Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect Goolge Virus Infection


  • This topic is locked This topic is locked
29 replies to this topic

#1 etoilethay

etoilethay

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 19 November 2011 - 10:10 PM

According to boopme directions,here http://www.bleepingcomputer.com/forums/topic428387.html/

I am posting this file after conducting dss scan
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Acer at 22:03:20 on 2011-11-19
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3893.2263 [GMT -5:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\xampp\filezillaftp\filezillaserver.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\xampp\mysql\bin\mysqld.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Users\Acer\AppData\Local\auditpol.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://googl.com/
mWinlogon: Userinit=userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - C:\Program Files (x86)\FlashGet\jccatch.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - C:\Program Files (x86)\FlashGet\getflash.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
uRun: [Google Update] "C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
uRun: [AdobeBridge]
uRun: [auditpol] C:\Users\Acer\AppData\Local\auditpol.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Flashget] "C:\Program Files (x86)\FlashGet\FlashGet.exe" /min
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm
IE: &Download with FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
TCP: DhcpNameServer = 64.71.255.198
TCP: Interfaces\{143BC2E3-6841-4BBD-8291-7984937A5A8B} : DhcpNameServer = 64.71.255.198
TCP: Interfaces\{143BC2E3-6841-4BBD-8291-7984937A5A8B}\25F47454253523536373 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{1DA276D0-7CF9-4239-AE84-482A619DBF7E} : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: FGCatchUrl: {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll
BHO-X64: flashget urlcatch - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: FlashGet GetFlash Class: {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [Flashget] "C:\Program Files (x86)\FlashGet\FlashGet.exe" /min
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRunOnce-x64: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
IE-X64: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\wqcsu8ob.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Acer\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-3 13336]
R2 rimspci;rimspci;C:\Windows\system32\DRIVERS\rimspe64.sys --> C:\Windows\system32\DRIVERS\rimspe64.sys [?]
R2 risdpcie;risdpcie;C:\Windows\system32\DRIVERS\risdpe64.sys --> C:\Windows\system32\DRIVERS\risdpe64.sys [?]
R2 rixdpcie;rixdpcie;C:\Windows\system32\DRIVERS\rixdpe64.sys --> C:\Windows\system32\DRIVERS\rixdpe64.sys [?]
R2 SSPORT;SSPORT;\??\C:\Windows\system32\Drivers\SSPORT.sys --> C:\Windows\system32\Drivers\SSPORT.sys [?]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-10-3 2320920]
R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\system32\drivers\synth3dvsc.sys --> C:\Windows\system32\drivers\synth3dvsc.sys [?]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys --> C:\Windows\system32\drivers\terminpt.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 tsusbhub;tsusbhub;C:\Windows\system32\drivers\tsusbhub.sys --> C:\Windows\system32\drivers\tsusbhub.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-11-20 03:03:13 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3B24D4E2-13F3-4ABA-BB32-33436B49D655}\offreg.dll
2011-11-20 03:03:11 8570192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3B24D4E2-13F3-4ABA-BB32-33436B49D655}\mpengine.dll
2011-11-20 02:55:20 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-11-18 20:05:55 208896 ----a-w- C:\Windows\MBR.exe
2011-11-18 18:38:33 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-18 15:23:16 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-11-18 14:59:24 25160 ----a-w- C:\Windows\System32\drivers\hitmanpro35.sys
2011-11-18 14:58:56 -------- d-----w- C:\ProgramData\Hitman Pro
2011-11-18 13:41:04 -------- d-----w- C:\Users\Acer\AppData\Roaming\Malwarebytes
2011-11-18 13:40:57 -------- d-----w- C:\ProgramData\Malwarebytes
2011-11-18 13:22:01 -------- d-----w- C:\Users\Acer\AppData\Roaming\Sammsoft
2011-11-18 04:12:05 -------- d-----w- C:\Program Files (x86)\CCleaner
2011-11-18 03:09:26 64512 --sha-w- C:\Users\Acer\AppData\Local\auditpol.exe
2011-11-18 03:09:26 26624 --sha-w- C:\Users\Acer\AppData\Local\auditpol.dll
2011-11-17 16:14:26 -------- d-----w- C:\Program Files (x86)\Market Samurai
2011-11-10 19:49:15 -------- d-----w- C:\Users\Acer\AppData\Local\ElevatedDiagnostics
2011-11-10 16:35:11 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
2011-11-10 16:35:11 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2011-11-10 16:35:00 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2011-11-10 16:35:00 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-11-10 16:34:48 -------- d-----w- C:\Program Files (x86)\Microsoft WSE
2011-11-09 13:23:57 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-11-09 13:23:57 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-09 13:23:27 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-11-09 13:22:56 3144704 ----a-w- C:\Windows\System32\win32k.sys
2011-11-09 02:08:58 -------- d-----w- C:\ProgramData\IsolatedStorage
2011-11-07 15:03:41 -------- d-----w- C:\Windows\System32\appmgmt
2011-11-02 19:32:29 2110656 ----a-w- C:\ProgramData\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2011-11-02 19:26:11 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2011-10-31 14:39:25 -------- d-----w- C:\Users\Acer\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-10-30 02:56:50 -------- d-----w- C:\Users\Acer\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
2011-10-27 00:50:47 -------- d-----w- C:\Program Files (x86)\Photo Frame Genius
2011-10-27 00:41:56 -------- d-----w- C:\Program Files (x86)\FramePhotoEditor
2011-10-26 23:28:13 -------- d-----w- C:\Users\Acer\PhotoFrame Logs
2011-10-26 23:25:44 -------- d-----w- C:\Users\Acer\AppData\Roaming\onOne Software
2011-10-26 23:24:34 -------- d-----w- C:\ProgramData\onOne Software
2011-10-26 23:24:34 -------- d-----w- C:\Program Files (x86)\onOne Software
2011-10-23 20:22:22 -------- d-----w- C:\Users\Acer\AppData\Roaming\Adobe Mini Bridge CS5
2011-10-23 20:22:21 -------- d-----w- C:\Users\Acer\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2011-10-23 04:04:53 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2011-10-21 12:30:44 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
.
==================== Find3M ====================
.
2011-11-15 14:14:28 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-18 14:35:16 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2011-10-18 14:35:16 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2011-10-03 15:52:39 95544 ----a-w- C:\Windows\System32\bcmwlcoi.dll
2011-10-03 15:52:39 6656 ----a-w- C:\Windows\System32\bcmwlrc.dll
2011-10-03 15:52:39 4720704 ----a-w- C:\Windows\System32\drivers\BCMWL664.SYS
2011-10-03 15:52:39 3905848 ----a-w- C:\Windows\System32\bcmihvsrv64.dll
2011-10-03 15:52:39 3571512 ----a-w- C:\Windows\System32\bcmihvui64.dll
2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll
2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-08-27 05:37:49 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2011-08-27 05:37:48 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-08-27 04:26:27 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-08-27 04:26:27 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
.
============= FINISH: 22:03:59.78 ===============
working on losing my belly fat :D

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:55 PM

Posted 23 November 2011 - 02:05 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.

Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 etoilethay

etoilethay
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 23 November 2011 - 09:03 AM

Hello and thanks for the response:
I ran the two programs without problems
here are my dss log:

DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Acer at 8:59:11 on 2011-11-23
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3893.2283 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\xampp\filezillaftp\filezillaserver.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\xampp\mysql\bin\mysqld.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Acer\AppData\Local\auditpol.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\Windows\explorer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\explorer.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://googl.com/
mWinlogon: Userinit=userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - C:\Program Files (x86)\FlashGet\jccatch.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - C:\Program Files (x86)\FlashGet\getflash.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
uRun: [Google Update] "C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
uRun: [AdobeBridge]
uRun: [auditpol] C:\Users\Acer\AppData\Local\auditpol.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Flashget] "C:\Program Files (x86)\FlashGet\FlashGet.exe" /min
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm
IE: &Download with FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
TCP: DhcpNameServer = 64.71.255.198
TCP: Interfaces\{143BC2E3-6841-4BBD-8291-7984937A5A8B} : DhcpNameServer = 64.71.255.198
TCP: Interfaces\{143BC2E3-6841-4BBD-8291-7984937A5A8B}\25F47454253523536373 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{1DA276D0-7CF9-4239-AE84-482A619DBF7E} : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: FGCatchUrl: {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll
BHO-X64: flashget urlcatch - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: FlashGet GetFlash Class: {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [Flashget] "C:\Program Files (x86)\FlashGet\FlashGet.exe" /min
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
IE-X64: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\wqcsu8ob.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Acer\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-3 13336]
R2 rimspci;rimspci;C:\Windows\system32\DRIVERS\rimspe64.sys --> C:\Windows\system32\DRIVERS\rimspe64.sys [?]
R2 risdpcie;risdpcie;C:\Windows\system32\DRIVERS\risdpe64.sys --> C:\Windows\system32\DRIVERS\risdpe64.sys [?]
R2 rixdpcie;rixdpcie;C:\Windows\system32\DRIVERS\rixdpe64.sys --> C:\Windows\system32\DRIVERS\rixdpe64.sys [?]
R2 SSPORT;SSPORT;\??\C:\Windows\system32\Drivers\SSPORT.sys --> C:\Windows\system32\Drivers\SSPORT.sys [?]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-10-3 2320920]
R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\system32\drivers\synth3dvsc.sys --> C:\Windows\system32\drivers\synth3dvsc.sys [?]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys --> C:\Windows\system32\drivers\terminpt.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 tsusbhub;tsusbhub;C:\Windows\system32\drivers\tsusbhub.sys --> C:\Windows\system32\drivers\tsusbhub.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-11-23 00:21:37 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{759CF55B-D7CE-4802-BDC1-C5938CDF318F}\offreg.dll
2011-11-23 00:21:32 8570192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{759CF55B-D7CE-4802-BDC1-C5938CDF318F}\mpengine.dll
2011-11-20 02:55:20 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-11-18 20:05:55 208896 ----a-w- C:\Windows\MBR.exe
2011-11-18 18:38:33 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-18 15:23:16 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-11-18 14:59:24 25160 ----a-w- C:\Windows\System32\drivers\hitmanpro35.sys
2011-11-18 14:58:56 -------- d-----w- C:\ProgramData\Hitman Pro
2011-11-18 13:41:04 -------- d-----w- C:\Users\Acer\AppData\Roaming\Malwarebytes
2011-11-18 13:40:57 -------- d-----w- C:\ProgramData\Malwarebytes
2011-11-18 13:22:01 -------- d-----w- C:\Users\Acer\AppData\Roaming\Sammsoft
2011-11-18 04:12:05 -------- d-----w- C:\Program Files (x86)\CCleaner
2011-11-18 03:09:26 64512 --sha-w- C:\Users\Acer\AppData\Local\auditpol.exe
2011-11-18 03:09:26 26624 --sha-w- C:\Users\Acer\AppData\Local\auditpol.dll
2011-11-17 16:14:26 -------- d-----w- C:\Program Files (x86)\Market Samurai
2011-11-10 19:49:15 -------- d-----w- C:\Users\Acer\AppData\Local\ElevatedDiagnostics
2011-11-10 16:35:11 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
2011-11-10 16:35:11 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2011-11-10 16:35:00 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2011-11-10 16:35:00 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-11-10 16:34:48 -------- d-----w- C:\Program Files (x86)\Microsoft WSE
2011-11-09 13:23:57 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-11-09 13:23:57 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-09 13:23:27 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-11-09 13:22:56 3144704 ----a-w- C:\Windows\System32\win32k.sys
2011-11-09 02:08:58 -------- d-----w- C:\ProgramData\IsolatedStorage
2011-11-07 15:03:41 -------- d-----w- C:\Windows\System32\appmgmt
2011-11-02 19:32:29 2110656 ----a-w- C:\ProgramData\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2011-11-02 19:26:11 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2011-10-31 14:39:25 -------- d-----w- C:\Users\Acer\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-10-30 02:56:50 -------- d-----w- C:\Users\Acer\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
2011-10-27 00:50:47 -------- d-----w- C:\Program Files (x86)\Photo Frame Genius
2011-10-27 00:41:56 -------- d-----w- C:\Program Files (x86)\FramePhotoEditor
2011-10-26 23:28:13 -------- d-----w- C:\Users\Acer\PhotoFrame Logs
2011-10-26 23:25:44 -------- d-----w- C:\Users\Acer\AppData\Roaming\onOne Software
2011-10-26 23:24:34 -------- d-----w- C:\ProgramData\onOne Software
2011-10-26 23:24:34 -------- d-----w- C:\Program Files (x86)\onOne Software
.
==================== Find3M ====================
.
2011-11-15 14:14:28 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-18 14:35:16 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2011-10-18 14:35:16 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2011-10-03 15:52:39 95544 ----a-w- C:\Windows\System32\bcmwlcoi.dll
2011-10-03 15:52:39 6656 ----a-w- C:\Windows\System32\bcmwlrc.dll
2011-10-03 15:52:39 4720704 ----a-w- C:\Windows\System32\drivers\BCMWL664.SYS
2011-10-03 15:52:39 3905848 ----a-w- C:\Windows\System32\bcmihvsrv64.dll
2011-10-03 15:52:39 3571512 ----a-w- C:\Windows\System32\bcmihvui64.dll
2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll
2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-08-27 05:37:49 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2011-08-27 05:37:48 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-08-27 04:26:27 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-08-27 04:26:27 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
.
============= FINISH: 8:59:39.82 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 10/2/2011 2:54:38 PM
System Uptime: 11/23/2011 7:16:03 AM (1 hours ago)
.
Motherboard: Dell Inc. | | 0G939P
Processor: Intel® Core™ i5 CPU M 520 @ 2.40GHz | U2E1 | 2400/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 423.88 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP6: 11/17/2011 11:12:52 PM - Installed Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64).
RP7: 11/17/2011 11:15:24 PM - Installed Dragon NaturallySpeaking 11.
RP8: 11/18/2011 8:20:55 AM - ARO 2011 - Before Installation
RP9: 11/18/2011 8:22:05 AM - ARO 2011 - FIRST RUN
RP10: 11/18/2011 8:35:36 AM - ARO 2011 Fri, Nov 18, 11 08:35
RP11: 11/18/2011 8:37:55 AM - Windows Update
RP12: 11/18/2011 12:43:53 PM - Removed Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64).
RP13: 11/18/2011 5:02:19 PM - Restore Operation
RP14: 11/18/2011 5:28:36 PM - Windows Update
RP15: 11/19/2011 10:55:11 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
3D Flash Animator 4 Release 5
AccelerometerP11
Adobe AIR
Adobe Community Help
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader X (10.1.1)
Artisteer 3
CCleaner (remove only)
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
FlashGet 1.9.6.1073
Google Chrome
Intel® Graphics Media Accelerator Driver
Intel® Management Engine Components
Intel® Rapid Storage Technology
Malwarebytes' Anti-Malware version 1.51.2.1300
Market Samurai
McAfee Security Scan Plus
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft WSE 3.0
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox 8.0 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
PDF Settings CS5
Photo Frame Genius 2.3.1
PhotoFrame 4.6.3 Free
Pure Codec
Readiris Pro 10
Readiris Pro 7.5
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
RICOH Media Driver ver.2.07.01.04
Samsung SCX-4100 Series
Samsung SCX-4100 Series - TWAIN
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SmarThru 4
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Voipwise
WinRAR 4.01 (32-bit)
XAMPP 1.7.7
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
11/22/2011 5:47:20 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
11/22/2011 5:46:57 PM, Error: Service Control Manager [7000] - The DgiVecp service failed to start due to the following error: The system cannot find the device specified.
11/19/2011 9:42:30 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
11/18/2011 5:08:34 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 0.0.0.0;0.0.0.0 Engine version: 0.0.0.0
11/18/2011 3:11:13 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
11/18/2011 3:10:52 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
11/18/2011 2:27:46 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
11/18/2011 2:26:30 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
11/18/2011 2:02:49 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
11/18/2011 2:02:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/18/2011 2:02:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/18/2011 2:02:44 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21
11/18/2011 2:02:36 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/18/2011 2:02:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/18/2011 2:02:29 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter spldr Wanarpv6
11/18/2011 12:42:51 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
11/18/2011 1:35:05 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
.
==== End Of File ===========================
working on losing my belly fat :D

