____A C:\Users\Lanre\Desktop\Vista1.iso
    2012-09-28 16:59 - 2012-09-28 17:50 - 3587141686 ____A C:\Users\Lanre\Downloads\install.wim
    2012-09-28 16:58 - 2012-09-28 17:02 - 151404499 ____A C:\Users\Lanre\Downloads\boot.wim
    2012-09-28 16:58 - 2012-09-28 17:01 - 92002320 ____A (Microsoft Corporation) C:\Users\Lanre\Downloads\X14-63453.exe
    2012-09-28 16:07 - 2012-09-28 16:09 - 3970760704 ____A C:\Users\Lanre\Desktop\Vista.iso
    2012-09-28 15:53 - 2012-09-28 15:53 - 00001869 ____A C:\Users\Public\Desktop\ImgBurn.lnk
    2012-09-28 15:53 - 2012-09-28 15:53 - 00000000 ____D C:\Program Files (x86)\ImgBurn
    2012-09-28 15:52 - 2012-09-28 15:52 - 06118990 ____A (LIGHTNING UK!) C:\Users\Lanre\Downloads\SetupImgBurn_2.5.7.0.exe
    2012-09-28 15:17 - 2012-09-28 15:28 - 3971102720 ____A C:\Vistax86.iso
    2012-09-28 15:11 - 2012-09-28 15:54 - 1442787328 ____A C:\Users\Lanre\Downloads\6001.18000.080118-1840-kb3aikl_en.iso
    2012-09-28 14:58 - 2012-09-29 06:05 - 00000000 ____D C:\Program Files (x86)\vLite
    2012-09-28 14:58 - 2012-09-28 14:58 - 00000967 ____A C:\Users\Lanre\Desktop\vLite.lnk
    2012-09-28 14:57 - 2012-09-28 14:57 - 01620715 ____A (Dino Nuhagic (nuhi) ) C:\Users\Lanre\Downloads\vLite-1.2.installer.exe
    2012-09-28 14:52 - 2012-09-28 14:52 - 00002048 ____A C:\Users\Lanre\Downloads\etfsboot.com
    2012-09-28 14:38 - 2012-09-28 14:38 - 00000000 ____D C:\Users\Lanre\AppData\Roaming\IDT
    2012-09-28 08:44 - 2012-09-28 08:44 - 00000000 ____D C:\Users\Lanre\Documents\My Virtual Machines
    2012-09-28 08:42 - 2012-09-28 08:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Virtual PC
    2012-09-28 08:40 - 2012-09-28 08:41 - 33381416 ____A (Microsoft Corporation) C:\Users\Lanre\Downloads\setup(1).exe
    2012-09-28 08:38 - 2012-09-28 08:39 - 31884672 ____A (Microsoft Corporation) C:\Users\Lanre\Desktop\microsoft_virtualpc_2007_setup.exe
    2012-09-28 08:37 - 2012-09-28 08:37 - 00373440 ____A (Softonic) C:\Users\Lanre\Downloads\SoftonicDownloader_for_microsoft-virtual-pc.exe
    2012-09-28 07:50 - 2012-09-28 07:50 - 00000000 ____D C:\Users\Lanre\Downloads\eicfg_removal_utility(1)
    2012-09-28 07:42 - 2012-09-28 07:42 - 00005347 ____A C:\Users\Lanre\Downloads\eicfg_removal_utility(1).zip
    2012-09-28 07:02 - 2012-09-28 07:02 - 00001011 ____A C:\Users\Public\Desktop\UltraISO.lnk
    2012-09-28 07:02 - 2012-09-28 07:02 - 00000000 ____D C:\Users\Lanre\Documents\My ISO Files
    2012-09-28 07:02 - 2012-09-28 07:02 - 00000000 ____D C:\Program Files (x86)\UltraISO
    2012-09-28 07:01 - 2012-09-28 07:02 - 04001621 ____A (EZB Systems, Inc. ) C:\Users\Lanre\Downloads\uiso9_pe.exe
    2012-09-28 06:37 - 2012-09-28 17:52 - 00001905 ____A C:\Windows\diagwrn.xml
    2012-09-28 06:37 - 2012-09-28 17:52 - 00001905 ____A C:\Windows\diagerr.xml
    2012-09-28 06:36 - 2012-09-28 15:10 - 00000000 ____D C:\Vista
    2012-09-28 06:33 - 2007-05-09 06:18 - 00110080 ____A C:\cdimage.EXE
    2012-09-28 06:32 - 2012-09-28 06:31 - 00049011 ____A C:\cdimage.zip
    2012-09-28 06:31 - 2012-09-28 06:31 - 00049011 ____A C:\Users\Lanre\Downloads\cdimage.zip
    2012-09-28 06:23 - 2012-09-28 07:42 - 00000000 ____D C:\CDIMAGE
    2012-09-28 06:11 - 2012-09-28 06:11 - 00897888 ____A C:\Users\Lanre\Downloads\ultraiso premium setup.exe
    2012-09-28 06:08 - 2012-09-28 06:08 - 00624728 ____A C:\CDIMAGE_GUI.exe
    2012-09-25 21:55 - 2012-09-25 21:55 - 00000819 ____A C:\Users\Lanre\Downloads\table.csv
    2012-09-23 22:23 - 2012-09-23 22:23 - 00011119 ____A C:\Users\Lanre\Downloads\WRPM Final exam mark_Larry.xlsx
    2012-09-23 15:00 - 2012-08-24 03:15 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2012-09-23 15:00 - 2012-08-24 02:39 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2012-09-23 15:00 - 2012-08-24 02:31 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2012-09-23 15:00 - 2012-08-24 02:22 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2012-09-23 15:00 - 2012-08-24 02:21 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2012-09-23 15:00 - 2012-08-24 02:20 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2012-09-23 15:00 - 2012-08-24 02:18 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2012-09-23 15:00 - 2012-08-24 02:17 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2012-09-23 15:00 - 2012-08-24 02:14 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2012-09-23 15:00 - 2012-08-24 02:14 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2012-09-23 15:00 - 2012-08-24 02:13 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2012-09-23 15:00 - 2012-08-24 02:12 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2012-09-23 15:00 - 2012-08-24 02:11 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2012-09-23 15:00 - 2012-08-24 02:10 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2012-09-23 15:00 - 2012-08-24 02:09 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2012-09-23 15:00 - 2012-08-24 02:04 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2012-09-23 15:00 - 2012-08-23 23:27 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2012-09-23 15:00 - 2012-08-23 23:03 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2012-09-23 15:00 - 2012-08-23 22:59 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2012-09-23 15:00 - 2012-08-23 22:51 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2012-09-23 15:00 - 2012-08-23 22:51 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2012-09-23 15:00 - 2012-08-23 22:51 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2012-09-23 15:00 - 2012-08-23 22:49 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2012-09-23 15:00 - 2012-08-23 22:48 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2012-09-23 15:00 - 2012-08-23 22:47 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2012-09-23 15:00 - 2012-08-23 22:47 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2012-09-23 15:00 - 2012-08-23 22:47 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2012-09-23 15:00 - 2012-08-23 22:45 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2012-09-23 15:00 - 2012-08-23 22:44 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2012-09-23 15:00 - 2012-08-23 22:44 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2012-09-23 15:00 - 2012-08-23 22:43 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2012-09-23 15:00 - 2012-08-23 22:40 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2012-09-20 23:32 - 2012-09-20 23:32 - 00037376 ____A C:\Users\Lanre\Downloads\GWS1_int_2012_x_x_x.xls
    2012-09-19 00:12 - 2012-09-19 00:12 - 00000000 ___SD C:\Users\Lanre\Documents\Chica Passwords
    2012-09-18 22:12 - 2012-09-18 22:13 - 02505217 ____A C:\Users\Lanre\Downloads\03-Darcys Law.pptx
    2012-09-18 18:03 - 2012-09-18 18:03 - 00662990 ____A C:\Users\Lanre\Downloads\schlumbg-lt.zip
    2012-09-18 18:03 - 2012-09-18 18:03 - 00000000 ____D C:\Program Files (x86)\SchlumBG
    2012-09-17 01:41 - 2012-09-17 02:22 - 3587141686 ____A C:\install.wim
    2012-09-16 15:40 - 2012-09-16 15:40 - 00005347 ____A C:\Users\Lanre\Downloads\eicfg_removal_utility.zip
    2012-09-16 15:38 - 2012-09-16 15:54 - 151404499 ____A C:\boot.wim
    2012-09-16 15:37 - 2012-09-16 15:47 - 92002320 ____A (Microsoft Corporation) C:\X14-63453.exe
    2012-09-14 20:45 - 2012-09-14 20:46 - 707133440 ____A C:\Users\Lanre\Downloads\WinLite.iso
    2012-09-14 20:38 - 2012-09-14 20:45 - 00000000 ____D C:\nlite XP
    2012-09-14 20:36 - 2012-09-14 20:46 - 00000000 ____D C:\Program Files (x86)\nLite
    2012-09-14 20:36 - 2012-09-14 20:36 - 00000000 ____D C:\Program Files (x86)\PDFCreator
    2012-09-14 20:36 - 2005-03-11 06:37 - 00087040 ____A C:\Windows\System32\pdfcmnnt.dll
    2012-09-14 20:36 - 1998-07-05 06:30 - 00023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
    2012-09-14 20:36 - 1998-06-23 06:30 - 00137000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
    2012-09-14 20:35 - 2012-09-14 20:36 - 02665796 ____A (Dino Nuhagic (nuhi) ) C:\Users\Lanre\Downloads\nLite-1.4.9.1.installer.exe
    2012-09-14 20:34 - 2012-10-10 10:57 - 00000000 ____D C:\Program Files (x86)\PriceGong
    2012-09-14 20:34 - 2012-09-14 20:34 - 00000000 ____D C:\Program Files (x86)\ChicaLogic
    2012-09-14 20:33 - 2012-10-09 20:12 - 00487129 ____A C:\alotserviceruntime.log
    2012-09-14 20:33 - 2012-09-14 20:33 - 00013896 ____A C:\INSTALLHELPER.LOG
    2012-09-14 20:33 - 2012-09-14 20:33 - 00000000 ____D C:\Program Files (x86)\Yontoo
    2012-09-14 20:33 - 2012-09-14 20:33 - 00000000 ____D C:\Program Files (x86)\alotappbar
    2012-09-14 15:34 - 2012-09-14 15:34 - 16829488 ____A C:\Users\Lanre\Downloads\second part.cdr
    2012-09-14 15:34 - 2012-09-14 15:34 - 16126094 ____A C:\Users\Lanre\Downloads\first part.cdr
    2012-09-13 04:09 - 2012-09-13 04:09 - 00039632 ____A C:\Users\Lanre\Downloads\Edge FOH Team Availability Sept & Oct 2012.xlsx
    2012-09-12 14:58 - 2012-08-22 10:12 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
    2012-09-12 14:58 - 2012-08-22 10:12 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
    2012-09-12 14:58 - 2012-08-22 10:12 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
    2012-09-11 19:56 - 2012-09-11 19:56 - 00036352 ____A C:\Users\Lanre\Downloads\GWS1_int_2012_x.xls
    2012-09-11 14:52 - 2012-09-11 14:52 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2012-09-11 14:52 - 2012-09-11 14:52 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2012-09-11 14:52 - 2012-09-11 14:52 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2012-09-10 19:29 - 2012-09-10 19:29 - 00034816 ____A C:\Users\Lanre\Downloads\GWS1_int_2012.xls

