Solved Runouce.exe

Lion143 · Sep 17, 2013

I downloaded and installed MSE but when I ran a full scan of my PC, During the scan ''Taskbar'' Disappeared and an error like this showed up ''tskhost.exe'' (not sure) and my Pc stopped working, and when I tried to open Task manager another error like this showed up ''Ctrl+Alt+Delete has been disabled restart your pc to open it'' <~~ or something like that.
And when I restarted it..it was like this:

Just the cursor in a black page...I also tried log in on ''Safe Mode'' but it didn't work.

Broni · Sep 17, 2013

NOTE 1. Use another working computer to download following tool.
NOTE 2. Install Panda USB Vaccine, or BitDefender’s USB Immunizer on GOOD computer to protect it from any infected USB device.

For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

If you are using Vista or Windows 7 enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
Use the arrow keys to select the Repair your computer menu item.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

Insert the installation disc.
Restart your computer.
If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
Click Repair your computer.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

Select Command Prompt
In the command window type in notepad and press Enter.
The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Lion143 · Sep 20, 2013

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-09-2013 01
Ran by SYSTEM on MININT-MKTH37M on 20-09-2013 09:50:48
Running from I:\
Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-08-15] (Apple Inc.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [1433600 2012-08-08] (IDT, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-11] (Oracle Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [995184 2013-07-18] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [EnableQuickReboot] 1
HKU\Anosh\...\Run: [IDMan] - C:\Program Files\Internet Download Manager\IDMan.exe [ 2013-08-30] (Tonec Inc.)

========================== Services (Whitelisted) =================

S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277048 2012-11-14] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2013-07-18] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-07-18] (Microsoft Corporation)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [303186 2012-08-08] (IDT, Inc.)
S2 hshld; C:\Program Files\Hotspot Shield\bin\cmw_srv.exe [x]
S2 HssWd; C:\Program Files\Hotspot Shield\bin\hsswd.exe [x]