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:55 PM

Posted 23 November 2011 - 10:43 AM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 etoilethay

etoilethay
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 23 November 2011 - 01:00 PM

All my browsers are gone!
when I click on the browser, I get this message "Illegal operation attempted on a registry key that has been marked for deletion"

I am posting from another computer
here is the log

ComboFix 11-11-23.01 - Acer 11/23/2011 12:43:59.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3893.2589 [GMT -5:00]
Running from: c:\users\Acer\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Acer\AppData\Local\auditpol.dll
c:\users\Acer\AppData\Local\auditpol.exe
c:\windows\SysWow64\1.txt
.
.
((((((((((((((((((((((((( Files Created from 2011-10-23 to 2011-11-23 )))))))))))))))))))))))))))))))
.
.
2011-11-23 17:47 . 2011-11-23 17:47 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{759CF55B-D7CE-4802-BDC1-C5938CDF318F}\offreg.dll
2011-11-23 17:46 . 2011-11-23 17:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-18 18:38 . 2011-11-20 02:55 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-11-18 15:23 . 2011-11-18 17:59 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-11-18 14:59 . 2011-11-18 14:59 25160 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-11-18 14:58 . 2011-11-18 14:58 -------- d-----w- c:\programdata\Hitman Pro
2011-11-18 13:41 . 2011-11-18 13:41 -------- d-----w- c:\users\Acer\AppData\Roaming\Malwarebytes
2011-11-18 13:40 . 2011-11-18 13:40 -------- d-----w- c:\programdata\Malwarebytes
2011-11-18 13:22 . 2011-11-18 17:43 -------- d-----w- c:\users\Acer\AppData\Roaming\Sammsoft
2011-11-18 04:12 . 2011-11-18 04:12 -------- d-----w- c:\program files (x86)\CCleaner
2011-11-17 16:14 . 2011-11-17 16:14 -------- d-----w- c:\program files (x86)\Market Samurai
2011-11-10 19:49 . 2011-11-18 18:12 -------- d-----w- c:\users\Acer\AppData\Local\ElevatedDiagnostics
2011-11-10 16:35 . 2011-11-10 16:35 -------- d-----w- c:\program files\Microsoft Synchronization Services
2011-11-10 16:35 . 2011-11-10 16:35 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-11-10 16:35 . 2011-11-10 16:35 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2011-11-10 16:35 . 2011-11-10 16:35 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-11-10 16:34 . 2011-11-10 16:34 -------- d-----w- c:\program files (x86)\Microsoft WSE
2011-11-09 13:23 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-09 13:23 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-09 13:23 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 13:22 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys
2011-11-09 02:08 . 2011-11-09 02:08 -------- d-----w- c:\programdata\IsolatedStorage
2011-11-07 16:47 . 2011-11-07 16:47 -------- d-----w- c:\windows\system32\Macromed
2011-11-07 15:03 . 2011-11-07 15:03 -------- d-----w- c:\windows\system32\appmgmt
2011-11-02 19:32 . 2011-11-03 20:39 2110656 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2011-11-02 19:26 . 2011-11-07 15:12 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0
2011-10-31 14:39 . 2011-10-31 14:39 -------- d-----w- c:\users\Acer\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-10-30 02:56 . 2011-10-30 02:56 -------- d-----w- c:\users\Acer\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
2011-10-27 00:50 . 2011-10-27 00:52 -------- d-----w- c:\program files (x86)\Photo Frame Genius
2011-10-27 00:41 . 2011-10-27 00:42 -------- d-----w- c:\program files (x86)\FramePhotoEditor
2011-10-26 23:28 . 2011-10-26 23:28 -------- d-----w- c:\users\Acer\PhotoFrame Logs
2011-10-26 23:25 . 2011-10-26 23:28 -------- d-----w- c:\users\Acer\AppData\Roaming\onOne Software
2011-10-26 23:24 . 2011-10-26 23:24 -------- d-----w- c:\programdata\onOne Software
2011-10-26 23:24 . 2011-10-26 23:24 -------- d-----w- c:\program files (x86)\onOne Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-15 14:14 . 2011-10-18 19:45 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-18 14:35 . 2007-11-14 15:13 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-10-18 14:35 . 2007-11-14 15:13 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-10-11 19:14 . 2011-10-11 19:14 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E36307D5-F51C-46B5-8E58-545E34C448AF}\gapaengine.dll
2011-10-07 04:16 . 2011-10-04 23:25 8570192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-10-04 23:03 . 2011-10-04 23:03 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-10-04 23:03 . 2011-10-04 23:03 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-10-04 23:03 . 2011-10-04 23:03 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-10-04 23:03 . 2011-10-04 23:03 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-10-04 23:03 . 2011-10-04 23:03 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-10-04 23:03 . 2011-10-04 23:03 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-10-04 23:03 . 2011-10-04 23:03 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-10-04 23:03 . 2011-10-04 23:03 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-10-04 23:03 . 2011-10-04 23:03 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-10-04 23:03 . 2011-10-04 23:03 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-10-04 23:03 . 2011-10-04 23:03 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-10-04 23:03 . 2011-10-04 23:03 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-10-04 23:03 . 2011-10-04 23:03 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-10-04 23:03 . 2011-10-04 23:03 448512 ----a-w- c:\windows\system32\html.iec
2011-10-04 23:03 . 2011-10-04 23:03 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-10-04 23:03 . 2011-10-04 23:03 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-10-04 23:03 . 2011-10-04 23:03 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-10-04 23:03 . 2011-10-04 23:03 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-10-04 23:03 . 2011-10-04 23:03 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-10-04 23:03 . 2011-10-04 23:03 222208 ----a-w- c:\windows\system32\msls31.dll
2011-10-04 23:03 . 2011-10-04 23:03 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-10-04 23:03 . 2011-10-04 23:03 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-10-04 23:03 . 2011-10-04 23:03 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-10-04 23:03 . 2011-10-04 23:03 160256 ----a-w- c:\windows\system32\wextract.exe
2011-10-04 23:03 . 2011-10-04 23:03 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-10-04 23:03 . 2011-10-04 23:03 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-10-04 23:03 . 2011-10-04 23:03 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-10-04 23:03 . 2011-10-04 23:03 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-10-04 23:03 . 2011-10-04 23:03 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-10-04 23:03 . 2011-10-04 23:03 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-10-04 23:03 . 2011-10-04 23:03 12288 ----a-w- c:\windows\system32\mshta.exe
2011-10-04 23:03 . 2011-10-04 23:03 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-10-04 23:03 . 2011-10-04 23:03 114176 ----a-w- c:\windows\system32\admparse.dll
2011-10-04 23:03 . 2011-10-04 23:03 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-10-04 23:03 . 2011-10-04 23:03 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-10-04 23:03 . 2011-10-04 23:03 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-10-03 16:12 . 2011-10-11 19:14 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2011-10-03 15:52 . 2011-10-03 15:52 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2011-10-03 15:52 . 2011-10-03 15:52 95544 ----a-w- c:\windows\system32\bcmwlcoi.dll
2011-10-03 15:52 . 2011-10-03 15:52 4720704 ----a-w- c:\windows\system32\drivers\BCMWL664.SYS
2011-10-03 15:52 . 2011-10-03 15:52 3905848 ----a-w- c:\windows\system32\bcmihvsrv64.dll
2011-10-03 15:52 . 2011-10-03 15:52 3571512 ----a-w- c:\windows\system32\bcmihvui64.dll
2011-09-21 13:00 . 2011-10-02 19:17 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D7F9540B-3D48-4943-8F2E-DB121FBBFFB2}\mpengine.dll
2011-09-01 05:24 . 2011-10-14 03:34 2309120 ----a-w- c:\windows\system32\jscript9.dll
2011-09-01 05:17 . 2011-10-14 03:34 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-09-01 05:12 . 2011-10-14 03:34 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-01 02:35 . 2011-10-14 03:34 1798144 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-09-01 02:28 . 2011-10-14 03:34 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-09-01 02:22 . 2011-10-14 03:34 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-08-27 05:37 . 2011-10-13 20:21 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-08-27 05:37 . 2011-10-13 20:21 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-08-27 04:26 . 2011-10-13 20:21 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-08-27 04:26 . 2011-10-13 20:21 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2011-08-22 6276408]
"AdobeBridge"="" [BU]
"auditpol"="c:\users\Acer\AppData\Local\auditpol.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Flashget"="c:\program files (x86)\FlashGet\FlashGet.exe" [2007-09-25 2007088]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" [2011-10-18 273528]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [x]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys [x]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1917812455-3220424052-4218777028-1000Core.job
- c:\users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-03 23:06]
.
2011-11-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1917812455-3220424052-4218777028-1000UA.job
- c:\users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-03 23:06]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-22 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-22 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-22 411672]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://googl.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Download All with FlashGet - c:\program files (x86)\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files (x86)\FlashGet\jc_link.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 64.71.255.198
FF - ProfilePath - c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\wqcsu8ob.default\
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\xampp\filezillaftp\filezillaserver.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\xampp\mysql\bin\mysqld.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
.
**************************************************************************
.
Completion time: 2011-11-23 12:51:46 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-23 17:51
ComboFix2.txt 2011-11-18 20:15
.
Pre-Run: 454,687,150,080 bytes free
Post-Run: 454,436,225,024 bytes free
.
- - End Of File - - EFF4783842D63A259C2E7A15319BCC83
working on losing my belly fat :D