    ==================== 3 Months Modified Files ==================
    2012-10-10 06:02 - 2012-10-10 06:02 - 02957840 ____A (Symantec Corporation) C:\NPE.exe
    2012-10-09 21:16 - 2011-09-26 20:13 - 01470695 ____A C:\Windows\WindowsUpdate.log
    2012-10-09 21:12 - 2010-11-20 19:47 - 00010548 ____A C:\Windows\PFRO.log
    2012-10-09 20:30 - 2009-07-13 21:13 - 00713888 ____A C:\Windows\System32\PerfStringBackup.INI
    2012-10-09 20:24 - 2012-07-29 06:27 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2012-10-09 20:12 - 2012-09-14 20:33 - 00487129 ____A C:\alotserviceruntime.log
    2012-10-09 20:12 - 2012-07-29 06:27 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2012-10-09 20:12 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2012-10-09 20:12 - 2009-07-13 20:51 - 00001482 ____A C:\Windows\setupact.log
    2012-10-09 20:11 - 2012-10-09 20:27 - 04764951 ____R (Swearware) C:\Users\Lanre\Desktop\ComboFix.exe
    2012-10-07 18:46 - 2012-10-07 18:46 - 17197056 ____A C:\Users\Lanre\Downloads\Lecture_water_quality_2012(1).ppt
    2012-10-06 16:27 - 2012-07-24 15:10 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
    2012-10-06 16:15 - 2009-07-13 20:45 - 00032064 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2012-10-06 16:15 - 2009-07-13 20:45 - 00032064 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2012-10-05 23:02 - 2012-06-29 04:25 - 00000332 ____A C:\Windows\Tasks\HPCeeScheduleForLanre.job
    2012-10-03 16:00 - 2012-10-03 16:00 - 00030208 ____A C:\Users\Lanre\Downloads\GWS1_int_2012_Rev_Rep1_x.xls
    2012-10-03 14:18 - 2012-03-31 17:17 - 00002492 ____A C:\Users\Public\Desktop\Norton Internet Security.lnk
    2012-10-02 15:23 - 2012-10-02 15:23 - 00745430 ____A C:\Users\Lanre\Downloads\labs45_wernflow.zip
    2012-10-01 14:07 - 2012-10-01 14:07 - 00012260 ____A C:\Users\Lanre\Downloads\EASC8772_2012_1_students(1).xlsx
    2012-10-01 13:50 - 2012-10-01 13:50 - 00013012 ____A C:\Users\Lanre\Downloads\EASC8772_2012_2_students.xlsx
    2012-09-29 05:24 - 2012-09-29 00:20 - 3861460992 ____A C:\Users\Lanre\Downloads\en_windows_vista_sp2_x64_dvd_342267.iso
    2012-09-29 00:06 - 2012-09-28 23:31 - 761789904 ____A (Microsoft Corporation) C:\Users\Lanre\Downloads\Windows6.0-KB936330-X64-wave0.exe
    2012-09-29 00:01 - 2012-09-28 23:29 - 605410472 ____A (Microsoft Corporation) C:\Users\Lanre\Downloads\Windows6.0-KB948465-X64.exe
    2012-09-28 18:19 - 2012-09-28 18:19 - 00294248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\VMM.sys
    2012-09-28 18:08 - 2012-09-28 18:06 - 3970760704 ____A C:\Users\Lanre\Desktop\Vista3.iso
    2012-09-28 17:58 - 2012-09-28 17:56 - 3970760704 ____A C:\Users\Lanre\Desktop\Vista2.iso
    2012-09-28 17:52 - 2012-09-28 06:37 - 00001905 ____A C:\Windows\diagwrn.xml
    2012-09-28 17:52 - 2012-09-28 06:37 - 00001905 ____A C:\Windows\diagerr.xml
    2012-09-28 17:51 - 2009-07-13 20:51 - 00000000 ____A C:\Windows\setuperr.log
    2012-09-28 17:50 - 2012-09-28 16:59 - 3587141686 ____A C:\Users\Lanre\Downloads\install.wim
    2012-09-28 17:25 - 2012-09-28 17:22 - 3970760704 ____A C:\Users\Lanre\Desktop\Vista1.iso
    2012-09-28 17:02 - 2012-09-28 16:58 - 151404499 ____A C:\Users\Lanre\Downloads\boot.wim
    2012-09-28 17:01 - 2012-09-28 16:58 - 92002320 ____A (Microsoft Corporation) C:\Users\Lanre\Downloads\X14-63453.exe
    2012-09-28 16:09 - 2012-09-28 16:07 - 3970760704 ____A C:\Users\Lanre\Desktop\Vista.iso
    2012-09-28 15:54 - 2012-09-28 15:11 - 1442787328 ____A C:\Users\Lanre\Downloads\6001.18000.080118-1840-kb3aikl_en.iso
    2012-09-28 15:53 - 2012-09-28 15:53 - 00001869 ____A C:\Users\Public\Desktop\ImgBurn.lnk
    2012-09-28 15:52 - 2012-09-28 15:52 - 06118990 ____A (LIGHTNING UK!) C:\Users\Lanre\Downloads\SetupImgBurn_2.5.7.0.exe
    2012-09-28 15:28 - 2012-09-28 15:17 - 3971102720 ____A C:\Vistax86.iso
    2012-09-28 14:58 - 2012-09-28 14:58 - 00000967 ____A C:\Users\Lanre\Desktop\vLite.lnk
    2012-09-28 14:57 - 2012-09-28 14:57 - 01620715 ____A (Dino Nuhagic (nuhi) ) C:\Users\Lanre\Downloads\vLite-1.2.installer.exe
    2012-09-28 14:52 - 2012-09-28 14:52 - 00002048 ____A C:\Users\Lanre\Downloads\etfsboot.com
    2012-09-28 08:41 - 2012-09-28 08:40 - 33381416 ____A (Microsoft Corporation) C:\Users\Lanre\Downloads\setup(1).exe
    2012-09-28 08:39 - 2012-09-28 08:38 - 31884672 ____A (Microsoft Corporation) C:\Users\Lanre\Desktop\microsoft_virtualpc_2007_setup.exe
    2012-09-28 08:37 - 2012-09-28 08:37 - 00373440 ____A (Softonic) C:\Users\Lanre\Downloads\SoftonicDownloader_for_microsoft-virtual-pc.exe
    2012-09-28 07:42 - 2012-09-28 07:42 - 00005347 ____A C:\Users\Lanre\Downloads\eicfg_removal_utility(1).zip
    2012-09-28 07:02 - 2012-09-28 07:02 - 00001011 ____A C:\Users\Public\Desktop\UltraISO.lnk
    2012-09-28 07:02 - 2012-09-28 07:01 - 04001621 ____A (EZB Systems, Inc. ) C:\Users\Lanre\Downloads\uiso9_pe.exe
    2012-09-28 06:31 - 2012-09-28 06:32 - 00049011 ____A C:\cdimage.zip
    2012-09-28 06:31 - 2012-09-28 06:31 - 00049011 ____A C:\Users\Lanre\Downloads\cdimage.zip
    2012-09-28 06:11 - 2012-09-28 06:11 - 00897888 ____A C:\Users\Lanre\Downloads\ultraiso premium setup.exe
    2012-09-28 06:08 - 2012-09-28 06:08 - 00624728 ____A C:\CDIMAGE_GUI.exe
    2012-09-25 21:55 - 2012-09-25 21:55 - 00000819 ____A C:\Users\Lanre\Downloads\table.csv
    2012-09-23 22:23 - 2012-09-23 22:23 - 00011119 ____A C:\Users\Lanre\Downloads\WRPM Final exam mark_Larry.xlsx
    2012-09-20 23:32 - 2012-09-20 23:32 - 00037376 ____A C:\Users\Lanre\Downloads\GWS1_int_2012_x_x_x.xls
    2012-09-18 22:13 - 2012-09-18 22:12 - 02505217 ____A C:\Users\Lanre\Downloads\03-Darcys Law.pptx
    2012-09-18 18:03 - 2012-09-18 18:03 - 00662990 ____A C:\Users\Lanre\Downloads\schlumbg-lt.zip
    2012-09-17 02:22 - 2012-09-17 01:41 - 3587141686 ____A C:\install.wim
    2012-09-16 15:54 - 2012-09-16 15:38 - 151404499 ____A C:\boot.wim
    2012-09-16 15:47 - 2012-09-16 15:37 - 92002320 ____A (Microsoft Corporation) C:\X14-63453.exe
    2012-09-16 15:40 - 2012-09-16 15:40 - 00005347 ____A C:\Users\Lanre\Downloads\eicfg_removal_utility.zip
    2012-09-14 20:46 - 2012-09-14 20:45 - 707133440 ____A C:\Users\Lanre\Downloads\WinLite.iso
    2012-09-14 20:36 - 2012-09-14 20:35 - 02665796 ____A (Dino Nuhagic (nuhi) ) C:\Users\Lanre\Downloads\nLite-1.4.9.1.installer.exe
    2012-09-14 20:33 - 2012-09-14 20:33 - 00013896 ____A C:\INSTALLHELPER.LOG
    2012-09-14 15:34 - 2012-09-14 15:34 - 16829488 ____A C:\Users\Lanre\Downloads\second part.cdr
    2012-09-14 15:34 - 2012-09-14 15:34 - 16126094 ____A C:\Users\Lanre\Downloads\first part.cdr
    2012-09-13 14:23 - 2012-05-03 05:31 - 00000173 ____A C:\Users\Lanre\AppData\Local\msmathematics.qat.Lanre
    2012-09-13 14:05 - 2012-04-22 19:07 - 64462936 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2012-09-13 04:09 - 2012-09-13 04:09 - 00039632 ____A C:\Users\Lanre\Downloads\Edge FOH Team Availability Sept & Oct 2012.xlsx
    2012-09-12 17:14 - 2012-08-19 16:27 - 00012368 ____H C:\Users\Lanre\Desktop\~WRL3138.tmp
    2012-09-11 19:56 - 2012-09-11 19:56 - 00036352 ____A C:\Users\Lanre\Downloads\GWS1_int_2012_x.xls
    2012-09-11 15:06 - 2012-09-05 19:31 - 00945152 ____H C:\Users\Lanre\Downloads\~WRL2520.tmp
    2012-09-11 14:52 - 2012-09-11 14:52 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2012-09-11 14:52 - 2012-09-11 14:52 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2012-09-11 14:52 - 2012-09-11 14:52 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2012-09-10 19:29 - 2012-09-10 19:29 - 00034816 ____A C:\Users\Lanre\Downloads\GWS1_int_2012.xls
    2012-09-05 19:31 - 2012-09-05 19:31 - 00843264 ____H C:\Users\Lanre\Downloads\~WRL1188.tmp
    2012-09-01 22:32 - 2012-09-01 22:32 - 00057856 ____H C:\Users\Lanre\Downloads\~WRL1806.tmp
    2012-09-01 00:54 - 2012-08-31 17:14 - 00042496 ____A C:\Users\Lanre\Downloads\T5_data.xls
    2012-08-31 19:00 - 2012-08-31 19:00 - 00002368 ____A C:\{A73876E3-2C15-48A9-92DF-237D6C17C2BB}
    2012-08-30 04:10 - 2012-08-30 04:10 - 00120195 ____A C:\Users\Lanre\Downloads\fwconferencecateringinformationandcallforhelp.zip
    2012-08-28 15:02 - 2012-08-28 15:02 - 00012943 ____H C:\Users\Lanre\Downloads\~WRL2766.tmp
    2012-08-27 16:00 - 2012-08-27 16:00 - 00001012 ____A C:\Users\Lanre\Downloads\Average_Water_Use_Per_Person_Per_Day.csv
    2012-08-26 18:09 - 2012-08-26 18:09 - 00376368 ____A C:\Users\Lanre\Downloads\LEICA.ERDAS.IMAGINE.V9.1.crack.iza.zip
    2012-08-26 18:08 - 2012-08-26 18:08 - 00322254 ____A C:\Users\Lanre\Downloads\5de6d729fe1f.rar
    2012-08-26 17:57 - 2012-08-26 17:57 - 00000000 ____A C:\Users\Lanre\imagine_history_082712_112757.txt
    2012-08-26 17:56 - 2012-08-26 17:56 - 00000000 ____A C:\Users\Lanre\imagine_history_082712_112608.txt
    2012-08-26 05:37 - 2012-08-26 05:37 - 00000000 ____A C:\Users\Lanre\imagine_history_082612_230737.txt
    2012-08-26 05:36 - 2012-08-26 05:36 - 00000000 ____A C:\Users\Lanre\imagine_history_082612_230625.txt
    2012-08-25 00:36 - 2012-08-24 23:57 - 18776150 ____A C:\Users\Lanre\Downloads\eRecovery Management v3.0.3007.zip
    2012-08-25 00:00 - 2012-08-24 23:55 - 03039811 ____A C:\Users\Lanre\Downloads\v1.14.zip
    2012-08-24 23:29 - 2012-08-24 23:29 - 01639345 ____A C:\Users\Lanre\Downloads\cleanwipe.zip
    2012-08-24 23:17 - 2012-08-24 23:16 - 01723647 ____A (Symantec Corporation) C:\Users\Lanre\Downloads\NoNav2.49.exe
    2012-08-24 21:46 - 2012-08-24 21:46 - 00920096 ____A C:\Users\Lanre\Downloads\Norton_Removal_Tool.exe
    2012-08-24 03:15 - 2012-09-23 15:00 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2012-08-24 02:39 - 2012-09-23 15:00 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2012-08-24 02:31 - 2012-09-23 15:00 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2012-08-24 02:22 - 2012-09-23 15:00 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2012-08-24 02:21 - 2012-09-23 15:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2012-08-24 02:20 - 2012-09-23 15:00 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2012-08-24 02:18 - 2012-09-23 15:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2012-08-24 02:17 - 2012-09-23 15:00 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2012-08-24 02:14 - 2012-09-23 15:00 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2012-08-24 02:14 - 2012-09-23 15:00 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2012-08-24 02:13 - 2012-09-23 15:00 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2012-08-24 02:12 - 2012-09-23 15:00 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2012-08-24 02:11 - 2012-09-23 15:00 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2012-08-24 02:10 - 2012-09-23 15:00 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2012-08-24 02:09 - 2012-09-23 15:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2012-08-24 02:04 - 2012-09-23 15:00 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2012-08-23 23:27 - 2012-09-23 15:00 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2012-08-23 23:03 - 2012-09-23 15:00 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2012-08-23 22:59 - 2012-09-23 15:00 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2012-08-23 22:53 - 2012-08-23 22:53 - 00001152 ____A C:\Users\Public\Desktop\RosettaStoneVersion3.exe.lnk
    2012-08-23 22:51 - 2012-09-23 15:00 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2012-08-23 22:51 - 2012-09-23 15:00 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2012-08-23 22:51 - 2012-09-23 15:00 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2012-08-23 22:49 - 2012-09-23 15:00 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2012-08-23 22:48 - 2012-09-23 15:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2012-08-23 22:47 - 2012-09-23 15:00 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2012-08-23 22:47 - 2012-09-23 15:00 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2012-08-23 22:47 - 2012-09-23 15:00 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2012-08-23 22:45 - 2012-09-23 15:00 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2012-08-23 22:44 - 2012-09-23 15:00 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2012-08-23 22:44 - 2012-09-23 15:00 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2012-08-23 22:43 - 2012-09-23 15:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2012-08-23 22:40 - 2012-09-23 15:00 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2012-08-23 00:12 - 2012-04-02 05:55 - 00696520 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2012-08-23 00:12 - 2012-04-02 05:55 - 00073416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2012-08-22 10:12 - 2012-09-12 14:58 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
    2012-08-22 10:12 - 2012-09-12 14:58 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
    2012-08-22 10:12 - 2012-09-12 14:58 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
    2012-08-22 01:47 - 2012-08-22 01:47 - 00012260 ____A C:\Users\Lanre\Downloads\EASC8772_2012_1_students.xlsx
    2012-08-21 19:15 - 2012-08-21 19:15 - 02983124 ____A C:\Users\Lanre\Downloads\%5bMwrm_2012%5d_%5bSotE-all-students%5d_FW%3a_Australian_Geographic%9BayerBoost_Scholarship.zip
    2012-08-21 17:04 - 2012-08-21 17:04 - 00001845 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
    2012-08-21 17:00 - 2012-08-21 16:59 - 39483256 ____A (Apple Inc.) C:\Users\Lanre\Downloads\QuickTimeInstaller.exe
    2012-08-21 00:58 - 2012-08-21 00:40 - 545927168 ____A C:\Users\Lanre\Downloads\Erdas Imagine v9.1 - Rise.iso
    2012-08-20 18:09 - 2012-08-20 18:08 - 20001873 ____A C:\Users\Lanre\Downloads\Desktop.zip
    2012-08-19 16:33 - 2012-06-18 20:39 - 00044544 ____H C:\Users\Lanre\Desktop\~WRL0593.tmp
    2012-08-18 01:24 - 2012-08-18 01:24 - 00048128 ____A C:\Users\Lanre\Downloads\tutorial3_data_x(1).xls
    2012-08-18 00:33 - 2012-08-18 00:33 - 00028160 ____A C:\Users\Lanre\Downloads\GWS1_tute2_2012.xls
    2012-08-16 07:02 - 2009-07-13 20:45 - 00415072 ____A C:\Windows\System32\FNTCACHE.DAT
    2012-08-15 16:29 - 2012-08-15 16:29 - 00028160 ____A C:\Users\Lanre\Downloads\GWS1_tute1_2012_students_x.xls
    2012-08-14 21:05 - 2012-08-14 21:05 - 00262144 ____A C:\Windows\Minidump\081512-25209-01.dmp
    2012-08-14 21:05 - 2012-04-21 04:50 - 567488583 ____A C:\Windows\MEMORY.DMP
    2012-08-11 22:09 - 2012-08-11 22:09 - 02029753 ____A C:\Users\Lanre\Downloads\Soil_hydrology_JLH2(1).pptx
    2012-08-11 22:09 - 2012-08-11 22:09 - 00000165 ___AH C:\Users\Lanre\Downloads\~$Soil_hydrology_JLH2(1).pptx
    2012-08-10 04:40 - 2012-08-10 04:37 - 00048128 ____A C:\Users\Lanre\Downloads\tutorial3_data_x.xls
    2012-08-10 04:36 - 2012-08-10 04:36 - 02029753 ____A C:\Users\Lanre\Downloads\Soil_hydrology_JLH2.pptx
    2012-08-07 14:51 - 2012-08-07 14:51 - 00042496 ____A C:\Users\Lanre\Downloads\tutorial2_data_x.xls
    2012-07-30 21:40 - 2012-07-30 21:40 - 00009771 ____A C:\Users\Lanre\Downloads\alkalinity.xlsx
    2012-07-29 17:55 - 2012-07-29 17:55 - 00009480 ____A C:\Users\Lanre\Downloads\SCcations2July 2012.xlsx
    2012-07-29 06:28 - 2012-07-29 06:28 - 00002212 ____A C:\Users\Public\Desktop\Google Earth.lnk
    2012-07-29 06:27 - 2012-07-29 06:27 - 00739824 ____A (Google Inc.) C:\Users\Lanre\Downloads\GoogleEarthSetup.exe
    2012-07-29 06:01 - 2012-07-29 06:01 - 00910534 ____A C:\Users\Lanre\Downloads\1306_grass_ppt.zip
    2012-07-29 00:40 - 2012-07-28 07:19 - 00000024 ____A C:\Users\Lanre\AppData\Local\hkmuovcc.log
    2012-07-29 00:32 - 2012-07-28 07:20 - 00170868 ____A C:\Users\Lanre\AppData\Local\jxjbidms.log
    2012-07-29 00:26 - 2011-09-26 20:22 - 00175736 ____A (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT64x86.SYS
    2012-07-29 00:26 - 2011-09-26 20:22 - 00007488 ____A C:\Windows\System32\Drivers\SYMEVENT64x86.CAT
    2012-07-28 07:27 - 2012-07-28 07:22 - 00000000 ____A C:\Users\Lanre\AppData\Local\fyyqdsar.log
    2012-07-28 07:21 - 2012-07-28 07:21 - 00135507 ____A C:\Users\Lanre\AppData\Local\vsevukrv.log
    2012-07-28 07:21 - 2012-07-28 07:21 - 00003890 ____A C:\Users\Lanre\AppData\Local\ahwlatot.log
    2012-07-28 07:21 - 2012-07-28 07:21 - 00002865 ____A C:\Users\Lanre\AppData\Local\tanyilns.log
    2012-07-28 07:20 - 2012-07-28 07:20 - 00004048 ____A C:\Users\Lanre\AppData\Local\mpvqsijq.log
    2012-07-28 07:20 - 2012-07-28 07:20 - 00000000 ____A C:\Users\Lanre\AppData\Local\jpxhbyun.log
    2012-07-28 07:20 - 2012-07-28 07:20 - 00000000 ____A C:\Users\Lanre\AppData\Local\dkpsrtks.log
    2012-07-28 07:20 - 2012-07-28 07:19 - 00440304 ____A C:\Users\Lanre\AppData\Local\ibtikvjc.log
    2012-07-28 07:12 - 2012-07-28 07:12 - 00124469 ____A C:\Users\Lanre\Downloads\GetSPC(1).zip
    2012-07-28 07:07 - 2012-07-28 07:07 - 00124469 ____A C:\Users\Lanre\Downloads\GetSPC.zip
    2012-07-28 07:04 - 2012-07-28 07:04 - 00122967 ____A C:\Users\Lanre\Downloads\MSL Generator.zip
    2012-07-27 01:24 - 2012-04-28 02:53 - 00007597 ____A C:\Users\Lanre\AppData\Local\Resmon.ResmonCfg
    2012-07-27 01:16 - 2012-07-26 18:57 - 00009546 ____A C:\Users\Lanre\Desktop\New Microsoft Office Excel Worksheet (2).xlsx
    2012-07-25 16:33 - 2012-07-25 16:30 - 44314754 ____A C:\Users\Lanre\Downloads\pm8031_setup.exe
    2012-07-24 17:07 - 2012-07-24 17:07 - 00000852 ____A C:\Users\Lanre\Downloads\%5bWarm8791_2012%5d_%5bSotE-masters%5d_%5bSotE-all-students%5d_FW%3a_Help_with%9Research_-_1st%9Year_Students.zip
    2012-07-24 16:15 - 2012-07-24 16:15 - 00004096 ___AH C:\Users\Lanre\AppData\Local\keyfile3.drm
    2012-07-24 14:55 - 2012-07-24 14:55 - 00000165 ___AH C:\Users\Lanre\Desktop\~$New Microsoft Office Excel Worksheet.xlsx
    2012-07-24 14:52 - 2012-07-24 14:52 - 00000165 ___AH C:\Users\Lanre\Desktop\~$Book3.xlsx
    2012-07-23 19:01 - 2012-07-22 20:31 - 00016750 ____A C:\Users\Lanre\Desktop\Book3.xlsx
    2012-07-22 21:09 - 2012-07-22 20:33 - 00016743 ____A C:\Users\Lanre\Desktop\New Microsoft Office Excel Worksheet.xlsx
    2012-07-20 05:11 - 2012-07-20 05:10 - 00002448 ____N C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
    2012-07-20 04:39 - 2012-04-13 03:45 - 00000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
    2012-07-20 04:39 - 2012-03-30 04:13 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log
    2012-07-19 19:14 - 2012-07-19 19:14 - 08430640 ____A C:\Users\Lanre\Downloads\rorbwin_v615.exe
    2012-07-19 18:32 - 2012-07-19 18:32 - 00408295 ____A C:\Users\Lanre\Downloads\73 Free Designer Quality Excel Chart Templates.zip
    2012-07-19 17:18 - 2012-07-19 17:18 - 00010732 ____A C:\Users\Lanre\Downloads\piezo data.xlsx
    2012-07-19 16:56 - 2012-07-19 16:55 - 06238029 ____A C:\Users\Lanre\Downloads\officetimeline2010.zip
    2012-07-19 16:48 - 2012-07-19 16:48 - 03076096 ____A C:\Users\Lanre\Downloads\SearchCommandsSetup.msi
    2012-07-19 16:47 - 2012-07-19 16:47 - 03941888 ____A C:\Users\Lanre\Downloads\pptPlexSetup.msi
    2012-07-18 21:45 - 2012-07-18 21:45 - 00008729 ____A C:\Users\Lanre\Downloads\boscastle.xlsx
    2012-07-18 10:15 - 2012-08-14 14:13 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2012-07-16 16:46 - 2012-07-16 16:46 - 00010174 ____A C:\Users\Lanre\Downloads\SCcationJuly.xlsx
    2012-07-15 20:00 - 2011-08-22 10:22 - 00000578 ____A C:\Windows\DirectX.log
    ==================== Known DLLs (Whitelisted) =================

