Infected by trojan.

Status
Not open for further replies.
I can't boot from CD. The xPUD screen appears with a list of languages to select. I select English, the screen goes black and says 'fatal error' etc. There is no 'file' to click on.
 
Hi chelseafan,

Ok sometimes that will happen. We will try another program.
--------

We'll use a CD that we will make bootable. We also need a USB flashdrive that has some space on it. We will not be changing any of the data on the usb device just using it for a file.

  • Save these files to your Desktop
  • Open BurnCDCC and Extract All files to to it's own folder
  • Double Click BurnCDCC
  • Click Browse and navigate to the Puppy Linux ISO file you just downloaded
  • click on it and click Open
  • IMPORTANT: Adjust the speed bar to CD: 4x DVD: 1x
  • Click Start
  • Your CD Burner Tray will open automatically
  • Insert a blank CD and close the tray
  • Click OK
The CD should eject when finished.

Download and save pldumpit.exe to your USB device.

To use the CD

  • Leave the usb device attached to the computer
  • Insert the CD and restart the computer
  • When the computer first starts please press the key indicated on the screen to enter the bios or setup.
  • Make the necessary changes to make the CD first in the boot order
  • Save the changes and exit the bios/setup
  • Your computer will restart and boot from the Puppy Linux Live CD

You can save these instructions to a notepad on your usb device. Once you have mounted the drives you should be able view them by clicking on them.

  • Set your language, time. etc preferences and continue
  • Click the Mount Icon located at the top left of your desktop (should be 3rd from the left top row)
  • A Window will open, click mount for each drive listed
  • if you have a USB Flash Drive connected it's usually automatically mounted upon boot, but click the "usbdrv" tab and make sure it is mounted.

In the lower left you will see some icons with a green light on them. Click on the one that represents your usb device.
  • locate pldumpit.exe
  • right click it and select rename
  • please remove only the .exe from the file path
  • click rename
  • click on pldumpit
  • a window will open please hit enter when told to to close the window
  • there should now be a file named mbr.zip in the list of files
  • close all windows
  • click menu
  • highlight shutdown
  • click reboot
  • use the arrow key to select Do not save
  • hit enter
  • remove the CD before the computer restarts and allow the computer to boot

Please attach MBR.zip to your next reply.
 
I attached the file but just to let you know, I had a problem towards the end. After highlighting shutdown and reboot, there was no 'Do not save' option. I removed the CD, the screen loaded and it said 'Invalid or corrupt kernel image
Boot:'
 
Hi chelseafan,

I have not forgotten you. I am talking with colleagues about your system and what they are seeing. I appreciate you patience. I assure you I am working as quickly as I can on this. :thanks:
 
Hi,

Please download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
 
I decided to do it tonight.


Scan result of Farbar Recovery Tool (FRST written by farbar) Version: 17-01-2012 00
Ran by SYSTEM at 2012-01-24 02:16:41
Running from H:\
Windows 7 Ultimate (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1436736 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10920552 2010-06-22] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-05-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-04-08] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
HKU\Paul\...\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5495680 2011-11-19] (SUPERAntiSpyware.com)
HKU\Paul\...\Run: [SansaDispatch] C:\Users\Paul\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe [79872 2011-08-18] (SanDisk Corporation)
HKU\Paul\...\Policies\system: [disableregistrytools] 0
HKLM\...\Runonce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{5FBA79C8-743B-45CB-B3F6-4EC3856F55EA}: [NameServer]8.8.8.8,208.67.220.220

==================== Services (Whitelisted) ======

2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2011-08-17] (SUPERAntiSpyware.com)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [12784 2011-04-27] (Microsoft Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe" [288272 2011-04-27] (Microsoft Corporation)
2 Crypkey License; crypserv.exe [x]
2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [x]

========================== Drivers (Whitelisted) =============

3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [95232 2009-07-13] (Microsoft Corporation)
2 cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [21992 2010-11-09] (CPUID)
1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-04-19] (DT Soft Ltd)
1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-08-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-08-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
3 SeratoUsb; C:\Windows\System32\Drivers\SeratoUsb.sys [50808 2011-06-21] (Cristalink Ltd)
3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [37888 2010-09-22] (AnchorFree Inc)
3 catchme; \??\C:\ComboFix\catchme.sys [x]
1 NetworkX; C:\Windows\System32\ckldrv.sys [x]
3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [x]
3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [x]
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-01-24 02:16 - 2012-01-24 02:17 - 0000000 ____D C:\FRST
2012-01-23 09:13 - 2012-01-23 09:13 - 75469761 ____A C:\Users\James\Desktop\18627-Dublin 2012 Promo Mix 2.mp3
2012-01-23 07:35 - 2012-01-23 08:36 - 185463856 ____A C:\Users\James\Desktop\01-fabio_-_bbc_radio1-sat-01-23-2012-talion.mp3
2012-01-22 19:51 - 2012-01-22 19:51 - 14962880 ____A C:\Users\James\Desktop\kidcudisopa.mp3
2012-01-22 05:09 - 2012-01-22 05:13 - 82640808 ____A C:\Users\James\Desktop\Joey Beltram - Obsession - Quickening - Colliseum NYE '93.m4a
2012-01-19 05:58 - 2012-01-19 06:21 - 259202368 ____A C:\Users\James\Desktop\Bailey_1Xtra D&B_2012_01_18_qrip.mp3
2012-01-17 08:55 - 2012-01-17 08:58 - 25816232 ____A C:\Users\James\Desktop\Fabio and Grooverider_BBC Radio1_2012_01_16_qrip.mp3
2012-01-16 18:04 - 2012-01-16 18:04 - 0000000 ____D C:\Users\James\Desktop\burncdcc
2012-01-16 18:03 - 2012-01-16 18:03 - 0070397 ____A C:\Users\James\Desktop\burncdcc.zip
2012-01-16 18:00 - 2012-01-16 18:35 - 135467008 ____A C:\Users\James\Desktop\lupu-528.iso
2012-01-16 05:39 - 2012-01-16 05:50 - 0000000 ____D C:\Users\James\Desktop\GETxPUD
2012-01-12 05:47 - 2012-01-12 05:47 - 0057560 ____A C:\Users\James\Desktop\guitar.jpg
2012-01-11 05:40 - 2012-01-11 05:55 - 174062080 ____A C:\Users\James\Downloads\Bryan G_Ministry of Sound_D&B_V Recordings_2012_01_10_qrip.mp3
2012-01-10 14:53 - 2012-01-10 14:53 - 0334125 ____A C:\Users\James\Downloads\FSS(2).exe
2012-01-10 13:59 - 2011-11-19 06:58 - 0077312 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll
2012-01-10 13:59 - 2011-11-19 06:01 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2012-01-10 13:59 - 2011-11-16 22:41 - 1731920 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2012-01-10 13:59 - 2011-11-16 21:38 - 1292080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2012-01-10 13:59 - 2011-10-25 21:25 - 1572864 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll
2012-01-10 13:59 - 2011-10-25 21:25 - 0366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2012-01-10 13:59 - 2011-10-25 20:32 - 1328128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2012-01-10 13:59 - 2011-10-25 20:32 - 0514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2012-01-10 13:59 - 2011-10-13 21:31 - 0918528 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-01-10 13:59 - 2011-10-13 20:24 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-01-10 10:49 - 2012-01-10 10:49 - 0334125 ____A C:\Users\James\Downloads\FSS(1).exe
2012-01-10 08:59 - 2012-01-10 08:59 - 0334125 ____A C:\Users\James\Downloads\FSS.exe
2012-01-10 04:57 - 2012-01-10 04:57 - 0258560 ____A (OldTimer Tools) C:\Users\James\Downloads\OTH.scr
2012-01-09 15:29 - 2012-01-09 15:29 - 0001131 ____A C:\Users\James\Desktop\Malwarebytes' Anti-Malware.lnk
2012-01-09 05:18 - 2012-01-09 05:21 - 0154518 ____A C:\TDSSKiller.2.6.25.0_09.01.2012_13.18.39_log.txt
2012-01-09 05:15 - 2012-01-09 05:15 - 1558406 ____A C:\Users\James\Downloads\tdsskiller.zip
2012-01-09 05:11 - 2012-01-09 23:25 - 0000000 ____D C:\Users\James\AppData\Roaming\Ohriva
2012-01-09 05:11 - 2012-01-09 11:40 - 0000000 ____D C:\Users\James\AppData\Roaming\Ukyso
2012-01-09 04:01 - 2012-01-09 11:41 - 0000000 ____D C:\Users\James\AppData\Roaming\Iteq
2012-01-08 16:24 - 2012-01-08 16:24 - 0000000 ____D C:\Windows\system64
2012-01-08 16:23 - 2012-01-09 05:28 - 0012404 __ASH C:\Users\James\AppData\Local\488o5v2e4050
2012-01-08 16:23 - 2012-01-09 05:28 - 0012404 __ASH C:\Users\All Users\488o5v2e4050
2012-01-08 16:23 - 2012-01-09 05:28 - 0012404 __ASH C:\ProgramData\488o5v2e4050
2012-01-08 15:51 - 2012-01-08 15:51 - 0000000 ____D C:\Users\James\AppData\Local\{E8AD9742-C88A-4EDB-8243-FD4C046DEB15}
2012-01-08 15:51 - 2012-01-08 15:51 - 0000000 ____D C:\Users\James\AppData\Local\{5E011144-F750-4358-B499-E1F06E908626}
2012-01-07 17:14 - 2012-01-07 17:15 - 4713472 ____A (AVAST Software) C:\Users\James\Downloads\aswMBR.exe
2012-01-07 16:49 - 2012-01-07 16:49 - 0584192 ____A (OldTimer Tools) C:\Users\James\Downloads\OTL(1).exe
2012-01-06 07:32 - 2012-01-06 07:53 - 259202368 ____A C:\Users\James\Downloads\Bailey_1Xtra D&B_2012_01_04_qrip.mp3
2012-01-05 06:36 - 2012-01-05 06:57 - 259202368 ____A C:\Users\James\Downloads\Crissy Criss_1Xtra D&B M1X_2012_01_05_qrip.mp3
2012-01-04 06:05 - 2012-01-04 06:34 - 174280384 ____A C:\Users\James\Downloads\Shogun Audio_Ministry of Sound D&B_2012_01_03_qrip.mp3
2011-12-28 07:42 - 2011-12-28 07:42 - 0001142 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2011-12-28 07:24 - 2011-12-28 07:30 - 240976355 ____A C:\Users\James\Downloads\20111226-bitm-vol-12-calibre-fava-12-jahre-baesse-ba.mp3
2011-12-28 06:54 - 2011-12-28 06:54 - 15292208 ____A (Mozilla) C:\Users\James\Downloads\Firefox Setup 9.0.1.exe
2011-12-27 07:23 - 2011-12-27 07:23 - 417591496 ____A C:\Windows\MEMORY.DMP
2011-12-27 07:23 - 2011-12-27 07:23 - 0373024 ____A C:\Windows\Minidump\122711-22370-01.dmp
2011-12-26 15:00 - 2011-12-26 15:07 - 136105462 ____A C:\Users\James\Downloads\DJ_Vapour-Dec_2011_3_Deck_Studio_Mix-www.36hertz.com.zip
2011-12-25 16:07 - 2011-12-25 16:07 - 0000000 ____D C:\Users\James\AppData\Local\{93BF89B5-58A4-49B8-8490-CD7E70BDA65F}
2011-12-25 16:07 - 2011-12-25 16:07 - 0000000 ____D C:\Users\James\AppData\Local\{896784B4-C401-459B-BEE4-05106EFBAA3E}
2011-12-25 04:06 - 2011-12-25 04:07 - 0000000 ____D C:\Users\James\AppData\Local\{37C0F7C8-BB64-475C-AF8F-32127CC2467E}
2011-12-25 04:06 - 2011-12-25 04:06 - 0000000 ____D C:\Users\James\AppData\Local\{3E09E124-29AF-401E-A450-7977E55E7F01}