#6 etoilethay

etoilethay
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 23 November 2011 - 02:53 PM

Ok I reboot and explorer started working.I re-installed chrome, but I lost my bookmarks.Is there a way to get my bookmarks back?
I am not getting redirected with google search. seems to be working fine.
Thanks for the help
working on losing my belly fat :D

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:55 PM

Posted 24 November 2011 - 12:30 AM

Greetings

Good That cleaned up some bad guys but I see some other stuff that we need to go after, so I want you to run this custom script for me.


Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer




:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::


Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 etoilethay

etoilethay
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 24 November 2011 - 06:51 PM

Thanks,
I was researching something just a short time ago and then something started downloading from chrome page. the browser was directed to a funny page. I hit go back button. Google search was fine again.

Now I ran the combofix again . It gave me a message that my recyclebin was corrupted. I emptied it and this is the log:

ComboFix 11-11-24.01 - Acer 11/24/2011 18:33:49.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3893.2549 [GMT -5:00]
Running from: c:\users\Acer\Desktop\ComboFix.exe
Command switches used :: c:\users\Acer\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-10-24 to 2011-11-24 )))))))))))))))))))))))))))))))
.
.
2011-11-24 23:38 . 2011-11-24 23:38 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{763C6377-A371-484B-A8F8-FDCD3BE1F4B3}\offreg.dll
2011-11-24 23:37 . 2011-11-24 23:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-24 02:26 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{763C6377-A371-484B-A8F8-FDCD3BE1F4B3}\mpengine.dll
2011-11-23 20:51 . 2011-11-23 20:51 -------- d-----w- c:\program files (x86)\Nuance
2011-11-20 02:55 . 2011-08-31 22:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-18 18:38 . 2011-11-20 02:55 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-11-18 15:23 . 2011-11-18 17:59 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-11-18 14:59 . 2011-11-18 14:59 25160 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-11-18 14:58 . 2011-11-18 14:58 -------- d-----w- c:\programdata\Hitman Pro
2011-11-18 13:41 . 2011-11-18 13:41 -------- d-----w- c:\users\Acer\AppData\Roaming\Malwarebytes
2011-11-18 13:40 . 2011-11-18 13:40 -------- d-----w- c:\programdata\Malwarebytes
2011-11-18 13:22 . 2011-11-18 17:43 -------- d-----w- c:\users\Acer\AppData\Roaming\Sammsoft
2011-11-18 04:12 . 2011-11-18 04:12 -------- d-----w- c:\program files (x86)\CCleaner
2011-11-17 16:14 . 2011-11-17 16:14 -------- d-----w- c:\program files (x86)\Market Samurai
2011-11-10 19:49 . 2011-11-18 18:12 -------- d-----w- c:\users\Acer\AppData\Local\ElevatedDiagnostics
2011-11-10 16:35 . 2011-11-10 16:35 -------- d-----w- c:\program files\Microsoft Synchronization Services
2011-11-10 16:35 . 2011-11-10 16:35 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-11-10 16:35 . 2011-11-10 16:35 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2011-11-10 16:35 . 2011-11-10 16:35 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-11-10 16:34 . 2011-11-10 16:34 -------- d-----w- c:\program files (x86)\Microsoft WSE
2011-11-09 13:23 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-09 13:23 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-09 13:23 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 13:22 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys
2011-11-09 02:08 . 2011-11-09 02:08 -------- d-----w- c:\programdata\IsolatedStorage
2011-11-07 16:47 . 2011-11-07 16:47 -------- d-----w- c:\windows\system32\Macromed
2011-11-07 15:03 . 2011-11-07 15:03 -------- d-----w- c:\windows\system32\appmgmt
2011-11-02 19:32 . 2011-11-03 20:39 2110656 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2011-11-02 19:26 . 2011-11-07 15:12 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0
2011-10-31 14:39 . 2011-10-31 14:39 -------- d-----w- c:\users\Acer\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-10-30 02:56 . 2011-10-30 02:56 -------- d-----w- c:\users\Acer\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
2011-10-27 00:50 . 2011-10-27 00:52 -------- d-----w- c:\program files (x86)\Photo Frame Genius
2011-10-27 00:41 . 2011-10-27 00:42 -------- d-----w- c:\program files (x86)\FramePhotoEditor
2011-10-26 23:28 . 2011-10-26 23:28 -------- d-----w- c:\users\Acer\PhotoFrame Logs
2011-10-26 23:25 . 2011-10-26 23:28 -------- d-----w- c:\users\Acer\AppData\Roaming\onOne Software
2011-10-26 23:24 . 2011-10-26 23:24 -------- d-----w- c:\programdata\onOne Software
2011-10-26 23:24 . 2011-10-26 23:24 -------- d-----w- c:\program files (x86)\onOne Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-15 14:14 . 2011-10-18 19:45 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-18 14:35 . 2007-11-14 15:13 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-10-18 14:35 . 2007-11-14 15:13 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-10-11 19:14 . 2011-10-11 19:14 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E36307D5-F51C-46B5-8E58-545E34C448AF}\gapaengine.dll
2011-10-07 04:16 . 2011-10-04 23:25 8570192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-10-04 23:03 . 2011-10-04 23:03 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-10-04 23:03 . 2011-10-04 23:03 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-10-04 23:03 . 2011-10-04 23:03 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-10-04 23:03 . 2011-10-04 23:03 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-10-04 23:03 . 2011-10-04 23:03 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-10-04 23:03 . 2011-10-04 23:03 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-10-04 23:03 . 2011-10-04 23:03 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-10-04 23:03 . 2011-10-04 23:03 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-10-04 23:03 . 2011-10-04 23:03 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-10-04 23:03 . 2011-10-04 23:03 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-10-04 23:03 . 2011-10-04 23:03 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-10-04 23:03 . 2011-10-04 23:03 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-10-04 23:03 . 2011-10-04 23:03 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-10-04 23:03 . 2011-10-04 23:03 448512 ----a-w- c:\windows\system32\html.iec
2011-10-04 23:03 . 2011-10-04 23:03 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-10-04 23:03 . 2011-10-04 23:03 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-10-04 23:03 . 2011-10-04 23:03 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-10-04 23:03 . 2011-10-04 23:03 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-10-04 23:03 . 2011-10-04 23:03 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-10-04 23:03 . 2011-10-04 23:03 222208 ----a-w- c:\windows\system32\msls31.dll