    ==================== Bamital & volsnap Check =================
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
    ==================== EXE ASSOCIATION =====================
    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK
    ==================== Restore Points =========================
    Restore point made on: 2012-10-06 17:01:53
    Restore point made on: 2012-10-09 03:45:54
    Restore point made on: 2012-10-09 05:44:38
    ==================== Memory info ===========================
    Percentage of memory in use: 19%
    Total physical RAM: 4043.86 MB
    Available physical RAM: 3258 MB
    Total Pagefile: 4042.01 MB
    Available Pagefile: 3250.75 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.91 MB
    ==================== Partitions =============================
    1 Drive c: () (Fixed) (Total:581.62 GB) (Free:397.85 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    2 Drive e: (RECOVERY) (Fixed) (Total:14.26 GB) (Free:1.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    3 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32
    5 Drive h: (Transcend) (Removable) (Total:7.46 GB) (Free:1.18 GB) FAT32
    6 Drive x: (Boot) (Fixed) (Total:0.25 GB) (Free:0.25 GB) NTFS
    7 Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 596 GB 0 B
    Disk 1 Online 7660 MB 0 B
    Partitions of Disk 0:
    ===============
    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 199 MB 1024 KB
    Partition 2 Primary 581 GB 200 MB
    Partition 3 Primary 14 GB 581 GB
    Partition 4 Primary 103 MB 596 GB
    ==================================================================================
    Disk: 0
    Partition 1
    Type : 07
    Hidden: No
    Active: Yes
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 1 Y SYSTEM NTFS Partition 199 MB Healthy
    =========================================================
    Disk: 0
    Partition 2
    Type : 07
    Hidden: No
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 C NTFS Partition 581 GB Healthy
    =========================================================
    Disk: 0
    Partition 3
    Type : 07
    Hidden: No
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 E RECOVERY NTFS Partition 14 GB Healthy
    =========================================================
    Disk: 0
    Partition 4
    Type : 0C
    Hidden: No
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 4 F HP_TOOLS FAT32 Partition 103 MB Healthy
    =========================================================
    Partitions of Disk 1:
    ===============
    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 7656 MB 4096 KB
    ==================================================================================
    Disk: 1
    Partition 1
    Type : 0B
    Hidden: No
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 5 H Transcend FAT32 Removable 7656 MB Healthy
    =========================================================
    Last Boot: 2012-10-06 19:57
    ==================== End Of Log =============================Farbar Recovery Scan Tool (x64) Version: 07-10-2012
    Ran by SYSTEM at 2012-10-10 16:02:34
    Running from H:\
    ================== Search: "services.exe" ===================
    C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
    [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
    C:\Windows\System32\services.exe
    [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
    ====== End Of Search ======
     
