Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Startup repari virus?


  • This topic is locked This topic is locked
23 replies to this topic

#1 Trigun1127

Trigun1127

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 25 July 2011 - 11:24 AM

Start up Repair virus?
Hay guys ive got a serious problem. A problem in wich the last time I got ... i reformated my computer. This time it pops up again and im convinced it must be a virus.

I went on youtube last and then suddenly ieplorer closes. the screen refreshes and i can see items in the taskbar being restarted. then suddenly windows shuts down through the normal process. it then restarts and windows loads its files and starts a system repair. Right now im using hirens boot mini windows XP to semi use my computer.

I found this link on the website and seems to address my problem. I dont want to act on any of the solutions on it just yet untill i hear from you guys.
http://www.bleepingcomputer.com/forums/topic396967.html

Also When my computer refreshed i went straight to task mangaer to see if any wierd processes would come up. Now i believe i saw a process up with jiberish in it.

I NEED HELP. I have too many important documents and files on comp to do a backup process then reinstall everything. This is a pivotal week for me.

So to recap I cant boot into windows normally. System repiar pops up and finds nothing ... rinse repeat

Edited by Trigun1127, 25 July 2011 - 11:25 AM.


BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:04 AM

Posted 25 July 2011 - 01:48 PM

Hi Trigun1127,

Welcome to Bleeping Computer. I will be assisting you with the issue.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]

#3 Trigun1127

Trigun1127
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 25 July 2011 - 02:30 PM

Here you go.Also thank you for the help VERY MUCH.

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.1.6
Ran by SYSTEM at 2011-07-25 15:22:56
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [] [x]
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP [423936 2009-06-02] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34088 2009-01-13] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 [1294136 2009-08-17] (TOSHIBA Corporation)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2010-11-29] (Apple Inc.)
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [x]
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [x]
HKU\Ritchie\...\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [9728 2009-07-13] (Microsoft Corporation)
HKLM\...\RunOnce: [*Restore] C:\windows\system32\rstrui.exe /RUNONCE [296960 2009-07-13] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

==================== Services (Whitelisted) ======

2 AgereModemAudio; C:\Program Files\LSI SoftModem\agr64svc.exe [16896 2009-03-27] (LSI Corporation)
2 RSELSVC; C:\Program Files\TOSHIBA\rselect\RSelSvc.exe /Service [65904 2009-07-07] (TOSHIBA Corporation)
3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService [407336 2011-03-16] (Valve Corporation)
2 TeamViewer6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2337144 2011-06-01] (TeamViewer GmbH)
3 TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [51512 2009-08-17] (TOSHIBA Corporation)
3 TOSHIBA HDD SSD Alert Service; "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe" [137560 2009-08-03] (TOSHIBA Corporation)
2 WDDMService; "C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe" [130560 2010-05-10] (WDC)
2 WDFME; "C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe" [1858048 2010-05-10] ()
2 WDSC; "C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe" [483328 2010-05-10] ()

========================== Drivers (Whitelisted) =============

3 AgereSoftModem; C:\Windows\System32\DRIVERS\agrsm64.sys [1208320 2009-07-21] (LSI Corporation)
1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-06-05] (DT Soft Ltd)
0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [44912 2009-07-30] (COMPAL ELECTRONIC INC.)
3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [35008 2009-06-22] (TOSHIBA Corporation)
3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIVX.sys [202016 2009-05-20] (Realtek Semiconductor Corp.)
3 rtl8192se; C:\Windows\System32\DRIVERS\rtl8192se.sys [942080 2009-08-26] (Realtek Semiconductor Corporation )
0 tos_sps64; C:\Windows\System32\DRIVERS\tos_sps64.sys [482384 2009-07-24] (TOSHIBA Corporation)
0 TVALZ; C:\Windows\System32\DRIVERS\TVALZ_O.SYS [26840 2009-07-14] (TOSHIBA Corporation)
3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [14464 2009-02-13] (Western Digital Technologies)
3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [x]
3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [x]
3 RtsUIR; C:\Windows\System32\DRIVERS\Rts516xIR.sys [x]
3 USBCCID; C:\Windows\System32\DRIVERS\RtsUCcid.sys [x]