==================== Drivers (Whitelisted) ====================

S0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-13] (Microsoft Corporation)
S1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [41160 2013-08-12] (AnchorFree Inc.)
S3 intelkmd; C:\Windows\System32\DRIVERS\igdpmd32.sys [10542080 2011-03-25] (Intel Corporation)
S1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82320 2010-01-28] (EZB Systems, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-08-01] (AnchorFree Inc)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2013-08-12] (Anchorfree Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-09-15 23:52 - 2013-09-15 23:52 - 00001945 _____ C:\Windows\epplauncher.mif
2013-09-15 23:51 - 2013-09-15 23:51 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-09-14 05:02 - 2013-09-14 05:10 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-09-14 04:46 - 2013-09-14 04:46 - 00002121 _____ C:\Users\Anosh\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2013-09-14 04:45 - 2013-09-14 04:45 - 00000000 ____D C:\Program Files\Tweaking.com
2013-09-13 07:13 - 2013-09-13 07:13 - 00000107 _____ C:\Users\Anosh\Documents\device-data
2013-09-13 07:13 - 2013-09-13 07:13 - 00000000 ____D C:\Users\Anosh\Documents\my games
2013-09-13 04:53 - 2013-09-13 04:53 - 00001166 _____ C:\Users\Anosh\Desktop\JRT.txt
2013-09-13 04:52 - 2013-09-13 04:52 - 00000000 ____D C:\Windows\ERUNT
2013-09-13 04:51 - 2013-09-13 04:51 - 00001053 _____ C:\Users\Anosh\Desktop\AdwCleaner[S0].txt
2013-09-13 04:48 - 2013-09-13 04:49 - 00000000 ____D C:\AdwCleaner
2013-09-13 04:48 - 2013-09-13 04:48 - 01037278 _____ C:\Users\Anosh\Desktop\adwcleaner.exe
2013-09-10 18:28 - 2013-09-10 18:28 - 00000000 ____D C:\FRST
2013-09-08 04:41 - 2013-09-08 04:41 - 00000000 ____D C:\Windows\erdnt
2013-09-08 04:41 - 2013-09-08 04:41 - 00000000 ____D C:\Qoobox
2013-09-05 21:53 - 2013-09-05 21:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-09-05 21:51 - 2013-09-05 21:51 - 00000000 ____D C:\Users\Anosh\AppData\Local\VirtualStore
2013-09-05 21:47 - 2013-09-05 21:59 - 00000000 ____D C:\Users\Anosh\Desktop\mbar
2013-09-05 21:35 - 2013-09-05 21:35 - 00004792 _____ C:\Users\Anosh\Desktop\RKreport[0]_S_09062013_100526.txt
2013-09-04 00:37 - 2013-09-04 00:37 - 00000000 ____D C:\AMD
2013-09-04 00:24 - 2013-09-05 21:48 - 00000000 ____D C:\Users\Anosh\Desktop\RK_Quarantine
2013-09-04 00:08 - 2013-09-04 00:08 - 107574834 _____ C:\Users\Anosh\Documents\okay.reg
2013-09-03 03:30 - 2013-09-03 03:30 - 00000000 ____D C:\Windows\Sun
2013-09-03 03:22 - 2013-09-03 03:22 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-03 03:22 - 2013-09-03 03:22 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\Malwarebytes
2013-09-03 03:22 - 2013-09-03 03:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-03 03:22 - 2013-09-03 03:22 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-03 03:22 - 2013-04-04 02:20 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-09-02 17:53 - 2013-09-03 10:03 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\ihelper
2013-09-02 17:53 - 2013-09-02 17:53 - 00000948 _____ C:\Users\Public\Desktop\PPÖúÊÖ.lnk
2013-09-02 17:53 - 2013-09-02 17:53 - 00000000 ____D C:\Users\Anosh\Documents\ihelper
2013-09-02 17:53 - 2013-09-02 17:53 - 00000000 ____D C:\Program Files\PPÖúÊÖ
2013-09-02 05:11 - 2013-09-02 05:11 - 00867240 _____ (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-09-02 05:11 - 2013-09-02 05:11 - 00789416 _____ (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-09-02 05:11 - 2013-09-02 05:11 - 00263592 _____ (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-09-02 05:11 - 2013-09-02 05:11 - 00175016 _____ (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-09-02 05:11 - 2013-09-02 05:11 - 00175016 _____ (Oracle Corporation) C:\Windows\System32\java.exe
2013-09-02 05:11 - 2013-09-02 05:11 - 00094632 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-09-02 05:11 - 2013-09-02 05:11 - 00000000 ____D C:\ProgramData\Sun
2013-09-02 05:11 - 2013-09-02 05:11 - 00000000 ____D C:\Program Files\Java
2013-09-02 05:11 - 2013-09-02 05:11 - 00000000 ____D C:\Program Files\Common Files\Java
2013-09-02 05:04 - 2013-09-02 05:04 - 00000000 ____D C:\ProgramData\McAfee
2013-09-02 05:01 - 2013-09-02 05:01 - 00903080 _____ (Oracle Corporation) C:\Users\Anosh\Downloads\jxpiinstall.exe
2013-09-01 18:40 - 2013-09-01 18:40 - 00000000 ____D C:\Windows\System32\Hotspot Shield
2013-09-01 04:11 - 2013-09-01 04:11 - 00000020 ___SH C:\Users\fbwuser\ntuser.ini
2013-09-01 04:11 - 2013-08-12 15:06 - 00041160 _____ (AnchorFree Inc.) C:\Windows\System32\Drivers\hssdrv6.sys
2013-09-01 04:10 - 2013-09-01 04:10 - 00001006 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2013-08-31 09:47 - 2013-08-31 09:47 - 00008662 _____ C:\Users\Anosh\Desktop\images2.jpeg
2013-08-31 08:26 - 2013-08-31 08:26 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\Media Player Classic
2013-08-30 18:28 - 2013-09-03 19:16 - 00000000 ____D C:\Users\Anosh\Documents\GTA San Andreas User Files
2013-08-30 18:14 - 2013-09-06 01:50 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\Skype
2013-08-30 18:14 - 2013-08-30 18:14 - 00002503 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-30 18:14 - 2013-08-30 18:14 - 00000000 ___RD C:\Program Files\Skype
2013-08-30 18:14 - 2013-08-30 18:14 - 00000000 ____D C:\ProgramData\Skype
2013-08-30 18:14 - 2013-08-30 18:14 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-08-30 18:09 - 2013-08-30 18:09 - 00000000 _____ C:\Windows\ativpsrm.bin
2013-08-30 18:07 - 2011-12-05 10:14 - 09067008 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmdag.sys
2013-08-30 18:07 - 2011-12-05 09:48 - 00219080 _____ C:\Windows\System32\atiapfxx.blb
2013-08-30 18:07 - 2011-12-05 09:47 - 00778752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\aticfx32.dll
2013-08-30 18:07 - 2011-12-05 09:47 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atiapfxx.exe
2013-08-30 18:07 - 2011-12-05 09:42 - 00466944 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\ATIDEMGX.dll
2013-08-30 18:07 - 2011-12-05 09:42 - 00404992 _____ (AMD) C:\Windows\System32\atieclxx.exe
2013-08-30 18:07 - 2011-12-05 09:41 - 00163328 _____ (AMD) C:\Windows\System32\atiesrxx.exe
2013-08-30 18:07 - 2011-12-05 09:40 - 00360448 _____ (ATI Technologies, Inc.) C:\Windows\System32\atipdlxx.dll
2013-08-30 18:07 - 2011-12-05 09:40 - 00278528 _____ (ATI Technologies, Inc.) C:\Windows\System32\Oemdspif.dll
2013-08-30 18:07 - 2011-12-05 09:40 - 00163840 _____ (AMD) C:\Windows\System32\atitmmxx.dll
2013-08-30 18:07 - 2011-12-05 09:39 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\System32\ati2edxx.dll
2013-08-30 18:07 - 2011-12-05 09:39 - 00020992 _____ (AMD) C:\Windows\System32\atimuixx.dll
2013-08-30 18:07 - 2011-12-05 09:36 - 06159872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atidxx32.dll
2013-08-30 18:07 - 2011-12-05 09:26 - 19125760 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atioglxx.dll
2013-08-30 18:07 - 2011-12-05 09:09 - 01828864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumdmv.dll
2013-08-30 18:07 - 2011-12-05 09:04 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\aticalrt.dll
2013-08-30 18:07 - 2011-12-05 09:04 - 00044032 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\aticalcl.dll
2013-08-30 18:07 - 2011-12-05 09:03 - 05919232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumdag.dll
2013-08-30 18:07 - 2011-12-05 08:59 - 11484672 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\aticaldd.dll
2013-08-30 18:07 - 2011-12-05 08:58 - 04206592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumdva.dll
2013-08-30 18:07 - 2011-12-05 08:57 - 02097056 _____ C:\Windows\System32\atiumdva.cap
2013-08-30 18:07 - 2011-12-05 08:57 - 00204960 _____ C:\Windows\System32\ativvsvl.dat
2013-08-30 18:07 - 2011-12-05 08:57 - 00157152 _____ C:\Windows\System32\ativvsva.dat
2013-08-30 18:07 - 2011-12-05 08:48 - 00051200 _____ (AMD) C:\Windows\System32\coinst.dll
2013-08-30 18:07 - 2011-12-05 08:42 - 00356352 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atiadlxx.dll
2013-08-30 18:07 - 2011-12-05 08:42 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atigktxx.dll
2013-08-30 18:07 - 2011-12-05 08:42 - 00014336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiglpxx.dll
2013-08-30 18:07 - 2011-12-05 08:41 - 00264192 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmpag.sys
2013-08-30 18:07 - 2011-12-05 08:41 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiuxpag.dll
2013-08-30 18:07 - 2011-12-05 08:41 - 00029696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiu9pag.dll
2013-08-30 18:07 - 2011-12-05 08:40 - 00053760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atimpc32.dll
2013-08-30 18:07 - 2011-12-05 08:40 - 00053760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\amdpcom32.dll
2013-08-30 18:07 - 2011-12-05 08:40 - 00053248 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2erec.dll
2013-08-30 18:07 - 2011-11-14 02:17 - 00608507 _____ C:\Windows\System32\atiicdxx.dat
2013-08-30 18:07 - 2011-10-10 00:21 - 00036338 _____ C:\Windows\atiogl.xml
2013-08-30 18:07 - 2011-09-12 05:36 - 00003917 _____ C:\Windows\System32\atipblag.dat
2013-08-30 18:07 - 2011-03-25 06:00 - 08198680 _____ (Intel(R) Corporation) C:\Windows\System32\TVWSetup.exe
2013-08-30 18:07 - 2011-03-25 05:42 - 10542080 _____ (Intel Corporation) C:\Windows\System32\Drivers\igdpmd32.sys
2013-08-30 18:07 - 2011-03-25 05:40 - 00963116 _____ C:\Windows\System32\igkrng600.bin
2013-08-30 18:07 - 2011-03-25 05:40 - 00216876 _____ C:\Windows\System32\igfcg600m.bin
2013-08-30 18:07 - 2011-03-25 05:40 - 00145804 _____ C:\Windows\System32\igcompkrng600.bin
2013-08-30 18:07 - 2011-03-25 05:38 - 00575488 _____ (Intel Corporation) C:\Windows\System32\igdumdx32.dll
2013-08-30 18:07 - 2009-05-11 05:05 - 00118784 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atibtmon.exe
2013-08-30 17:53 - 2013-05-02 07:28 - 00238872 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2013-08-30 17:34 - 2013-08-30 17:34 - 00016174 _____ C:\Windows\System32\results.xml
2013-08-30 17:32 - 2013-08-30 17:32 - 00000000 ____D C:\ProgramData\Intel
2013-08-30 17:32 - 2013-08-30 17:32 - 00000000 ____D C:\Program Files\Intel
2013-08-30 17:32 - 2013-08-30 17:32 - 00000000 ____D C:\Program Files\Common Files\Intel
2013-08-30 17:32 - 2013-08-30 17:32 - 00000000 ____D C:\Intel
2013-08-30 17:32 - 2012-05-14 17:50 - 00104448 _____ (Intel Corporation) C:\Windows\System32\IntelOpenCL32.dll
2013-08-30 17:31 - 2012-11-14 18:12 - 06225976 _____ (Intel Corporation) C:\Windows\System32\GfxUI.exe
2013-08-30 17:31 - 2012-11-14 18:12 - 00277048 _____ (Intel Corporation) C:\Windows\System32\IntelCpHeciSvc.exe
2013-08-30 17:31 - 2012-11-14 18:12 - 00269880 _____ (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
2013-08-30 17:31 - 2012-11-14 18:12 - 00197688 _____ (Intel Corporation) C:\Windows\System32\igfxext.exe
2013-08-30 17:31 - 2012-11-14 18:12 - 00189496 _____ (Intel Corporation) C:\Windows\System32\igfxpers.exe
2013-08-30 17:31 - 2012-11-14 18:12 - 00180792 _____ (Intel Corporation) C:\Windows\System32\hkcmd.exe
2013-08-30 17:31 - 2012-11-14 18:12 - 00145464 _____ (Intel Corporation) C:\Windows\System32\igfxtray.exe
2013-08-30 17:31 - 2012-11-14 13:34 - 09023488 _____ (Intel Corporation) C:\Windows\System32\igfxress.dll
2013-08-30 17:31 - 2012-11-14 13:34 - 01921265 _____ C:\Windows\System32\iglhxa32.cpa
2013-08-30 17:31 - 2012-11-14 13:34 - 00519680 _____ (Intel Corporation) C:\Windows\System32\iglhsip32.dll
2013-08-30 17:31 - 2012-11-14 13:34 - 00438272 _____ (Intel Corporation) C:\Windows\System32\igfxrell.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00437760 _____ (Intel Corporation) C:\Windows\System32\igfxrfra.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00437760 _____ (Intel Corporation) C:\Windows\System32\igfxresn.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00437248 _____ (Intel Corporation) C:\Windows\System32\igfxrrus.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00437248 _____ (Intel Corporation) C:\Windows\System32\igfxrrom.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00436736 _____ (Intel Corporation) C:\Windows\System32\igfxrsky.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00436736 _____ (Intel Corporation) C:\Windows\System32\igfxrptg.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00436736 _____ (Intel Corporation) C:\Windows\System32\igfxrplk.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00436736 _____ (Intel Corporation) C:\Windows\System32\igfxrnld.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00436736 _____ (Intel Corporation) C:\Windows\System32\igfxrita.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00436736 _____ (Intel Corporation) C:\Windows\System32\igfxrhrv.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00436736 _____ (Intel Corporation) C:\Windows\System32\igfxrdeu.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00436224 _____ (Intel Corporation) C:\Windows\System32\igfxrhun.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00436224 _____ (Intel Corporation) C:\Windows\System32\igfxrfin.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00436224 _____ (Intel Corporation) C:\Windows\System32\igfxrcsy.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00435712 _____ (Intel Corporation) C:\Windows\System32\igfxrtrk.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00435712 _____ (Intel Corporation) C:\Windows\System32\igfxrsve.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00435712 _____ (Intel Corporation) C:\Windows\System32\igfxrslv.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00435712 _____ (Intel Corporation) C:\Windows\System32\igfxrptb.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00435712 _____ (Intel Corporation) C:\Windows\System32\igfxrnor.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00435200 _____ (Intel Corporation) C:\Windows\System32\igfxrtha.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00435200 _____ (Intel Corporation) C:\Windows\System32\igfxrdan.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00433664 _____ (Intel Corporation) C:\Windows\System32\igfxrheb.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00433664 _____ (Intel Corporation) C:\Windows\System32\igfxrara.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00430080 _____ (Intel Corporation) C:\Windows\System32\igfxrjpn.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00429056 _____ (Intel Corporation) C:\Windows\System32\igfxrkor.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00427008 _____ (Intel Corporation) C:\Windows\System32\igfxrcht.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00426496 _____ (Intel Corporation) C:\Windows\System32\igfxrchs.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00330240 _____ (Intel Corporation) C:\Windows\System32\igfxdev.dll