  2. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Hello, and welcome to TechSpot.


    [​IMG] Please see here for the board rules and other FAQ.

    Please feel free to introduce yourself, after you follow the steps below to get started.

    Information
    • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
    • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
    • If you have already asked for help somewhere, please post the link to the topic you were helped.
    • We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
    • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

    FRST Fixlist

    Please run the following:

    Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

    NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

    Now, please enter System Recovery Options then select Command Prompt.

    Run FRST and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

    Now restart, let it boot normally and tell me how it went.
     
  3. larry32

    larry32 TS Rookie Topic Starter

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-10-2012
    Ran by SYSTEM at 2012-10-11 19:14:00 Run:1
    Running from H:\

    ==============================================

    Printer Control service deleted successfully.
    i2p service deleted successfully.

    ==== End of Fixlog ====
     
  4. larry32

    larry32 TS Rookie Topic Starter

    Dragonmaster jay, I am sorry it took so long to reply, I actually missed your post somehow till about an hour ago. anyway. I did what you said I should but it still gives the "windows has encountered a critical error" thing and restarts after a minute or two. I have posted the fixlog.txt above. thanks. waiting for your reply.
     
  5. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Please run FRST for another scan and post a new log.
     
  6. larry32

    larry32 TS Rookie Topic Starter

    Here is the log of the new scan you requested.




    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-10-2012
    Ran by SYSTEM at 12-10-2012 09:04:44
    Running from H:\
    Windows 7 Home Premium (X64) OS Language: English(US)
    The current controlset is ControlSet001
    ==================== Registry (Whitelisted) ===================
    HKLM-x32\...\Run: [] [x]
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    ==================== Services (Whitelisted) ===================
    2 AlotService; C:\Users\Lanre\AppData\LocalLow\alotservice\alotservice.exe [255880 2012-06-25] (Vertro Inc.)
    2 BTHSSecurityMgr; "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe" [134928 2011-04-20] (Intel(R) Corporation)
    2 ERDAS; C:\Program Files (x86)\Leica Geosystems\Shared\Bin\NTx86\lmgrd.exe [630272 2006-07-06] (Macrovision Corporation)
    3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-02-04] ()
    2 NitroDriverReadSpool2; "C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe" [216072 2012-05-15] (Nitro PDF Software)
    2 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [69640 2012-05-15] (Nalpeiron Ltd.)
    ==================== Drivers (Whitelisted) =====================
    1 ISODrive; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-28] (EZB Systems, Inc.)
    ==================== NetSvcs (Whitelisted) ====================