============ 3 Months Modified Files and Folders =============

2012-01-24 02:17 - 2012-01-24 02:16 - 0000000 ____D C:\FRST
2012-01-23 18:08 - 2011-06-28 04:29 - 0000000 ____D C:\Program Files (x86)\OnlyWire
2012-01-23 18:08 - 2011-02-01 21:28 - 1370093 ____A C:\Windows\WindowsUpdate.log
2012-01-23 18:08 - 2009-07-13 20:45 - 0014224 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-01-23 18:08 - 2009-07-13 20:45 - 0014224 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-01-23 17:59 - 2011-02-01 07:59 - 0000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-01-23 17:58 - 2011-02-15 01:25 - 0130708 ____A C:\Windows\setupact.log
2012-01-23 17:58 - 2010-11-05 08:24 - 3113295872 __ASH C:\hiberfil.sys
2012-01-23 17:58 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-01-23 17:33 - 2011-02-01 07:59 - 0000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-01-23 12:22 - 2011-02-01 06:51 - 0000000 ____D C:\users\Paul
2012-01-23 09:13 - 2012-01-23 09:13 - 75469761 ____A C:\Users\James\Desktop\18627-Dublin 2012 Promo Mix 2.mp3
2012-01-23 08:36 - 2012-01-23 07:35 - 185463856 ____A C:\Users\James\Desktop\01-fabio_-_bbc_radio1-sat-01-23-2012-talion.mp3
2012-01-22 19:51 - 2012-01-22 19:51 - 14962880 ____A C:\Users\James\Desktop\kidcudisopa.mp3
2012-01-22 05:13 - 2012-01-22 05:09 - 82640808 ____A C:\Users\James\Desktop\Joey Beltram - Obsession - Quickening - Colliseum NYE '93.m4a
2012-01-19 06:21 - 2012-01-19 05:58 - 259202368 ____A C:\Users\James\Desktop\Bailey_1Xtra D&B_2012_01_18_qrip.mp3
2012-01-18 12:23 - 2011-12-10 06:58 - 0000000 ____D C:\Users\James\AppData\Roaming\uTorrent
2012-01-17 11:56 - 2011-09-19 11:12 - 0000600 ____A C:\Users\James\AppData\Local\PUTTY.RND
2012-01-17 08:58 - 2012-01-17 08:55 - 25816232 ____A C:\Users\James\Desktop\Fabio and Grooverider_BBC Radio1_2012_01_16_qrip.mp3
2012-01-16 18:35 - 2012-01-16 18:00 - 135467008 ____A C:\Users\James\Desktop\lupu-528.iso
2012-01-16 18:04 - 2012-01-16 18:04 - 0000000 ____D C:\Users\James\Desktop\burncdcc
2012-01-16 18:03 - 2012-01-16 18:03 - 0070397 ____A C:\Users\James\Desktop\burncdcc.zip
2012-01-16 05:50 - 2012-01-16 05:39 - 0000000 ____D C:\Users\James\Desktop\GETxPUD
2012-01-15 03:56 - 2011-12-15 11:13 - 0000000 ____D C:\Windows\ERDNT
2012-01-14 05:50 - 2011-12-19 08:36 - 0001044 ____A C:\Users\James\Desktop\rkill - Shortcut.lnk
2012-01-14 05:50 - 2011-12-14 14:11 - 0002186 ____A C:\Users\James\Desktop\Andy C with Dynamite MC 3 DECK SET - Shortcut.lnk
2012-01-12 14:50 - 2011-05-29 04:45 - 0015162 ____A C:\Windows\PFRO.log
2012-01-12 14:16 - 2011-09-19 10:40 - 0000000 ____D C:\users\James
2012-01-12 10:56 - 2011-09-19 10:40 - 0000000 ____D C:\Users\James\AppData\LocalLow
2012-01-12 05:47 - 2012-01-12 05:47 - 0057560 ____A C:\Users\James\Desktop\guitar.jpg
2012-01-11 05:55 - 2012-01-11 05:40 - 174062080 ____A C:\Users\James\Downloads\Bryan G_Ministry of Sound_D&B_V Recordings_2012_01_10_qrip.mp3
2012-01-10 16:32 - 2009-11-10 12:30 - 54008112 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2012-01-10 14:53 - 2012-01-10 14:53 - 0334125 ____A C:\Users\James\Downloads\FSS(2).exe
2012-01-10 10:49 - 2012-01-10 10:49 - 0334125 ____A C:\Users\James\Downloads\FSS(1).exe
2012-01-10 08:59 - 2012-01-10 08:59 - 0334125 ____A C:\Users\James\Downloads\FSS.exe
2012-01-10 04:57 - 2012-01-10 04:57 - 0258560 ____A (OldTimer Tools) C:\Users\James\Downloads\OTH.scr
2012-01-10 04:52 - 2009-07-13 21:08 - 0032608 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-01-09 23:25 - 2012-01-09 05:11 - 0000000 ____D C:\Users\James\AppData\Roaming\Ohriva
2012-01-09 23:25 - 2011-09-19 11:15 - 0000000 ____D C:\Users\James\Documents\Texter
2012-01-09 23:25 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2012-01-09 23:25 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\AppCompat
2012-01-09 15:37 - 2011-12-19 08:37 - 0000659 ____A C:\rkill.log
2012-01-09 15:36 - 2011-02-01 07:11 - 0768550 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-01-09 15:35 - 2009-07-13 21:13 - 0768550 ____A C:\Windows\System32\PerfStringBackup.INI
2012-01-09 15:29 - 2012-01-09 15:29 - 0001131 ____A C:\Users\James\Desktop\Malwarebytes' Anti-Malware.lnk
2012-01-09 15:26 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\config\TxR
2012-01-09 11:41 - 2012-01-09 04:01 - 0000000 ____D C:\Users\James\AppData\Roaming\Iteq
2012-01-09 11:40 - 2012-01-09 05:11 - 0000000 ____D C:\Users\James\AppData\Roaming\Ukyso
2012-01-09 05:28 - 2012-01-08 16:23 - 0012404 __ASH C:\Users\James\AppData\Local\488o5v2e4050
2012-01-09 05:28 - 2012-01-08 16:23 - 0012404 __ASH C:\Users\All Users\488o5v2e4050
2012-01-09 05:28 - 2012-01-08 16:23 - 0012404 __ASH C:\ProgramData\488o5v2e4050
2012-01-09 05:21 - 2012-01-09 05:18 - 0154518 ____A C:\TDSSKiller.2.6.25.0_09.01.2012_13.18.39_log.txt
2012-01-09 05:15 - 2012-01-09 05:15 - 1558406 ____A C:\Users\James\Downloads\tdsskiller.zip
2012-01-08 16:24 - 2012-01-08 16:24 - 0000000 ____D C:\Windows\system64
2012-01-08 16:23 - 2011-09-19 10:40 - 0000000 ____D C:\Users\James\AppData\Local\VirtualStore
2012-01-08 15:51 - 2012-01-08 15:51 - 0000000 ____D C:\Users\James\AppData\Local\{E8AD9742-C88A-4EDB-8243-FD4C046DEB15}
2012-01-08 15:51 - 2012-01-08 15:51 - 0000000 ____D C:\Users\James\AppData\Local\{5E011144-F750-4358-B499-E1F06E908626}
2012-01-08 15:51 - 2011-09-19 10:52 - 0000000 ____D C:\Users\James\AppData\Local\Windows Live
2012-01-07 17:33 - 2011-12-12 10:18 - 0003845 ____A C:\Users\Paul\Desktop\aswMBR.txt
2012-01-07 17:33 - 2011-12-12 10:18 - 0000512 ____A C:\Users\Paul\Desktop\MBR.dat
2012-01-07 17:31 - 2011-12-12 10:19 - 0003849 ____A C:\Users\Paul\Documents\aswMBR.txt
2012-01-07 17:31 - 2011-12-12 10:19 - 0000512 ____A C:\Users\Paul\Documents\MBR.dat
2012-01-07 17:15 - 2012-01-07 17:14 - 4713472 ____A (AVAST Software) C:\Users\James\Downloads\aswMBR.exe
2012-01-07 17:13 - 2011-12-15 13:03 - 0063216 ____A C:\Users\James\Downloads\OTL.Txt
2012-01-07 16:49 - 2012-01-07 16:49 - 0584192 ____A (OldTimer Tools) C:\Users\James\Downloads\OTL(1).exe
2012-01-06 07:53 - 2012-01-06 07:32 - 259202368 ____A C:\Users\James\Downloads\Bailey_1Xtra D&B_2012_01_04_qrip.mp3
2012-01-05 06:57 - 2012-01-05 06:36 - 259202368 ____A C:\Users\James\Downloads\Crissy Criss_1Xtra D&B M1X_2012_01_05_qrip.mp3
2012-01-04 06:34 - 2012-01-04 06:05 - 174280384 ____A C:\Users\James\Downloads\Shogun Audio_Ministry of Sound D&B_2012_01_03_qrip.mp3
2011-12-28 07:43 - 2011-02-01 07:06 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2011-12-28 07:42 - 2011-12-28 07:42 - 0001142 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2011-12-28 07:30 - 2011-12-28 07:24 - 240976355 ____A C:\Users\James\Downloads\20111226-bitm-vol-12-calibre-fava-12-jahre-baesse-ba.mp3
2011-12-28 06:54 - 2011-12-28 06:54 - 15292208 ____A (Mozilla) C:\Users\James\Downloads\Firefox Setup 9.0.1.exe