2013-08-30 17:31 - 2012-11-14 13:34 - 00313856 _____ (Intel Corporation) C:\Windows\System32\igfxpph.dll
2013-08-30 17:31 - 2012-11-14 13:34 - 00286208 _____ (Intel Corporation) C:\Windows\System32\igfxTMM.dll
2013-08-30 17:31 - 2012-11-14 13:34 - 00284160 _____ (Intel Corporation) C:\Windows\System32\igfxrenu.lrc
2013-08-30 17:31 - 2012-11-14 13:34 - 00272928 _____ C:\Windows\System32\igvpkrng600.bin
2013-08-30 17:31 - 2012-11-14 13:34 - 00180224 _____ (Intel Corporation) C:\Windows\System32\iglhcp32.dll
2013-08-30 17:31 - 2012-11-14 13:34 - 00130048 _____ (Intel Corporation) C:\Windows\System32\igfxdo.dll
2013-08-30 17:31 - 2012-11-14 13:34 - 00120320 _____ (Intel Corporation) C:\Windows\System32\igfxcpl.cpl
2013-08-30 17:31 - 2012-11-14 13:34 - 00102400 _____ (Intel Corporation) C:\Windows\System32\igfxCoIn_v2843.dll
2013-08-30 17:31 - 2012-11-14 13:34 - 00067580 _____ C:\Windows\System32\iglhxs32.vp
2013-08-30 17:31 - 2012-11-14 13:34 - 00059594 _____ C:\Windows\System32\iglhxc32.vp
2013-08-30 17:31 - 2012-11-14 13:34 - 00059392 _____ (Intel Corporation) C:\Windows\System32\igfxsrvc.dll
2013-08-30 17:31 - 2012-11-14 13:34 - 00059384 _____ C:\Windows\System32\iglhxc32_dev.vp
2013-08-30 17:31 - 2012-11-14 13:34 - 00059328 _____ C:\Windows\System32\iglhxg32_dev.vp
2013-08-30 17:31 - 2012-11-14 13:34 - 00059215 _____ C:\Windows\System32\iglhxo32_dev.vp
2013-08-30 17:31 - 2012-11-14 13:34 - 00058781 _____ C:\Windows\System32\iglhxo32.vp
2013-08-30 17:31 - 2012-11-14 13:34 - 00058684 _____ C:\Windows\System32\iglhxg32.vp
2013-08-30 17:31 - 2012-11-14 13:34 - 00025088 _____ (Intel Corporation) C:\Windows\System32\igfxexps.dll
2013-08-30 17:31 - 2012-11-14 13:34 - 00009728 _____ ( ) C:\Windows\System32\IGFXDEVLib.dll
2013-08-30 17:31 - 2012-11-14 13:34 - 00001074 _____ C:\Windows\System32\iglhxa32.vp
2013-08-30 17:31 - 2012-11-14 13:33 - 11155968 _____ (Intel Corporation) C:\Windows\System32\igd10umd32.dll
2013-08-30 17:31 - 2012-11-14 13:33 - 11038208 _____ (Intel Corporation) C:\Windows\System32\igdumd32.dll
2013-08-30 17:31 - 2012-11-14 13:33 - 10673152 _____ (Intel Corporation) C:\Windows\System32\ig4icd32.dll
2013-08-30 17:31 - 2012-11-14 13:33 - 07408128 _____ (Intel Corporation) C:\Windows\System32\Drivers\igdkmd32.sys
2013-08-30 17:31 - 2012-11-14 13:33 - 03776512 _____ (Intel Corporation) C:\Windows\System32\igfxcmjit32.dll
2013-08-30 17:31 - 2012-11-14 13:33 - 00963388 _____ C:\Windows\System32\igcodeckrng600.bin
2013-08-30 17:31 - 2012-11-14 13:33 - 00604160 _____ (Intel Corporation) C:\Windows\System32\igfxcmrt32.dll
2013-08-30 17:31 - 2012-11-14 13:33 - 00452440 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll
2013-08-30 17:31 - 2012-11-14 13:33 - 00448512 _____ (Intel Corporation) C:\Windows\System32\igfx11cmrt32.dll
2013-08-30 17:31 - 2012-11-14 13:33 - 00223233 _____ C:\Windows\System32\Gfxres.th-TH.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00209727 _____ C:\Windows\System32\Gfxres.el-GR.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00193862 _____ C:\Windows\System32\Gfxres.ru-RU.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00174080 _____ (Intel Corporation) C:\Windows\System32\gfxSrvc.dll
2013-08-30 17:31 - 2012-11-14 13:33 - 00165865 _____ C:\Windows\System32\Gfxres.ar-SA.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00163120 _____ C:\Windows\System32\Gfxres.ja-JP.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00158727 _____ C:\Windows\System32\Gfxres.he-IL.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00149390 _____ C:\Windows\System32\Gfxres.it-IT.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00147759 _____ C:\Windows\System32\Gfxres.ko-KR.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00147101 _____ C:\Windows\System32\Gfxres.de-DE.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00147010 _____ C:\Windows\System32\Gfxres.es-ES.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00145715 _____ C:\Windows\System32\Gfxres.ro-RO.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00145211 _____ C:\Windows\System32\Gfxres.fr-FR.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00144378 _____ C:\Windows\System32\Gfxres.tr-TR.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00143976 _____ C:\Windows\System32\Gfxres.pt-BR.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00143730 _____ C:\Windows\System32\Gfxres.nl-NL.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00143657 _____ C:\Windows\System32\Gfxres.hu-HU.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00142990 _____ C:\Windows\System32\Gfxres.pt-PT.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00142617 _____ C:\Windows\System32\Gfxres.sv-SE.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00142423 _____ C:\Windows\System32\Gfxres.pl-PL.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00142008 _____ C:\Windows\System32\Gfxres.cs-CZ.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00141739 _____ C:\Windows\System32\Gfxres.fi-FI.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00141574 _____ C:\Windows\System32\Gfxres.sk-SK.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00140779 _____ C:\Windows\System32\Gfxres.hr-HR.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00137621 _____ C:\Windows\System32\Gfxres.sl-SI.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00137534 _____ C:\Windows\System32\Gfxres.nb-NO.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00136873 _____ C:\Windows\System32\Gfxres.da-DK.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00132360 _____ C:\Windows\System32\Gfxres.en-US.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00126035 _____ C:\Windows\System32\Gfxres.zh-TW.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00124403 _____ C:\Windows\System32\Gfxres.zh-CN.resources
2013-08-30 17:31 - 2012-11-14 13:33 - 00096256 _____ (Intel Corporation) C:\Windows\System32\hccutils.dll
2013-08-30 17:31 - 2012-11-14 13:33 - 00094208 _____ C:\Windows\System32\IccLibDll.dll
2013-08-30 17:31 - 2012-11-14 13:33 - 00064512 _____ C:\Windows\System32\igdde32.dll
2013-08-30 17:31 - 2012-06-19 10:09 - 00289792 _____ (Intel(R) Corporation) C:\Windows\System32\Drivers\IntcDAud.sys
2013-08-30 17:31 - 2012-06-19 10:08 - 00014848 _____ (Intel(R) Corporation) C:\Windows\System32\IntcDAuC.dll
2013-08-30 13:40 - 2013-08-30 01:23 - 00000000 ____D C:\Windows\Panther
2013-08-30 12:51 - 2013-08-30 12:51 - 00000000 ____D C:\Program Files\WinRAR
2013-08-30 12:51 - 2013-08-30 12:51 - 00000000 ____D C:\Program Files\Dream Aquarium
2013-08-30 12:51 - 2009-09-04 16:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_42.dll
2013-08-30 12:51 - 2009-09-04 16:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_42.dll
2013-08-30 12:51 - 2009-02-21 05:02 - 00126976 _____ C:\Windows\Dream Aquarium.scr
2013-08-30 12:50 - 2013-08-30 01:38 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-30 12:48 - 2013-08-30 12:48 - 00716122 _____ C:\Windows\unins000.exe
2013-08-30 12:48 - 2013-08-30 12:48 - 00002027 _____ C:\Windows\unins000.dat
2013-08-30 12:48 - 2013-08-30 12:48 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2013-08-30 12:48 - 2012-02-07 10:00 - 00079360 _____ C:\Windows\System32\ff_vfw.dll
2013-08-30 12:48 - 2011-12-21 10:14 - 00151552 _____ (fccHandler) C:\Windows\System32\ac3acm.acm
2013-08-30 12:48 - 2011-06-24 07:44 - 00243200 _____ C:\Windows\System32\xvidvfw.dll
2013-08-30 12:48 - 2011-06-24 07:28 - 00650752 _____ C:\Windows\System32\xvidcore.dll
2013-08-30 12:48 - 2011-03-02 03:43 - 00175616 _____ C:\Windows\System32\unrar.dll
2013-08-30 12:48 - 2009-06-20 00:06 - 00474368 _____ (Foxit Software Company) C:\Windows\fxdecod1.dll
2013-08-30 12:48 - 2008-09-22 13:51 - 02359296 _____ () C:\Windows\PDFReader.exe
2013-08-30 12:48 - 2006-10-18 11:05 - 00232448 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\mp3fhg.acm
2013-08-30 12:47 - 2013-08-30 12:47 - 00000000 ____D C:\Program Files\Boot Configuration
2013-08-30 12:45 - 2013-08-30 12:45 - 00000000 ____D C:\Windows\System32\macromed
2013-08-30 12:44 - 2013-09-16 00:08 - 00263109 _____ C:\Windows\WindowsUpdate.log
2013-08-30 12:43 - 2013-08-30 12:43 - 00000000 ____H C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2013-08-30 12:41 - 2013-08-30 12:44 - 00001355 _____ C:\Windows\TSSysprep.log
2013-08-30 03:24 - 2013-08-30 03:24 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\Macromedia
2013-08-30 03:24 - 2013-08-30 03:24 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\Adobe
2013-08-30 01:56 - 2013-08-30 01:56 - 00000000 ____D C:\Windows\System32\SRSLabs
2013-08-30 01:56 - 2012-08-08 15:05 - 06094848 _____ (IDT, Inc.) C:\Windows\System32\stlang.dll
2013-08-30 01:56 - 2012-08-08 15:05 - 01785344 _____ (IDT, Inc.) C:\Windows\System32\IDTNCPL.cpl
2013-08-30 01:56 - 2012-03-29 10:17 - 00174688 _____ (Andrea Electronics Corporation) C:\Windows\System32\aestacap.dll
2013-08-30 01:56 - 2012-03-29 10:17 - 00068192 _____ (Andrea Electronics Corporation) C:\Windows\System32\aestaren.dll
2013-08-30 01:56 - 2011-04-20 02:58 - 00734720 _____ (Creative Technology Ltd.) C:\Windows\System32\imapo32.dll
2013-08-30 01:56 - 2010-10-14 13:27 - 00302592 _____ (Creative Technology Ltd.) C:\Windows\System32\imthx32.dll
2013-08-30 01:56 - 2009-10-09 12:15 - 00380928 _____ (Andrea Electronics Corporation) C:\Windows\System32\aestecap.dll
2013-08-30 01:56 - 2009-03-02 13:17 - 00086016 _____ (Andrea Electronics Corporation) C:\Windows\System32\AESTCom.dll
2013-08-30 01:54 - 2013-08-30 01:56 - 00000000 ____D C:\Program Files\IDT
2013-08-30 01:54 - 2012-08-08 15:05 - 01458688 _____ (IDT, Inc.) C:\Windows\System32\stapo.dll
2013-08-30 01:54 - 2012-08-08 15:05 - 00548352 ____N (IDT, Inc.) C:\Windows\System32\stapi32.dll
2013-08-30 01:54 - 2012-08-08 15:05 - 00454656 _____ (IDT, Inc.) C:\Windows\System32\stcplx.dll
2013-08-30 01:54 - 2012-08-08 15:05 - 00450560 _____ (IDT, Inc.) C:\Windows\System32\Drivers\stwrt.sys
2013-08-30 01:54 - 2012-08-08 15:05 - 00211456 _____ (IDT, Inc.) C:\Windows\System32\st326421.dll
2013-08-30 01:54 - 2010-07-29 03:33 - 00172032 _____ (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPOShell.dll
2013-08-30 01:54 - 2010-06-26 15:45 - 00252928 _____ (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO30.dll
2013-08-30 01:40 - 2013-09-15 23:48 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\DMCache
2013-08-30 01:40 - 2013-09-04 00:49 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\IDM
2013-08-30 01:40 - 2013-09-01 04:06 - 00000000 ____D C:\Program Files\Internet Download Manager
2013-08-30 01:40 - 2013-08-30 01:40 - 00034308 _____ C:\Windows\System32\BASSMOD.dll
2013-08-30 01:39 - 2013-09-15 23:49 - 00000000 ____D C:\Program Files\Mozilla Firefox 3.5 Preview
2013-08-30 01:39 - 2013-08-30 01:39 - 00002001 _____ C:\Users\Public\Desktop\Mozilla Firefox 3.5 Preview.lnk
2013-08-30 01:39 - 2013-08-30 01:39 - 00000050 _____ C:\Windows\sapl
2013-08-30 01:39 - 2013-08-30 01:39 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\Mozilla
2013-08-30 01:39 - 2013-08-30 01:39 - 00000000 _____ C:\Windows\nsreg.dat
2013-08-30 01:38 - 2013-08-30 01:38 - 00000000 ____D C:\Users\Anosh\AppData\Local\Mozilla
2013-08-30 01:36 - 2013-08-30 01:36 - 00000000 ____H C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-08-30 01:35 - 2013-08-30 01:54 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-08-30 01:35 - 2013-08-30 01:35 - 00000000 ____D C:\Program Files\Realtek
2013-08-30 01:35 - 2010-11-30 01:32 - 00327272 _____ (Realtek ) C:\Windows\System32\Drivers\Rt86win7.sys
2013-08-30 01:35 - 2010-11-30 01:32 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\System32\RTNUninst32.dll
2013-08-30 01:35 - 2010-11-30 01:32 - 00080416 _____ C:\Windows\System32\RtNicProp32.dll
2013-08-30 01:34 - 2013-08-30 01:34 - 00000000 ____D C:\dell
2013-08-30 01:31 - 2013-09-14 05:12 - 00057560 _____ C:\Users\Anosh\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-30 01:31 - 2013-08-30 01:31 - 00000000 ____H C:\Windows\System32\Drivers\Msft_Kernel_netaapl_01009.Wdf
2013-08-30 01:30 - 2013-09-04 00:23 - 00000000 ____D C:\Program Files\Fast Find
2013-08-30 01:30 - 2013-08-30 01:37 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\Apple Computer
2013-08-30 01:30 - 2013-08-30 01:30 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-30 01:30 - 2013-08-30 01:30 - 00000966 _____ C:\Users\Anosh\Desktop\Fast Find.lnk
2013-08-30 01:30 - 2013-08-30 01:30 - 00000000 ____D C:\Users\Anosh\AppData\Local\Apple Computer
2013-08-30 01:30 - 2013-08-30 01:30 - 00000000 ____D C:\Users\Anosh\AppData\Local\Apple
2013-08-30 01:30 - 2013-08-30 01:30 - 00000000 ____D C:\ProgramData\Apple Computer
2013-08-30 01:30 - 2013-08-30 01:30 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-08-30 01:30 - 2013-08-30 01:30 - 00000000 ____D C:\Program Files\iTunes
2013-08-30 01:30 - 2013-08-30 01:30 - 00000000 ____D C:\Program Files\iPod
2013-08-30 01:30 - 2013-08-30 01:30 - 00000000 ____D C:\Program Files\Apple Software Update
2013-08-30 01:30 - 2012-08-21 00:31 - 00026840 _____ (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2013-08-30 01:29 - 2013-08-30 01:30 - 00000000 ____D C:\ProgramData\Apple
2013-08-30 01:29 - 2013-08-30 01:30 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-08-30 01:29 - 2013-08-30 01:29 - 00000000 ____D C:\Program Files\Bonjour
2013-08-30 01:28 - 2013-08-30 01:28 - 00000969 _____ C:\Users\Public\Desktop\UltraISO.lnk
2013-08-30 01:28 - 2013-08-30 01:28 - 00000000 ____D C:\Users\Anosh\Documents\My ISO Files
2013-08-30 01:28 - 2013-08-30 01:28 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\WinRAR
2013-08-30 01:28 - 2013-08-30 01:28 - 00000000 ____D C:\Program Files\UltraISO
2013-08-30 01:28 - 2013-08-30 01:28 - 00000000 ____D C:\Program Files\Common Files\EZB Systems
2013-08-30 01:24 - 2010-02-21 23:07 - 00635296 _____ (MRT www.Win2Farsi.com) C:\Windows\KeyChangerMRT.exe
2013-08-30 01:23 - 2013-08-30 01:23 - 00000020 ___SH C:\Users\Anosh\ntuser.ini
2013-08-30 01:23 - 2013-08-30 01:23 - 00000000 __SHD C:\Recovery
2013-08-30 01:23 - 2013-08-30 01:23 - 00000000 ____D C:\users\Anosh