    ==================== One Month Created Files and Folders ========
    2012-10-10 14:30 - 2012-10-10 14:32 - 00000000 ___SD C:\ComboFix
    2012-10-10 14:24 - 2012-10-10 14:30 - 00000000 ___SD C:\32788R22FWJFW
    2012-10-10 14:24 - 2012-10-10 14:20 - 00866592 ____A C:\Users\Lanre\Desktop\Norton_Removal_Tool.exe
    2012-10-10 14:24 - 2012-10-09 20:20 - 00538327 ____A C:\Users\Lanre\Desktop\adwcleaner.exe
    2012-10-10 14:13 - 2012-10-10 14:13 - 00000000 ____D C:\FRST
    2012-10-10 09:35 - 2012-10-10 09:35 - 02322184 ____A (ESET) C:\esetsmartinstaller_enu.exe
    2012-10-10 06:02 - 2012-10-10 06:02 - 02957840 ____A (Symantec Corporation) C:\NPE.exe
    2012-10-10 03:19 - 2012-10-10 09:37 - 00000000 ___AD C:\Kaspersky Rescue Disk 10.0
    2012-10-09 21:00 - 2012-10-09 21:00 - 00000000 ____D C:\Qoobox
    2012-10-09 20:36 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe
    2012-10-09 20:36 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe
    2012-10-09 20:36 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
    2012-10-09 20:36 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
    2012-10-09 20:36 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
    2012-10-09 20:36 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe
    2012-10-09 20:36 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe
    2012-10-09 20:36 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe
    2012-10-09 20:28 - 2012-10-09 20:28 - 00000000 ____D C:\Windows\erdnt
    2012-10-09 20:27 - 2012-10-09 20:11 - 04764951 ___RA (Swearware) C:\Users\Lanre\Desktop\ComboFix.exe
    2012-10-09 06:36 - 2012-10-09 20:56 - 00000000 ____D C:\Windows\System32\%LOCALAPPDATA%
    2012-10-09 06:21 - 2012-10-09 06:27 - 00000000 ____D C:\Users\Lanre\AppData\Local\NPE
    2012-10-09 04:57 - 2012-10-09 04:57 - 00000000 ____D C:\Windows\SysWOW64\SeaPort
    2012-10-09 03:47 - 2012-10-09 03:47 - 00000000 ____D C:\Program Files\Symantec
    2012-10-09 03:46 - 2012-10-10 14:26 - 00000000 ____D C:\Program Files (x86)\Symantec
    2012-10-09 01:28 - 2012-10-09 01:28 - 00000000 ____D C:\Hewlett-Packard
    2012-10-07 18:46 - 2012-10-07 18:46 - 17197056 ____A C:\Users\Lanre\Downloads\Lecture_water_quality_2012(1).ppt
    2012-10-03 16:00 - 2012-10-03 16:00 - 00030208 ____A C:\Users\Lanre\Downloads\GWS1_int_2012_Rev_Rep1_x.xls
    2012-10-02 15:23 - 2012-10-02 15:23 - 00745430 ____A C:\Users\Lanre\Downloads\labs45_wernflow.zip
    2012-10-01 14:07 - 2012-10-01 14:07 - 00012260 ____A C:\Users\Lanre\Downloads\EASC8772_2012_1_students(1).xlsx
    2012-10-01 13:50 - 2012-10-01 13:50 - 00013012 ____A C:\Users\Lanre\Downloads\EASC8772_2012_2_students.xlsx
    2012-09-29 00:20 - 2012-09-29 05:24 - 3861460992 ____A C:\Users\Lanre\Downloads\en_windows_vista_sp2_x64_dvd_342267.iso
    2012-09-28 23:31 - 2012-09-29 00:06 - 761789904 ____A (Microsoft Corporation) C:\Users\Lanre\Downloads\Windows6.0-KB936330-X64-wave0.exe
    2012-09-28 23:29 - 2012-09-29 00:01 - 605410472 ____A (Microsoft Corporation) C:\Users\Lanre\Downloads\Windows6.0-KB948465-X64.exe
    2012-09-28 23:09 - 2012-09-28 23:19 - 00000000 ____D C:\Users\Lanre\Downloads\Vista CD
    2012-09-28 22:56 - 2012-09-28 22:56 - 00000000 ____D C:\Program Files\Windows Imaging
    2012-09-28 22:54 - 2012-09-28 22:56 - 00000000 ____D C:\Program Files\Windows AIK
    2012-09-28 18:19 - 2012-09-28 18:19 - 00294248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\VMM.sys
    2012-09-28 18:06 - 2012-09-28 18:08 - 3970760704 ____A C:\Users\Lanre\Desktop\Vista3.iso
    2012-09-28 18:01 - 2012-09-28 18:01 - 00000000 ____D C:\Users\Lanre\AppData\Roaming\ImgBurn
    2012-09-28 17:56 - 2012-09-28 17:58 - 3970760704 ____A C:\Users\Lanre\Desktop\Vista2.iso
    2012-09-28 17:51 - 2012-09-28 17:51 - 00000000 ____D C:\Users\Lanre\Downloads\Vista
    2012-09-28 17:22 - 2012-09-28 17:25 - 3970760704 ____A C:\Users\Lanre\Desktop\Vista1.iso
    2012-09-28 16:59 - 2012-09-28 17:50 - 3587141686 ____A C:\Users\Lanre\Downloads\install.wim
    2012-09-28 16:58 - 2012-09-28 17:02 - 151404499 ____A C:\Users\Lanre\Downloads\boot.wim
    2012-09-28 16:58 - 2012-09-28 17:01 - 92002320 ____A (Microsoft Corporation) C:\Users\Lanre\Downloads\X14-63453.exe
    2012-09-28 16:07 - 2012-09-28 16:09 - 3970760704 ____A C:\Users\Lanre\Desktop\Vista.iso
    2012-09-28 15:53 - 2012-09-28 15:53 - 00001869 ____A C:\Users\Public\Desktop\ImgBurn.lnk
    2012-09-28 15:53 - 2012-09-28 15:53 - 00000000 ____D C:\Program Files (x86)\ImgBurn
    2012-09-28 15:52 - 2012-09-28 15:52 - 06118990 ____A (LIGHTNING UK!) C:\Users\Lanre\Downloads\SetupImgBurn_2.5.7.0.exe
    2012-09-28 15:17 - 2012-09-28 15:28 - 3971102720 ____A C:\Vistax86.iso
    2012-09-28 15:11 - 2012-09-28 15:54 - 1442787328 ____A C:\Users\Lanre\Downloads\6001.18000.080118-1840-kb3aikl_en.iso
    2012-09-28 14:58 - 2012-09-29 06:05 - 00000000 ____D C:\Program Files (x86)\vLite
    2012-09-28 14:58 - 2012-09-28 14:58 - 00000967 ____A C:\Users\Lanre\Desktop\vLite.lnk
    2012-09-28 14:57 - 2012-09-28 14:57 - 01620715 ____A (Dino Nuhagic (nuhi) ) C:\Users\Lanre\Downloads\vLite-1.2.installer.exe
    2012-09-28 14:52 - 2012-09-28 14:52 - 00002048 ____A C:\Users\Lanre\Downloads\etfsboot.com
    2012-09-28 14:38 - 2012-09-28 14:38 - 00000000 ____D C:\Users\Lanre\AppData\Roaming\IDT
    2012-09-28 08:44 - 2012-09-28 08:44 - 00000000 ____D C:\Users\Lanre\Documents\My Virtual Machines
    2012-09-28 08:42 - 2012-09-28 08:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Virtual PC
    2012-09-28 08:40 - 2012-09-28 08:41 - 33381416 ____A (Microsoft Corporation) C:\Users\Lanre\Downloads\setup(1).exe
    2012-09-28 08:38 - 2012-09-28 08:39 - 31884672 ____A (Microsoft Corporation) C:\Users\Lanre\Desktop\microsoft_virtualpc_2007_setup.exe
    2012-09-28 08:37 - 2012-09-28 08:37 - 00373440 ____A (Softonic) C:\Users\Lanre\Downloads\SoftonicDownloader_for_microsoft-virtual-pc.exe
    2012-09-28 07:50 - 2012-09-28 07:50 - 00000000 ____D C:\Users\Lanre\Downloads\eicfg_removal_utility(1)
    2012-09-28 07:42 - 2012-09-28 07:42 - 00005347 ____A C:\Users\Lanre\Downloads\eicfg_removal_utility(1).zip
    2012-09-28 07:02 - 2012-09-28 07:02 - 00001011 ____A C:\Users\Public\Desktop\UltraISO.lnk
    2012-09-28 07:02 - 2012-09-28 07:02 - 00000000 ____D C:\Users\Lanre\Documents\My ISO Files
    2012-09-28 07:02 - 2012-09-28 07:02 - 00000000 ____D C:\Program Files (x86)\UltraISO
    2012-09-28 07:01 - 2012-09-28 07:02 - 04001621 ____A (EZB Systems, Inc. ) C:\Users\Lanre\Downloads\uiso9_pe.exe
    2012-09-28 06:37 - 2012-09-28 17:52 - 00001905 ____A C:\Windows\diagwrn.xml
    2012-09-28 06:37 - 2012-09-28 17:52 - 00001905 ____A C:\Windows\diagerr.xml
    2012-09-28 06:36 - 2012-09-28 15:10 - 00000000 ____D C:\Vista
    2012-09-28 06:33 - 2007-05-09 06:18 - 00110080 ____A C:\cdimage.EXE
    2012-09-28 06:32 - 2012-09-28 06:31 - 00049011 ____A C:\cdimage.zip
    2012-09-28 06:31 - 2012-09-28 06:31 - 00049011 ____A C:\Users\Lanre\Downloads\cdimage.zip
    2012-09-28 06:23 - 2012-09-28 07:42 - 00000000 ____D C:\CDIMAGE
    2012-09-28 06:11 - 2012-09-28 06:11 - 00897888 ____A C:\Users\Lanre\Downloads\ultraiso premium setup.exe
    2012-09-28 06:08 - 2012-09-28 06:08 - 00624728 ____A C:\CDIMAGE_GUI.exe
    2012-09-25 21:55 - 2012-09-25 21:55 - 00000819 ____A C:\Users\Lanre\Downloads\table.csv
    2012-09-23 22:23 - 2012-09-23 22:23 - 00011119 ____A C:\Users\Lanre\Downloads\WRPM Final exam mark_Larry.xlsx
    2012-09-23 15:00 - 2012-08-24 03:15 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2012-09-23 15:00 - 2012-08-24 02:39 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2012-09-23 15:00 - 2012-08-24 02:31 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2012-09-23 15:00 - 2012-08-24 02:22 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2012-09-23 15:00 - 2012-08-24 02:21 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2012-09-23 15:00 - 2012-08-24 02:20 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2012-09-23 15:00 - 2012-08-24 02:18 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2012-09-23 15:00 - 2012-08-24 02:17 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2012-09-23 15:00 - 2012-08-24 02:14 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2012-09-23 15:00 - 2012-08-24 02:14 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2012-09-23 15:00 - 2012-08-24 02:13 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2012-09-23 15:00 - 2012-08-24 02:12 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2012-09-23 15:00 - 2012-08-24 02:11 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2012-09-23 15:00 - 2012-08-24 02:10 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2012-09-23 15:00 - 2012-08-24 02:09 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2012-09-23 15:00 - 2012-08-24 02:04 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2012-09-23 15:00 - 2012-08-23 23:27 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2012-09-23 15:00 - 2012-08-23 23:03 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2012-09-23 15:00 - 2012-08-23 22:59 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2012-09-23 15:00 - 2012-08-23 22:51 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2012-09-23 15:00 - 2012-08-23 22:51 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2012-09-23 15:00 - 2012-08-23 22:51 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2012-09-23 15:00 - 2012-08-23 22:49 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2012-09-23 15:00 - 2012-08-23 22:48 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2012-09-23 15:00 - 2012-08-23 22:47 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2012-09-23 15:00 - 2012-08-23 22:47 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2012-09-23 15:00 - 2012-08-23 22:47 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2012-09-23 15:00 - 2012-08-23 22:45 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2012-09-23 15:00 - 2012-08-23 22:44 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2012-09-23 15:00 - 2012-08-23 22:44 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2012-09-23 15:00 - 2012-08-23 22:43 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2012-09-23 15:00 - 2012-08-23 22:40 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2012-09-20 23:32 - 2012-09-20 23:32 - 00037376 ____A C:\Users\Lanre\Downloads\GWS1_int_2012_x_x_x.xls
    2012-09-19 00:12 - 2012-09-19 00:12 - 00000000 ___SD C:\Users\Lanre\Documents\Chica Passwords
    2012-09-18 22:12 - 2012-09-18 22:13 - 02505217 ____A C:\Users\Lanre\Downloads\03-Darcys Law.pptx
    2012-09-18 18:03 - 2012-09-18 18:03 - 00662990 ____A C:\Users\Lanre\Downloads\schlumbg-lt.zip
    2012-09-18 18:03 - 2012-09-18 18:03 - 00000000 ____D C:\Program Files (x86)\SchlumBG
    2012-09-17 01:41 - 2012-09-17 02:22 - 3587141686 ____A C:\install.wim
    2012-09-16 15:40 - 2012-09-16 15:40 - 00005347 ____A C:\Users\Lanre\Downloads\eicfg_removal_utility.zip
    2012-09-16 15:38 - 2012-09-16 15:54 - 151404499 ____A C:\boot.wim
    2012-09-16 15:37 - 2012-09-16 15:47 - 92002320 ____A (Microsoft Corporation) C:\X14-63453.exe
    2012-09-14 20:45 - 2012-09-14 20:46 - 707133440 ____A C:\Users\Lanre\Downloads\WinLite.iso
    2012-09-14 20:38 - 2012-09-14 20:45 - 00000000 ____D C:\nlite XP
    2012-09-14 20:36 - 2012-09-14 20:46 - 00000000 ____D C:\Program Files (x86)\nLite
    2012-09-14 20:36 - 2012-09-14 20:36 - 00000000 ____D C:\Program Files (x86)\PDFCreator
    2012-09-14 20:36 - 2005-03-11 06:37 - 00087040 ____A C:\Windows\System32\pdfcmnnt.dll
    2012-09-14 20:36 - 1998-07-05 06:30 - 00023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
    2012-09-14 20:36 - 1998-06-23 06:30 - 00137000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
    2012-09-14 20:35 - 2012-09-14 20:36 - 02665796 ____A (Dino Nuhagic (nuhi) ) C:\Users\Lanre\Downloads\nLite-1.4.9.1.installer.exe
    2012-09-14 20:34 - 2012-10-10 10:57 - 00000000 ____D C:\Program Files (x86)\PriceGong
    2012-09-14 20:34 - 2012-09-14 20:34 - 00000000 ____D C:\Program Files (x86)\ChicaLogic
    2012-09-14 20:33 - 2012-10-11 01:37 - 00545651 ____A C:\alotserviceruntime.log
    2012-09-14 20:33 - 2012-09-14 20:33 - 00013896 ____A C:\INSTALLHELPER.LOG
    2012-09-14 20:33 - 2012-09-14 20:33 - 00000000 ____D C:\Program Files (x86)\Yontoo
    2012-09-14 20:33 - 2012-09-14 20:33 - 00000000 ____D C:\Program Files (x86)\alotappbar
    2012-09-14 15:34 - 2012-09-14 15:34 - 16829488 ____A C:\Users\Lanre\Downloads\second part.cdr
    2012-09-14 15:34 - 2012-09-14 15:34 - 16126094 ____A C:\Users\Lanre\Downloads\first part.cdr
    2012-09-13 04:09 - 2012-09-13 04:09 - 00039632 ____A C:\Users\Lanre\Downloads\Edge FOH Team Availability Sept & Oct 2012.xlsx
    2012-09-12 14:58 - 2012-08-22 10:12 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
    2012-09-12 14:58 - 2012-08-22 10:12 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
    2012-09-12 14:58 - 2012-08-22 10:12 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS

    ==================== 3 Months Modified Files ==================
    2012-10-11 01:37 - 2012-09-14 20:33 - 00545651 ____A C:\alotserviceruntime.log
    2012-10-11 01:34 - 2009-07-13 21:13 - 00713888 ____A C:\Windows\System32\PerfStringBackup.INI
    2012-10-11 01:32 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2012-10-11 01:32 - 2009-07-13 20:51 - 00001818 ____A C:\Windows\setupact.log
    2012-10-11 01:31 - 2011-09-26 20:13 - 01504532 ____A C:\Windows\WindowsUpdate.log
    2012-10-11 01:24 - 2012-07-29 06:27 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2012-10-11 01:20 - 2012-07-29 06:27 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2012-10-10 14:33 - 2010-11-20 19:47 - 00011654 ____A C:\Windows\PFRO.log
    2012-10-10 14:20 - 2012-10-10 14:24 - 00866592 ____A C:\Users\Lanre\Desktop\Norton_Removal_Tool.exe
    2012-10-10 09:35 - 2012-10-10 09:35 - 02322184 ____A (ESET) C:\esetsmartinstaller_enu.exe
    2012-10-10 06:02 - 2012-10-10 06:02 - 02957840 ____A (Symantec Corporation) C:\NPE.exe
    2012-10-09 20:20 - 2012-10-10 14:24 - 00538327 ____A C:\Users\Lanre\Desktop\adwcleaner.exe
    2012-10-09 20:11 - 2012-10-09 20:27 - 04764951 ___RA (Swearware) C:\Users\Lanre\Desktop\ComboFix.exe
    2012-10-07 18:46 - 2012-10-07 18:46 - 17197056 ____A C:\Users\Lanre\Downloads\Lecture_water_quality_2012(1).ppt
    2012-10-06 16:27 - 2012-07-24 15:10 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
    2012-10-06 16:15 - 2009-07-13 20:45 - 00032064 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2012-10-06 16:15 - 2009-07-13 20:45 - 00032064 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2012-10-05 23:02 - 2012-06-29 04:25 - 00000332 ____A C:\Windows\Tasks\HPCeeScheduleForLanre.job
    2012-10-03 16:00 - 2012-10-03 16:00 - 00030208 ____A C:\Users\Lanre\Downloads\GWS1_int_2012_Rev_Rep1_x.xls
    2012-10-02 15:23 - 2012-10-02 15:23 - 00745430 ____A C:\Users\Lanre\Downloads\labs45_wernflow.zip
    2012-10-01 14:07 - 2012-10-01 14:07 - 00012260 ____A C:\Users\Lanre\Downloads\EASC8772_2012_1_students(1).xlsx
    2012-10-01 13:50 - 2012-10-01 13:50 - 00013012 ____A C:\Users\Lanre\Downloads\EASC8772_2012_2_students.xlsx
    2012-09-29 05:24 - 2012-09-29 00:20 - 3861460992 ____A C:\Users\Lanre\Downloads\en_windows_vista_sp2_x64_dvd_342267.iso
    2012-09-29 00:06 - 2012-09-28 23:31 - 761789904 ____A (Microsoft Corporation) C:\Users\Lanre\Downloads\Windows6.0-KB936330-X64-wave0.exe
    2012-09-29 00:01 - 2012-09-28 23:29 - 605410472 ____A (Microsoft Corporation) C:\Users\Lanre\Downloads\Windows6.0-KB948465-X64.exe
    2012-09-28 18:19 - 2012-09-28 18:19 - 00294248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\VMM.sys
    2012-09-28 18:08 - 2012-09-28 18:06 - 3970760704 ____A C:\Users\Lanre\Desktop\Vista3.iso
    2012-09-28 17:58 - 2012-09-28 17:56 - 3970760704 ____A C:\Users\Lanre\Desktop\Vista2.iso
    2012-09-28 17:52 - 2012-09-28 06:37 - 00001905 ____A C:\Windows\diagwrn.xml
    2012-09-28 17:52 - 2012-09-28 06:37 - 00001905 ____A C:\Windows\diagerr.xml
    2012-09-28 17:51 - 2009-07-13 20:51 - 00000000 ____A C:\Windows\setuperr.log
    2012-09-28 17:50 - 2012-09-28 16:59 - 3587141686 ____A C:\Users\Lanre\Downloads\install.wim
    2012-09-28 17:25 - 2012-09-28 17:22 - 3970760704 ____A C:\Users\Lanre\Desktop\Vista1.iso
    2012-09-28 17:02 - 2012-09-28 16:58 - 151404499 ____A C:\Users\Lanre\Downloads\boot.wim
    2012-09-28 17:01 - 2012-09-28 16:58 - 92002320 ____A (Microsoft Corporation) C:\Users\Lanre\Downloads\X14-63453.exe
    2012-09-28 16:09 - 2012-09-28 16:07 - 3970760704 ____A C:\Users\Lanre\Desktop\Vista.iso
    2012-09-28 15:54 - 2012-09-28 15:11 - 1442787328 ____A C:\Users\Lanre\Downloads\6001.18000.080118-1840-kb3aikl_en.iso
    2012-09-28 15:53 - 2012-09-28 15:53 - 00001869 ____A C:\Users\Public\Desktop\ImgBurn.lnk
    2012-09-28 15:52 - 2012-09-28 15:52 - 06118990 ____A (LIGHTNING UK!) C:\Users\Lanre\Downloads\SetupImgBurn_2.5.7.0.exe
    2012-09-28 15:28 - 2012-09-28 15:17 - 3971102720 ____A C:\Vistax86.iso
    2012-09-28 14:58 - 2012-09-28 14:58 - 00000967 ____A C:\Users\Lanre\Desktop\vLite.lnk
    2012-09-28 14:57 - 2012-09-28 14:57 - 01620715 ____A (Dino Nuhagic (nuhi) ) C:\Users\Lanre\Downloads\vLite-1.2.installer.exe
    2012-09-28 14:52 - 2012-09-28 14:52 - 00002048 ____A C:\Users\Lanre\Downloads\etfsboot.com
    2012-09-28 08:41 - 2012-09-28 08:40 - 33381416 ____A (Microsoft Corporation) C:\Users\Lanre\Downloads\setup(1).exe
    2012-09-28 08:39 - 2012-09-28 08:38 - 31884672 ____A (Microsoft Corporation) C:\Users\Lanre\Desktop\microsoft_virtualpc_2007_setup.exe
    2012-09-28 08:37 - 2012-09-28 08:37 - 00373440 ____A (Softonic) C:\Users\Lanre\Downloads\SoftonicDownloader_for_microsoft-virtual-pc.exe
    2012-09-28 07:42 - 2012-09-28 07:42 - 00005347 ____A C:\Users\Lanre\Downloads\eicfg_removal_utility(1).zip
    2012-09-28 07:02 - 2012-09-28 07:02 - 00001011 ____A C:\Users\Public\Desktop\UltraISO.lnk
    2012-09-28 07:02 - 2012-09-28 07:01 - 04001621 ____A (EZB Systems, Inc. ) C:\Users\Lanre\Downloads\uiso9_pe.exe
    2012-09-28 06:31 - 2012-09-28 06:32 - 00049011 ____A C:\cdimage.zip
    2012-09-28 06:31 - 2012-09-28 06:31 - 00049011 ____A C:\Users\Lanre\Downloads\cdimage.zip
    2012-09-28 06:11 - 2012-09-28 06:11 - 00897888 ____A C:\Users\Lanre\Downloads\ultraiso premium setup.exe
    2012-09-28 06:08 - 2012-09-28 06:08 - 00624728 ____A C:\CDIMAGE_GUI.exe
    2012-09-25 21:55 - 2012-09-25 21:55 - 00000819 ____A C:\Users\Lanre\Downloads\table.csv
    2012-09-23 22:23 - 2012-09-23 22:23 - 00011119 ____A C:\Users\Lanre\Downloads\WRPM Final exam mark_Larry.xlsx
    2012-09-20 23:32 - 2012-09-20 23:32 - 00037376 ____A C:\Users\Lanre\Downloads\GWS1_int_2012_x_x_x.xls
    2012-09-18 22:13 - 2012-09-18 22:12 - 02505217 ____A C:\Users\Lanre\Downloads\03-Darcys Law.pptx
    2012-09-18 18:03 - 2012-09-18 18:03 - 00662990 ____A C:\Users\Lanre\Downloads\schlumbg-lt.zip
    2012-09-17 02:22 - 2012-09-17 01:41 - 3587141686 ____A C:\install.wim
    2012-09-16 15:54 - 2012-09-16 15:38 - 151404499 ____A C:\boot.wim
    2012-09-16 15:47 - 2012-09-16 15:37 - 92002320 ____A (Microsoft Corporation) C:\X14-63453.exe
    2012-09-16 15:40 - 2012-09-16 15:40 - 00005347 ____A C:\Users\Lanre\Downloads\eicfg_removal_utility.zip
    2012-09-14 20:46 - 2012-09-14 20:45 - 707133440 ____A C:\Users\Lanre\Downloads\WinLite.iso
    2012-09-14 20:36 - 2012-09-14 20:35 - 02665796 ____A (Dino Nuhagic (nuhi) ) C:\Users\Lanre\Downloads\nLite-1.4.9.1.installer.exe
    2012-09-14 20:33 - 2012-09-14 20:33 - 00013896 ____A C:\INSTALLHELPER.LOG
    2012-09-14 15:34 - 2012-09-14 15:34 - 16829488 ____A C:\Users\Lanre\Downloads\second part.cdr
    2012-09-14 15:34 - 2012-09-14 15:34 - 16126094 ____A C:\Users\Lanre\Downloads\first part.cdr
    2012-09-13 14:23 - 2012-05-03 05:31 - 00000173 ____A C:\Users\Lanre\AppData\Local\msmathematics.qat.Lanre
    2012-09-13 14:05 - 2012-04-22 19:07 - 64462936 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2012-09-13 04:09 - 2012-09-13 04:09 - 00039632 ____A C:\Users\Lanre\Downloads\Edge FOH Team Availability Sept & Oct 2012.xlsx
    2012-09-12 17:14 - 2012-08-19 16:27 - 00012368 ____H C:\Users\Lanre\Desktop\~WRL3138.tmp
    2012-09-11 19:56 - 2012-09-11 19:56 - 00036352 ____A C:\Users\Lanre\Downloads\GWS1_int_2012_x.xls
    2012-09-11 15:06 - 2012-09-05 19:31 - 00945152 ____H C:\Users\Lanre\Downloads\~WRL2520.tmp
    2012-09-11 14:52 - 2012-09-11 14:52 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2012-09-11 14:52 - 2012-09-11 14:52 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2012-09-11 14:52 - 2012-09-11 14:52 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2012-09-10 19:29 - 2012-09-10 19:29 - 00034816 ____A C:\Users\Lanre\Downloads\GWS1_int_2012.xls
    2012-09-05 19:31 - 2012-09-05 19:31 - 00843264 ____H C:\Users\Lanre\Downloads\~WRL1188.tmp
    2012-09-01 22:32 - 2012-09-01 22:32 - 00057856 ____H C:\Users\Lanre\Downloads\~WRL1806.tmp
    2012-09-01 00:54 - 2012-08-31 17:14 - 00042496 ____A C:\Users\Lanre\Downloads\T5_data.xls
    2012-08-31 19:00 - 2012-08-31 19:00 - 00002368 ____A C:\{A73876E3-2C15-48A9-92DF-237D6C17C2BB}
    2012-08-30 04:10 - 2012-08-30 04:10 - 00120195 ____A C:\Users\Lanre\Downloads\fwconferencecateringinformationandcallforhelp.zip
    2012-08-28 15:02 - 2012-08-28 15:02 - 00012943 ____H C:\Users\Lanre\Downloads\~WRL2766.tmp
    2012-08-27 16:00 - 2012-08-27 16:00 - 00001012 ____A C:\Users\Lanre\Downloads\Average_Water_Use_Per_Person_Per_Day.csv
    2012-08-26 18:09 - 2012-08-26 18:09 - 00376368 ____A C:\Users\Lanre\Downloads\LEICA.ERDAS.IMAGINE.V9.1.crack.iza.zip
    2012-08-26 18:08 - 2012-08-26 18:08 - 00322254 ____A C:\Users\Lanre\Downloads\5de6d729fe1f.rar
    2012-08-26 17:57 - 2012-08-26 17:57 - 00000000 ____A C:\Users\Lanre\imagine_history_082712_112757.txt
    2012-08-26 17:56 - 2012-08-26 17:56 - 00000000 ____A C:\Users\Lanre\imagine_history_082712_112608.txt
    2012-08-26 05:37 - 2012-08-26 05:37 - 00000000 ____A C:\Users\Lanre\imagine_history_082612_230737.txt
    2012-08-26 05:36 - 2012-08-26 05:36 - 00000000 ____A C:\Users\Lanre\imagine_history_082612_230625.txt
    2012-08-25 00:36 - 2012-08-24 23:57 - 18776150 ____A C:\Users\Lanre\Downloads\eRecovery Management v3.0.3007.zip
    2012-08-25 00:00 - 2012-08-24 23:55 - 03039811 ____A C:\Users\Lanre\Downloads\v1.14.zip
    2012-08-24 23:29 - 2012-08-24 23:29 - 01639345 ____A C:\Users\Lanre\Downloads\cleanwipe.zip
    2012-08-24 23:17 - 2012-08-24 23:16 - 01723647 ____A (Symantec Corporation) C:\Users\Lanre\Downloads\NoNav2.49.exe
    2012-08-24 21:46 - 2012-08-24 21:46 - 00920096 ____A C:\Users\Lanre\Downloads\Norton_Removal_Tool.exe
    2012-08-24 03:15 - 2012-09-23 15:00 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2012-08-24 02:39 - 2012-09-23 15:00 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2012-08-24 02:31 - 2012-09-23 15:00 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2012-08-24 02:22 - 2012-09-23 15:00 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2012-08-24 02:21 - 2012-09-23 15:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2012-08-24 02:20 - 2012-09-23 15:00 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2012-08-24 02:18 - 2012-09-23 15:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2012-08-24 02:17 - 2012-09-23 15:00 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2012-08-24 02:14 - 2012-09-23 15:00 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2012-08-24 02:14 - 2012-09-23 15:00 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2012-08-24 02:13 - 2012-09-23 15:00 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2012-08-24 02:12 - 2012-09-23 15:00 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2012-08-24 02:11 - 2012-09-23 15:00 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2012-08-24 02:10 - 2012-09-23 15:00 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2012-08-24 02:09 - 2012-09-23 15:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2012-08-24 02:04 - 2012-09-23 15:00 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2012-08-23 23:27 - 2012-09-23 15:00 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2012-08-23 23:03 - 2012-09-23 15:00 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2012-08-23 22:59 - 2012-09-23 15:00 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2012-08-23 22:53 - 2012-08-23 22:53 - 00001152 ____A C:\Users\Public\Desktop\RosettaStoneVersion3.exe.lnk
    2012-08-23 22:51 - 2012-09-23 15:00 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2012-08-23 22:51 - 2012-09-23 15:00 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2012-08-23 22:51 - 2012-09-23 15:00 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2012-08-23 22:49 - 2012-09-23 15:00 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2012-08-23 22:48 - 2012-09-23 15:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2012-08-23 22:47 - 2012-09-23 15:00 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2012-08-23 22:47 - 2012-09-23 15:00 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2012-08-23 22:47 - 2012-09-23 15:00 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2012-08-23 22:45 - 2012-09-23 15:00 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2012-08-23 22:44 - 2012-09-23 15:00 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2012-08-23 22:44 - 2012-09-23 15:00 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2012-08-23 22:43 - 2012-09-23 15:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2012-08-23 22:40 - 2012-09-23 15:00 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2012-08-23 00:12 - 2012-04-02 05:55 - 00696520 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2012-08-23 00:12 - 2012-04-02 05:55 - 00073416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2012-08-22 10:12 - 2012-09-12 14:58 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
    2012-08-22 10:12 - 2012-09-12 14:58 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
    2012-08-22 10:12 - 2012-09-12 14:58 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
    2012-08-22 01:47 - 2012-08-22 01:47 - 00012260 ____A C:\Users\Lanre\Downloads\EASC8772_2012_1_students.xlsx
    2012-08-21 19:15 - 2012-08-21 19:15 - 02983124 ____A C:\Users\Lanre\Downloads\%5bMwrm_2012%5d_%5bSotE-all-students%5d_FW%3a_Australian_Geographic%9BayerBoost_Scholarship.zip
    2012-08-21 17:04 - 2012-08-21 17:04 - 00001845 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
    2012-08-21 17:00 - 2012-08-21 16:59 - 39483256 ____A (Apple Inc.) C:\Users\Lanre\Downloads\QuickTimeInstaller.exe
    2012-08-21 00:58 - 2012-08-21 00:40 - 545927168 ____A C:\Users\Lanre\Downloads\Erdas Imagine v9.1 - Rise.iso
    2012-08-20 18:09 - 2012-08-20 18:08 - 20001873 ____A C:\Users\Lanre\Downloads\Desktop.zip
    2012-08-19 16:33 - 2012-06-18 20:39 - 00044544 ____H C:\Users\Lanre\Desktop\~WRL0593.tmp
    2012-08-18 01:24 - 2012-08-18 01:24 - 00048128 ____A C:\Users\Lanre\Downloads\tutorial3_data_x(1).xls
    2012-08-18 00:33 - 2012-08-18 00:33 - 00028160 ____A C:\Users\Lanre\Downloads\GWS1_tute2_2012.xls
    2012-08-16 07:02 - 2009-07-13 20:45 - 00415072 ____A C:\Windows\System32\FNTCACHE.DAT
    2012-08-15 16:29 - 2012-08-15 16:29 - 00028160 ____A C:\Users\Lanre\Downloads\GWS1_tute1_2012_students_x.xls
    2012-08-14 21:05 - 2012-08-14 21:05 - 00262144 ____A C:\Windows\Minidump\081512-25209-01.dmp
    2012-08-14 21:05 - 2012-04-21 04:50 - 567488583 ____A C:\Windows\MEMORY.DMP
    2012-08-11 22:09 - 2012-08-11 22:09 - 02029753 ____A C:\Users\Lanre\Downloads\Soil_hydrology_JLH2(1).pptx
    2012-08-11 22:09 - 2012-08-11 22:09 - 00000165 ___AH C:\Users\Lanre\Downloads\~$Soil_hydrology_JLH2(1).pptx
    2012-08-10 04:40 - 2012-08-10 04:37 - 00048128 ____A C:\Users\Lanre\Downloads\tutorial3_data_x.xls
    2012-08-10 04:36 - 2012-08-10 04:36 - 02029753 ____A C:\Users\Lanre\Downloads\Soil_hydrology_JLH2.pptx
    2012-08-07 14:51 - 2012-08-07 14:51 - 00042496 ____A C:\Users\Lanre\Downloads\tutorial2_data_x.xls
    2012-07-30 21:40 - 2012-07-30 21:40 - 00009771 ____A C:\Users\Lanre\Downloads\alkalinity.xlsx
    2012-07-29 17:55 - 2012-07-29 17:55 - 00009480 ____A C:\Users\Lanre\Downloads\SCcations2July 2012.xlsx
    2012-07-29 06:28 - 2012-07-29 06:28 - 00002212 ____A C:\Users\Public\Desktop\Google Earth.lnk
    2012-07-29 06:27 - 2012-07-29 06:27 - 00739824 ____A (Google Inc.) C:\Users\Lanre\Downloads\GoogleEarthSetup.exe
    2012-07-29 06:01 - 2012-07-29 06:01 - 00910534 ____A C:\Users\Lanre\Downloads\1306_grass_ppt.zip
    2012-07-29 00:40 - 2012-07-28 07:19 - 00000024 ____A C:\Users\Lanre\AppData\Local\hkmuovcc.log
    2012-07-29 00:32 - 2012-07-28 07:20 - 00170868 ____A C:\Users\Lanre\AppData\Local\jxjbidms.log
    2012-07-28 07:27 - 2012-07-28 07:22 - 00000000 ____A C:\Users\Lanre\AppData\Local\fyyqdsar.log
    2012-07-28 07:21 - 2012-07-28 07:21 - 00135507 ____A C:\Users\Lanre\AppData\Local\vsevukrv.log
    2012-07-28 07:21 - 2012-07-28 07:21 - 00003890 ____A C:\Users\Lanre\AppData\Local\ahwlatot.log
    2012-07-28 07:21 - 2012-07-28 07:21 - 00002865 ____A C:\Users\Lanre\AppData\Local\tanyilns.log
    2012-07-28 07:20 - 2012-07-28 07:20 - 00004048 ____A C:\Users\Lanre\AppData\Local\mpvqsijq.log
    2012-07-28 07:20 - 2012-07-28 07:20 - 00000000 ____A C:\Users\Lanre\AppData\Local\jpxhbyun.log
    2012-07-28 07:20 - 2012-07-28 07:20 - 00000000 ____A C:\Users\Lanre\AppData\Local\dkpsrtks.log
    2012-07-28 07:20 - 2012-07-28 07:19 - 00440304 ____A C:\Users\Lanre\AppData\Local\ibtikvjc.log
    2012-07-28 07:12 - 2012-07-28 07:12 - 00124469 ____A C:\Users\Lanre\Downloads\GetSPC(1).zip
    2012-07-28 07:07 - 2012-07-28 07:07 - 00124469 ____A C:\Users\Lanre\Downloads\GetSPC.zip
    2012-07-28 07:04 - 2012-07-28 07:04 - 00122967 ____A C:\Users\Lanre\Downloads\MSL Generator.zip
    2012-07-27 01:24 - 2012-04-28 02:53 - 00007597 ____A C:\Users\Lanre\AppData\Local\Resmon.ResmonCfg
    2012-07-27 01:16 - 2012-07-26 18:57 - 00009546 ____A C:\Users\Lanre\Desktop\New Microsoft Office Excel Worksheet (2).xlsx
    2012-07-25 16:33 - 2012-07-25 16:30 - 44314754 ____A C:\Users\Lanre\Downloads\pm8031_setup.exe
    2012-07-24 17:07 - 2012-07-24 17:07 - 00000852 ____A C:\Users\Lanre\Downloads\%5bWarm8791_2012%5d_%5bSotE-masters%5d_%5bSotE-all-students%5d_FW%3a_Help_with%9Research_-_1st%9Year_Students.zip
    2012-07-24 16:15 - 2012-07-24 16:15 - 00004096 ___AH C:\Users\Lanre\AppData\Local\keyfile3.drm
    2012-07-24 14:55 - 2012-07-24 14:55 - 00000165 ___AH C:\Users\Lanre\Desktop\~$New Microsoft Office Excel Worksheet.xlsx
    2012-07-24 14:52 - 2012-07-24 14:52 - 00000165 ___AH C:\Users\Lanre\Desktop\~$Book3.xlsx
    2012-07-23 19:01 - 2012-07-22 20:31 - 00016750 ____A C:\Users\Lanre\Desktop\Book3.xlsx
    2012-07-22 21:09 - 2012-07-22 20:33 - 00016743 ____A C:\Users\Lanre\Desktop\New Microsoft Office Excel Worksheet.xlsx
    2012-07-20 05:11 - 2012-07-20 05:10 - 00002448 ____N C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
    2012-07-20 04:39 - 2012-04-13 03:45 - 00000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
    2012-07-20 04:39 - 2012-03-30 04:13 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log
    2012-07-19 19:14 - 2012-07-19 19:14 - 08430640 ____A C:\Users\Lanre\Downloads\rorbwin_v615.exe
    2012-07-19 18:32 - 2012-07-19 18:32 - 00408295 ____A C:\Users\Lanre\Downloads\73 Free Designer Quality Excel Chart Templates.zip
    2012-07-19 17:18 - 2012-07-19 17:18 - 00010732 ____A C:\Users\Lanre\Downloads\piezo data.xlsx
    2012-07-19 16:56 - 2012-07-19 16:55 - 06238029 ____A C:\Users\Lanre\Downloads\officetimeline2010.zip
    2012-07-19 16:48 - 2012-07-19 16:48 - 03076096 ____A C:\Users\Lanre\Downloads\SearchCommandsSetup.msi
    2012-07-19 16:47 - 2012-07-19 16:47 - 03941888 ____A C:\Users\Lanre\Downloads\pptPlexSetup.msi
    2012-07-18 21:45 - 2012-07-18 21:45 - 00008729 ____A C:\Users\Lanre\Downloads\boscastle.xlsx
    2012-07-18 10:15 - 2012-08-14 14:13 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2012-07-16 16:46 - 2012-07-16 16:46 - 00010174 ____A C:\Users\Lanre\Downloads\SCcationJuly.xlsx
    2012-07-15 20:00 - 2011-08-22 10:22 - 00000578 ____A C:\Windows\DirectX.log
    ==================== Known DLLs (Whitelisted) =================