2011-12-27 07:23 - 2011-12-27 07:23 - 417591496 ____A C:\Windows\MEMORY.DMP
2011-12-27 07:23 - 2011-12-27 07:23 - 0373024 ____A C:\Windows\Minidump\122711-22370-01.dmp
2011-12-27 07:23 - 2011-02-08 06:39 - 0000000 ____D C:\Windows\Minidump
2011-12-26 15:07 - 2011-12-26 15:00 - 136105462 ____A C:\Users\James\Downloads\DJ_Vapour-Dec_2011_3_Deck_Studio_Mix-www.36hertz.com.zip
2011-12-25 16:07 - 2011-12-25 16:07 - 0000000 ____D C:\Users\James\AppData\Local\{93BF89B5-58A4-49B8-8490-CD7E70BDA65F}
2011-12-25 16:07 - 2011-12-25 16:07 - 0000000 ____D C:\Users\James\AppData\Local\{896784B4-C401-459B-BEE4-05106EFBAA3E}
2011-12-25 04:07 - 2011-12-25 04:06 - 0000000 ____D C:\Users\James\AppData\Local\{37C0F7C8-BB64-475C-AF8F-32127CC2467E}
2011-12-25 04:06 - 2011-12-25 04:06 - 0000000 ____D C:\Users\James\AppData\Local\{3E09E124-29AF-401E-A450-7977E55E7F01}
2011-12-24 14:32 - 2011-12-24 14:29 - 129935986 ____A C:\Users\James\Downloads\Thumbzo-Jungle Bells-Saturday December 24th 2011(1).mp3
2011-12-24 13:37 - 2011-12-24 13:32 - 129935986 ____A C:\Users\James\Downloads\Thumbzo-Jungle Bells-Saturday December 24th 2011.mp3
2011-12-23 10:31 - 2011-12-23 10:02 - 171986752 ____A C:\Users\James\Downloads\Annie Nightingale_2011_12_23_qrip.mp3
2011-12-23 10:16 - 2011-12-23 10:14 - 29017554 ____A C:\Users\James\Downloads\DJ Hype & IC3 @ Playaz 10 Years Of Fabric Anniversary at fabric.rar
2011-12-23 09:49 - 2011-12-23 09:47 - 44289674 ____A C:\Users\James\Downloads\DJZinc@THEEND ClosingWeekend.mp3
2011-12-22 14:48 - 2011-12-22 14:47 - 0000000 ____D C:\Users\James\AppData\Local\{8F4F8BB8-33F9-4D7C-8C00-073DA8B819DE}
2011-12-22 14:47 - 2011-12-22 14:47 - 0000000 ____D C:\Users\James\AppData\Local\{40903789-650A-4443-98D8-694554FC2292}
2011-12-22 10:31 - 2011-02-01 06:51 - 0000000 ____D C:\Users\Paul\AppData\Local\VirtualStore
2011-12-21 10:08 - 2011-12-21 10:04 - 55111749 ____A C:\Users\James\Downloads\DJ Ollie with Skibadee.mp3
2011-12-21 08:59 - 2011-12-21 08:59 - 0000000 ____D C:\Users\James\AppData\Local\{DAF1C0ED-613E-416A-AA04-B49C8DB1CD04}
2011-12-21 08:59 - 2011-12-21 08:59 - 0000000 ____D C:\Users\James\AppData\Local\{B95DD0E8-BE75-4B41-8946-184B004DC0D1}
2011-12-20 13:17 - 2011-12-20 11:57 - 0000000 ____D C:\$RECYCLE.BIN
2011-12-20 11:57 - 2009-07-13 18:34 - 0000215 ____A C:\Windows\system.ini
2011-12-20 11:57 - 2009-07-13 18:34 - 0000027 ____A C:\Windows\System32\Drivers\etc\hosts
2011-12-20 11:49 - 2011-12-20 11:49 - 0000000 ____D C:\Users\James\AppData\Local\{16C450A8-1381-4041-B64A-8F9140B2FDD0}
2011-12-20 11:49 - 2011-12-20 11:48 - 0000000 ____D C:\Users\James\AppData\Local\{07CA265C-A8D8-44D1-A283-645BA8EDE0E8}
2011-12-19 19:55 - 2011-10-19 16:37 - 0000000 ____D C:\Users\James\AppData\Roaming\Skype
2011-12-19 08:35 - 2011-12-19 08:35 - 1008141 ____A C:\Users\James\Downloads\rkill.exe
2011-12-19 04:03 - 2011-12-19 04:03 - 0000000 ____D C:\Users\James\AppData\Local\{96EAC13C-37F7-481D-BC83-83894D429BAC}
2011-12-19 04:03 - 2011-12-19 04:03 - 0000000 ____D C:\Users\James\AppData\Local\{81C5D245-F988-4560-AC51-26183A19DD86}
2011-12-18 17:12 - 2011-12-18 17:12 - 0000000 ____A C:\Users\James\AppData\Local\{8E34C5D5-5F94-43F9-B31E-29191073B050}
2011-12-18 14:52 - 2011-12-18 14:52 - 0000000 ____D C:\Users\James\AppData\Local\{A8C660AA-8234-4011-A3FB-64CD62D465FB}
2011-12-18 14:52 - 2011-12-18 14:52 - 0000000 ____D C:\Users\James\AppData\Local\{56C9F0E2-D0CE-4601-8746-B60491C74BAE}
2011-12-17 16:51 - 2011-12-17 16:51 - 0000000 ____D C:\Users\James\AppData\Local\{A0200026-1F9E-40FB-B8FA-FFF755AAF72A}
2011-12-17 16:51 - 2011-12-17 16:51 - 0000000 ____D C:\Users\James\AppData\Local\{47E4D6D4-36AB-4671-ACB5-9FFAE20070A9}
2011-12-17 15:05 - 2011-09-22 10:10 - 1202432 ____A C:\Windows\ntbtlog.txt
2011-12-17 14:56 - 2011-12-17 14:56 - 0000000 ____D C:\_OTL
2011-12-17 14:45 - 2011-12-17 14:45 - 0000000 ____A C:\Users\James\AppData\Local\{ACA8703F-83A7-4BCE-BAC6-B732538C4DDD}
2011-12-17 08:43 - 2011-12-17 08:00 - 259202368 ____A C:\Users\James\Downloads\1xtra D&B Bailey_2011_12_14_qrip.mp3
2011-12-17 04:50 - 2011-12-17 04:50 - 0000000 ____D C:\Users\James\AppData\Local\{7E2953AD-A7D4-4FB5-A5E5-BF014AD87242}
2011-12-17 04:50 - 2011-12-17 04:50 - 0000000 ____D C:\Users\James\AppData\Local\{4139DADB-B414-4AD3-B5FC-7842F790172E}
2011-12-16 11:58 - 2011-12-16 11:58 - 0001108 ____A C:\Users\Paul\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
2011-12-16 11:58 - 2011-12-16 11:58 - 0001108 ____A C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
2011-12-16 11:58 - 2011-12-16 11:58 - 0000928 ____A C:\Users\Paul\Desktop\NTREGOPT.lnk
2011-12-16 11:58 - 2011-12-16 11:58 - 0000928 ____A C:\Users\James\Desktop\NTREGOPT.lnk
2011-12-16 11:58 - 2011-12-16 11:58 - 0000909 ____A C:\Users\Paul\Desktop\ERUNT.lnk
2011-12-16 11:58 - 2011-12-16 11:58 - 0000909 ____A C:\Users\James\Desktop\ERUNT.lnk
2011-12-16 11:58 - 2011-12-16 11:58 - 0000000 ____D C:\Program Files (x86)\ERUNT
2011-12-16 11:57 - 2011-12-16 11:57 - 0791393 ____A (Lars Hederer ) C:\Users\James\Downloads\erunt-setup.exe
2011-12-16 05:16 - 2011-12-16 05:16 - 0000000 ____D C:\Users\James\AppData\Local\{60E61B4E-CBB3-4FEE-AE20-627E94E2CAAD}
2011-12-16 05:16 - 2011-12-16 05:16 - 0000000 ____D C:\Users\James\AppData\Local\{156AD28B-D09B-458C-951A-40B288EF3092}
2011-12-15 17:48 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\rescache
2011-12-15 17:00 - 2011-12-15 17:00 - 0000000 ____D C:\Users\James\AppData\Local\{B1A4B955-AB67-4329-AF73-1D067DC66067}
2011-12-15 17:00 - 2011-12-15 16:59 - 0000000 ____D C:\Users\James\AppData\Local\{37EDA46E-736E-4D90-9754-B2D9F2BD2A10}
2011-12-15 14:20 - 2011-12-15 14:01 - 0000000 ____D C:\Users\James\Downloads\The.Tourist.2010.TS.XviD.Feel-Free
2011-12-15 14:20 - 2011-12-15 13:58 - 0000000 ____D C:\Users\James\Downloads\The.Mechanic.2011.R5.LiNE.AC3-T0XiC-iNK
2011-12-15 14:03 - 2011-12-15 14:03 - 0000000 ____D C:\Users\James\Downloads\Tracker.2010.PAL.Retail.NL.Subs
2011-12-15 14:03 - 2011-12-15 14:03 - 0000000 ____D C:\Users\James\Downloads\Page.Eight.2011.HDRip.XVID.AC3.HQ.Hive-CM8
2011-12-15 14:03 - 2011-12-15 13:58 - 0000000 ____D C:\Users\James\Downloads\The Way Back (2010) DVDRip XviD-MAXSPEED
2011-12-15 13:04 - 2011-12-15 13:04 - 0039568 ____A C:\Users\James\Downloads\Extras.Txt
2011-12-15 12:59 - 2011-12-15 12:58 - 0001411 ____A C:\Users\James\Desktop\OTL - Shortcut.lnk
2011-12-15 12:50 - 2011-12-15 12:50 - 0584192 ____A (OldTimer Tools) C:\Users\James\Downloads\OTL.exe
2011-12-15 09:57 - 2011-12-10 07:03 - 0000000 ____D C:\Users\James\Downloads\Inception (2010) DVDRip XviD-MAXSPEED
2011-12-15 06:14 - 2011-12-15 06:09 - 48764328 ____A C:\Users\James\Downloads\Nolige - The Drift EP [13.12.11].rar
2011-12-15 04:59 - 2011-12-15 04:59 - 0000000 ____D C:\Users\James\AppData\Local\{47F8C662-0AD8-4000-9370-B4C2B4B789CD}