2011-10-04 23:03 . 2011-10-04 23:03 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-10-04 23:03 . 2011-10-04 23:03 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-10-04 23:03 . 2011-10-04 23:03 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-10-04 23:03 . 2011-10-04 23:03 160256 ----a-w- c:\windows\system32\wextract.exe
2011-10-04 23:03 . 2011-10-04 23:03 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-10-04 23:03 . 2011-10-04 23:03 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-10-04 23:03 . 2011-10-04 23:03 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-10-04 23:03 . 2011-10-04 23:03 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-10-04 23:03 . 2011-10-04 23:03 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-10-04 23:03 . 2011-10-04 23:03 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-10-04 23:03 . 2011-10-04 23:03 12288 ----a-w- c:\windows\system32\mshta.exe
2011-10-04 23:03 . 2011-10-04 23:03 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-10-04 23:03 . 2011-10-04 23:03 114176 ----a-w- c:\windows\system32\admparse.dll
2011-10-04 23:03 . 2011-10-04 23:03 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-10-04 23:03 . 2011-10-04 23:03 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-10-04 23:03 . 2011-10-04 23:03 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-10-03 16:12 . 2011-10-11 19:14 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2011-10-03 15:52 . 2011-10-03 15:52 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2011-10-03 15:52 . 2011-10-03 15:52 95544 ----a-w- c:\windows\system32\bcmwlcoi.dll
2011-10-03 15:52 . 2011-10-03 15:52 4720704 ----a-w- c:\windows\system32\drivers\BCMWL664.SYS
2011-10-03 15:52 . 2011-10-03 15:52 3905848 ----a-w- c:\windows\system32\bcmihvsrv64.dll
2011-10-03 15:52 . 2011-10-03 15:52 3571512 ----a-w- c:\windows\system32\bcmihvui64.dll
2011-09-21 13:00 . 2011-10-02 19:17 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D7F9540B-3D48-4943-8F2E-DB121FBBFFB2}\mpengine.dll
2011-09-01 05:24 . 2011-10-14 03:34 2309120 ----a-w- c:\windows\system32\jscript9.dll
2011-09-01 05:17 . 2011-10-14 03:34 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-09-01 05:12 . 2011-10-14 03:34 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-01 02:35 . 2011-10-14 03:34 1798144 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-09-01 02:28 . 2011-10-14 03:34 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-09-01 02:22 . 2011-10-14 03:34 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-08-27 05:37 . 2011-10-13 20:21 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-08-27 05:37 . 2011-10-13 20:21 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-08-27 04:26 . 2011-10-13 20:21 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-08-27 04:26 . 2011-10-13 20:21 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-11-23_17.48.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-21 03:09 . 2011-11-23 18:28 27066 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-11-23 18:28 33538 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-11-23 20:19 . 2011-11-23 20:38 62784 c:\windows\Installer\{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}\ARPPRODUCTICON.exe
+ 2011-10-02 19:08 . 2011-11-23 18:28 7704 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1917812455-3220424052-4218777028-1000_UserData.bin
+ 2011-11-24 23:38 . 2011-11-24 23:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-11-23 17:47 . 2011-11-23 17:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-11-24 23:38 . 2011-11-24 23:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-11-23 17:47 . 2011-11-23 17:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-10-03 22:37 . 2011-11-24 20:14 228884 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 02:36 . 2011-11-22 22:51 665294 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-11-24 03:24 665294 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-11-24 03:24 123698 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-11-22 22:51 123698 c:\windows\system32\perfc009.dat
- 2009-07-14 05:01 . 2011-11-23 17:47 473564 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-11-24 23:37 473564 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-10-05 03:10 . 2011-11-24 23:37 8775924 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1917812455-3220424052-4218777028-1000-8192.dat
+ 2011-10-05 03:10 . 2011-11-24 23:37 1391580 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1917812455-3220424052-4218777028-1000-12288.dat
- 2011-10-05 03:10 . 2011-11-18 17:49 1391580 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1917812455-3220424052-4218777028-1000-12288.dat
- 2011-10-13 02:21 . 2011-11-23 17:47 13928250 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1917812455-3220424052-4218777028-1000-4096.dat
+ 2011-10-13 02:21 . 2011-11-24 23:37 13928250 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1917812455-3220424052-4218777028-1000-4096.dat
+ 2011-11-23 20:18 . 2011-11-23 20:18 39749120 c:\windows\Installer\67211c.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2011-08-22 6276408]
"AdobeBridge"="" [BU]
"auditpol"="c:\users\Acer\AppData\Local\auditpol.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" [2011-10-18 273528]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [x]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys [x]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1917812455-3220424052-4218777028-1000Core.job
- c:\users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-03 23:06]
.
2011-11-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1917812455-3220424052-4218777028-1000UA.job
- c:\users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-03 23:06]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-22 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-22 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-22 411672]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://googl.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Download All with FlashGet - c:\program files (x86)\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files (x86)\FlashGet\jc_link.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 64.71.255.198
FF - ProfilePath - c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\wqcsu8ob.default\
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\xampp\filezillaftp\filezillaserver.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\xampp\mysql\bin\mysqld.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
.
**************************************************************************
.
Completion time: 2011-11-24 18:42:28 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-24 23:42
ComboFix2.txt 2011-11-23 17:51
ComboFix3.txt 2011-11-18 20:15
.
Pre-Run: 453,923,459,072 bytes free
Post-Run: 453,618,708,480 bytes free
.
- - End Of File - - 87F7932B1B36DB710768F3A14738A175
working on losing my belly fat :D