Lion143 · Sep 20, 2013

==================== One Month Modified Files and Folders =======

2013-09-17 06:23 - 2009-07-13 20:39 - 00032259 _____ C:\Windows\setupact.log
2013-09-16 00:18 - 2010-11-20 13:01 - 00713888 _____ C:\Windows\System32\PerfStringBackup.INI
2013-09-16 00:08 - 2013-08-30 12:44 - 00263109 _____ C:\Windows\WindowsUpdate.log
2013-09-16 00:07 - 2009-07-13 20:34 - 00021072 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-16 00:07 - 2009-07-13 20:34 - 00021072 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-15 23:52 - 2013-09-15 23:52 - 00001945 _____ C:\Windows\epplauncher.mif
2013-09-15 23:51 - 2013-09-15 23:51 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-09-15 23:49 - 2013-08-30 01:39 - 00000000 ____D C:\Program Files\Mozilla Firefox 3.5 Preview
2013-09-15 23:48 - 2013-08-30 01:40 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\DMCache
2013-09-14 19:39 - 2011-01-26 00:17 - 00001393 _____ C:\Users\Public\Desktop\Internet Explorer.lnk
2013-09-14 05:12 - 2013-08-30 01:31 - 00057560 _____ C:\Users\Anosh\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-14 05:11 - 2010-11-20 16:46 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-09-14 05:11 - 2009-07-13 20:33 - 00266808 _____ C:\Windows\System32\FNTCACHE.DAT
2013-09-14 05:10 - 2013-09-14 05:02 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-09-14 04:46 - 2013-09-14 04:46 - 00002121 _____ C:\Users\Anosh\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2013-09-14 04:45 - 2013-09-14 04:45 - 00000000 ____D C:\Program Files\Tweaking.com
2013-09-13 07:13 - 2013-09-13 07:13 - 00000107 _____ C:\Users\Anosh\Documents\device-data
2013-09-13 07:13 - 2013-09-13 07:13 - 00000000 ____D C:\Users\Anosh\Documents\my games
2013-09-13 04:53 - 2013-09-13 04:53 - 00001166 _____ C:\Users\Anosh\Desktop\JRT.txt
2013-09-13 04:52 - 2013-09-13 04:52 - 00000000 ____D C:\Windows\ERUNT
2013-09-13 04:51 - 2013-09-13 04:51 - 00001053 _____ C:\Users\Anosh\Desktop\AdwCleaner[S0].txt
2013-09-13 04:49 - 2013-09-13 04:48 - 00000000 ____D C:\AdwCleaner
2013-09-13 04:48 - 2013-09-13 04:48 - 01037278 _____ C:\Users\Anosh\Desktop\adwcleaner.exe
2013-09-10 18:28 - 2013-09-10 18:28 - 00000000 ____D C:\FRST
2013-09-08 04:41 - 2013-09-08 04:41 - 00000000 ____D C:\Windows\erdnt
2013-09-08 04:41 - 2013-09-08 04:41 - 00000000 ____D C:\Qoobox
2013-09-06 20:46 - 2010-11-20 13:48 - 00091070 _____ C:\Windows\PFRO.log
2013-09-06 20:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\TAPI
2013-09-06 01:50 - 2013-08-30 18:14 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\Skype
2013-09-05 21:59 - 2013-09-05 21:53 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-09-05 21:59 - 2013-09-05 21:47 - 00000000 ____D C:\Users\Anosh\Desktop\mbar
2013-09-05 21:51 - 2013-09-05 21:51 - 00000000 ____D C:\Users\Anosh\AppData\Local\VirtualStore
2013-09-05 21:48 - 2013-09-04 00:24 - 00000000 ____D C:\Users\Anosh\Desktop\RK_Quarantine
2013-09-05 21:35 - 2013-09-05 21:35 - 00004792 _____ C:\Users\Anosh\Desktop\RKreport[0]_S_09062013_100526.txt
2013-09-05 09:09 - 2009-07-13 18:37 - 00000000 __RHD C:\Users\Public\Libraries
2013-09-04 00:49 - 2013-08-30 01:40 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\IDM
2013-09-04 00:37 - 2013-09-04 00:37 - 00000000 ____D C:\AMD
2013-09-04 00:23 - 2013-08-30 01:30 - 00000000 ____D C:\Program Files\Fast Find
2013-09-04 00:08 - 2013-09-04 00:08 - 107574834 _____ C:\Users\Anosh\Documents\okay.reg
2013-09-03 19:16 - 2013-08-30 18:28 - 00000000 ____D C:\Users\Anosh\Documents\GTA San Andreas User Files
2013-09-03 10:08 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Registration
2013-09-03 10:03 - 2013-09-02 17:53 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\ihelper
2013-09-03 03:30 - 2013-09-03 03:30 - 00000000 ____D C:\Windows\Sun
2013-09-03 03:22 - 2013-09-03 03:22 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-03 03:22 - 2013-09-03 03:22 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\Malwarebytes
2013-09-03 03:22 - 2013-09-03 03:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-03 03:22 - 2013-09-03 03:22 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-02 17:53 - 2013-09-02 17:53 - 00000948 _____ C:\Users\Public\Desktop\PPÖúÊÖ.lnk
2013-09-02 17:53 - 2013-09-02 17:53 - 00000000 ____D C:\Users\Anosh\Documents\ihelper
2013-09-02 17:53 - 2013-09-02 17:53 - 00000000 ____D C:\Program Files\PPÖúÊÖ
2013-09-02 05:11 - 2013-09-02 05:11 - 00867240 _____ (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-09-02 05:11 - 2013-09-02 05:11 - 00789416 _____ (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-09-02 05:11 - 2013-09-02 05:11 - 00263592 _____ (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-09-02 05:11 - 2013-09-02 05:11 - 00175016 _____ (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-09-02 05:11 - 2013-09-02 05:11 - 00175016 _____ (Oracle Corporation) C:\Windows\System32\java.exe
2013-09-02 05:11 - 2013-09-02 05:11 - 00094632 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-09-02 05:11 - 2013-09-02 05:11 - 00000000 ____D C:\ProgramData\Sun
2013-09-02 05:11 - 2013-09-02 05:11 - 00000000 ____D C:\Program Files\Java
2013-09-02 05:11 - 2013-09-02 05:11 - 00000000 ____D C:\Program Files\Common Files\Java
2013-09-02 05:04 - 2013-09-02 05:04 - 00000000 ____D C:\ProgramData\McAfee
2013-09-02 05:01 - 2013-09-02 05:01 - 00903080 _____ (Oracle Corporation) C:\Users\Anosh\Downloads\jxpiinstall.exe
2013-09-01 18:40 - 2013-09-01 18:40 - 00000000 ____D C:\Windows\System32\Hotspot Shield
2013-09-01 04:11 - 2013-09-01 04:11 - 00000020 ___SH C:\Users\fbwuser\ntuser.ini
2013-09-01 04:10 - 2013-09-01 04:10 - 00001006 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2013-09-01 04:06 - 2013-08-30 01:40 - 00000000 ____D C:\Program Files\Internet Download Manager
2013-08-31 09:47 - 2013-08-31 09:47 - 00008662 _____ C:\Users\Anosh\Desktop\images2.jpeg
2013-08-31 08:26 - 2013-08-31 08:26 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\Media Player Classic
2013-08-30 18:14 - 2013-08-30 18:14 - 00002503 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-30 18:14 - 2013-08-30 18:14 - 00000000 ___RD C:\Program Files\Skype
2013-08-30 18:14 - 2013-08-30 18:14 - 00000000 ____D C:\ProgramData\Skype
2013-08-30 18:14 - 2013-08-30 18:14 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-08-30 18:09 - 2013-08-30 18:09 - 00000000 _____ C:\Windows\ativpsrm.bin
2013-08-30 18:09 - 2009-07-13 18:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-08-30 17:34 - 2013-08-30 17:34 - 00016174 _____ C:\Windows\System32\results.xml
2013-08-30 17:32 - 2013-08-30 17:32 - 00000000 ____D C:\ProgramData\Intel
2013-08-30 17:32 - 2013-08-30 17:32 - 00000000 ____D C:\Program Files\Intel
2013-08-30 17:32 - 2013-08-30 17:32 - 00000000 ____D C:\Program Files\Common Files\Intel
2013-08-30 17:32 - 2013-08-30 17:32 - 00000000 ____D C:\Intel
2013-08-30 13:40 - 2009-07-13 20:57 - 00025600 ___SH C:\Windows\System32\config\BCD-Template.LOG
2013-08-30 13:40 - 2009-07-13 20:52 - 00028672 _____ C:\Windows\System32\config\BCD-Template
2013-08-30 12:53 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\rescache
2013-08-30 12:51 - 2013-08-30 12:51 - 00000000 ____D C:\Program Files\WinRAR
2013-08-30 12:51 - 2013-08-30 12:51 - 00000000 ____D C:\Program Files\Dream Aquarium
2013-08-30 12:51 - 2009-07-13 20:52 - 00000000 ____D C:\Windows\System32\restore
2013-08-30 12:48 - 2013-08-30 12:48 - 00716122 _____ C:\Windows\unins000.exe
2013-08-30 12:48 - 2013-08-30 12:48 - 00002027 _____ C:\Windows\unins000.dat
2013-08-30 12:48 - 2013-08-30 12:48 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2013-08-30 12:47 - 2013-08-30 12:47 - 00000000 ____D C:\Program Files\Boot Configuration
2013-08-30 12:45 - 2013-08-30 12:45 - 00000000 ____D C:\Windows\System32\macromed
2013-08-30 12:44 - 2013-08-30 12:41 - 00001355 _____ C:\Windows\TSSysprep.log
2013-08-30 12:43 - 2013-08-30 12:43 - 00000000 ____H C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2013-08-30 12:41 - 2010-11-20 16:46 - 00000000 ____D C:\Windows\CSC
2013-08-30 12:41 - 2009-07-13 20:34 - 00002790 _____ C:\Windows\DtcInstall.log
2013-08-30 03:24 - 2013-08-30 03:24 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\Macromedia
2013-08-30 03:24 - 2013-08-30 03:24 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\Adobe
2013-08-30 02:09 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-30 01:56 - 2013-08-30 01:56 - 00000000 ____D C:\Windows\System32\SRSLabs
2013-08-30 01:56 - 2013-08-30 01:54 - 00000000 ____D C:\Program Files\IDT
2013-08-30 01:54 - 2013-08-30 01:35 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-08-30 01:40 - 2013-08-30 01:40 - 00034308 _____ C:\Windows\System32\BASSMOD.dll
2013-08-30 01:39 - 2013-08-30 01:39 - 00002001 _____ C:\Users\Public\Desktop\Mozilla Firefox 3.5 Preview.lnk
2013-08-30 01:39 - 2013-08-30 01:39 - 00000050 _____ C:\Windows\sapl
2013-08-30 01:39 - 2013-08-30 01:39 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\Mozilla
2013-08-30 01:39 - 2013-08-30 01:39 - 00000000 _____ C:\Windows\nsreg.dat
2013-08-30 01:38 - 2013-08-30 12:50 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-30 01:38 - 2013-08-30 01:38 - 00000000 ____D C:\Users\Anosh\AppData\Local\Mozilla
2013-08-30 01:37 - 2013-08-30 01:30 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\Apple Computer
2013-08-30 01:36 - 2013-08-30 01:36 - 00000000 ____H C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-08-30 01:35 - 2013-08-30 01:35 - 00000000 ____D C:\Program Files\Realtek
2013-08-30 01:34 - 2013-08-30 01:34 - 00000000 ____D C:\dell
2013-08-30 01:31 - 2013-08-30 01:31 - 00000000 ____H C:\Windows\System32\Drivers\Msft_Kernel_netaapl_01009.Wdf
2013-08-30 01:30 - 2013-08-30 01:30 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-30 01:30 - 2013-08-30 01:30 - 00000966 _____ C:\Users\Anosh\Desktop\Fast Find.lnk
2013-08-30 01:30 - 2013-08-30 01:30 - 00000000 ____D C:\Users\Anosh\AppData\Local\Apple Computer
2013-08-30 01:30 - 2013-08-30 01:30 - 00000000 ____D C:\Users\Anosh\AppData\Local\Apple
2013-08-30 01:30 - 2013-08-30 01:30 - 00000000 ____D C:\ProgramData\Apple Computer
2013-08-30 01:30 - 2013-08-30 01:30 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-08-30 01:30 - 2013-08-30 01:30 - 00000000 ____D C:\Program Files\iTunes
2013-08-30 01:30 - 2013-08-30 01:30 - 00000000 ____D C:\Program Files\iPod
2013-08-30 01:30 - 2013-08-30 01:30 - 00000000 ____D C:\Program Files\Apple Software Update
2013-08-30 01:30 - 2013-08-30 01:29 - 00000000 ____D C:\ProgramData\Apple
2013-08-30 01:30 - 2013-08-30 01:29 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-08-30 01:29 - 2013-08-30 01:29 - 00000000 ____D C:\Program Files\Bonjour
2013-08-30 01:28 - 2013-08-30 01:28 - 00000969 _____ C:\Users\Public\Desktop\UltraISO.lnk
2013-08-30 01:28 - 2013-08-30 01:28 - 00000000 ____D C:\Users\Anosh\Documents\My ISO Files
2013-08-30 01:28 - 2013-08-30 01:28 - 00000000 ____D C:\Users\Anosh\AppData\Roaming\WinRAR
2013-08-30 01:28 - 2013-08-30 01:28 - 00000000 ____D C:\Program Files\UltraISO
2013-08-30 01:28 - 2013-08-30 01:28 - 00000000 ____D C:\Program Files\Common Files\EZB Systems
2013-08-30 01:24 - 2010-03-01 00:08 - 00000000 ____D C:\Windows\Win2Farsi
2013-08-30 01:23 - 2013-08-30 13:40 - 00000000 ____D C:\Windows\Panther
2013-08-30 01:23 - 2013-08-30 01:23 - 00000020 ___SH C:\Users\Anosh\ntuser.ini
2013-08-30 01:23 - 2013-08-30 01:23 - 00000000 __SHD C:\Recovery
2013-08-30 01:23 - 2013-08-30 01:23 - 00000000 ____D C:\users\Anosh
2013-08-30 01:23 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\Recovery