2011-12-15 04:59 - 2011-12-15 04:58 - 0000000 ____D C:\Users\James\AppData\Local\{69276D1C-6CE8-481C-93F5-93D903430F76}
2011-12-14 19:21 - 2009-07-13 20:45 - 4853768 ____A C:\Windows\System32\FNTCACHE.DAT
2011-12-14 15:39 - 2011-12-14 15:30 - 114738180 ____A C:\Users\James\Downloads\Thumbzo-Bah Humbug-December 2011.mp3
2011-12-14 15:38 - 2011-12-14 15:31 - 132833222 ____A C:\Users\James\Downloads\Thumbzo b2b Al Wah-The Spitfire Show-Saturday December 10 th 2011.mp3
2011-12-14 14:08 - 2011-12-14 14:01 - 149270496 ____A C:\Users\James\Downloads\Andy C with Dynamite MC 3 DECK SET.mp3
2011-12-14 13:12 - 2011-12-14 13:07 - 44740339 ____A C:\Users\James\Downloads\DJ_Swift___DJ_Zinc_-_Dream_FM_-_Early_1994.mp3
2011-12-14 06:09 - 2011-12-14 06:09 - 0000000 ____D C:\Users\James\AppData\Local\{E64DCE44-42DC-45AF-9DDA-68E31473158B}
2011-12-14 06:09 - 2011-12-14 06:08 - 0000000 ____D C:\Users\James\AppData\Local\{7D8721F9-5537-4E39-ADEC-5ED4B8F37C8B}
2011-12-13 09:12 - 2011-12-13 09:11 - 0000000 ____D C:\Users\James\AppData\Local\{15AA480F-AC7E-47B4-A6C5-06864CA8D3C1}
2011-12-13 09:11 - 2011-12-13 09:11 - 0000000 ____D C:\Users\James\AppData\Local\{58E71F26-F60D-45AA-9672-7BFE0864B50A}
2011-12-13 09:07 - 2011-12-09 09:01 - 0000000 ____D C:\Users\James\AppData\Roaming\Hypue
2011-12-13 08:44 - 2011-12-09 09:01 - 0000000 ____D C:\Users\James\AppData\Roaming\Lybeig
2011-12-12 10:17 - 2011-12-12 10:17 - 0050477 ____A C:\Users\James\Downloads\Defogger.exe
2011-12-12 10:17 - 2011-12-12 10:17 - 0000168 ____A C:\Users\Paul\defogger_reenable
2011-12-12 08:18 - 2011-12-12 08:18 - 0000000 ____D C:\Users\James\AppData\Local\{D0ACFA85-1953-48E0-8F08-2266AE479152}
2011-12-12 08:18 - 2011-12-12 08:18 - 0000000 ____D C:\Users\James\AppData\Local\{CF754871-2CE2-4A1C-8511-01D15724F679}
2011-12-11 05:06 - 2011-12-11 05:06 - 0877475 ____A C:\Users\James\Desktop\acid-alkaline-food-chart-1.4.pdf
2011-12-11 05:05 - 2011-12-11 05:05 - 0000000 ____D C:\Users\James\AppData\Local\{8CA4EC66-12AE-4F4D-ABDB-C6182FDC6F36}
2011-12-11 05:05 - 2011-12-11 05:05 - 0000000 ____D C:\Users\James\AppData\Local\{568C1D4F-2D9F-489C-AE08-1CC237FBB130}
2011-12-10 16:16 - 2011-12-10 16:16 - 0000000 ____D C:\Users\James\AppData\Local\{B61E5078-1B55-43FD-8290-50D4B7C6D9C2}
2011-12-10 16:16 - 2011-12-10 16:16 - 0000000 ____D C:\Users\James\AppData\Local\{B323090D-76DE-4087-825C-3FE0B387B135}
2011-12-10 10:07 - 2011-12-10 07:01 - 0000000 ____D C:\Users\James\Downloads\Pirates of the Caribbean On Stranger Tides (2011) DVDRip XviD-MAXSPEED
2011-12-10 06:59 - 2011-12-10 06:59 - 0000947 ____A C:\Users\Public\Desktop\µTorrent.lnk
2011-12-10 06:59 - 2011-02-01 07:51 - 0000000 ____D C:\Users\Paul\AppData\Roaming\uTorrent
2011-12-10 06:59 - 2011-02-01 07:51 - 0000000 ____D C:\Program Files (x86)\uTorrent
2011-12-10 06:58 - 2011-12-10 06:58 - 0736120 ____A (BitTorrent, Inc.) C:\Users\James\Downloads\utorrent.exe
2011-12-10 04:05 - 2011-12-10 04:05 - 0000000 ____D C:\Users\James\AppData\Local\{98CE8C50-6224-487C-8CF0-F1C6A744B912}
2011-12-10 04:05 - 2011-12-10 04:04 - 0000000 ____D C:\Users\James\AppData\Local\{2C734C0E-0BAE-4AA5-BA7F-FAD7C4237043}
2011-12-09 06:45 - 2011-12-09 06:45 - 0017962 ____A C:\Attach.txt
2011-12-09 06:45 - 2011-12-09 06:32 - 0017962 ____A C:\Users\Paul\Desktop\Attach.txt
2011-12-09 06:40 - 2011-12-09 06:40 - 0003974 ____A C:\Users\Paul\Desktop\Attach.zip
2011-12-09 05:36 - 2011-12-09 05:36 - 0000000 ____D C:\Users\James\AppData\Local\{60C3F0A7-DAA4-48C7-86C7-5FDF1F23518E}
2011-12-09 05:36 - 2011-12-09 05:36 - 0000000 ____D C:\Users\James\AppData\Local\{5A913F98-5870-4280-8C01-63515E02D613}
2011-12-08 17:36 - 2011-12-08 17:35 - 0000000 ____D C:\Users\James\AppData\Local\{D6FD4C29-58CC-4999-8F7D-C09A48287488}
2011-12-08 17:35 - 2011-12-08 17:35 - 0000000 ____D C:\Users\James\AppData\Local\{DE210A3C-1083-414F-9F8A-E7ACBB721CCF}
2011-12-08 14:08 - 2011-12-08 14:08 - 0607260 ___RA (Swearware) C:\Users\James\Downloads\dds.scr
2011-12-08 10:11 - 2011-12-08 10:11 - 0000000 ____D C:\Users\James\AppData\Roaming\Malwarebytes
2011-12-08 09:58 - 2011-12-08 09:58 - 0000184 ____A C:\Users\All Users\REGSVR32.EXE-x.txt
2011-12-08 09:58 - 2011-12-08 09:58 - 0000184 ____A C:\ProgramData\REGSVR32.EXE-x.txt
2011-12-08 05:35 - 2011-12-08 05:35 - 0000000 ____D C:\Users\James\AppData\Local\{CCC71CF9-CA68-41B6-B0AA-688C2131BC01}
2011-12-08 05:35 - 2011-12-08 05:34 - 0000000 ____D C:\Users\James\AppData\Local\{1A26401D-A8F7-47BD-9071-E76879B01458}
2011-12-08 05:24 - 2011-12-08 05:23 - 0000000 ____D C:\Users\James\AppData\Local\{35130E36-370D-41CF-9F81-032908534239}
2011-12-08 05:23 - 2011-12-08 05:23 - 0000000 ____D C:\Users\James\AppData\Local\{CD5DACCC-F8CD-4BC0-B1A9-53708DC3CA8C}
2011-12-07 04:33 - 2011-12-07 04:33 - 0000000 ____D C:\Users\James\AppData\Local\{CEED576A-B45A-4325-8D9F-1C9172235590}
2011-12-07 04:33 - 2011-12-07 04:33 - 0000000 ____D C:\Users\James\AppData\Local\{897C00C9-2F3A-4F0E-9F54-D96C11C1129B}
2011-12-06 16:28 - 2011-12-06 16:28 - 0000000 ____D C:\Users\James\AppData\Local\{F854CB91-5C38-4AF5-912E-E68D06B46A50}
2011-12-06 16:28 - 2011-12-06 16:28 - 0000000 ____D C:\Users\James\AppData\Local\{E17F448F-6FEB-4EAF-A3CC-27571534F80C}
2011-12-06 11:26 - 2011-02-01 07:03 - 0000000 ____D C:\Users\Paul\AppData\Local\Windows Live
2011-12-06 04:24 - 2011-12-06 04:24 - 0000000 ____D C:\Users\James\AppData\Local\{E2B1F99E-B4B5-4488-920D-F0F669FB5485}
2011-12-06 04:24 - 2011-12-06 04:24 - 0000000 ____D C:\Users\James\AppData\Local\{A1401646-3494-4933-97AE-90908D393FB7}
2011-12-05 12:07 - 2011-12-05 12:07 - 1869704 ____A C:\Users\James\Desktop\acid-alkaline-food-chart-1.3.pdf
2011-12-05 05:18 - 2011-12-05 05:17 - 0000000 ____D C:\Users\James\AppData\Local\{23953D72-F47C-4E08-AFA5-2F4BB6EB68B2}
2011-12-05 05:17 - 2011-12-05 05:17 - 0000000 ____D C:\Users\James\AppData\Local\{BF54BFC9-87AF-410F-8FEC-0830051C22E4}
2011-12-04 10:17 - 2011-12-04 10:17 - 0000000 ____D C:\Users\James\AppData\Local\{FFDE7C7E-5648-4801-B879-C12B88BF5A48}
2011-12-04 10:17 - 2011-12-04 10:17 - 0000000 ____D C:\Users\James\AppData\Local\{B14B1AF0-8E19-43BE-898E-995A9D163C12}
2011-12-03 17:18 - 2011-12-03 17:18 - 0000000 ____D C:\Users\James\AppData\Local\{9944779F-9575-46AA-9966-97D91F6D75F2}
2011-12-03 17:18 - 2011-12-03 17:18 - 0000000 ____D C:\Users\James\AppData\Local\{13F1E45E-7FC5-4F38-A88E-A022CAD6EAC2}
2011-12-03 04:39 - 2011-12-03 04:39 - 0000000 ____D C:\Users\James\AppData\Local\{7BFE2660-C1D5-4AC8-A8DE-872F5560B9C8}
2011-12-03 04:39 - 2011-12-03 04:39 - 0000000 ____D C:\Users\James\AppData\Local\{672C0BFB-79D1-4B04-B7C6-2ECDD4FF5E2A}
2011-12-02 05:28 - 2011-12-02 05:28 - 0000000 ____D C:\Users\James\AppData\Local\{E8207A99-5462-420C-BC2C-400AC0C1092A}
2011-12-02 05:28 - 2011-12-02 05:28 - 0000000 ____D C:\Users\James\AppData\Local\{C12452F3-744A-4EB3-A488-19822EDA2843}
2011-12-01 17:27 - 2011-12-01 17:27 - 0000000 ____D C:\Users\James\AppData\Local\{FBDC4A20-F1AD-42A5-A946-1E55234F4C89}