    ==================== Bamital & volsnap Check =================
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
    ==================== EXE ASSOCIATION =====================
    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK
    ==================== Restore Points =========================
    Restore point made on: 2012-10-06 17:01:53
    Restore point made on: 2012-10-09 03:45:54
    Restore point made on: 2012-10-09 05:44:38
    ==================== Memory info ===========================
    Percentage of memory in use: 19%
    Total physical RAM: 4043.86 MB
    Available physical RAM: 3257.65 MB
    Total Pagefile: 4042.01 MB
    Available Pagefile: 3248.46 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.91 MB
    ==================== Partitions =============================
    1 Drive c: () (Fixed) (Total:581.62 GB) (Free:397.76 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    2 Drive e: (RECOVERY) (Fixed) (Total:14.26 GB) (Free:1.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    3 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32
    5 Drive h: (Transcend) (Removable) (Total:7.46 GB) (Free:1.18 GB) FAT32
    6 Drive x: (Boot) (Fixed) (Total:0.25 GB) (Free:0.25 GB) NTFS
    7 Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 596 GB 0 B
    Disk 1 Online 7660 MB 0 B
    Partitions of Disk 0:
    ===============
    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 199 MB 1024 KB
    Partition 2 Primary 581 GB 200 MB
    Partition 3 Primary 14 GB 581 GB
    Partition 4 Primary 103 MB 596 GB
    ==================================================================================
    Disk: 0
    Partition 1
    Type : 07
    Hidden: No
    Active: Yes
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 1 Y SYSTEM NTFS Partition 199 MB Healthy
    =========================================================
    Disk: 0
    Partition 2
    Type : 07
    Hidden: No
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 C NTFS Partition 581 GB Healthy
    =========================================================
    Disk: 0
    Partition 3
    Type : 07
    Hidden: No
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 E RECOVERY NTFS Partition 14 GB Healthy
    =========================================================
    Disk: 0
    Partition 4
    Type : 0C
    Hidden: No
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 4 F HP_TOOLS FAT32 Partition 103 MB Healthy
    =========================================================
    Partitions of Disk 1:
    ===============
    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 7656 MB 4096 KB
    ==================================================================================
    Disk: 1
    Partition 1
    Type : 0B
    Hidden: No
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 5 H Transcend FAT32 Removable 7656 MB Healthy
    =========================================================
    Last Boot: 2012-10-06 19:57
    ==================== End Of Log =============================