Some content of TEMP:
====================
C:\Users\Anosh\AppData\Local\Temp\hssinst.dll
C:\Users\Anosh\AppData\Local\Temp\psiphon3-plonk.exe
C:\Users\Anosh\AppData\Local\Temp\psiphon3-polipo.exe

==================== Known DLLs (Whitelisted) ============

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2010-11-20 13:29] - [2010-11-20 13:29] - 2616320 ____A (Microsoft Corporation) 9DE90F6B75E615A5945822330B6717A7

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe
[2010-11-20 13:29] - [2010-11-20 13:29] - 0026624 ____A (Microsoft Corporation) 72D3562A70D560334392D72664E30122

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-09-01 04:03:53
Restore point made on: 2013-09-01 04:04:18
Restore point made on: 2013-09-01 04:10:46
Restore point made on: 2013-09-02 05:11:09
Restore point made on: 2013-09-04 00:38:39
Restore point made on: 2013-09-14 05:01:33
Restore point made on: 2013-09-16 00:00:20

==================== Memory info ===========================

Percentage of memory in use: 8%
Total physical RAM: 6051.88 MB
Available physical RAM: 5537.36 MB
Total Pagefile: 6050.17 MB
Available Pagefile: 5542.14 MB
Total Virtual: 2047.88 MB
Available Virtual: 1945.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:70.12 GB) NTFS
Drive e: () (Fixed) (Total:97.66 GB) (Free:91.8 GB) NTFS
Drive f: () (Fixed) (Total:102.78 GB) (Free:94.98 GB) NTFS
Drive I: () (Removable) (Total:3.74 GB) (Free:3.74 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 1BAF0215)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)

LastRegBack: 2013-09-10 11:54

==================== End Of Log ============================
:

Broni · Sep 20, 2013

Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the UBCD.
Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
See if you can boot normally.

Lion143 · Sep 21, 2013

Fixlog
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 19-09-2013 01
Ran by SYSTEM at 2013-09-21 16:44:39 Run:1
Running from I:\
Boot Mode: Recovery

==============================================

Content of fixlist:
*****************
C:\Users\Anosh\AppData\Local\Temp\hssinst.dll
C:\Users\Anosh\AppData\Local\Temp\psiphon3-plonk.exe
C:\Users\Anosh\AppData\Local\Temp\psiphon3-polipo.exe
LastRegBack: 2013-09-10 11:54
*****************

C:\Users\Anosh\AppData\Local\Temp\hssinst.dll => Moved successfully.
C:\Users\Anosh\AppData\Local\Temp\psiphon3-plonk.exe => Moved successfully.
C:\Users\Anosh\AppData\Local\Temp\psiphon3-polipo.exe => Moved successfully.
DEFAULT hive was successfully copied to System32\config\HiveBackup
DEFAULT hive was successfully restored from registry back up.
SAM hive was successfully copied to System32\config\HiveBackup
SAM hive was successfully restored from registry back up.
SECURITY hive was successfully copied to System32\config\HiveBackup
SECURITY hive was successfully restored from registry back up.
SOFTWARE hive was successfully copied to System32\config\HiveBackup
SOFTWARE hive was successfully restored from registry back up.
SYSTEM hive was successfully copied to System32\config\HiveBackup
SYSTEM hive was successfully restored from registry back up.

==== End of Fixlog ====

It didnt work.

Should I just reinstall my OS? because I don't have anything important in drive C.

Broni · Sep 21, 2013

At this point it may the quickest solution.

Lion143 · Sep 25, 2013

My PC didn't accept my Os's Cd, but I restored a ''restore point'' and its working just fine now.
Am I supposed to install an AV program now? If yes, please give me a link of an AV program with a size below 100MBs, I am running low on internet data...

Broni · Sep 25, 2013

Install ONE of these:

- Avast! free antivirus: http://www.avast.com/eng/download-avast-home.html

- free Microsoft Security Essentials: http://windows.microsoft.com/en-GB/windows/products/security-essentials
Note for Windows 8 users: Microsoft Security Essentials comes preinstalled and renamed as Windows Defender.
You can keep it or you have to disable it before installing another AV program. How to...

- free Comodo Antivirus: http://www.comodo.com/home/internet-security/antivirus.php

Lion143 · Sep 30, 2013

I need some time, Will post the OTL log in 2 days.

Broni · Sep 30, 2013

Broni · Oct 5, 2013

Still with me?

Lion143 · Oct 6, 2013

Yes, I downloaded and installed MSE again but it jammed my PC again, I downloaded and installed Avast free antivirus as well but its saying that the trial version's time has ended. and now I downloaded another antivirus named ''Trend Micro Titanium Maximum Security 2014'' can I post the OTL's log after installing this Av prgram?