2011-12-01 17:27 - 2011-12-01 17:27 - 0000000 ____D C:\Users\James\AppData\Local\{8CBEF71A-E825-4583-86D0-969FA43BF73A}
2011-12-01 11:42 - 2011-12-01 11:42 - 0001472 ____A C:\Users\James\Desktop\french rates.txt
2011-12-01 05:27 - 2011-12-01 05:26 - 0000000 ____D C:\Users\James\AppData\Local\{1BF098BD-6240-4A7F-A01D-DB0E8C15A108}
2011-12-01 05:26 - 2011-12-01 05:26 - 0000000 ____D C:\Users\James\AppData\Local\{BFC623B1-9F9B-47BF-819D-A57367DE6F7F}
2011-11-30 09:35 - 2011-11-30 08:38 - 176105234 ____A C:\Users\James\Downloads\Ministry of Sound_D&B_Metalheadz_DJ Storm_2011_11_29_qrip.mp3
2011-11-30 08:28 - 2011-11-30 08:22 - 112085921 ____A C:\Users\James\Downloads\DJ Break@Bass Heavy(1).mp3
2011-11-30 08:08 - 2011-11-30 08:02 - 112085921 ____A C:\Users\James\Downloads\DJ Break@Bass Heavy.mp3
2011-11-30 05:29 - 2011-11-30 05:29 - 0000000 ____D C:\Users\James\AppData\Local\{BDDB3379-1B60-444C-9BBE-2B8B18A4D2E3}
2011-11-30 05:29 - 2011-11-30 05:29 - 0000000 ____D C:\Users\James\AppData\Local\{5FACCF03-5691-4A77-951F-A885B7E70AFB}
2011-11-29 08:37 - 2011-11-29 08:37 - 0000000 ____D C:\Users\James\AppData\Local\{CFB1E896-C7DF-4B95-A7FF-038FF27C1822}
2011-11-29 08:37 - 2011-11-29 08:37 - 0000000 ____D C:\Users\James\AppData\Local\{BECFFFD4-FC99-4EE2-8204-BBE8CDCCFD32}
2011-11-29 08:37 - 2011-11-29 08:36 - 0000000 ____D C:\Users\James\AppData\Local\{B4919698-7C21-4576-B479-82C50984018C}
2011-11-29 06:12 - 2011-02-01 11:06 - 0000000 ____D C:\Users\Paul\AppData\Roaming\vlc
2011-11-28 16:15 - 2011-11-28 16:15 - 0000000 ____D C:\Users\James\AppData\Local\{4A2C319A-465E-47C1-B23E-A6CAA5025A7F}
2011-11-28 16:15 - 2011-11-28 16:15 - 0000000 ____D C:\Users\James\AppData\Local\{115A429C-7F8F-43AF-B385-D1C7BF5A1377}
2011-11-28 04:14 - 2011-11-28 04:14 - 0000000 ____D C:\Users\James\AppData\Local\{C2F57762-0457-4A5A-9126-8324569F0C8E}
2011-11-28 04:14 - 2011-11-28 04:14 - 0000000 ____D C:\Users\James\AppData\Local\{AA52E2FC-D84C-4696-A877-9771819EFEA4}
2011-11-27 07:17 - 2011-11-27 07:17 - 0000000 ____D C:\Users\James\AppData\Local\{9C51240C-957F-4BEF-9A36-B21AA4CAC770}
2011-11-27 07:17 - 2011-11-27 07:17 - 0000000 ____D C:\Users\James\AppData\Local\{5CCEE712-3B55-4B5A-9A0F-59017EBC6831}
2011-11-26 16:00 - 2011-11-26 16:00 - 0000000 ____D C:\Users\James\AppData\Local\{7ADF72D7-3034-4D6E-B6EF-5F33144CCECD}
2011-11-26 16:00 - 2011-11-26 15:59 - 0000000 ____D C:\Users\James\AppData\Local\{B7712688-D565-4E96-B8B3-3B2893547253}
2011-11-26 03:50 - 2011-11-26 03:50 - 0000000 ____D C:\Users\James\AppData\Local\{C8E899BE-201F-4C55-8394-6778D3DA0A30}
2011-11-26 03:49 - 2011-11-26 03:49 - 0000000 ____D C:\Users\James\AppData\Local\{C50AC2A8-773D-4558-B239-94CE1911CACA}
2011-11-25 04:20 - 2011-11-25 04:19 - 0000000 ____D C:\Users\James\AppData\Local\{A5632211-0554-4B36-9166-7834199014D6}
2011-11-25 04:19 - 2011-11-25 04:19 - 0000000 ____D C:\Users\James\AppData\Local\{53C35F6B-96AA-4C79-88F1-993C00CD1641}
2011-11-24 07:37 - 2011-11-24 06:13 - 259202368 ____A C:\Users\James\Downloads\1Xtra D&B Bailey_2011_11_23_qrip.mp3
2011-11-24 05:13 - 2011-11-24 05:13 - 0000000 ____D C:\Users\James\AppData\Local\{EC2D24A1-394E-4A17-9259-37DF8AC1C28B}
2011-11-24 05:13 - 2011-11-24 05:13 - 0000000 ____D C:\Users\James\AppData\Local\{B72E4C0D-25A3-4268-BF01-671224C3CF4C}
2011-11-23 20:52 - 2011-12-14 12:34 - 3145216 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-23 08:42 - 2011-11-23 08:41 - 9675369 ____A C:\Users\James\Downloads\Underworld - dark and long (dark train).mp3
2011-11-23 08:41 - 2011-11-23 08:40 - 5605282 ____A C:\Users\James\Downloads\Phaze 1 - Natural.mp3
2011-11-23 05:45 - 2011-11-23 05:45 - 0000000 ____D C:\Users\James\AppData\Local\{54A1BC70-7FB8-448A-9184-610C35531B37}
2011-11-23 05:45 - 2011-11-23 05:45 - 0000000 ____D C:\Users\James\AppData\Local\{50A19F6F-E536-44A8-AAA0-AE32020CF669}
2011-11-23 05:39 - 2011-11-23 05:21 - 93828469 ____A C:\Users\James\Downloads\01-tiesto_-_club_life_242-cable-11-20-2011-talion.mp3
2011-11-22 17:22 - 2011-11-22 17:22 - 0000000 ____D C:\Users\James\AppData\Local\{4D6A5707-0ED9-4B48-A42D-2A055074561C}
2011-11-22 17:22 - 2011-11-22 17:21 - 0000000 ____D C:\Users\James\AppData\Local\{8094BDD8-40FA-4C7D-BE81-DF47FD553B1D}
2011-11-22 05:21 - 2011-11-22 05:21 - 0000000 ____D C:\Users\James\AppData\Local\{76FFCBDA-7913-4ED0-83BA-029EB0D9D9F6}
2011-11-22 05:21 - 2011-11-22 05:21 - 0000000 ____D C:\Users\James\AppData\Local\{3EEC63DB-80B7-4AE6-9C26-92615AF8989F}
2011-11-21 17:20 - 2011-11-21 17:20 - 0000000 ____D C:\Users\James\AppData\Local\{C1327BE3-A642-4C94-968C-6F3059D79BEA}
2011-11-21 17:20 - 2011-11-21 17:20 - 0000000 ____D C:\Users\James\AppData\Local\{BCAC1A38-AE79-45D1-98DB-2CA1AE6D7D78}
2011-11-21 05:20 - 2011-11-21 05:19 - 0000000 ____D C:\Users\James\AppData\Local\{42CCE4E3-8DAF-4A7A-877D-495F7E8E05B1}
2011-11-21 05:19 - 2011-11-21 05:19 - 0000000 ____D C:\Users\James\AppData\Local\{37A3295C-CE89-495A-968C-8A009BF08C58}
2011-11-20 06:42 - 2011-11-20 06:42 - 0000000 ____D C:\Users\James\AppData\Local\{D2AB6D3A-8715-41AB-8BC4-7A8F62E35400}
2011-11-20 06:42 - 2011-11-20 06:42 - 0000000 ____D C:\Users\James\AppData\Local\{04D8F51A-CFED-4F59-8F09-31E9D73993D2}
2011-11-19 18:10 - 2011-11-19 18:10 - 0000000 ____D C:\Users\James\AppData\Local\{92F66B79-D76B-40F4-875C-E22BBE4FB087}
2011-11-19 18:10 - 2011-11-19 18:10 - 0000000 ____D C:\Users\James\AppData\Local\{8E2DAB0F-CE46-4D4D-8AC3-1396F86910D9}
2011-11-19 06:58 - 2012-01-10 13:59 - 0077312 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll
2011-11-19 06:01 - 2012-01-10 13:59 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2011-11-19 04:48 - 2011-11-19 04:48 - 0000000 ____D C:\Users\James\AppData\Local\{FDC2E2B5-C368-4181-9E32-B21E0A0BD8DB}
2011-11-19 04:48 - 2011-11-19 04:48 - 0000000 ____D C:\Users\James\AppData\Local\{8F920BD2-3408-4C0F-A0D1-9DCEC17F3CDD}
2011-11-19 02:55 - 2011-02-01 07:27 - 0000000 ____D C:\Program Files\SUPERAntiSpyware
2011-11-19 02:54 - 2011-05-21 22:18 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2011-11-18 16:48 - 2011-11-18 16:47 - 0000000 ____D C:\Users\James\AppData\Local\{A5B3A5F0-FE26-42BC-A21A-B97C4BDC8453}
2011-11-18 16:47 - 2011-11-18 16:47 - 0000000 ____D C:\Users\James\AppData\Local\{F6372E9C-43A9-4587-8FB8-07F74F07734A}
2011-11-18 04:47 - 2011-11-18 04:47 - 0000000 ____D C:\Users\James\AppData\Local\{9021033C-B24C-49B6-B3F8-2CEAFD4A7265}
2011-11-18 04:47 - 2011-11-18 04:46 - 0000000 ____D C:\Users\James\AppData\Local\{CE1C2C9C-DDFE-4DAC-9832-0C6E403CADBC}
2011-11-17 16:46 - 2011-11-17 16:46 - 0000000 ____D C:\Users\James\AppData\Local\{D1CA4A02-3FB9-4099-A060-024931E841E1}
2011-11-17 16:46 - 2011-11-17 16:46 - 0000000 ____D C:\Users\James\AppData\Local\{083FF1AB-ADBE-4722-A306-96A1A25B6BA9}