========================== NetSvcs ========================

============ One Month Created Files and Folders ==============

2011-07-25 06:38 - 2011-07-25 06:38 - 0261368 ____A (Reimage®) C:\ReimageRepair.exe
2011-07-25 06:38 - 2011-07-25 06:38 - 0000000 ____D C:\rei
2011-07-25 06:24 - 2011-01-01 02:49 - 0017384 ____A (Microsoft Corporation) C:\Windows\System32\kdcom.dll
2011-07-25 05:58 - 2011-07-25 06:24 - 0000000 ____D C:\mal
2011-07-24 21:33 - 2011-07-24 21:33 - 0001646 __ASH C:\Users\Ritchie\AppData\Local\05a3a062i5h21hn5r14r184j8402x6866h8
2011-07-24 21:33 - 2011-07-24 21:33 - 0001646 __ASH C:\Users\All Users\05a3a062i5h21hn5r14r184j8402x6866h8
2011-07-24 21:33 - 2011-07-24 21:33 - 0001646 __ASH C:\ProgramData\05a3a062i5h21hn5r14r184j8402x6866h8
2011-07-24 19:29 - 2011-07-24 19:29 - 0000000 ____D C:\Users\Ritchie\Documents\CAPCOM
2011-07-24 19:07 - 2011-07-24 21:10 - 0000000 ____D C:\Program Files (x86)\Capcom
2011-07-24 10:33 - 2011-07-25 01:36 - 0000000 ____D C:\Program Files (x86)\MP3Gain
2011-07-23 21:02 - 2011-07-23 21:02 - 0000000 ____D C:\Program Files (x86)\Apple Software Update
2011-07-23 21:01 - 2011-07-25 14:12 - 0000000 __SHD C:\Config.Msi
2011-07-23 21:01 - 2011-07-23 21:01 - 0000000 ____D C:\Program Files\Bonjour
2011-07-23 21:01 - 2011-07-23 21:01 - 0000000 ____D C:\Program Files (x86)\Bonjour
2011-07-23 20:07 - 2011-07-23 20:07 - 0606908 ____A C:\Users\Ritchie\Desktop\The Elder Scrolls V Skyrim Theme Ringtone Download HD.mp3
2011-07-21 20:32 - 2011-07-06 15:52 - 0041272 ____A (Malwarebytes Corporation) C:\Windows\SysWOW64\Drivers\mbamswissarmy.sys
2011-07-21 20:22 - 2011-07-22 06:37 - 0008972 __ASH C:\Users\Ritchie\AppData\Local\8i77ft206gu8885x4ik6hya7g57ktd2b0t
2011-07-21 20:22 - 2011-07-22 06:37 - 0008972 __ASH C:\Users\All Users\8i77ft206gu8885x4ik6hya7g57ktd2b0t
2011-07-21 20:22 - 2011-07-22 06:37 - 0008972 __ASH C:\ProgramData\8i77ft206gu8885x4ik6hya7g57ktd2b0t
2011-07-17 16:51 - 2011-07-17 16:51 - 0000000 ____D C:\Users\Ritchie\Documents\Penumbra Overture
2011-07-16 19:21 - 2011-07-16 19:21 - 3559030 ____A C:\Users\Ritchie\Desktop\Unlimits - Haruka Kanata - Bleach ED28 - Tv Size.mp3
2011-07-16 16:53 - 2011-07-16 16:53 - 0000000 ____D C:\Program Files (x86)\Intelore
2011-07-16 10:24 - 2011-07-16 15:44 - 0000000 ____D C:\Program Files (x86)\Cain
2011-07-15 11:11 - 2011-07-15 11:11 - 0019610 ____A C:\Users\Ritchie\Desktop\The Truth edit.txt
2011-07-12 14:22 - 2011-06-10 18:56 - 3134464 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-07-12 14:22 - 2011-06-01 22:39 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:54 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 19:45 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 19:45 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 19:45 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-12 14:22 - 2011-06-01 19:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-07-12 14:22 - 2011-05-13 23:41 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-07-12 14:22 - 2011-05-13 23:41 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-07-12 14:22 - 2011-05-13 23:41 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-07-12 14:22 - 2011-05-13 23:41 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-07-12 14:22 - 2011-05-13 23:39 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-07-12 14:22 - 2011-05-13 23:36 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-07-12 14:22 - 2011-05-13 23:32 - 0338944 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-07-12 14:22 - 2011-05-13 22:35 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-07-12 14:22 - 2011-05-13 22:33 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-07-12 14:22 - 2011-05-13 22:32 - 0837120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-07-12 14:22 - 2011-05-13 22:32 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-07-12 14:22 - 2011-05-13 20:29 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-07-12 14:22 - 2011-05-13 20:29 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-07-12 11:22 - 2011-07-12 11:23 - 0000000 ____A C:\Users\Ritchie\filename.txt
2011-07-12 11:20 - 2011-07-12 11:29 - 0001073 ____A C:\Windows\Printfil.ini
2011-07-12 11:20 - 2007-12-30 22:00 - 0000000 ____N C:\Windows\161exp2.dll
2011-07-12 11:20 - 2007-12-30 22:00 - 0000000 ____N C:\Windows\161exp1.dll
2011-07-12 11:20 - 2007-12-30 22:00 - 0000000 ____N C:\Windows\1616925132.dll
2011-07-12 11:20 - 2007-12-30 22:00 - 0000000 ____N C:\Windows\1616925131.dll
2011-07-12 11:20 - 2007-12-30 22:00 - 0000000 ____N C:\Windows\1614915132.dll
2011-07-12 11:02 - 2011-07-23 20:48 - 0000000 ____D C:\Users\Ritchie\Desktop\agree and autho
2011-07-12 11:02 - 2011-07-12 11:02 - 0000000 ____D C:\Users\Ritchie\Desktop\payment plans
2011-07-12 07:34 - 2011-07-12 07:34 - 0212840 ____A (Apple Inc.) C:\Windows\System32\dnssdX.dll
2011-07-12 07:34 - 2011-07-12 07:34 - 0096104 ____A (Apple Inc.) C:\Windows\System32\dns-sd.exe
2011-07-12 07:34 - 2011-07-12 07:34 - 0085864 ____A (Apple Inc.) C:\Windows\System32\dnssd.dll
2011-07-12 07:34 - 2011-07-12 07:34 - 0061288 ____A (Apple Inc.) C:\Windows\System32\jdns_sd.dll
2011-07-12 07:20 - 2011-07-12 07:20 - 0178536 ____A (Apple Inc.) C:\Windows\SysWOW64\dnssdX.dll
2011-07-12 07:20 - 2011-07-12 07:20 - 0083816 ____A (Apple Inc.) C:\Windows\SysWOW64\dns-sd.exe
2011-07-12 07:20 - 2011-07-12 07:20 - 0073064 ____A (Apple Inc.) C:\Windows\SysWOW64\dnssd.dll
2011-07-12 07:20 - 2011-07-12 07:20 - 0050536 ____A (Apple Inc.) C:\Windows\SysWOW64\jdns_sd.dll
2011-07-11 18:05 - 2011-07-11 18:56 - 4296046 ___AT C:\Users\Ritchie\Desktop\Contract_Fall11Spring12_FSCJ.prn
2011-07-10 13:20 - 2011-07-10 13:20 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2011-07-09 16:11 - 2011-07-09 16:11 - 0000000 ____D C:\Users\Ritchie\Documents\DFO
2011-07-08 21:00 - 2011-07-21 20:32 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-07-08 20:50 - 2011-07-08 21:00 - 0011358 __ASH C:\Users\Ritchie\AppData\Local\1hu4i5i6c1wx6ngdh3brb4vh33mo74i8k66043
2011-07-08 20:50 - 2011-07-08 21:00 - 0011358 __ASH C:\Users\All Users\1hu4i5i6c1wx6ngdh3brb4vh33mo74i8k66043
2011-07-08 20:50 - 2011-07-08 21:00 - 0011358 __ASH C:\ProgramData\1hu4i5i6c1wx6ngdh3brb4vh33mo74i8k66043
2011-07-06 14:42 - 2011-07-06 14:42 - 0000000 ____D C:\Users\Ritchie\Documents\iRinger Tones
2011-07-06 14:41 - 2011-07-25 01:36 - 0000000 ____D C:\Users\All Users\iRinger
2011-07-06 14:41 - 2011-07-25 01:36 - 0000000 ____D C:\ProgramData\iRinger
2011-07-05 20:10 - 2011-07-05 20:13 - 0000000 ____D C:\Users\Ritchie\AppData\Local\Cranium_Consulting_and_Cu
2011-07-05 16:19 - 2011-07-12 19:30 - 0000000 ____D C:\Users\Ritchie\AppData\Local\Apple Computer
2011-07-05 16:19 - 2011-07-05 18:27 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\Apple Computer
2011-07-05 16:19 - 2009-05-18 09:17 - 0034152 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2011-07-05 16:19 - 2008-04-17 08:12 - 0126312 ____A (GEAR Software Inc.) C:\Windows\System32\GEARAspi64.dll
2011-07-05 16:19 - 2008-04-17 08:12 - 0107368 ____A (GEAR Software Inc.) C:\Windows\SysWOW64\GEARAspi.dll
2011-07-05 16:18 - 2011-07-25 14:12 - 0000000 ____D C:\Program Files\iTunes
2011-07-05 16:18 - 2011-07-25 14:12 - 0000000 ____D C:\Program Files (x86)\iTunes
2011-07-05 16:18 - 2011-07-25 14:10 - 0000000 ____D C:\Users\All Users\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-07-05 16:18 - 2011-07-25 14:10 - 0000000 ____D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-07-05 16:18 - 2011-07-25 14:10 - 0000000 ____D C:\Program Files\iPod
2011-07-05 16:17 - 2011-07-23 21:02 - 0000000 ____D C:\Users\Ritchie\AppData\Local\Apple
2011-07-05 16:17 - 2011-07-05 16:18 - 0000000 ____D C:\Users\All Users\Apple Computer
2011-07-05 16:17 - 2011-07-05 16:18 - 0000000 ____D C:\ProgramData\Apple Computer
2011-07-05 16:17 - 2011-07-05 16:17 - 0000000 ____D C:\Program Files\Common Files\Apple
2011-07-05 16:17 - 2011-07-05 16:17 - 0000000 ____D C:\Program Files (x86)\QuickTime
2011-07-05 16:16 - 2011-07-05 18:04 - 0000000 ____D C:\Users\All Users\Apple
2011-07-05 16:16 - 2011-07-05 18:04 - 0000000 ____D C:\ProgramData\Apple
2011-06-29 07:33 - 2011-05-24 03:21 - 0404992 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2011-06-29 07:33 - 2011-05-24 02:34 - 0145920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2011-06-29 07:33 - 2011-05-24 02:34 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2011-06-29 07:33 - 2011-05-24 02:34 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2011-06-29 07:33 - 2011-05-24 02:32 - 0252928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2011-06-27 22:33 - 2011-06-27 22:33 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\Toribash
2011-06-27 22:30 - 2011-06-27 22:30 - 0000000 ____D C:\Games