Broni · Oct 6, 2013

Please do.

Broni · Oct 6, 2013

Please do.

Lion143 · Oct 9, 2013

Sorry to keep you waiting...

OTL.txt

OTL logfile created on: 10/9/2013 12:04:35 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ANOSH\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.16 Gb Total Physical Memory | 2.61 Gb Available Physical Memory | 82.64% Memory free
6.32 Gb Paging File | 5.77 Gb Available in Paging File | 91.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97.56 Gb Total Space | 81.37 Gb Free Space | 83.41% Space Free | Partition Type: NTFS
Drive D: | 97.66 Gb Total Space | 91.80 Gb Free Space | 94.00% Space Free | Partition Type: NTFS
Drive E: | 102.78 Gb Total Space | 94.98 Gb Free Space | 92.42% Space Free | Partition Type: NTFS
Drive G: | 465.76 Gb Total Space | 214.72 Gb Free Space | 46.10% Space Free | Partition Type: NTFS

Computer Name: ANOSH-PC | User Name: ANOSH | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/09 12:00:15 | 000,115,200 | ---- | M] (MRT www.Win2Farsi.com) -- C:\Users\ANOSH\AppData\Local\Temp\MMBPlayer\Keychanger.exe
PRC - [2013/09/29 18:01:14 | 000,620,032 | ---- | M] (OldTimer Tools) -- C:\Users\ANOSH\Desktop\OTL.exe
PRC - [2013/07/15 11:42:36 | 001,555,304 | ---- | M] (Baidu, Inc.) -- C:\Program Files\Baidu Security\Baidu Antivirus\BAVSvc.exe
PRC - [2013/07/08 16:08:10 | 000,542,400 | ---- | M] (Baidu, Inc.) -- C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe
PRC - [2013/07/02 08:30:08 | 000,368,792 | ---- | M] (Baidu, Inc.) -- C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe
PRC - [2011/04/20 06:34:06 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/11/21 01:59:20 | 002,633,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/21 01:59:19 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/21 01:59:10 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2010/11/21 01:59:07 | 000,117,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2010/05/31 20:27:12 | 000,056,032 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\Hidfind.exe

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV - [2013/07/15 11:42:36 | 001,555,304 | ---- | M] (Baidu, Inc.) [Auto | Running] -- C:\Program Files\Baidu Security\Baidu Antivirus\BAVSvc.exe -- (BAVSvc)
SRV - [2013/07/02 08:30:08 | 000,368,792 | ---- | M] (Baidu, Inc.) [Auto | Running] -- C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe -- (BHipsSvc)
SRV - [2011/04/20 06:34:06 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/14 05:46:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 05:46:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 05:45:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - [2013/07/15 08:17:42 | 000,039,232 | ---- | M] (Baidu, Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\Bfilter.sys -- (Bfilter)
DRV - [2013/07/15 08:17:42 | 000,026,432 | ---- | M] (Baidu, Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\Bfmon.sys -- (Bfmon)
DRV - [2013/06/18 10:41:10 | 000,061,664 | ---- | M] (Baidu, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Bhbase.sys -- (Bhbase)
DRV - [2013/06/08 17:47:38 | 000,101,696 | ---- | M] (Baidu, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Bprotect.sys -- (Bprotect)
DRV - [2012/09/10 10:41:06 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2011/09/08 20:10:24 | 000,363,112 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2011/04/20 07:13:40 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/04/20 05:52:08 | 000,243,712 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011/02/02 19:14:34 | 000,041,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2010/11/21 01:59:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/21 01:59:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/21 01:59:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/21 01:59:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010/11/21 01:59:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010/11/21 01:59:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/21 01:59:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/21 01:59:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/21 01:59:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/21 01:59:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/21 01:59:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010/11/21 01:59:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/21 01:59:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/10/29 19:41:08 | 000,197,224 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010/10/15 01:27:18 | 000,269,824 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2010/06/22 00:29:30 | 000,255,096 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010/06/17 07:45:36 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2009/07/14 04:15:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\macromed\Flash\NPSWF32.dll ()