2011-11-17 04:45 - 2011-11-17 04:45 - 0000000 ____D C:\Users\James\AppData\Local\{ED80359B-F014-4C7E-BF4F-E6CF2C90A9ED}
2011-11-17 04:45 - 2011-11-17 04:45 - 0000000 ____D C:\Users\James\AppData\Local\{2BF554A9-E5BC-4ECD-A091-414E79788920}
2011-11-16 22:41 - 2012-01-10 13:59 - 1731920 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2011-11-16 21:38 - 2012-01-10 13:59 - 1292080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2011-11-16 16:45 - 2011-11-16 16:45 - 0000000 ____D C:\Users\James\AppData\Local\{45C3582D-DE56-4674-AFE3-41BD339C1006}
2011-11-16 16:45 - 2011-11-16 16:44 - 0000000 ____D C:\Users\James\AppData\Local\{69D578EE-BD4E-451B-B374-F221BFDD1DF6}
2011-11-16 09:13 - 2011-11-16 09:13 - 3365021 ____A C:\Users\James\Downloads\Gorillaz_ 19-2000 (Soulchild Remix).mp3
2011-11-16 08:59 - 2011-11-16 08:59 - 3369201 ____A C:\Users\James\Downloads\Nothing But You By Paul Van Dyk(1).mp3
2011-11-16 08:51 - 2011-11-16 08:51 - 3369201 ____A C:\Users\James\Downloads\Nothing But You By Paul Van Dyk.mp3
2011-11-16 08:42 - 2011-11-16 08:42 - 3838987 ____A C:\Users\James\Downloads\Underworld - Two Months Off.mp3
2011-11-16 04:44 - 2011-11-16 04:44 - 0000000 ____D C:\Users\James\AppData\Local\{7EC8DC4D-B7E5-4E10-8A9F-5A337C7E3592}
2011-11-16 04:44 - 2011-11-16 04:44 - 0000000 ____D C:\Users\James\AppData\Local\{7A06B5C2-F861-426A-BFB4-54F73929C4F9}
2011-11-15 16:29 - 2011-11-15 16:29 - 0000000 ____D C:\Users\James\AppData\Local\{23509D92-11C7-4EEA-8784-BC08004AB976}
2011-11-15 16:29 - 2011-11-15 16:28 - 0000000 ____D C:\Users\James\AppData\Local\{A88B6D07-DBA9-43CE-9EA2-EB5FB27CD119}
2011-11-15 04:28 - 2011-11-15 04:27 - 0000000 ____D C:\Users\James\AppData\Local\{BCDEE1C9-B7C9-462A-A12D-05BDF39F183B}
2011-11-15 04:27 - 2011-11-15 04:27 - 0000000 ____D C:\Users\James\AppData\Local\{3E13FB4E-0AB2-4443-AF30-1E41582E013A}
2011-11-14 07:23 - 2011-11-14 07:22 - 5719385 ____A C:\Users\James\Downloads\Jay Parkes And Tone-E-G - Untitled (ANT 1).mp3
2011-11-14 07:21 - 2011-11-14 07:21 - 4858389 ____A C:\Users\James\Downloads\Doc Scott - Inside Out.mp3
2011-11-14 07:20 - 2011-11-14 07:20 - 6843559 ____A C:\Users\James\Downloads\D4 - Careless.mp3
2011-11-14 07:19 - 2011-11-14 07:18 - 7732276 ____A C:\Users\James\Downloads\Natural Mystic - Privacy.mp3
2011-11-14 07:17 - 2011-11-14 07:17 - 5995238 ____A C:\Users\James\Downloads\Natural Mystic - Lazy Part 2.mp3
2011-11-14 07:15 - 2011-11-14 07:15 - 6055006 ____A C:\Users\James\Downloads\The Fat Controller - In Complete Darkness (Nookie Remix) 1995.mp3
2011-11-14 07:15 - 2011-11-14 07:15 - 5104274 ____A C:\Users\James\Downloads\The Spice - Feel Free.mp3
2011-11-14 07:13 - 2011-11-14 07:13 - 5573935 ____A C:\Users\James\Downloads\Mr Monik - Atmosphere 1996.mp3
2011-11-14 07:03 - 2011-11-14 07:03 - 0000000 ____D C:\Users\James\AppData\Local\{9EBF32D6-A65B-430F-AAC0-FCB9C1B4C1BA}
2011-11-14 07:03 - 2011-11-14 07:03 - 0000000 ____D C:\Users\James\AppData\Local\{8F967826-2BB6-4F14-BED7-0875FEEFD4C0}
2011-11-13 22:23 - 2011-11-13 22:23 - 0000000 ____D C:\Users\James\AppData\Local\{268E3451-2AC6-4E5C-BCD1-09795098D83A}
2011-11-13 04:26 - 2011-11-13 04:26 - 0000000 ____D C:\Users\James\AppData\Local\{922AF4D4-9B6E-42ED-B33A-964C24A290BB}
2011-11-13 04:26 - 2011-11-13 04:25 - 0000000 ____D C:\Users\James\AppData\Local\{21B80A86-BFE0-4987-8B57-12C07D4871EF}
2011-11-12 16:07 - 2011-11-12 16:07 - 0000000 ____D C:\Users\James\AppData\Local\{6E23C8CC-7E07-4B02-A58E-C9DB98346312}
2011-11-12 16:07 - 2011-11-12 16:07 - 0000000 ____D C:\Users\James\AppData\Local\{0886B267-6C84-4077-830F-5003C44FC733}
2011-11-12 03:57 - 2011-11-12 03:57 - 0000000 ____D C:\Users\James\AppData\Local\{9DDBA797-3005-4AB2-A0D5-1DF7FC2EB1A6}
2011-11-12 03:57 - 2011-11-12 03:56 - 0000000 ____D C:\Users\James\AppData\Local\{B96C72BA-4293-483D-BD62-9A371A30881A}
2011-11-11 16:47 - 2011-11-11 06:38 - 0001711 ____A C:\Users\James\Desktop\Cool Runnings - Shortcut.lnk
2011-11-11 08:11 - 2011-11-11 08:11 - 7188225 ____A C:\Users\James\Downloads\Jay Parkes And Tone-E-G - Untitled (ANT 1)-[wwwflvtocom].mp3
2011-11-11 06:36 - 2011-11-11 06:35 - 10871149 ____A C:\Users\James\Downloads\Cool Runnings.mp3
2011-11-11 04:50 - 2011-11-11 04:50 - 0000000 ____D C:\Users\James\AppData\Local\{9EA0B3A2-F4D4-448D-8D68-6C52E20A89B5}
2011-11-11 04:50 - 2011-11-11 04:50 - 0000000 ____D C:\Users\James\AppData\Local\{228E527E-66A5-48FA-A78A-1C8517D08EE0}
2011-11-10 22:49 - 2011-12-14 13:12 - 12261888 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-11-10 22:49 - 2011-12-14 13:12 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-11-10 21:40 - 2011-12-14 13:12 - 10991104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-11-10 21:40 - 2011-12-14 13:12 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-11-10 16:33 - 2011-11-10 16:32 - 0000000 ____D C:\Users\James\AppData\Local\{AC9E10DB-6E4C-46F5-8905-7A9666C132D3}
2011-11-10 16:32 - 2011-11-10 16:32 - 0000000 ____D C:\Users\James\AppData\Local\{58988858-EED1-4F94-99DA-68CC0969F755}
2011-11-10 07:34 - 2011-11-10 07:34 - 0373016 ____A C:\Windows\Minidump\111011-23556-01.dmp
2011-11-10 05:55 - 2011-11-10 05:45 - 45321302 ____A C:\Users\James\Downloads\Serum - 30 Minute Jungle Mix November 2011.mp3
2011-11-10 04:32 - 2011-11-10 04:31 - 0000000 ____D C:\Users\James\AppData\Local\{BE003898-AC71-4349-BC0E-8C78B2BBD52A}
2011-11-10 04:31 - 2011-11-10 04:31 - 0000000 ____D C:\Users\James\AppData\Local\{A044EAB8-DD1C-4E11-A3CD-221AE99ECC69}
2011-11-10 04:27 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\System
2011-11-09 04:23 - 2011-11-09 04:23 - 0000000 ____D C:\Users\James\AppData\Local\{32AFA41C-833B-4206-AEDA-9B081638A481}
2011-11-09 04:23 - 2011-11-09 04:23 - 0000000 ____D C:\Users\James\AppData\Local\{2084D265-DACC-4C57-86EA-2179074F9CB8}
2011-11-08 16:22 - 2011-11-08 16:22 - 0000000 ____D C:\Users\James\AppData\Local\{ADAA9D40-74C2-4D62-A4C9-2654F771BAEF}
2011-11-08 16:22 - 2011-11-08 16:22 - 0000000 ____D C:\Users\James\AppData\Local\{1EC216E2-F4E0-41C0-8509-B7C6CE63EFB4}
2011-11-08 04:19 - 2011-11-08 04:19 - 0000000 ____D C:\Users\James\AppData\Local\{7C746D26-F599-4325-A4DA-80D53AA24689}
2011-11-08 04:19 - 2011-11-08 04:19 - 0000000 ____D C:\Users\James\AppData\Local\{55B01E3D-5A56-40F2-B9DE-DDCC85EA4F51}
2011-11-07 05:35 - 2011-11-07 05:32 - 12688618 ____A C:\Users\James\Downloads\16281-warpedsound.zip
2011-11-07 05:03 - 2011-11-07 05:03 - 0000000 ____D C:\Users\James\AppData\Local\{691C9050-690D-4957-921B-8A90EA3AB03C}
2011-11-07 05:03 - 2011-11-07 05:03 - 0000000 ____D C:\Users\James\AppData\Local\{1B05FC1B-02A9-4401-80A7-E470C0D2B414}
2011-11-06 17:02 - 2011-11-06 17:02 - 0000000 ____D C:\Users\James\AppData\Local\{A278F8C2-B972-48C8-9C36-2736A90C0555}
2011-11-06 17:02 - 2011-11-06 17:02 - 0000000 ____D C:\Users\James\AppData\Local\{78ECB652-B295-41BB-92C3-9212EED74D63}