============ 3 Months Modified Files and Folders =============

2011-07-25 15:23 - 2011-07-25 15:22 - 0000000 ____D C:\FRST
2011-07-25 14:13 - 2009-07-13 18:34 - 0262144 ___AH C:\Windows\System32\config\COMPONENTS.LOG1
2011-07-25 14:12 - 2011-07-23 21:01 - 0000000 __SHD C:\Config.Msi
2011-07-25 14:12 - 2011-07-05 16:18 - 0000000 ____D C:\Program Files\iTunes
2011-07-25 14:12 - 2011-07-05 16:18 - 0000000 ____D C:\Program Files (x86)\iTunes
2011-07-25 14:12 - 2011-06-15 18:59 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\vlc
2011-07-25 14:12 - 2011-06-04 16:41 - 0000000 ____D C:\Users\Ritchie\Documents\OnLive App
2011-07-25 14:12 - 2011-06-02 18:49 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\uTorrent
2011-07-25 14:12 - 2011-06-02 16:23 - 0000000 ____D C:\Users\Ritchie\AppData\Local\TOSHIBA_Corporation
2011-07-25 14:12 - 2011-06-02 16:19 - 0000000 ____D C:\users\Ritchie
2011-07-25 14:12 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\wfp
2011-07-25 14:12 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\wbem
2011-07-25 14:12 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\DriverStore
2011-07-25 14:11 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2011-07-25 14:11 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\AppCompat
2011-07-25 14:10 - 2011-07-05 16:18 - 0000000 ____D C:\Users\All Users\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-07-25 14:10 - 2011-07-05 16:18 - 0000000 ____D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-07-25 14:10 - 2011-07-05 16:18 - 0000000 ____D C:\Program Files\iPod
2011-07-25 14:10 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files (x86)
2011-07-25 06:38 - 2011-07-25 06:38 - 0261368 ____A (Reimage®) C:\ReimageRepair.exe
2011-07-25 06:38 - 2011-07-25 06:38 - 0000000 ____D C:\rei
2011-07-25 06:24 - 2011-07-25 05:58 - 0000000 ____D C:\mal
2011-07-25 01:48 - 2009-07-13 18:34 - 0246784 ___AH C:\Windows\System32\config\DEFAULT.LOG1
2011-07-25 01:36 - 2011-07-24 10:33 - 0000000 ____D C:\Program Files (x86)\MP3Gain
2011-07-25 01:36 - 2011-07-06 14:41 - 0000000 ____D C:\Users\All Users\iRinger
2011-07-25 01:36 - 2011-07-06 14:41 - 0000000 ____D C:\ProgramData\iRinger
2011-07-25 01:34 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\LogFiles
2011-07-24 21:33 - 2011-07-24 21:33 - 0001646 __ASH C:\Users\Ritchie\AppData\Local\05a3a062i5h21hn5r14r184j8402x6866h8
2011-07-24 21:33 - 2011-07-24 21:33 - 0001646 __ASH C:\Users\All Users\05a3a062i5h21hn5r14r184j8402x6866h8
2011-07-24 21:33 - 2011-07-24 21:33 - 0001646 __ASH C:\ProgramData\05a3a062i5h21hn5r14r184j8402x6866h8
2011-07-24 21:10 - 2011-07-24 19:07 - 0000000 ____D C:\Program Files (x86)\Capcom
2011-07-24 19:29 - 2011-07-24 19:29 - 0000000 ____D C:\Users\Ritchie\Documents\CAPCOM
2011-07-24 16:31 - 2011-06-02 18:52 - 0000000 ____D C:\Users\Ritchie\Desktop\4
2011-07-24 15:33 - 2011-06-02 19:59 - 0000405 ____A C:\Users\Ritchie\Desktop\jap.txt
2011-07-24 14:52 - 2009-07-13 20:54 - 0524288 __ASH C:\Windows\System32\config\COMPONENTS{016888b9-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
2011-07-24 14:52 - 2009-07-13 20:54 - 0065536 __ASH C:\Windows\System32\config\COMPONENTS{016888b9-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
2011-07-24 14:04 - 2011-06-02 19:20 - 3193602048 __ASH C:\hiberfil.sys
2011-07-24 11:24 - 2011-06-23 07:13 - 1866202 ___AH C:\Users\Ritchie\AppData\Local\IconCache.db
2011-07-23 21:02 - 2011-07-23 21:02 - 0000000 ____D C:\Program Files (x86)\Apple Software Update
2011-07-23 21:02 - 2011-07-05 16:17 - 0000000 ____D C:\Users\Ritchie\AppData\Local\Apple
2011-07-23 21:01 - 2011-07-23 21:01 - 0000000 ____D C:\Program Files\Bonjour
2011-07-23 21:01 - 2011-07-23 21:01 - 0000000 ____D C:\Program Files (x86)\Bonjour
2011-07-23 20:55 - 2011-06-02 19:24 - 1538995 ____A C:\Windows\WindowsUpdate.log
2011-07-23 20:48 - 2011-07-12 11:02 - 0000000 ____D C:\Users\Ritchie\Desktop\agree and autho
2011-07-23 20:07 - 2011-07-23 20:07 - 0606908 ____A C:\Users\Ritchie\Desktop\The Elder Scrolls V Skyrim Theme Ringtone Download HD.mp3
2011-07-23 19:59 - 2009-07-13 21:13 - 0713888 ____A C:\Windows\System32\PerfStringBackup.INI
2011-07-23 19:59 - 2009-07-13 18:36 - 0615360 ____A C:\Windows\System32\perfh009.dat
2011-07-23 19:59 - 2009-07-13 18:36 - 0103702 ____A C:\Windows\System32\perfc009.dat
2011-07-23 19:54 - 2009-07-13 20:45 - 0016304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-07-23 19:54 - 2009-07-13 20:45 - 0016304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-07-23 19:49 - 2009-07-13 20:51 - 0050001 ____A C:\Windows\setupact.log
2011-07-23 19:46 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-07-22 06:37 - 2011-07-21 20:22 - 0008972 __ASH C:\Users\Ritchie\AppData\Local\8i77ft206gu8885x4ik6hya7g57ktd2b0t
2011-07-22 06:37 - 2011-07-21 20:22 - 0008972 __ASH C:\Users\All Users\8i77ft206gu8885x4ik6hya7g57ktd2b0t
2011-07-22 06:37 - 2011-07-21 20:22 - 0008972 __ASH C:\ProgramData\8i77ft206gu8885x4ik6hya7g57ktd2b0t
2011-07-21 20:32 - 2011-07-08 21:00 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-07-17 17:00 - 2011-06-02 19:48 - 0000000 ____D C:\Program Files (x86)\Steam
2011-07-17 16:51 - 2011-07-17 16:51 - 0000000 ____D C:\Users\Ritchie\Documents\Penumbra Overture
2011-07-16 19:21 - 2011-07-16 19:21 - 3559030 ____A C:\Users\Ritchie\Desktop\Unlimits - Haruka Kanata - Bleach ED28 - Tv Size.mp3
2011-07-16 18:33 - 2011-06-03 20:54 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\Skype
2011-07-16 17:59 - 2009-11-30 20:44 - 0321242 ____A C:\Windows\PFRO.log
2011-07-16 16:53 - 2011-07-16 16:53 - 0000000 ____D C:\Program Files (x86)\Intelore
2011-07-16 15:44 - 2011-07-16 10:24 - 0000000 ____D C:\Program Files (x86)\Cain
2011-07-15 11:11 - 2011-07-15 11:11 - 0019610 ____A C:\Users\Ritchie\Desktop\The Truth edit.txt
2011-07-13 14:28 - 2009-07-13 20:45 - 0334072 ____A C:\Windows\System32\FNTCACHE.DAT
2011-07-12 19:30 - 2011-07-05 16:19 - 0000000 ____D C:\Users\Ritchie\AppData\Local\Apple Computer
2011-07-12 19:25 - 2011-06-02 16:22 - 0077840 ____A C:\Users\Ritchie\AppData\Local\GDIPFONTCACHEV1.DAT
2011-07-12 11:29 - 2011-07-12 11:20 - 0001073 ____A C:\Windows\Printfil.ini
2011-07-12 11:23 - 2011-07-12 11:22 - 0000000 ____A C:\Users\Ritchie\filename.txt
2011-07-12 11:02 - 2011-07-12 11:02 - 0000000 ____D C:\Users\Ritchie\Desktop\payment plans
2011-07-12 07:34 - 2011-07-12 07:34 - 0212840 ____A (Apple Inc.) C:\Windows\System32\dnssdX.dll
2011-07-12 07:34 - 2011-07-12 07:34 - 0096104 ____A (Apple Inc.) C:\Windows\System32\dns-sd.exe
2011-07-12 07:34 - 2011-07-12 07:34 - 0085864 ____A (Apple Inc.) C:\Windows\System32\dnssd.dll
2011-07-12 07:34 - 2011-07-12 07:34 - 0061288 ____A (Apple Inc.) C:\Windows\System32\jdns_sd.dll
2011-07-12 07:20 - 2011-07-12 07:20 - 0178536 ____A (Apple Inc.) C:\Windows\SysWOW64\dnssdX.dll
2011-07-12 07:20 - 2011-07-12 07:20 - 0083816 ____A (Apple Inc.) C:\Windows\SysWOW64\dns-sd.exe
2011-07-12 07:20 - 2011-07-12 07:20 - 0073064 ____A (Apple Inc.) C:\Windows\SysWOW64\dnssd.dll