O1 HOSTS File: ([2011/06/25 14:08:19 | 000,004,554 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 76 more lines...
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Baidu Antivirus] C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe (Baidu, Inc.)
O4 - HKLM..\Run: [MRTKBDFA] C:\Windows\KeyChangerMRT.exe (MRT www.Win2Farsi.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableQuickReboot = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{76DB32CC-F4F6-4AA5-9F4D-0416189EAE05}: DhcpNameServer = 8.8.8.8 4.2.2.2
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 02:12:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{9487c81a-289a-11e3-9979-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9487c81a-289a-11e3-9979-806e6f6e6963}\Shell\AutoRun\command - "" = F:\DriverPack.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/09 12:03:08 | 000,101,696 | ---- | C] (Baidu, Inc.) -- C:\Windows\System32\drivers\Bprotect.sys
[2013/10/09 12:03:08 | 000,061,664 | ---- | C] (Baidu, Inc.) -- C:\Windows\System32\drivers\Bhbase.sys
[2013/10/09 12:03:08 | 000,039,232 | ---- | C] (Baidu, Inc.) -- C:\Windows\System32\drivers\Bfilter.sys
[2013/10/09 12:03:08 | 000,026,432 | ---- | C] (Baidu, Inc.) -- C:\Windows\System32\drivers\Bfmon.sys
[2013/10/09 12:03:08 | 000,000,000 | ---D | C] -- C:\Users\ANOSH\AppData\Roaming\Baidu
[2013/10/09 12:03:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Baidu
[2013/10/09 12:03:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
[2013/10/09 12:02:49 | 000,000,000 | ---D | C] -- C:\Program Files\Baidu Security
[2013/10/07 22:01:40 | 000,000,000 | ---D | C] -- C:\ProgramData\SMR400
[2013/10/07 21:59:33 | 000,000,000 | ---D | C] -- C:\Users\ANOSH\AppData\Local\NPE
[2013/10/07 21:59:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2013/10/07 21:59:00 | 000,000,000 | ---D | C] -- C:\Users\ANOSH\AppData\Roaming\WinRAR
[2013/10/07 16:11:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro Installer
[2013/10/05 10:08:27 | 000,000,000 | ---D | C] -- C:\Users\ANOSH\AppData\Roaming\Apple Computer
[2013/10/05 10:08:27 | 000,000,000 | ---D | C] -- C:\Users\ANOSH\AppData\Local\Apple Computer
[2013/10/05 10:08:00 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/10/05 10:07:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/10/05 10:07:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/10/05 10:07:59 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/10/05 10:07:26 | 000,000,000 | ---D | C] -- C:\Users\ANOSH\AppData\Local\Apple
[2013/10/05 10:07:24 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2013/10/05 10:07:04 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/10/05 10:06:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/10/05 10:06:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/10/04 12:17:32 | 000,269,824 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\drivers\IntcDAud.sys
[2013/10/04 12:17:32 | 000,012,288 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\IntcDAuC.dll
[2013/10/04 12:17:31 | 008,198,680 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\TVWSetup.exe
[2013/10/04 12:17:27 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxCoIn_v2342.dll
[2013/10/04 12:17:26 | 000,368,640 | ---- | C] (Intel Corporation) -- C:\Windows\System32\iglhsip32.dll
[2013/10/04 12:17:26 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsky.lrc
[2013/10/04 12:17:26 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrrus.lrc
[2013/10/04 12:17:26 | 000,284,160 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtrk.lrc
[2013/10/04 12:17:26 | 000,284,160 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsve.lrc
[2013/10/04 12:17:26 | 000,284,160 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrslv.lrc
[2013/10/04 12:17:26 | 000,283,648 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtha.lrc
[2013/10/04 12:17:26 | 000,262,144 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxTMM.dll
[2013/10/04 12:17:26 | 000,086,528 | ---- | C] (Intel Corporation) -- C:\Windows\System32\iglhcp32.dll
[2013/10/04 12:17:26 | 000,057,856 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.dll
[2013/10/04 12:17:25 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfra.lrc
[2013/10/04 12:17:25 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrrom.lrc
[2013/10/04 12:17:25 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptg.lrc
[2013/10/04 12:17:25 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrplk.lrc
[2013/10/04 12:17:25 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnld.lrc
[2013/10/04 12:17:25 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrita.lrc
[2013/10/04 12:17:25 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrhrv.lrc
[2013/10/04 12:17:25 | 000,284,160 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptb.lrc
[2013/10/04 12:17:25 | 000,284,160 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnor.lrc
[2013/10/04 12:17:25 | 000,284,160 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrhun.lrc
[2013/10/04 12:17:25 | 000,284,160 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfin.lrc
[2013/10/04 12:17:25 | 000,283,136 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrheb.lrc
[2013/10/04 12:17:25 | 000,281,600 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrjpn.lrc
[2013/10/04 12:17:25 | 000,281,088 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrkor.lrc
[2013/10/04 12:17:24 | 009,030,656 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxress.dll
[2013/10/04 12:17:24 | 000,575,488 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumdx32.dll
[2013/10/04 12:17:24 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxresn.lrc
[2013/10/04 12:17:24 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrell.lrc
[2013/10/04 12:17:24 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdeu.lrc
[2013/10/04 12:17:24 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcsy.lrc
[2013/10/04 12:17:24 | 000,283,648 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrenu.lrc
[2013/10/04 12:17:24 | 000,283,648 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdan.lrc
[2013/10/04 12:17:24 | 000,283,136 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrara.lrc
[2013/10/04 12:17:24 | 000,280,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcht.lrc
[2013/10/04 12:17:24 | 000,280,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrchs.lrc
[2013/10/04 12:17:24 | 000,142,848 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcmrt32.dll
[2013/10/04 12:17:24 | 000,130,048 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxdo.dll
[2013/10/04 12:17:24 | 000,120,320 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcpl.cpl
[2013/10/04 12:17:24 | 000,024,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxexps.dll
[2013/10/04 12:17:23 | 005,692,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumd32.dll
[2013/10/04 12:17:22 | 006,068,736 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igd10umd32.dll
[2013/10/04 12:17:20 | 014,294,016 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4icd32.dll
[2013/10/04 12:17:19 | 004,690,968 | ---- | C] (Intel Corporation) -- C:\Windows\System32\GfxUI.exe
[2013/10/04 12:17:19 | 000,145,408 | ---- | C] (Intel Corporation) -- C:\Windows\System32\gfxSrvc.dll
[2013/10/04 12:00:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2013/10/04 11:59:20 | 000,102,400 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxCoIn_v2843.dll
[2013/10/04 11:59:17 | 003,776,512 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcmjit32.dll
[2013/10/04 11:59:17 | 000,448,512 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfx11cmrt32.dll
[2013/10/04 11:59:09 | 000,000,000 | ---D | C] -- C:\Dell
[2013/10/04 10:06:35 | 000,000,000 | ---D | C] -- C:\Users\ANOSH\AppData\Local\Microsoft Games
[2013/09/30 07:44:52 | 000,000,000 | ---D | C] -- C:\Users\ANOSH\AppData\Roaming\Media Player Classic
[2013/09/30 07:44:25 | 000,000,000 | ---D | C] -- C:\Users\ANOSH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013/09/30 07:44:07 | 000,000,000 | ---D | C] -- C:\Users\ANOSH\Documents\GTA San Andreas User Files
[2013/09/29 18:17:16 | 000,000,000 | ---D | C] -- C:\Users\ANOSH\AppData\Roaming\Adobe
[2013/09/29 18:13:26 | 000,000,000 | ---D | C] -- C:\Users\ANOSH\AppData\Local\Google
[2013/09/29 18:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/09/29 18:13:07 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013/09/29 18:12:19 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/09/29 18:09:02 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/09/29 18:08:57 | 000,620,032 | ---- | C] (OldTimer Tools) -- C:\Users\ANOSH\Desktop\OTL.exe
[2013/09/29 18:02:09 | 000,000,000 | ---D | C] -- C:\Users\ANOSH\AppData\Roaming\Malwarebytes
[2013/09/29 18:02:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/09/29 18:01:58 | 000,000,000 | ---D | C] -- C:\Users\ANOSH\AppData\Local\Programs
[2013/09/29 05:33:13 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013/09/29 04:40:36 | 000,000,000 | ---D | C] -- C:\Program Files\Boot Configuration
[2013/09/29 04:38:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\macromed
[2013/09/29 04:38:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dream Aquarium
[2013/09/29 04:38:27 | 000,000,000 | ---D | C] -- C:\Program Files\Dream Aquarium
[2013/09/29 04:38:26 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2013/09/29 04:38:26 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2013/09/29 04:38:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Freeze Standard
[2013/09/29 04:38:11 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013/09/29 04:38:10 | 000,474,368 | ---- | C] (Foxit Software Company) -- C:\Windows\fxdecod1.dll
[2013/09/29 04:38:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows se7en Tools
[2013/09/29 04:38:05 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2013/09/29 04:38:05 | 000,232,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\mp3fhg.acm
[2013/09/29 04:38:05 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm
[2013/09/29 04:38:03 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2013/09/29 04:36:39 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/09/29 04:34:33 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/09/29 04:33:40 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/09/28 18:13:45 | 000,000,000 | ---D | C] -- C:\Program Files\Apoint2K
[2013/09/28 18:13:39 | 000,255,096 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\System32\drivers\Apfiltr.sys
[2013/09/28 18:13:38 | 000,114,616 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\System32\Vxdif.dll
[2013/09/28 18:13:36 | 000,170,864 | ---- | C] (ALPS Electric Co., Ltd.) -- C:\Windows\System32\ApShellExt.dll
[2013/09/28 18:13:23 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013/09/28 18:13:17 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01009.dll
[2013/09/28 18:12:22 | 000,363,112 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rtlh86.sys
[2013/09/28 18:12:21 | 000,100,896 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
[2013/09/28 18:12:06 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2013/09/28 18:12:06 | 000,052,736 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2013/09/28 18:12:01 | 007,772,160 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2013/09/28 18:12:01 | 000,243,712 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2013/09/28 18:12:00 | 000,413,696 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2013/09/28 18:12:00 | 000,315,392 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODE.exe
[2013/09/28 18:12:00 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2013/09/28 18:12:00 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2013/09/28 18:12:00 | 000,172,032 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2013/09/28 18:12:00 | 000,139,264 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atibtmon.exe
[2013/09/28 18:12:00 | 000,065,536 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODCLI.exe
[2013/09/28 18:11:58 | 017,693,184 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2013/09/28 18:11:58 | 004,286,464 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdag.dll
[2013/09/28 18:11:58 | 004,056,576 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll
[2013/09/28 18:11:58 | 001,923,584 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll
[2013/09/28 18:11:58 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2013/09/28 18:11:58 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2013/09/28 18:11:58 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2013/09/28 18:11:58 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2013/09/28 18:11:58 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2013/09/28 18:11:58 | 000,031,232 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2013/09/28 18:11:58 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2013/09/28 18:11:58 | 000,015,872 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2013/09/28 18:11:58 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2013/09/28 18:11:57 | 006,389,760 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2013/09/28 18:11:57 | 004,161,536 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atidxx32.dll
[2013/09/28 18:11:57 | 000,676,864 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\aticfx32.dll
[2013/09/28 18:11:57 | 000,262,144 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2013/09/28 18:11:57 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2013/09/28 18:11:57 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2013/09/28 18:11:57 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2013/09/28 18:11:57 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2013/09/28 18:11:47 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2013/09/28 18:11:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2013/09/28 18:11:47 | 000,000,000 | ---D | C] -- C:\Intel
[2013/09/28 18:11:30 | 000,267,264 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxpph.dll
[2013/09/28 18:11:30 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxCoIn_v2401.dll
[2013/09/28 18:11:28 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2013/09/28 18:11:28 | 000,095,232 | ---- | C] (Intel Corporation) -- C:\Windows\System32\hccutils.dll
[2013/09/28 18:10:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\sda
[2013/09/28 18:10:10 | 009,888,360 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtsUStoricon.dll
[2013/09/28 18:10:10 | 000,313,960 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtsUStor.dll
[2013/09/28 18:10:10 | 000,197,224 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtsUStor.sys
[2013/09/28 18:10:08 | 000,014,128 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\vmmouse.sys
[2013/09/28 18:09:51 | 000,014,392 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\drivers\AtiPcie.sys
[2013/09/28 18:09:32 | 000,041,216 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\HECI.sys
[2013/09/28 17:59:41 | 000,635,296 | ---- | C] (MRT www.Win2Farsi.com) -- C:\Windows\KeyChangerMRT.exe
[2013/09/28 17:59:34 | 000,000,000 | R--D | C] -- C:\Users\ANOSH\Searches
[2013/09/28 17:59:34 | 000,000,000 | R--D | C] -- C:\Users\ANOSH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/09/28 17:59:34 | 000,000,000 | -H-D | C] -- C:\Users\ANOSH\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/09/28 17:59:25 | 000,000,000 | ---D | C] -- C:\Users\ANOSH\AppData\Roaming\Identities
[2013/09/28 17:59:23 | 000,000,000 | R--D | C] -- C:\Users\ANOSH\Contacts
[2013/09/28 17:59:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/09/28 17:59:15 | 000,000,000 | -HSD | C] -- C:\Users\ANOSH\AppData\Local\Temporary Internet Files
[2013/09/28 17:59:15 | 000,000,000 | -HSD | C] -- C:\Users\ANOSH\Templates
[2013/09/28 17:59:15 | 000,000,000 | -HSD | C] -- C:\Users\ANOSH\Start Menu
[2013/09/28 17:59:15 | 000,000,000 | -HSD | C] -- C:\Users\ANOSH\SendTo
[2013/09/28 17:59:15 | 000,000,000 | -HSD | C] -- C:\Users\ANOSH\Recent
[2013/09/28 17:59:15 | 000,000,000 | -HSD | C] -- C:\Users\ANOSH\PrintHood
[2013/09/28 17:59:15 | 000,000,000 | -HSD | C] -- C:\Users\ANOSH\NetHood
[2013/09/28 17:59:15 | 000,000,000 | -HSD | C] -- C:\Users\ANOSH\Documents\My Videos
[2013/09/28 17:59:15 | 000,000,000 | -HSD | C] -- C:\Users\ANOSH\Documents\My Pictures
[2013/09/28 17:59:15 | 000,000,000 | -HSD | C] -- C:\Users\ANOSH\Documents\My Music
[2013/09/28 17:59:15 | 000,000,000 | -HSD | C] -- C:\Users\ANOSH\My Documents
[2013/09/28 17:59:15 | 000,000,000 | -HSD | C] -- C:\Users\ANOSH\Local Settings
[2013/09/28 17:59:15 | 000,000,000 | -HSD | C] -- C:\Users\ANOSH\AppData\Local\History
[2013/09/28 17:59:15 | 000,000,000 | -HSD | C] -- C:\Users\ANOSH\Cookies
[2013/09/28 17:59:15 | 000,000,000 | -HSD | C] -- C:\Users\ANOSH\Application Data
[2013/09/28 17:59:15 | 000,000,000 | -HSD | C] -- C:\Users\ANOSH\AppData\Local\Application Data
[2013/09/28 17:59:14 | 000,000,000 | --SD | C] -- C:\Users\ANOSH\AppData\Roaming\Microsoft
[2013/09/28 17:59:14 | 000,000,000 | R--D | C] -- C:\Users\ANOSH\Videos
[2013/09/28 17:59:14 | 000,000,000 | R--D | C] -- C:\Users\ANOSH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/09/28 17:59:14 | 000,000,000 | R--D | C] -- C:\Users\ANOSH\Saved Games
[2013/09/28 17:59:14 | 000,000,000 | R--D | C] -- C:\Users\ANOSH\Pictures
[2013/09/28 17:59:14 | 000,000,000 | R--D | C] -- C:\Users\ANOSH\Music
[2013/09/28 17:59:14 | 000,000,000 | R--D | C] -- C:\Users\ANOSH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/09/28 17:59:14 | 000,000,000 | R--D | C] -- C:\Users\ANOSH\Links
[2013/09/28 17:59:14 | 000,000,000 | R--D | C] -- C:\Users\ANOSH\Favorites
[2013/09/28 17:59:14 | 000,000,000 | R--D | C] -- C:\Users\ANOSH\Downloads
[2013/09/28 17:59:14 | 000,000,000 | R--D | C] -- C:\Users\ANOSH\Documents
[2013/09/28 17:59:14 | 000,000,000 | R--D | C] -- C:\Users\ANOSH\Desktop
[2013/09/28 17:59:14 | 000,000,000 | R--D | C] -- C:\Users\ANOSH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/09/28 17:59:14 | 000,000,000 | -H-D | C] -- C:\Users\ANOSH\AppData
[2013/09/28 17:59:14 | 000,000,000 | ---D | C] -- C:\Users\ANOSH\AppData\Local\Temp
[2013/09/28 17:59:14 | 000,000,000 | ---D | C] -- C:\Users\ANOSH\AppData\Local\Microsoft
[2013/09/28 17:59:14 | 000,000,000 | ---D | C] -- C:\Users\ANOSH\AppData\Roaming\Media Center Programs
[2013/09/28 17:59:08 | 000,000,000 | -HSD | C] -- C:\Recovery