2011-11-06 05:02 - 2011-11-06 05:01 - 0000000 ____D C:\Users\James\AppData\Local\{34E33FD8-1CF2-46EC-85CD-434DDED79BD0}
2011-11-06 05:01 - 2011-11-06 05:01 - 0000000 ____D C:\Users\James\AppData\Local\{4E2A6B6A-819D-484F-9FA9-8EB0928BC1A4}
2011-11-05 17:01 - 2011-11-05 17:01 - 0000000 ____D C:\Users\James\AppData\Local\{2687EBA6-33A2-458D-A79C-62EDD4AEC9FE}
2011-11-05 17:01 - 2011-11-05 17:01 - 0000000 ____D C:\Users\James\AppData\Local\{13AB59E6-7477-4711-86F0-00AD5BB13C1E}
2011-11-05 04:21 - 2011-11-05 04:20 - 0000000 ____D C:\Users\James\AppData\Local\{4C6B9291-C4D9-434C-B0CC-40BA55958A75}
2011-11-05 04:20 - 2011-11-05 04:20 - 0000000 ____D C:\Users\James\AppData\Local\{5BD3B327-EFFD-44BD-A3CE-9B82AC9F25C5}
2011-11-04 21:41 - 2011-12-14 13:12 - 1494016 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-11-04 21:41 - 2011-12-14 13:12 - 1188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-11-04 21:41 - 2011-12-14 13:12 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-11-04 21:38 - 2011-12-14 13:12 - 9018880 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-11-04 21:38 - 2011-12-14 13:12 - 0702464 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-11-04 21:38 - 2011-12-14 13:12 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-11-04 21:37 - 2011-12-14 13:12 - 2454528 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-11-04 21:37 - 2011-12-14 13:12 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-11-04 21:32 - 2011-12-14 12:36 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-11-04 20:35 - 2011-12-14 13:12 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-11-04 20:34 - 2011-12-14 13:12 - 1231360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-11-04 20:34 - 2011-12-14 13:12 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-11-04 20:31 - 2011-12-14 13:12 - 5997056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-11-04 20:31 - 2011-12-14 13:12 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-11-04 20:31 - 2011-12-14 13:12 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-11-04 20:30 - 2011-12-14 13:12 - 2073600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-11-04 20:30 - 2011-12-14 13:12 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-11-04 20:26 - 2011-12-14 12:36 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-11-04 19:32 - 2011-12-14 13:12 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-11-04 18:48 - 2011-12-14 13:12 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-11-04 06:08 - 2011-11-04 06:08 - 0000000 ____D C:\Users\James\AppData\Local\{C73605FE-12AB-40D2-9C8F-505525DF85E5}
2011-11-04 06:08 - 2011-11-04 06:08 - 0000000 ____D C:\Users\James\AppData\Local\{722970EE-5B0F-448E-9003-FCF362FBD01B}
2011-11-04 05:54 - 2011-11-04 05:47 - 172038016 ____A C:\Users\James\Downloads\Ministry_of_Sound_D&B_Metalheadz_DJ_Storm_2011_11_01_qrip.mp3
2011-11-04 05:43 - 2011-11-04 05:15 - 172038016 ____A C:\Users\James\Downloads\Ministry of Sound_D&B_Metalheadz_DJ Storm_2011_11_01_qrip.mp3
2011-11-03 17:55 - 2011-11-03 17:55 - 0000000 ____D C:\Users\James\AppData\Local\{C4C518E8-F680-42CD-892C-B33B89BDFB34}
2011-11-03 17:55 - 2011-11-03 17:55 - 0000000 ____D C:\Users\James\AppData\Local\{748C87B0-4FF5-4C05-AF1E-680572B2C343}
2011-11-03 05:54 - 2011-11-03 05:54 - 0000000 ____D C:\Users\James\AppData\Local\{52073000-2CCB-45E8-9D46-A53392935A4D}
2011-11-03 05:54 - 2011-11-03 05:54 - 0000000 ____D C:\Users\James\AppData\Local\{24E9A9B6-957B-465E-AB52-B559B86B0FEC}
2011-11-02 17:53 - 2011-11-02 17:53 - 0000000 ____D C:\Users\James\AppData\Local\{CBCC131A-DA16-44F7-9B80-AA2EAA6790A3}
2011-11-02 17:53 - 2011-11-02 17:53 - 0000000 ____D C:\Users\James\AppData\Local\{4B430AF0-5206-41A3-AF7A-4B8F584E25F3}
2011-11-02 05:10 - 2011-11-02 05:04 - 88644551 ____A C:\Users\James\Downloads\DJ Hype & MC GQ @ A.W.O.L..mp3
2011-11-02 05:09 - 2011-11-02 05:05 - 55687241 ____A C:\Users\James\Downloads\Mickey Finn & MC GQ - A.W.O.L. 1993.mp3
2011-11-02 05:07 - 2011-11-02 05:03 - 57985064 ____A C:\Users\James\Downloads\Mickey Finn & MC GQ @ A.W.O.L. 'Live In London' Bank Holiday 1993.mp3
2011-11-02 05:07 - 2011-11-02 05:01 - 88132839 ____A C:\Users\James\Downloads\Dr S Gachet @ A.W.O.L. 'Live In London' August Bank Holiday 1993.mp3
2011-11-02 04:11 - 2011-11-02 04:10 - 0000000 ____D C:\Users\James\AppData\Local\{EA694243-9D34-4A9C-ABE1-365C3D1663EB}
2011-11-02 04:10 - 2011-11-02 04:10 - 0000000 ____D C:\Users\James\AppData\Local\{5012DF71-E94B-4CE7-AC0A-C3E8268EF318}
2011-11-01 16:10 - 2011-11-01 16:10 - 0000000 ____D C:\Users\James\AppData\Local\{672FF25B-94DB-4F0E-AD1C-3C91FD53FEC4}
2011-11-01 16:10 - 2011-11-01 16:09 - 0000000 ____D C:\Users\James\AppData\Local\{794018A8-8D63-4508-940B-0A2B695BCC04}
2011-11-01 04:09 - 2011-11-01 04:09 - 0000000 ____D C:\Users\James\AppData\Local\{9DF1829F-29CB-4FF2-8979-8C6AEB71C537}
2011-11-01 04:09 - 2011-11-01 04:08 - 0000000 ____D C:\Users\James\AppData\Local\{0AF9B88E-9DB0-4FFB-80D7-B65BA613197B}
2011-10-31 16:08 - 2011-10-31 16:08 - 0000000 ____D C:\Users\James\AppData\Local\{E570ECAB-132C-49BC-8823-46BFB07D5370}
2011-10-31 16:08 - 2011-10-31 16:08 - 0000000 ____D C:\Users\James\AppData\Local\{797A13DB-D311-4368-AE15-6C39A10317A2}
2011-10-31 03:04 - 2011-10-31 03:04 - 0000000 ____D C:\Users\James\AppData\Local\{FBD28021-0B35-4130-85C4-1513F0D6EE62}
2011-10-31 03:04 - 2011-10-31 03:04 - 0000000 ____D C:\Users\James\AppData\Local\{3609C237-0980-4E5A-9383-DB9286FE1B08}
2011-10-30 14:53 - 2011-10-30 14:53 - 0000000 ____D C:\Users\James\AppData\Local\{5587BECE-F5AD-4B0C-937B-EF7AD748CF11}
2011-10-30 14:53 - 2011-10-30 14:53 - 0000000 ____D C:\Users\James\AppData\Local\{27D481E7-E113-4231-8448-6E24450E9C32}
2011-10-30 02:52 - 2011-10-30 02:52 - 0000000 ____D C:\Users\James\AppData\Local\{78C72257-8051-49EE-8847-8D859EBD3DB2}
2011-10-30 02:52 - 2011-10-30 02:52 - 0000000 ____D C:\Users\James\AppData\Local\{66A224A8-03B0-4DC8-8A53-5C480721BF99}
2011-10-29 13:22 - 2011-10-29 13:22 - 0000000 ____D C:\Users\James\AppData\Local\{7315BB4D-A9F8-427F-923F-32C913CBCB4E}
2011-10-29 13:22 - 2011-10-29 13:21 - 0000000 ____D C:\Users\James\AppData\Local\{923A4781-81DB-419F-83E6-CEE0E9164120}
2011-10-29 01:21 - 2011-10-29 01:21 - 0000000 ____D C:\Users\James\AppData\Local\{CD603A51-C963-42D2-9C21-ADA1281F9DDE}
2011-10-29 01:21 - 2011-10-29 01:21 - 0000000 ____D C:\Users\James\AppData\Local\{9D8BC2DD-DB3C-43FE-BCDF-955FBADFB34C}
2011-10-28 02:36 - 2011-10-28 02:35 - 0000000 ____D C:\Users\James\AppData\Local\{C42A83F7-1D95-400A-9FD2-EFEAEDA51DE3}
2011-10-28 02:35 - 2011-10-28 02:35 - 0000000 ____D C:\Users\James\AppData\Local\{A9A3C9D9-2551-47B3-9FE2-8207F67DEC6E}
2011-10-27 04:34 - 2011-10-27 04:34 - 0000000 ____D C:\Users\James\AppData\Local\{967AB1B5-2020-4B24-8969-05026A14F547}
2011-10-27 04:34 - 2011-10-27 04:33 - 0000000 ____D C:\Users\James\AppData\Local\{6FF5FAFD-E8DA-4172-8E1E-173DD165664C}