2011-07-12 07:20 - 2011-07-12 07:20 - 0050536 ____A (Apple Inc.) C:\Windows\SysWOW64\jdns_sd.dll
2011-07-11 21:02 - 2011-06-03 09:41 - 0000000 ____D C:\Users\Ritchie\AppData\Local\ElevatedDiagnostics
2011-07-11 21:02 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\NDF
2011-07-11 18:56 - 2011-07-11 18:05 - 4296046 ___AT C:\Users\Ritchie\Desktop\Contract_Fall11Spring12_FSCJ.prn
2011-07-10 13:20 - 2011-07-10 13:20 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2011-07-09 16:11 - 2011-07-09 16:11 - 0000000 ____D C:\Users\Ritchie\Documents\DFO
2011-07-08 21:00 - 2011-07-08 20:50 - 0011358 __ASH C:\Users\Ritchie\AppData\Local\1hu4i5i6c1wx6ngdh3brb4vh33mo74i8k66043
2011-07-08 21:00 - 2011-07-08 20:50 - 0011358 __ASH C:\Users\All Users\1hu4i5i6c1wx6ngdh3brb4vh33mo74i8k66043
2011-07-08 21:00 - 2011-07-08 20:50 - 0011358 __ASH C:\ProgramData\1hu4i5i6c1wx6ngdh3brb4vh33mo74i8k66043
2011-07-06 15:52 - 2011-07-21 20:32 - 0041272 ____A (Malwarebytes Corporation) C:\Windows\SysWOW64\Drivers\mbamswissarmy.sys
2011-07-06 15:52 - 2011-06-02 20:05 - 0025912 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2011-07-06 14:42 - 2011-07-06 14:42 - 0000000 ____D C:\Users\Ritchie\Documents\iRinger Tones
2011-07-05 20:13 - 2011-07-05 20:10 - 0000000 ____D C:\Users\Ritchie\AppData\Local\Cranium_Consulting_and_Cu
2011-07-05 18:27 - 2011-07-05 16:19 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\Apple Computer
2011-07-05 18:04 - 2011-07-05 16:16 - 0000000 ____D C:\Users\All Users\Apple
2011-07-05 18:04 - 2011-07-05 16:16 - 0000000 ____D C:\ProgramData\Apple
2011-07-05 16:18 - 2011-07-05 16:17 - 0000000 ____D C:\Users\All Users\Apple Computer
2011-07-05 16:18 - 2011-07-05 16:17 - 0000000 ____D C:\ProgramData\Apple Computer
2011-07-05 16:17 - 2011-07-05 16:17 - 0000000 ____D C:\Program Files\Common Files\Apple
2011-07-05 16:17 - 2011-07-05 16:17 - 0000000 ____D C:\Program Files (x86)\QuickTime
2011-07-05 16:16 - 2011-06-02 16:19 - 0000000 ____D C:\Users\Ritchie\AppData\LocalLow
2011-07-04 08:52 - 2009-07-13 21:08 - 0032622 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2011-07-01 18:41 - 2011-06-05 16:29 - 0000000 ____D C:\Users\Ritchie\AppData\Local\The Witcher
2011-06-30 09:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Microsoft.NET
2011-06-27 22:33 - 2011-06-27 22:33 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\Toribash
2011-06-27 22:30 - 2011-06-27 22:30 - 0000000 ____D C:\Games
2011-06-23 07:11 - 2011-06-23 07:11 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\Mozilla
2011-06-17 15:51 - 2011-06-17 15:51 - 0000000 ____D C:\Windows\Sun
2011-06-17 07:55 - 2009-11-30 20:35 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2011-06-17 06:32 - 2009-07-13 20:54 - 0524288 __ASH C:\Windows\System32\config\COMPONENTS{016888b9-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
2011-06-17 06:21 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\Microsoft Shared
2011-06-17 06:15 - 2011-06-03 06:56 - 0404640 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2011-06-15 18:59 - 2011-06-15 18:59 - 0001041 ____A C:\Users\Public\Desktop\VLC media player.lnk
2011-06-14 17:40 - 2011-06-14 17:40 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2011-06-14 08:37 - 2011-06-13 16:37 - 0000000 ____D C:\Users\Ritchie\AppData\Local\PMB Files
2011-06-13 17:23 - 2011-06-13 17:14 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\NeopleLauncherDFO
2011-06-13 16:58 - 2011-06-13 16:58 - 0000000 ____D C:\Users\All Users\NexonUS
2011-06-13 16:58 - 2011-06-13 16:58 - 0000000 ____D C:\ProgramData\NexonUS
2011-06-13 16:58 - 2011-06-13 16:58 - 0000000 ____D C:\Nexon
2011-06-13 16:46 - 2011-06-13 16:37 - 0000000 ____D C:\Users\All Users\PMB Files
2011-06-13 16:46 - 2011-06-13 16:37 - 0000000 ____D C:\ProgramData\PMB Files
2011-06-13 16:37 - 2011-06-13 16:37 - 0000000 ____D C:\Program Files (x86)\Pando Networks
2011-06-12 22:36 - 2011-06-12 21:54 - 0000011 ___RA C:\Windows\amunres.lsl
2011-06-12 22:24 - 2011-06-03 23:16 - 0000000 ____D C:\Users\All Users\Innovative Solutions
2011-06-12 22:24 - 2011-06-03 23:16 - 0000000 ____D C:\ProgramData\Innovative Solutions
2011-06-11 08:14 - 2011-06-11 08:14 - 0001143 ____A C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
2011-06-11 08:14 - 2011-06-11 08:14 - 0001131 ____A C:\Users\Public\Desktop\Game Booster.lnk
2011-06-11 08:14 - 2011-06-11 08:14 - 0000000 ____D C:\Users\All Users\IObit
2011-06-11 08:14 - 2011-06-11 08:14 - 0000000 ____D C:\ProgramData\IObit
2011-06-11 08:14 - 2011-06-11 08:14 - 0000000 ____D C:\Program Files (x86)\IObit
2011-06-10 18:56 - 2011-07-12 14:22 - 3134464 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-06-09 22:14 - 2011-06-09 22:14 - 0000000 ____D C:\Users\Ritchie\AppData\Local\ALI213
2011-06-09 19:08 - 2011-06-03 23:14 - 0000000 ____D C:\Windows\SysWOW64\directx
2011-06-09 19:08 - 2011-06-02 20:00 - 0000000 ___HD C:\Windows\msdownld.tmp
2011-06-07 16:55 - 2011-06-07 16:55 - 0000000 ____D C:\Users\All Users\Hewlett-Packard
2011-06-07 16:55 - 2011-06-07 16:55 - 0000000 ____D C:\ProgramData\Hewlett-Packard
2011-06-05 16:29 - 2011-06-05 16:29 - 0000000 ____D C:\Users\Ritchie\Documents\The Witcher
2011-06-05 16:29 - 2011-06-05 16:29 - 0000000 ____D C:\Users\Public\Documents\The Witcher
2011-06-05 16:08 - 2011-06-05 16:06 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\DAEMON Tools Lite
2011-06-05 16:07 - 2011-06-05 16:07 - 0254528 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2011-06-05 16:07 - 2011-06-05 16:06 - 0000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2011-06-05 16:06 - 2011-06-05 16:06 - 0000000 ____D C:\Program Files (x86)\DAEMON Tools Toolbar
2011-06-05 15:44 - 2011-06-05 15:44 - 0000000 ____D C:\Users\Public\Documents\DAEMON Tools Images
2011-06-05 15:37 - 2011-06-02 19:57 - 0000000 ____D C:\Program Files (x86)\TOSHIBA Games
2011-06-05 15:02 - 2011-06-05 15:02 - 0000894 ____A C:\Users\Ritchie\Desktop\MWSnap 3.lnk
2011-06-05 15:02 - 2011-06-05 15:02 - 0000000 ____D C:\Program Files (x86)\MWSnap
2011-06-05 11:57 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\rescache
2011-06-05 11:13 - 2011-06-03 20:09 - 0000000 ____D C:\Users\Ritchie\AppData\Local\Adobe
2011-06-04 16:41 - 2011-06-04 16:41 - 0001824 ____A C:\Users\Public\Desktop\OnLive Launcher.lnk
2011-06-04 16:41 - 2011-06-04 16:41 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\OnLive App
2011-06-04 16:41 - 2011-06-04 16:40 - 0000000 ____D C:\Program Files (x86)\OnLive
2011-06-04 06:12 - 2011-06-02 16:20 - 0000174 ___SH C:\Users\Ritchie\Start Menu\Programs\Startup\desktop.ini
2011-06-04 06:12 - 2011-06-02 16:20 - 0000174 ___SH C:\Users\Ritchie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2011-06-03 23:21 - 2011-06-03 23:09 - 0000000 ____D C:\Users\Ritchie\Documents\Duke Nukem Forever Demo
2011-06-03 23:18 - 2009-11-30 20:34 - 0041306 ____A C:\Windows\DirectX.log
2011-06-03 23:17 - 2011-06-03 23:16 - 0000000 ____D C:\Users\Ritchie\AppData\Local\Innovative Solutions