========== Files - Modified Within 30 Days ==========

[2013/10/09 12:07:04 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/09 12:07:04 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/09 12:03:05 | 000,001,160 | ---- | M] () -- C:\Users\Public\Desktop\Baidu Antivirus.lnk
[2013/10/09 11:59:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/09 11:59:43 | 2546,372,608 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/07 22:02:31 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/10/07 22:00:38 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_netaapl_01009.Wdf
[2013/10/07 18:43:28 | 000,001,282 | ---- | M] () -- C:\Users\Public\Desktop\Trend Micro Titanium Maximum Security Installer.lnk
[2013/10/07 18:43:24 | 000,000,036 | ---- | M] () -- C:\Users\ANOSH\AppData\Local\housecall.guid.cache
[2013/10/07 16:19:56 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/10/04 12:19:49 | 000,015,844 | ---- | M] () -- C:\Windows\System32\results.xml
[2013/10/04 11:57:49 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/10/04 11:38:32 | 000,001,411 | ---- | M] () -- C:\Users\ANOSH\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/09/29 18:08:36 | 000,615,360 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/09/29 18:08:36 | 000,103,702 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/09/29 18:01:14 | 000,620,032 | ---- | M] (OldTimer Tools) -- C:\Users\ANOSH\Desktop\OTL.exe
[2013/09/29 04:38:10 | 000,716,122 | ---- | M] () -- C:\Windows\unins000.exe
[2013/09/29 04:38:10 | 000,002,027 | ---- | M] () -- C:\Windows\unins000.dat
[2013/09/29 04:37:59 | 000,266,808 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/09/29 04:37:05 | 000,043,391 | ---- | M] () -- C:\Windows\System32\license.rtf
[2013/09/29 04:35:40 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/09/28 18:13:49 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2013/09/28 18:13:27 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013/09/26 07:12:34 | 131,918,888 | ---- | M] () -- C:\Users\ANOSH\Desktop\avast_free_antivirus_setup.exe

========== Files Created - No Company Name ==========

[2013/10/09 12:03:05 | 000,001,160 | ---- | C] () -- C:\Users\Public\Desktop\Baidu Antivirus.lnk
[2013/10/07 22:02:31 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/10/07 22:00:38 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_netaapl_01009.Wdf
[2013/10/07 18:43:24 | 000,000,036 | ---- | C] () -- C:\Users\ANOSH\AppData\Local\housecall.guid.cache
[2013/10/07 18:37:38 | 000,001,282 | ---- | C] () -- C:\Users\Public\Desktop\Trend Micro Titanium Maximum Security Installer.lnk
[2013/10/05 10:07:24 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/10/05 10:05:30 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/10/04 12:17:27 | 000,062,632 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp
[2013/10/04 12:17:27 | 000,060,254 | ---- | C] () -- C:\Windows\System32\iglhxg32.vp
[2013/10/04 12:17:27 | 000,060,015 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp
[2013/10/04 12:17:26 | 001,921,265 | ---- | C] () -- C:\Windows\System32\iglhxa32.cpa
[2013/10/04 12:17:26 | 000,060,226 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp
[2013/10/04 12:17:26 | 000,001,090 | ---- | C] () -- C:\Windows\System32\iglhxa32.vp
[2013/10/04 12:17:24 | 000,216,876 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin
[2013/10/04 12:17:24 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2013/10/04 12:17:20 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2013/10/04 12:17:19 | 000,208,335 | ---- | C] () -- C:\Windows\System32\Gfxres.th-TH.resources
[2013/10/04 12:17:19 | 000,195,681 | ---- | C] () -- C:\Windows\System32\Gfxres.el-GR.resources
[2013/10/04 12:17:19 | 000,180,246 | ---- | C] () -- C:\Windows\System32\Gfxres.ru-RU.resources
[2013/10/04 12:17:19 | 000,154,366 | ---- | C] () -- C:\Windows\System32\Gfxres.ar-SA.resources
[2013/10/04 12:17:19 | 000,151,350 | ---- | C] () -- C:\Windows\System32\Gfxres.ja-JP.resources
[2013/10/04 12:17:19 | 000,147,392 | ---- | C] () -- C:\Windows\System32\Gfxres.he-IL.resources
[2013/10/04 12:17:19 | 000,138,635 | ---- | C] () -- C:\Windows\System32\Gfxres.it-IT.resources
[2013/10/04 12:17:19 | 000,137,000 | ---- | C] () -- C:\Windows\System32\Gfxres.ko-KR.resources
[2013/10/04 12:17:19 | 000,136,226 | ---- | C] () -- C:\Windows\System32\Gfxres.de-DE.resources
[2013/10/04 12:17:19 | 000,136,172 | ---- | C] () -- C:\Windows\System32\Gfxres.es-ES.resources
[2013/10/04 12:17:19 | 000,135,119 | ---- | C] () -- C:\Windows\System32\Gfxres.ro-RO.resources
[2013/10/04 12:17:19 | 000,134,081 | ---- | C] () -- C:\Windows\System32\Gfxres.fr-FR.resources
[2013/10/04 12:17:19 | 000,133,868 | ---- | C] () -- C:\Windows\System32\Gfxres.tr-TR.resources
[2013/10/04 12:17:19 | 000,133,321 | ---- | C] () -- C:\Windows\System32\Gfxres.pt-BR.resources
[2013/10/04 12:17:19 | 000,132,876 | ---- | C] () -- C:\Windows\System32\Gfxres.nl-NL.resources
[2013/10/04 12:17:19 | 000,132,861 | ---- | C] () -- C:\Windows\System32\Gfxres.hu-HU.resources
[2013/10/04 12:17:19 | 000,132,422 | ---- | C] () -- C:\Windows\System32\Gfxres.sv-SE.resources
[2013/10/04 12:17:19 | 000,132,299 | ---- | C] () -- C:\Windows\System32\Gfxres.pt-PT.resources
[2013/10/04 12:17:19 | 000,131,897 | ---- | C] () -- C:\Windows\System32\Gfxres.cs-CZ.resources
[2013/10/04 12:17:19 | 000,131,711 | ---- | C] () -- C:\Windows\System32\Gfxres.pl-PL.resources
[2013/10/04 12:17:19 | 000,131,456 | ---- | C] () -- C:\Windows\System32\Gfxres.fi-FI.resources
[2013/10/04 12:17:19 | 000,131,290 | ---- | C] () -- C:\Windows\System32\Gfxres.sk-SK.resources
[2013/10/04 12:17:19 | 000,130,414 | ---- | C] () -- C:\Windows\System32\Gfxres.hr-HR.resources
[2013/10/04 12:17:19 | 000,127,599 | ---- | C] () -- C:\Windows\System32\Gfxres.sl-SI.resources
[2013/10/04 12:17:19 | 000,127,367 | ---- | C] () -- C:\Windows\System32\Gfxres.nb-NO.resources
[2013/10/04 12:17:19 | 000,127,109 | ---- | C] () -- C:\Windows\System32\Gfxres.da-DK.resources
[2013/10/04 12:17:19 | 000,122,646 | ---- | C] () -- C:\Windows\System32\Gfxres.en-US.resources
[2013/10/04 12:17:19 | 000,116,413 | ---- | C] () -- C:\Windows\System32\Gfxres.zh-TW.resources
[2013/10/04 12:17:19 | 000,115,195 | ---- | C] () -- C:\Windows\System32\Gfxres.zh-CN.resources
[2013/10/04 12:01:56 | 000,015,844 | ---- | C] () -- C:\Windows\System32\results.xml
[2013/10/04 11:59:20 | 000,272,928 | ---- | C] () -- C:\Windows\System32\igvpkrng600.bin
[2013/10/04 11:59:20 | 000,059,384 | ---- | C] () -- C:\Windows\System32\iglhxc32_dev.vp
[2013/10/04 11:59:20 | 000,059,328 | ---- | C] () -- C:\Windows\System32\iglhxg32_dev.vp
[2013/10/04 11:59:20 | 000,059,215 | ---- | C] () -- C:\Windows\System32\iglhxo32_dev.vp
[2013/10/04 11:59:14 | 000,064,512 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2013/10/04 11:59:13 | 000,963,388 | ---- | C] () -- C:\Windows\System32\igcodeckrng600.bin
[2013/10/04 11:38:32 | 000,001,411 | ---- | C] () -- C:\Users\ANOSH\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/09/29 18:08:53 | 131,918,888 | ---- | C] () -- C:\Users\ANOSH\Desktop\avast_free_antivirus_setup.exe
[2013/09/29 04:38:29 | 000,126,976 | ---- | C] () -- C:\Windows\Dream Aquarium.scr
[2013/09/29 04:38:10 | 002,359,296 | ---- | C] () -- C:\Windows\PDFReader.exe
[2013/09/29 04:38:10 | 000,716,122 | ---- | C] () -- C:\Windows\unins000.exe
[2013/09/29 04:38:10 | 000,002,027 | ---- | C] () -- C:\Windows\unins000.dat
[2013/09/29 04:38:06 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2013/09/29 04:38:05 | 000,810,496 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2013/09/29 04:38:05 | 000,183,808 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2013/09/29 04:38:05 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2013/09/29 04:38:05 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2013/09/29 04:36:59 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/09/29 04:36:48 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013/09/29 04:35:40 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/09/29 04:33:40 | 2546,372,608 | -HS- | C] () -- C:\hiberfil.sys
[2013/09/28 18:13:49 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2013/09/28 18:13:27 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013/09/28 18:12:21 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2013/09/28 18:11:58 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2013/09/28 18:11:57 | 000,989,600 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2013/09/28 18:11:57 | 000,233,012 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2013/09/28 18:11:57 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2013/09/28 18:11:56 | 000,165,296 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2013/09/28 18:11:56 | 000,032,200 | ---- | C] () -- C:\Windows\atiogl.xml
[2013/09/28 18:11:28 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2013/09/28 18:11:16 | 000,963,116 | ---- | C] () -- C:\Windows\System32\igkrng600.bin
[2013/09/28 18:11:16 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin
[2013/09/28 17:59:35 | 000,001,417 | ---- | C] () -- C:\Users\ANOSH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/09/28 17:59:14 | 000,000,290 | ---- | C] () -- C:\Users\ANOSH\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/09/28 17:59:14 | 000,000,272 | ---- | C] () -- C:\Users\ANOSH\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

========== ZeroAccess Check ==========

[2009/07/14 09:12:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/21 01:59:11 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 01:59:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 05:46:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Broni · Oct 9, 2013

Looks good.
You should be good to go.

Lion143 · Oct 10, 2013

Thanks a million for all the help and your patience.

Broni · Oct 10, 2013

You're very welcome

Solved Runouce.exe

Posts: 22 +0

Posts: 56,041 +516

Posts: 22 +0

Posts: 22 +0

Posts: 56,041 +516

Attachments

Posts: 22 +0

Posts: 56,041 +516

Posts: 22 +0

Posts: 56,041 +516

Posts: 22 +0

Posts: 56,041 +516

Posts: 56,041 +516

Posts: 22 +0

Posts: 56,041 +516

Posts: 56,041 +516

Posts: 22 +0

Posts: 56,041 +516

Posts: 22 +0

Posts: 56,041 +516

Similar threads