    Farbar Recovery Scan Tool (x64) Version: 07-10-2012
    Ran by SYSTEM at 2012-10-12 09:06:55
    Running from H:\
    ================== Search: "services.exe" ===================
    C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
    [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
    C:\Windows\System32\services.exe
    [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
    ====== End Of Search ======
     
  7. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    FRST Fixlist

    Please run the following:

    Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

    NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

    Now, please enter System Recovery Options then select Command Prompt.

    Run FRST and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

    Now restart, let it boot normally and tell me how it went.
     
  8. larry32

    larry32 TS Rookie Topic Starter

    Hi DragonMasterJay, thanks for all your help. Apparently it seems my problem wasnt a malware or virus. I actually just did a chkdsk /r when I got into the command prompt and found out there were bad clusters and the file system was corrupt. The errors were fixed via chkdsk and rebooting the system without running the script yet seems to have fixed the errors completely. I guess the error shows up not only for malware attacks, but also for file system errors.
     
  9. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    It still appears that a bit of infection is there. Go ahead and do the following in Normal Mode...

    ComboFix scan

    Please download ComboFix[​IMG] by sUBs
    From BleepingComputer.com

    Please save the file to your Desktop.

    Important information about ComboFix


    After the download:
    • Close any open browsers.
    • Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
    • If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.
    Running ComboFix:
    • Double click on ComboFix.exe & follow the prompts.
    • When ComboFix finishes, it will produce a report for you.
    • Please post the report, which will launch or be found at "C:\Combo-Fix.txt" in your next reply.
    Troubleshooting ComboFix

    Safe Mode:

    If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

    (To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
    logo appears. A list of options will appear, select "Safe Mode.")

    Re-downloading:

    If this doesn't work either, try the same method (above method), but try to download it again, except name
    ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

    Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

    NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.
     
  10. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Hello, are you still with us? Please update us with the state of your situation, so we know how to continue from here.

    We'd still like to help. Topic marked inactive, until your return.
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.