2011-06-03 23:16 - 2011-06-03 23:16 - 0000000 ____D C:\Program Files (x86)\Innovative Solutions
2011-06-03 23:09 - 2011-06-03 23:09 - 0000000 ____D C:\Users\Ritchie\AppData\Local\3DMGAME
2011-06-03 22:57 - 2011-06-03 22:57 - 0000000 ____D C:\Users\Ritchie\AppData\Local\Downloaded Installations
2011-06-03 21:54 - 2011-06-03 21:54 - 0000000 ____D C:\Windows\pss
2011-06-03 21:52 - 2011-06-03 21:25 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\TeamViewer
2011-06-03 21:19 - 2011-06-03 21:19 - 0000000 ____D C:\Program Files (x86)\TeamViewer
2011-06-03 20:55 - 2011-06-03 20:55 - 0000056 ___AH C:\Windows\SysWOW64\ezsidmv.dat
2011-06-03 20:55 - 2011-06-03 20:55 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\skypePM
2011-06-03 20:55 - 2011-06-03 20:55 - 0000000 ____D C:\Users\All Users\Skype Extras
2011-06-03 20:55 - 2011-06-03 20:55 - 0000000 ____D C:\ProgramData\Skype Extras
2011-06-03 20:54 - 2011-06-03 20:54 - 0002515 ____A C:\Users\Public\Desktop\Skype.lnk
2011-06-03 20:54 - 2011-06-03 20:54 - 0000000 ___RD C:\Program Files (x86)\Skype
2011-06-03 20:54 - 2011-06-03 20:54 - 0000000 ____D C:\Users\All Users\Skype
2011-06-03 20:54 - 2011-06-03 20:54 - 0000000 ____D C:\ProgramData\Skype
2011-06-03 20:09 - 2011-06-02 16:28 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\Adobe
2011-06-02 20:35 - 2011-06-02 20:35 - 0431104 ____A (Creative Labs) C:\Windows\System32\wrap_oal.dll
2011-06-02 20:35 - 2011-06-02 20:35 - 0409600 ____A (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2011-06-02 20:35 - 2011-06-02 20:35 - 0136192 ____A (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\System32\OpenAL32.dll
2011-06-02 20:35 - 2011-06-02 20:35 - 0114688 ____A (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2011-06-02 20:35 - 2011-06-02 20:35 - 0000000 ____D C:\Program Files (x86)\OpenAL
2011-06-02 20:33 - 2011-06-02 20:33 - 0000000 ____D C:\Program Files (x86)\Penumbra
2011-06-02 20:31 - 2011-06-02 20:22 - 0000000 ____D C:\Users\Ritchie\Desktop\morrowindfpsoptimizer196
2011-06-02 20:13 - 2009-07-13 21:01 - 0039252 ____A C:\Windows\SysWOW64\license.rtf
2011-06-02 20:13 - 2009-07-13 21:01 - 0039252 ____A C:\Windows\System32\license.rtf
2011-06-02 20:12 - 2009-07-13 20:45 - 0000000 ____D C:\Windows\debug
2011-06-02 20:11 - 2011-06-02 20:11 - 0000000 ____A C:\Windows\NDSTray.INI
2011-06-02 20:10 - 2009-11-30 20:07 - 0000000 ____D C:\Windows\Panther
2011-06-02 20:10 - 2009-07-13 20:46 - 0003043 ____A C:\Windows\DtcInstall.log
2011-06-02 20:10 - 2009-07-13 19:20 - 0000000 ___AD C:\Windows\System32\sysprep
2011-06-02 20:07 - 2011-06-02 20:07 - 0000000 ____D C:\Program Files (x86)\Bethesda Softworks
2011-06-02 20:06 - 2011-06-02 20:06 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\Malwarebytes
2011-06-02 20:05 - 2011-06-02 20:05 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-06-02 20:05 - 2011-06-02 20:05 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-06-02 20:03 - 2011-06-02 20:03 - 0000000 ____D C:\Windows\SysWOW64\Macromed
2011-06-02 20:03 - 2011-06-02 20:02 - 0000000 ____D C:\Users\All Users\Adobe
2011-06-02 20:03 - 2011-06-02 20:02 - 0000000 ____D C:\ProgramData\Adobe
2011-06-02 20:02 - 2011-06-02 20:02 - 0000000 ____D C:\Program Files (x86)\Corel
2011-06-02 20:02 - 2011-06-02 20:02 - 0000000 ____D C:\Program Files (x86)\AMD APP
2011-06-02 20:02 - 2011-06-02 20:02 - 0000000 ____D C:\Program Files (x86)\Adobe
2011-06-02 20:01 - 2011-06-02 20:01 - 0000000 ____D C:\Program Files\ATI Technologies
2011-06-02 20:00 - 2011-06-02 20:00 - 0031517 ____A C:\Windows\ie8_main.log
2011-06-02 19:56 - 2011-06-02 19:56 - 0000000 ____D C:\Users\All Users\NortonInstaller
2011-06-02 19:56 - 2011-06-02 19:56 - 0000000 ____D C:\ProgramData\NortonInstaller
2011-06-02 19:56 - 2011-06-02 19:56 - 0000000 ____D C:\Program Files (x86)\NortonInstaller
2011-06-02 19:52 - 2009-11-30 20:30 - 0000000 ____D C:\Windows\Downloaded Installations
2011-06-02 19:51 - 2011-06-02 19:48 - 0000000 ____D C:\Users\All Users\win7_64
2011-06-02 19:51 - 2011-06-02 19:48 - 0000000 ____D C:\Users\All Users\win7_32
2011-06-02 19:51 - 2011-06-02 19:48 - 0000000 ____D C:\ProgramData\win7_64
2011-06-02 19:51 - 2011-06-02 19:48 - 0000000 ____D C:\ProgramData\win7_32
2011-06-02 19:49 - 2011-06-02 19:48 - 0000000 ____D C:\Windows\System32\Microsoft.VC80.MFC
2011-06-02 19:48 - 2011-06-02 19:48 - 0000888 ____A C:\Users\Public\Desktop\Steam.lnk
2011-06-02 19:48 - 2011-06-02 19:48 - 0000000 ____D C:\Windows\SysWOW64\Microsoft.VC80.MFC
2011-06-02 19:48 - 2011-06-02 19:48 - 0000000 ____D C:\Users\All Users\XP
2011-06-02 19:48 - 2011-06-02 19:48 - 0000000 ____D C:\Users\All Users\Vista64
2011-06-02 19:48 - 2011-06-02 19:48 - 0000000 ____D C:\Users\All Users\Vista32
2011-06-02 19:48 - 2011-06-02 19:48 - 0000000 ____D C:\ProgramData\XP
2011-06-02 19:48 - 2011-06-02 19:48 - 0000000 ____D C:\ProgramData\Vista64
2011-06-02 19:48 - 2011-06-02 19:48 - 0000000 ____D C:\ProgramData\Vista32
2011-06-02 19:48 - 2011-06-02 19:44 - 0000000 ____D C:\Program Files (x86)\Realtek
2011-06-02 19:47 - 2011-06-02 19:47 - 0007896 ____A C:\Windows\DPINST.LOG
2011-06-02 19:47 - 2011-06-02 19:47 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01007.Wdf
2011-06-02 19:47 - 2011-06-02 19:47 - 0000000 ____D C:\Program Files\Synaptics
2011-06-02 19:46 - 2011-06-02 19:46 - 0000000 ____D C:\Windows\Options
2011-06-02 19:46 - 2011-06-02 19:46 - 0000000 ____D C:\Program Files\ltmoh
2011-06-02 19:46 - 2011-06-02 19:46 - 0000000 ____D C:\Program Files\LSI SoftModem
2011-06-02 19:46 - 2011-06-02 19:46 - 0000000 ____D C:\Program Files (x86)\Realtek WLAN Driver
2011-06-02 19:45 - 2011-06-02 19:45 - 0000000 ____D C:\Windows\SysWOW64\RTCOM
2011-06-02 19:45 - 2011-06-02 19:45 - 0000000 ____D C:\Program Files\Realtek
2011-06-02 19:43 - 2011-06-02 19:43 - 0000000 ____D C:\Users\All Users\ATI
2011-06-02 19:43 - 2011-06-02 19:43 - 0000000 ____D C:\ProgramData\ATI
2011-06-02 19:43 - 2011-06-02 19:42 - 0000000 ____D C:\Program Files (x86)\ATI Technologies
2011-06-02 19:42 - 2011-06-02 19:42 - 0000000 ____D C:\Program Files\ATI
2011-06-02 19:40 - 2009-11-30 20:29 - 0000000 ____D C:\Program Files (x86)\Intel
2011-06-02 19:28 - 2011-06-02 19:06 - 0000000 ____D C:\Users\Ritchie\Documents\My RoboForm Data
2011-06-02 19:21 - 2011-06-02 19:21 - 0000000 ____D C:\Users\Ritchie\AppData\Local\WDC
2011-06-02 19:21 - 2009-11-30 20:23 - 0003540 ____A C:\Windows\TSSysprep.log
2011-06-02 19:20 - 2011-06-02 19:20 - 0000000 ____A C:\Windows\ativpsrm.bin
2011-06-02 19:19 - 2009-07-13 21:38 - 0025600 __ASH C:\Windows\System32\config\BCD-Template.LOG
2011-06-02 19:19 - 2009-07-13 21:32 - 0028672 ____A C:\Windows\System32\config\BCD-Template
2011-06-02 19:17 - 2011-06-02 19:17 - 0000151 ____A C:\Users\All Users\Microsoft.SqlServer.Compact.351.32.bc
2011-06-02 19:17 - 2011-06-02 19:17 - 0000151 ____A C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2011-06-02 19:17 - 2011-06-02 19:17 - 0000000 ____D C:\Users\Ritchie\AppData\Local\Western Digital