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:55 PM

Posted 24 November 2011 - 08:04 PM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 etoilethay

etoilethay
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 24 November 2011 - 09:15 PM

tdsskiller did not detect anything. Here is the log
21:12:22.0223 2660 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
21:12:22.0463 2660 ============================================================
21:12:22.0463 2660 Current date / time: 2011/11/24 21:12:22.0463
21:12:22.0463 2660 SystemInfo:
21:12:22.0463 2660
21:12:22.0463 2660 OS Version: 6.1.7601 ServicePack: 1.0
21:12:22.0463 2660 Product type: Workstation
21:12:22.0464 2660 ComputerName: ACER-PC
21:12:22.0464 2660 UserName: Acer
21:12:22.0464 2660 Windows directory: C:\Windows
21:12:22.0464 2660 System windows directory: C:\Windows
21:12:22.0464 2660 Running under WOW64
21:12:22.0464 2660 Processor architecture: Intel x64
21:12:22.0464 2660 Number of processors: 4
21:12:22.0464 2660 Page size: 0x1000
21:12:22.0464 2660 Boot type: Normal boot
21:12:22.0464 2660 ============================================================
21:12:22.0853 2660 Initialize success
21:12:25.0332 2124 ============================================================
21:12:25.0333 2124 Scan started
21:12:25.0333 2124 Mode: Manual;
21:12:25.0333 2124 ============================================================
21:12:25.0584 2124 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
21:12:25.0588 2124 1394ohci - ok
21:12:25.0684 2124 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys
21:12:25.0685 2124 Acceler - ok
21:12:25.0749 2124 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:12:25.0753 2124 ACPI - ok
21:12:25.0847 2124 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:12:25.0849 2124 AcpiPmi - ok
21:12:25.0992 2124 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
21:12:25.0999 2124 adp94xx - ok
21:12:26.0117 2124 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
21:12:26.0122 2124 adpahci - ok
21:12:26.0229 2124 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
21:12:26.0233 2124 adpu320 - ok
21:12:26.0358 2124 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
21:12:26.0365 2124 AFD - ok
21:12:26.0461 2124 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:12:26.0463 2124 agp440 - ok
21:12:26.0586 2124 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:12:26.0587 2124 aliide - ok
21:12:26.0698 2124 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:12:26.0700 2124 amdide - ok
21:12:26.0801 2124 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
21:12:26.0803 2124 AmdK8 - ok
21:12:26.0895 2124 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
21:12:26.0897 2124 AmdPPM - ok
21:12:26.0993 2124 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:12:26.0996 2124 amdsata - ok
21:12:27.0066 2124 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
21:12:27.0069 2124 amdsbs - ok
21:12:27.0154 2124 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:12:27.0155 2124 amdxata - ok
21:12:27.0216 2124 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:12:27.0218 2124 AppID - ok
21:12:27.0348 2124 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
21:12:27.0350 2124 arc - ok
21:12:27.0433 2124 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
21:12:27.0436 2124 arcsas - ok
21:12:27.0565 2124 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:12:27.0567 2124 AsyncMac - ok
21:12:27.0636 2124 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:12:27.0637 2124 atapi - ok
21:12:27.0765 2124 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
21:12:27.0772 2124 b06bdrv - ok
21:12:27.0905 2124 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:12:27.0910 2124 b57nd60a - ok
21:12:28.0121 2124 BCM43XX (85111026f1c5a1c4cce3697f0da7bc1a) C:\Windows\system32\DRIVERS\bcmwl664.sys
21:12:28.0142 2124 BCM43XX - ok
21:12:28.0269 2124 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:12:28.0270 2124 Beep - ok
21:12:28.0332 2124 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:12:28.0334 2124 blbdrive - ok
21:12:28.0369 2124 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:12:28.0371 2124 bowser - ok
21:12:28.0473 2124 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
21:12:28.0474 2124 BrFiltLo - ok
21:12:28.0501 2124 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
21:12:28.0502 2124 BrFiltUp - ok
21:12:28.0551 2124 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:12:28.0556 2124 Brserid - ok
21:12:28.0577 2124 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:12:28.0579 2124 BrSerWdm - ok
21:12:28.0604 2124 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:12:28.0606 2124 BrUsbMdm - ok
21:12:28.0616 2124 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:12:28.0618 2124 BrUsbSer - ok
21:12:28.0655 2124 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
21:12:28.0657 2124 BTHMODEM - ok
21:12:28.0698 2124 catchme - ok
21:12:28.0817 2124 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:12:28.0819 2124 cdfs - ok
21:12:28.0926 2124 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:12:28.0928 2124 cdrom - ok
21:12:29.0042 2124 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
21:12:29.0044 2124 circlass - ok
21:12:29.0084 2124 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:12:29.0094 2124 CLFS - ok
21:12:29.0258 2124 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:12:29.0260 2124 CmBatt - ok
21:12:29.0286 2124 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:12:29.0287 2124 cmdide - ok
21:12:29.0312 2124 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
21:12:29.0318 2124 CNG - ok
21:12:29.0468 2124 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:12:29.0469 2124 Compbatt - ok
21:12:29.0572 2124 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
21:12:29.0573 2124 CompositeBus - ok
21:12:29.0703 2124 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
21:12:29.0704 2124 crcdisk - ok
21:12:29.0843 2124 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
21:12:29.0851 2124 CSC - ok
21:12:29.0999 2124 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:12:30.0001 2124 DfsC - ok
21:12:30.0118 2124 DgiVecp (cfbb4907c7542180b5e0282301240006) C:\Windows\system32\Drivers\DgiVecp.sys
21:12:30.0142 2124 DgiVecp - ok
21:12:30.0223 2124 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:12:30.0225 2124 discache - ok
21:12:30.0353 2124 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
21:12:30.0354 2124 Disk - ok
21:12:30.0446 2124 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
21:12:30.0448 2124 dmvsc - ok
21:12:30.0588 2124 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:12:30.0590 2124 drmkaud - ok
21:12:30.0687 2124 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:12:30.0695 2124 DXGKrnl - ok
21:12:30.0827 2124 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
21:12:30.0920 2124 ebdrv - ok
21:12:31.0052 2124 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
21:12:31.0060 2124 elxstor - ok
21:12:31.0116 2124 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:12:31.0117 2124 ErrDev - ok
21:12:31.0156 2124 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:12:31.0160 2124 exfat - ok
21:12:31.0185 2124 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:12:31.0188 2124 fastfat - ok
21:12:31.0262 2124 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
21:12:31.0263 2124 fdc - ok
21:12:31.0325 2124 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:12:31.0327 2124 FileInfo - ok
21:12:31.0350 2124 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:12:31.0351 2124 Filetrace - ok
21:12:31.0398 2124 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
21:12:31.0400 2124 flpydisk - ok
21:12:31.0422 2124 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:12:31.0426 2124 FltMgr - ok
21:12:31.0511 2124 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:12:31.0513 2124 FsDepends - ok
21:12:31.0544 2124 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:12:31.0545 2124 Fs_Rec - ok
21:12:31.0596 2124 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:12:31.0599 2124 fvevol - ok
21:12:31.0628 2124 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
21:12:31.0630 2124 gagp30kx - ok
21:12:31.0648 2124 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:12:31.0650 2124 hcw85cir - ok
21:12:31.0695 2124 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:12:31.0700 2124 HdAudAddService - ok
21:12:31.0777 2124 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:12:31.0779 2124 HDAudBus - ok
21:12:31.0821 2124 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
21:12:31.0823 2124 HECIx64 - ok
21:12:31.0856 2124 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