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 14%
Total physical RAM: 3958.76 MB
Available physical RAM: 3371.02 MB
Total Pagefile: 3956.91 MB
Available Pagefile: 3362.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:97.56 GB) (Free:3.75 GB) NTFS
2 Drive d: () (Fixed) (Total:270.44 GB) (Free:108.46 GB) NTFS
3 Drive f: () (Fixed) (Total:97.66 GB) (Free:37.52 GB) NTFS
5 Drive h: () (Removable) (Total:14.89 GB) (Free:14.89 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
7 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 14 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 97 GB 101 MB
Partition 3 Primary 97 GB 97 GB
Partition 0 Extended 270 GB 195 GB
Partition 4 Logical 270 GB 195 GB

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 97 GB Healthy

Disk: 0
Partition 3
Type : 06
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F NTFS Partition 97 GB Healthy

Disk: 0
Partition 4
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 D NTFS Partition 270 GB Healthy

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 14 GB 31 KB

Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H FAT32 Removable 14 GB Healthy

==========================================================

Last Boot: 2012-01-19 16:45

======================= End Of Log ==========================
 
Hi chelseafan,

I hope you are still with me.
----------

Do you recognize any of these by chance??
Code: 
[B]C:\Users\James\AppData\Roaming\Hypue
C:\Users\James\AppData\Roaming\Lybeig
C:\Users\James\AppData\Roaming\Ohriva
C:\Users\James\AppData\Roaming\Ukyso
C:\Users\James\AppData\Roaming\Iteq
[/B]
----------
 
Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you are the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
 
Status
Not open for further replies.
Back
Top