2011-06-02 19:17 - 2011-06-02 19:17 - 0000000 ____D C:\Users\All Users\Western Digital
2011-06-02 19:17 - 2011-06-02 19:17 - 0000000 ____D C:\ProgramData\Western Digital
2011-06-02 19:17 - 2011-06-02 19:17 - 0000000 ____D C:\Program Files\Western Digital
2011-06-02 19:17 - 2011-06-02 19:17 - 0000000 ____D C:\Program Files (x86)\Western Digital
2011-06-02 19:09 - 2011-06-02 19:09 - 0000000 ____D C:\Users\All Users\DAEMON Tools Lite
2011-06-02 19:09 - 2011-06-02 19:09 - 0000000 ____D C:\ProgramData\DAEMON Tools Lite
2011-06-02 19:06 - 2011-06-02 19:06 - 0000000 ____D C:\Users\All Users\RoboForm
2011-06-02 19:06 - 2011-06-02 19:06 - 0000000 ____D C:\ProgramData\RoboForm
2011-06-02 19:05 - 2011-06-02 19:05 - 0000000 ____D C:\Program Files (x86)\Siber Systems
2011-06-02 19:02 - 2011-06-02 19:02 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\WinRAR
2011-06-02 19:01 - 2011-06-02 19:01 - 0000000 ____D C:\Program Files (x86)\WinRAR
2011-06-02 18:53 - 2011-06-02 18:53 - 0000000 ____D C:\Program Files (x86)\VideoLAN
2011-06-02 18:50 - 2011-06-02 18:50 - 0000918 ____A C:\Users\Public\Desktop\µTorrent.lnk
2011-06-02 18:50 - 2011-06-02 18:50 - 0000000 ____D C:\Program Files (x86)\uTorrent
2011-06-02 18:44 - 2011-06-02 18:40 - 0004139 ____A C:\Windows\IE9_main.log
2011-06-02 18:44 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\PolicyDefinitions
2011-06-02 18:43 - 2011-06-02 18:43 - 3695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2011-06-02 18:43 - 2011-06-02 18:43 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2011-06-02 18:43 - 2011-06-02 18:43 - 1492992 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2011-06-02 18:43 - 2011-06-02 18:43 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2011-06-02 18:43 - 2011-06-02 18:43 - 1389056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 1126912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-06-02 18:43 - 2011-06-02 18:43 - 0434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-06-02 18:43 - 2011-06-02 18:43 - 0353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0236544 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2011-06-02 18:43 - 2011-06-02 18:43 - 0165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2011-06-02 18:43 - 2011-06-02 18:43 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2011-06-02 18:43 - 2011-06-02 18:43 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2011-06-02 18:43 - 2011-06-02 18:43 - 0150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2011-06-02 18:43 - 2011-06-02 18:43 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2011-06-02 18:43 - 2011-06-02 18:43 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2011-06-02 18:43 - 2011-06-02 18:43 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2011-06-02 18:43 - 2011-06-02 18:43 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2011-06-02 18:43 - 2011-06-02 18:43 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2011-06-02 18:43 - 2011-06-02 18:43 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2011-06-02 18:43 - 2011-06-02 18:43 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2011-06-02 18:43 - 2011-06-02 18:43 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2011-06-02 18:43 - 2011-06-02 18:43 - 0072822 ____A C:\Windows\SysWOW64\ieuinit.inf
2011-06-02 18:43 - 2011-06-02 18:43 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2011-06-02 18:43 - 2011-06-02 18:43 - 0066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2011-06-02 18:43 - 2011-06-02 18:43 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-06-02 18:43 - 2011-06-02 18:43 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2011-06-02 18:43 - 2011-06-02 18:43 - 0011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2011-06-02 18:43 - 2011-06-02 18:43 - 0010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-06-02 18:43 - 2011-06-02 18:43 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-06-02 18:42 - 2011-06-02 18:42 - 4068864 ____A (Microsoft Corporation) C:\Windows\System32\mf.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 3181568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 1888256 ____A (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2011-06-02 18:42 - 2011-06-02 18:42 - 1863680 ____A (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 1837568 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 1619456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2011-06-02 18:42 - 2011-06-02 18:42 - 1540608 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 1495040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 1170944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 1133568 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 1074176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 0982912 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2011-06-02 18:42 - 2011-06-02 18:42 - 0902656 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 0739840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 0470016 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 0320512 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 0283648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 0265088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2011-06-02 18:42 - 2011-06-02 18:42 - 0257024 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 0229888 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 0218624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 0206848 ____A (Microsoft Corporation) C:\Windows\System32\mfps.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 0196608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 0144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2011-06-02 18:42 - 2011-06-02 18:42 - 0135168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2011-06-02 18:35 - 2011-06-02 19:56 - 0000000 ____D C:\Users\All Users\Norton
2011-06-02 18:35 - 2011-06-02 19:56 - 0000000 ____D C:\ProgramData\Norton
2011-06-02 18:35 - 2009-11-30 20:31 - 0000000 ____D C:\Users\All Users\Partner
2011-06-02 18:35 - 2009-11-30 20:31 - 0000000 ____D C:\ProgramData\Partner
2011-06-02 18:35 - 2009-11-30 20:31 - 0000000 ____D C:\Program Files\Google
2011-06-02 18:35 - 2009-11-30 20:30 - 0000000 ____D C:\Program Files (x86)\Toshiba
2011-06-02 18:35 - 2009-11-30 20:29 - 0000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2011-06-02 18:35 - 2009-11-30 20:29 - 0000000 ____D C:\Program Files\TOSHIBA
2011-06-02 18:35 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\Windows Sidebar
2011-06-02 18:35 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files (x86)\Windows Sidebar
2011-06-02 18:35 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\config\TxR
2011-06-02 18:34 - 2009-07-13 23:45 - 0000000 ____D C:\Windows\ShellNew
2011-06-02 18:34 - 2009-07-13 19:20 - 0000000 ___RD C:\users\Public
2011-06-02 18:06 - 2011-06-02 16:21 - 0000000 ____D C:\Users\Ritchie\AppData\Local\Toshiba