21:12:31.0857 2124 HidBatt - ok
21:12:31.0877 2124 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
21:12:31.0879 2124 HidBth - ok
21:12:31.0934 2124 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
21:12:31.0936 2124 HidIr - ok
21:12:31.0994 2124 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:12:31.0996 2124 HidUsb - ok
21:12:32.0077 2124 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:12:32.0079 2124 HpSAMD - ok
21:12:32.0133 2124 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:12:32.0143 2124 HTTP - ok
21:12:32.0161 2124 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:12:32.0162 2124 hwpolicy - ok
21:12:32.0211 2124 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
21:12:32.0214 2124 i8042prt - ok
21:12:32.0250 2124 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
21:12:32.0254 2124 iaStor - ok
21:12:32.0380 2124 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:12:32.0387 2124 iaStorV - ok
21:12:32.0600 2124 igfx (6774873d05b53e2327b070bdfb6087bf) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:12:32.0783 2124 igfx - ok
21:12:32.0906 2124 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
21:12:32.0909 2124 iirsp - ok
21:12:32.0992 2124 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\DRIVERS\Impcd.sys
21:12:32.0995 2124 Impcd - ok
21:12:33.0092 2124 IntcDAud (da24c1f66ee1b5a92e045376d7a44b58) C:\Windows\system32\DRIVERS\IntcDAud.sys
21:12:33.0097 2124 IntcDAud - ok
21:12:33.0139 2124 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:12:33.0141 2124 intelide - ok
21:12:33.0181 2124 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:12:33.0182 2124 intelppm - ok
21:12:33.0277 2124 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:12:33.0279 2124 IpFilterDriver - ok
21:12:33.0368 2124 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:12:33.0371 2124 IPMIDRV - ok
21:12:33.0494 2124 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:12:33.0497 2124 IPNAT - ok
21:12:33.0565 2124 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:12:33.0566 2124 IRENUM - ok
21:12:33.0665 2124 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:12:33.0666 2124 isapnp - ok
21:12:33.0687 2124 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:12:33.0692 2124 iScsiPrt - ok
21:12:33.0819 2124 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:12:33.0820 2124 kbdclass - ok
21:12:33.0896 2124 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
21:12:33.0897 2124 kbdhid - ok
21:12:33.0941 2124 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
21:12:33.0943 2124 KSecDD - ok
21:12:33.0956 2124 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
21:12:33.0958 2124 KSecPkg - ok
21:12:34.0004 2124 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:12:34.0005 2124 ksthunk - ok
21:12:34.0122 2124 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:12:34.0124 2124 lltdio - ok
21:12:34.0280 2124 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
21:12:34.0282 2124 LSI_FC - ok
21:12:34.0313 2124 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
21:12:34.0315 2124 LSI_SAS - ok
21:12:34.0370 2124 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
21:12:34.0372 2124 LSI_SAS2 - ok
21:12:34.0435 2124 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
21:12:34.0438 2124 LSI_SCSI - ok
21:12:34.0506 2124 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:12:34.0509 2124 luafv - ok
21:12:34.0621 2124 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
21:12:34.0623 2124 megasas - ok
21:12:34.0700 2124 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
21:12:34.0705 2124 MegaSR - ok
21:12:34.0790 2124 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:12:34.0792 2124 Modem - ok
21:12:34.0882 2124 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:12:34.0883 2124 monitor - ok
21:12:34.0940 2124 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:12:34.0941 2124 mouclass - ok
21:12:35.0075 2124 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:12:35.0076 2124 mouhid - ok
21:12:35.0136 2124 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:12:35.0138 2124 mountmgr - ok
21:12:35.0224 2124 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
21:12:35.0226 2124 MpFilter - ok
21:12:35.0260 2124 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:12:35.0263 2124 mpio - ok
21:12:35.0389 2124 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
21:12:35.0390 2124 MpNWMon - ok
21:12:35.0449 2124 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:12:35.0451 2124 mpsdrv - ok
21:12:35.0532 2124 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:12:35.0536 2124 MRxDAV - ok
21:12:35.0576 2124 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:12:35.0579 2124 mrxsmb - ok
21:12:35.0721 2124 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:12:35.0725 2124 mrxsmb10 - ok
21:12:35.0776 2124 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:12:35.0778 2124 mrxsmb20 - ok
21:12:35.0819 2124 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:12:35.0820 2124 msahci - ok
21:12:35.0859 2124 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:12:35.0862 2124 msdsm - ok
21:12:35.0971 2124 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:12:35.0972 2124 Msfs - ok
21:12:36.0075 2124 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:12:36.0077 2124 mshidkmdf - ok
21:12:36.0120 2124 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:12:36.0121 2124 msisadrv - ok
21:12:36.0232 2124 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:12:36.0233 2124 MSKSSRV - ok
21:12:36.0400 2124 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:12:36.0402 2124 MSPCLOCK - ok
21:12:36.0518 2124 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:12:36.0520 2124 MSPQM - ok
21:12:36.0647 2124 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:12:36.0652 2124 MsRPC - ok
21:12:36.0755 2124 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
21:12:36.0756 2124 mssmbios - ok
21:12:36.0864 2124 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:12:36.0865 2124 MSTEE - ok
21:12:36.0935 2124 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
21:12:36.0937 2124 MTConfig - ok
21:12:37.0013 2124 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:12:37.0014 2124 Mup - ok
21:12:37.0198 2124 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:12:37.0203 2124 NativeWifiP - ok
21:12:37.0370 2124 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:12:37.0388 2124 NDIS - ok
21:12:37.0545 2124 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:12:37.0546 2124 NdisCap - ok
21:12:37.0654 2124 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:12:37.0655 2124 NdisTapi - ok
21:12:37.0790 2124 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:12:37.0792 2124 Ndisuio - ok
21:12:37.0817 2124 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:12:37.0820 2124 NdisWan - ok
21:12:37.0966 2124 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:12:37.0968 2124 NDProxy - ok
21:12:38.0091 2124 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:12:38.0093 2124 NetBIOS - ok
21:12:38.0149 2124 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:12:38.0153 2124 NetBT - ok
21:12:38.0345 2124 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
21:12:38.0347 2124 nfrd960 - ok
21:12:38.0414 2124 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:12:38.0415 2124 NisDrv - ok
21:12:38.0563 2124 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:12:38.0565 2124 Npfs - ok
21:12:38.0613 2124 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:12:38.0614 2124 nsiproxy - ok
21:12:38.0786 2124 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:12:38.0833 2124 Ntfs - ok
21:12:39.0001 2124 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:12:39.0002 2124 Null - ok
21:12:39.0133 2124 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:12:39.0137 2124 nvraid - ok
21:12:39.0290 2124 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:12:39.0293 2124 nvstor - ok
21:12:39.0467 2124 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:12:39.0470 2124 nv_agp - ok
21:12:39.0664 2124 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:12:39.0667 2124 ohci1394 - ok
21:12:39.0882 2124 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
21:12:39.0885 2124 Parport - ok
21:12:40.0046 2124 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:12:40.0047 2124 partmgr - ok
21:12:40.0217 2124 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:12:40.0220 2124 pci - ok
21:12:40.0391 2124 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:12:40.0392 2124 pciide - ok
21:12:40.0560 2124 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
21:12:40.0565 2124 pcmcia - ok