2011-06-02 17:57 - 2011-06-02 20:01 - 0000000 ____D C:\Program Files (x86)\TOSHIBA Corporation
2011-06-02 17:56 - 2011-06-02 19:57 - 0000000 ____D C:\Users\All Users\WildTangent
2011-06-02 17:56 - 2011-06-02 19:57 - 0000000 ____D C:\ProgramData\WildTangent
2011-06-02 17:56 - 2009-11-30 20:30 - 0000000 ____D C:\Users\All Users\Toshiba
2011-06-02 17:56 - 2009-11-30 20:30 - 0000000 ____D C:\ProgramData\Toshiba
2011-06-02 17:55 - 2011-06-02 19:26 - 0000000 ____D C:\Program Files (x86)\Microsoft Works
2011-06-02 17:53 - 2011-06-02 16:28 - 0000000 ____D C:\Users\Ritchie\AppData\Local\Google
2011-06-02 17:51 - 2011-06-02 19:29 - 0000000 ____D C:\Users\All Users\Microsoft Help
2011-06-02 17:51 - 2011-06-02 19:29 - 0000000 ____D C:\ProgramData\Microsoft Help
2011-06-02 17:51 - 2011-06-02 19:26 - 0000000 ____D C:\Program Files (x86)\Microsoft Office
2011-06-02 16:33 - 2011-06-02 16:33 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\Macromedia
2011-06-02 16:28 - 2011-06-02 16:28 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\Google
2011-06-02 16:23 - 2011-06-02 16:23 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\Toshiba
2011-06-02 16:22 - 2011-06-02 16:22 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\ATI
2011-06-02 16:22 - 2011-06-02 16:22 - 0000000 ____D C:\Users\Ritchie\AppData\Local\ATI
2011-06-02 16:20 - 2011-06-02 16:20 - 0000013 __RSH C:\Windows\System32\Drivers\fbd.sys
2011-06-02 16:20 - 2011-06-02 16:20 - 0000000 ____D C:\Users\Ritchie\AppData\Local\VirtualStore
2011-06-02 16:20 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\SysWOW64\sysprep
2011-06-02 16:20 - 2009-07-13 19:18 - 0000000 __SHD C:\$Recycle.Bin
2011-06-02 16:19 - 2011-06-02 16:19 - 0000020 __ASH C:\Users\Ritchie\ntuser.ini
2011-06-02 16:19 - 2011-06-02 16:19 - 0000000 __SHD C:\Users\Ritchie\Templates
2011-06-02 16:19 - 2011-06-02 16:19 - 0000000 __SHD C:\Users\Ritchie\Start Menu
2011-06-02 16:19 - 2011-06-02 16:19 - 0000000 __SHD C:\Users\Ritchie\PrintHood
2011-06-02 16:19 - 2011-06-02 16:19 - 0000000 __SHD C:\Users\Ritchie\NetHood
2011-06-02 16:19 - 2011-06-02 16:19 - 0000000 __SHD C:\Users\Ritchie\My Documents
2011-06-02 16:19 - 2011-06-02 16:19 - 0000000 __SHD C:\Users\Ritchie\Documents\My Videos
2011-06-02 16:19 - 2011-06-02 16:19 - 0000000 __SHD C:\Users\Ritchie\Documents\My Pictures
2011-06-02 16:19 - 2011-06-02 16:19 - 0000000 __SHD C:\Users\Ritchie\Documents\My Music
2011-06-02 16:19 - 2011-06-02 16:19 - 0000000 __SHD C:\Users\Ritchie\AppData\Local\Temporary Internet Files
2011-06-02 16:19 - 2011-06-02 16:19 - 0000000 __SHD C:\Users\Ritchie\AppData\Local\History
2011-06-02 16:19 - 2011-06-02 16:19 - 0000000 ____D C:\Users\Ritchie\AppData\Roaming\WinBatch
2011-06-02 16:19 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\System32\restore
2011-06-01 22:39 - 2011-07-12 14:22 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-06-01 22:23 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-06-01 21:54 - 2011-07-12 14:22 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-06-01 21:45 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-06-01 19:45 - 2011-07-12 14:22 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-06-01 19:45 - 2011-07-12 14:22 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-06-01 19:45 - 2011-07-12 14:22 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-06-01 19:45 - 2011-07-12 14:22 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-05-28 14:35 - 2011-06-02 19:32 - 97799956 ____A C:\Users\Ritchie\Desktop\LOUDER_DUBSTEP [www.keepvid.com].mp4
2011-05-28 12:07 - 2011-06-02 19:32 - 9687535 ____A C:\Users\Ritchie\Desktop\DJ Fresh - Louder (Flux Pavilion and Doctor P Remix).mp3
2011-05-24 15:14 - 2011-06-02 16:43 - 0270720 ____A (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2011-05-24 03:21 - 2011-06-29 07:33 - 0404992 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2011-05-24 02:34 - 2011-06-29 07:33 - 0145920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2011-05-24 02:34 - 2011-06-29 07:33 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2011-05-24 02:34 - 2011-06-29 07:33 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2011-05-24 02:32 - 2011-06-29 07:33 - 0252928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2011-05-13 23:41 - 2011-07-12 14:22 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-05-13 23:41 - 2011-07-12 14:22 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-05-13 23:41 - 2011-07-12 14:22 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-05-13 23:41 - 2011-07-12 14:22 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-05-13 23:39 - 2011-07-12 14:22 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-05-13 23:36 - 2011-07-12 14:22 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-05-13 23:32 - 2011-07-12 14:22 - 0338944 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-05-13 22:35 - 2011-07-12 14:22 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-05-13 22:33 - 2011-07-12 14:22 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-05-13 22:32 - 2011-07-12 14:22 - 0837120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-05-13 22:32 - 2011-07-12 14:22 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-05-13 20:29 - 2011-07-12 14:22 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-05-13 20:29 - 2011-07-12 14:22 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-05-10 04:06 - 2011-05-10 04:06 - 4517664 ____A (Apple, Inc.) C:\Windows\System32\usbaaplrc.dll
2011-05-10 04:06 - 2011-05-10 04:06 - 0051712 ____A (Apple, Inc.) C:\Windows\System32\Drivers\usbaapl64.sys
2011-05-08 10:59 - 2011-06-02 19:32 - 128344992 ____A C:\Users\Ritchie\Desktop\Linkin Park - The Catalyst (Official HD) [www.keepvid.com].mp4
2011-05-03 18:51 - 2011-06-16 13:44 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-05-03 18:51 - 2011-06-16 13:44 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-05-03 18:51 - 2011-06-16 13:44 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-05-02 21:21 - 2011-06-16 13:44 - 0976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2011-05-02 20:50 - 2011-06-16 13:44 - 0740864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2011-04-28 19:13 - 2011-06-16 13:44 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-04-28 19:12 - 2011-06-16 13:44 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-04-28 19:12 - 2011-06-16 13:44 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-04-26 18:57 - 2011-06-16 13:44 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 13%
Total physical RAM: 4060.86 MB
Available physical RAM: 3523.29 MB
Total Pagefile: 4059.01 MB
Available Pagefile: 3509.72 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (TI105756W0B) (Fixed) (Total:287.64 GB) (Free:221.94 GB) NTFS
2 Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.27 GB) NTFS
4 Drive f: (LEXAR MEDIA) (Removable) (Total:0.12 GB) (Free:0.08 GB) FAT
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==========================================================

Last Boot: 2011-07-24 14:34

======================= End Of Log ==========================

Edited by Trigun1127, 25 July 2011 - 02:31 PM.


#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:04 AM

Posted 25 July 2011 - 03:37 PM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

start
2011-07-24 21:33 - 2011-07-24 21:33 - 0001646 __ASH C:\Users\Ritchie\AppData\Local\05a3a062i5h21hn5r14r184j8402x6866h8
2011-07-24 21:33 - 2011-07-24 21:33 - 0001646 __ASH C:\Users\All Users\05a3a062i5h21hn5r14r184j8402x6866h8
2011-07-24 21:33 - 2011-07-24 21:33 - 0001646 __ASH C:\ProgramData\05a3a062i5h21hn5r14r184j8402x6866h8
2011-07-21 20:22 - 2011-07-22 06:37 - 0008972 __ASH C:\Users\Ritchie\AppData\Local\8i77ft206gu8885x4ik6hya7g57ktd2b0t
2011-07-21 20:22 - 2011-07-22 06:37 - 0008972 __ASH C:\Users\All Users\8i77ft206gu8885x4ik6hya7g57ktd2b0t
2011-07-21 20:22 - 2011-07-22 06:37 - 0008972 __ASH C:\ProgramData\8i77ft206gu8885x4ik6hya7g57ktd2b0t
2011-07-12 11:20 - 2007-12-30 22:00 - 0000000 ____N C:\Windows\161exp2.dll
2011-07-12 11:20 - 2007-12-30 22:00 - 0000000 ____N C:\Windows\161exp1.dll
2011-07-12 11:20 - 2007-12-30 22:00 - 0000000 ____N C:\Windows\1616925132.dll
2011-07-12 11:20 - 2007-12-30 22:00 - 0000000 ____N C:\Windows\1616925131.dll
2011-07-12 11:20 - 2007-12-30 22:00 - 0000000 ____N C:\Windows\1614915132.dll
cmd: bootrec /FixMbr
Control:
end

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Also restart and let Windows boot normally and tell me how it went. In case Windows booted you will get a pop up from system restore. Please accept the current restore point and don't reverse it to the previous state.

#5 Trigun1127

Trigun1127
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 25 July 2011 - 04:27 PM

Fix result of Farbars's Recovery Tool (FRST written by farbar version 2.1.6)
Ran by SYSTEM at 2011-07-25 17:18:44 R:1
Running from F:\

==============================================

C:\Users\Ritchie\AppData\Local\05a3a062i5h21hn5r14r184j8402x6866h8 moved successfully.
C:\Users\All Users\05a3a062i5h21hn5r14r184j8402x6866h8 moved successfully.
C:\ProgramData\05a3a062i5h21hn5r14r184j8402x6866h8 not found.
C:\Users\Ritchie\AppData\Local\8i77ft206gu8885x4ik6hya7g57ktd2b0t moved successfully.
C:\Users\All Users\8i77ft206gu8885x4ik6hya7g57ktd2b0t moved successfully.
C:\ProgramData\8i77ft206gu8885x4ik6hya7g57ktd2b0t not found.
C:\Windows\161exp2.dll moved successfully.
C:\Windows\161exp1.dll moved successfully.
C:\Windows\1616925132.dll moved successfully.
C:\Windows\1616925131.dll moved successfully.
C:\Windows\1614915132.dll moved successfully.

========= bootrec /FixMbr =========

ÿþT



So this time when i booted. I saw the "windows is starting" or "loading" but the animation didnt even show by the time it started to load windows files and went into system repair.

Edited by Trigun1127, 25 July 2011 - 04:28 PM.


#6 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:04 AM

Posted 25 July 2011 - 05:29 PM

Please tell me if that is the whole Fixlog.txt? It is not the full log we should get. In case the log is more than what you
have posted please post the whole log.

it started to load windows files and went into system repair.

What do you mean? do you mean "startup repair" or "system restore"?

Did Windows booted fully or not.

#7 Trigun1127

Trigun1127
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 25 July 2011 - 05:44 PM

Here is the attatchment. It should have been the whole log file.
Fix result of Farbars's Recovery Tool (FRST written by farbar version 2.1.6)
Ran by SYSTEM at 2011-07-25 17:18:44 R:1
Running from F:\

==============================================

C:\Users\Ritchie\AppData\Local\05a3a062i5h21hn5r14r184j8402x6866h8 moved successfully.
C:\Users\All Users\05a3a062i5h21hn5r14r184j8402x6866h8 moved successfully.
C:\ProgramData\05a3a062i5h21hn5r14r184j8402x6866h8 not found.
C:\Users\Ritchie\AppData\Local\8i77ft206gu8885x4ik6hya7g57ktd2b0t moved successfully.
C:\Users\All Users\8i77ft206gu8885x4ik6hya7g57ktd2b0t moved successfully.
C:\ProgramData\8i77ft206gu8885x4ik6hya7g57ktd2b0t not found.
C:\Windows\161exp2.dll moved successfully.
C:\Windows\161exp1.dll moved successfully.
C:\Windows\1616925132.dll moved successfully.
C:\Windows\1616925131.dll moved successfully.
C:\Windows\1614915132.dll moved successfully.

========= bootrec /FixMbr =========

ÿþT

It booted up into start up repair.

I restarted my comp then i saw "windows is starting" I didnt get to see the animation then it started "loading windows files" then startup repiar started to scan. It did not boot.

Edited by Trigun1127, 25 July 2011 - 05:45 PM.


#8 Trigun1127

Trigun1127
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 25 July 2011 - 05:45 PM

Attached File  Fixlog.txt   1.04KB   2 downloads

Fix result of Farbars's Recovery Tool (FRST written by farbar version 2.1.6)
Ran by SYSTEM at 2011-07-25 17:18:44 R:1
Running from F:\

==============================================

C:\Users\Ritchie\AppData\Local\05a3a062i5h21hn5r14r184j8402x6866h8 moved successfully.
C:\Users\All Users\05a3a062i5h21hn5r14r184j8402x6866h8 moved successfully.
C:\ProgramData\05a3a062i5h21hn5r14r184j8402x6866h8 not found.
C:\Users\Ritchie\AppData\Local\8i77ft206gu8885x4ik6hya7g57ktd2b0t moved successfully.
C:\Users\All Users\8i77ft206gu8885x4ik6hya7g57ktd2b0t moved successfully.
C:\ProgramData\8i77ft206gu8885x4ik6hya7g57ktd2b0t not found.
C:\Windows\161exp2.dll moved successfully.
C:\Windows\161exp1.dll moved successfully.
C:\Windows\1616925132.dll moved successfully.
C:\Windows\1616925131.dll moved successfully.
C:\Windows\1614915132.dll moved successfully.

========= bootrec /FixMbr =========

ÿþT h e o p e r a t i o n c o m p l e t e d s u c c e s s f u l l y .

========= End of CMD: =========

The operation completed successfully.

Edited by farbar, 25 July 2011 - 05:47 PM.


#9 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:04 AM

Posted 25 July 2011 - 05:47 PM

Now I see the whole log. Did you let the startup repair to run to completion?

#10 Trigun1127

Trigun1127
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 25 July 2011 - 06:04 PM

Yes i have many times before it does nothing. Ive had the exact same problem before and it resulted in me reformating my hardrive.

#11 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:04 AM

Posted 25 July 2011 - 06:09 PM

Please don't go back and add to the earlier post. The log you posted the second time is a copy of the first log. The one you attached is complete, I opened the content of it.

Yes i have many times before it does nothing.

You mean even before the fix you saw "saw "windows is starting" and then "loading windows files"? In other words the fix did not change anything in the process of booting?

#12 Trigun1127

Trigun1127
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 25 July 2011 - 06:14 PM

Yes as this is part of the problem im going through. Before the fix i would get to "windows is starting" then Windows is loading files. Then startup repair starts to scan. It never finds anything. The fix didnt change anything besides that the period between "windows is starting" and windows loading files was alot faster.

#13 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:04 AM

Posted 25 July 2011 - 06:19 PM

Please try the following option:

Use F8 at startup to get to Advanced Boot Option. Select Safe Mode (not safe mode with networking) and tell me how far it goes.

#14 Trigun1127

Trigun1127
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 25 July 2011 - 07:54 PM

Safe mode did nothing. It went straight to windlows loading files and startup repair

#15 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:04 AM

Posted 26 July 2011 - 02:51 AM

It seems in both cases Windows tries to load into Safe Mode. In normal mode we don't get Windows is loading files.

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

start
cmd: bcdedit /enum all
end

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users