21:12:40.0720 2124 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:12:40.0722 2124 pcw - ok
21:12:40.0909 2124 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:12:40.0919 2124 PEAUTH - ok
21:12:41.0142 2124 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:12:41.0144 2124 PptpMiniport - ok
21:12:41.0300 2124 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
21:12:41.0302 2124 Processor - ok
21:12:41.0469 2124 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:12:41.0471 2124 Psched - ok
21:12:41.0670 2124 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
21:12:41.0715 2124 ql2300 - ok
21:12:41.0868 2124 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
21:12:41.0870 2124 ql40xx - ok
21:12:42.0017 2124 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:12:42.0019 2124 QWAVEdrv - ok
21:12:42.0111 2124 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:12:42.0112 2124 RasAcd - ok
21:12:42.0207 2124 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:12:42.0208 2124 RasAgileVpn - ok
21:12:42.0273 2124 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:12:42.0275 2124 Rasl2tp - ok
21:12:42.0418 2124 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:12:42.0420 2124 RasPppoe - ok
21:12:42.0491 2124 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:12:42.0493 2124 RasSstp - ok
21:12:42.0559 2124 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:12:42.0564 2124 rdbss - ok
21:12:42.0639 2124 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:12:42.0641 2124 rdpbus - ok
21:12:42.0715 2124 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:12:42.0716 2124 RDPCDD - ok
21:12:42.0832 2124 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
21:12:42.0836 2124 RDPDR - ok
21:12:42.0908 2124 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:12:42.0909 2124 RDPENCDD - ok
21:12:42.0961 2124 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:12:42.0963 2124 RDPREFMP - ok
21:12:42.0991 2124 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
21:12:42.0993 2124 RdpVideoMiniport - ok
21:12:43.0063 2124 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
21:12:43.0067 2124 RDPWD - ok
21:12:43.0210 2124 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:12:43.0213 2124 rdyboost - ok
21:12:43.0388 2124 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\Windows\system32\DRIVERS\rimspe64.sys
21:12:43.0390 2124 rimspci - ok
21:12:43.0449 2124 risdpcie (a6da2b0c8f5bb3f9f5423cff8d6a02d9) C:\Windows\system32\DRIVERS\risdpe64.sys
21:12:43.0451 2124 risdpcie - ok
21:12:43.0559 2124 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\Windows\system32\DRIVERS\rixdpe64.sys
21:12:43.0561 2124 rixdpcie - ok
21:12:43.0698 2124 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:12:43.0700 2124 rspndr - ok
21:12:43.0804 2124 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:12:43.0808 2124 RTL8167 - ok
21:12:43.0912 2124 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
21:12:43.0914 2124 s3cap - ok
21:12:44.0000 2124 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:12:44.0002 2124 sbp2port - ok
21:12:44.0124 2124 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:12:44.0125 2124 scfilter - ok
21:12:44.0290 2124 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
21:12:44.0293 2124 sdbus - ok
21:12:44.0397 2124 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:12:44.0398 2124 secdrv - ok
21:12:44.0534 2124 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
21:12:44.0536 2124 Serenum - ok
21:12:44.0690 2124 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
21:12:44.0693 2124 Serial - ok
21:12:44.0855 2124 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
21:12:44.0857 2124 sermouse - ok
21:12:45.0013 2124 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:12:45.0015 2124 sffdisk - ok
21:12:45.0155 2124 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:12:45.0157 2124 sffp_mmc - ok
21:12:45.0305 2124 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:12:45.0307 2124 sffp_sd - ok
21:12:45.0457 2124 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
21:12:45.0459 2124 sfloppy - ok
21:12:45.0630 2124 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
21:12:45.0632 2124 SiSRaid2 - ok
21:12:45.0780 2124 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
21:12:45.0783 2124 SiSRaid4 - ok
21:12:45.0930 2124 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:12:45.0933 2124 Smb - ok
21:12:46.0095 2124 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:12:46.0096 2124 spldr - ok
21:12:46.0259 2124 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:12:46.0266 2124 srv - ok
21:12:46.0442 2124 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:12:46.0448 2124 srv2 - ok
21:12:46.0602 2124 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:12:46.0605 2124 srvnet - ok
21:12:46.0778 2124 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys
21:12:46.0800 2124 SSPORT - ok
21:12:46.0957 2124 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
21:12:46.0958 2124 stdcfltn - ok
21:12:47.0123 2124 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
21:12:47.0124 2124 stexstor - ok
21:12:47.0290 2124 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
21:12:47.0291 2124 storflt - ok
21:12:47.0458 2124 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
21:12:47.0460 2124 storvsc - ok
21:12:47.0614 2124 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
21:12:47.0615 2124 swenum - ok
21:12:47.0826 2124 Synth3dVsc (c3a39c4079305480972d29c44b868c78) C:\Windows\system32\drivers\synth3dvsc.sys
21:12:47.0829 2124 Synth3dVsc - ok
21:12:48.0048 2124 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
21:12:48.0094 2124 Tcpip - ok
21:12:48.0306 2124 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
21:12:48.0323 2124 TCPIP6 - ok
21:12:48.0471 2124 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:12:48.0473 2124 tcpipreg - ok
21:12:48.0623 2124 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:12:48.0625 2124 TDPIPE - ok
21:12:48.0770 2124 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:12:48.0772 2124 TDTCP - ok
21:12:48.0923 2124 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:12:48.0925 2124 tdx - ok
21:12:49.0090 2124 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
21:12:49.0091 2124 TermDD - ok
21:12:49.0256 2124 terminpt (2b5bdff688ec9871d7ec5837833374e9) C:\Windows\system32\drivers\terminpt.sys
21:12:49.0258 2124 terminpt - ok
21:12:49.0460 2124 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:12:49.0462 2124 tssecsrv - ok
21:12:49.0608 2124 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:12:49.0610 2124 TsUsbFlt - ok
21:12:49.0694 2124 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
21:12:49.0696 2124 TsUsbGD - ok
21:12:49.0840 2124 tsusbhub (e1748d04ae40118b62bc18ac86032192) C:\Windows\system32\drivers\tsusbhub.sys
21:12:49.0843 2124 tsusbhub - ok
21:12:50.0015 2124 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:12:50.0017 2124 tunnel - ok
21:12:50.0173 2124 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
21:12:50.0175 2124 uagp35 - ok
21:12:50.0324 2124 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:12:50.0329 2124 udfs - ok
21:12:50.0505 2124 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:12:50.0507 2124 uliagpkx - ok
21:12:50.0656 2124 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
21:12:50.0658 2124 umbus - ok
21:12:50.0798 2124 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
21:12:50.0800 2124 UmPass - ok
21:12:50.0949 2124 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:12:50.0951 2124 usbccgp - ok
21:12:51.0065 2124 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:12:51.0068 2124 usbcir - ok
21:12:51.0215 2124 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
21:12:51.0217 2124 usbehci - ok
21:12:51.0323 2124 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:12:51.0329 2124 usbhub - ok
21:12:51.0446 2124 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:12:51.0448 2124 usbohci - ok
21:12:51.0599 2124 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:12:51.0600 2124 usbprint - ok
21:12:51.0751 2124 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:12:51.0753 2124 USBSTOR - ok
21:12:51.0847 2124 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:12:51.0848 2124 usbuhci - ok
21:12:51.0985 2124 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
21:12:51.0988 2124 usbvideo - ok
21:12:52.0145 2124 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:12:52.0146 2124 vdrvroot - ok
21:12:52.0312 2124 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:12:52.0314 2124 vga - ok
21:12:52.0473 2124 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:12:52.0474 2124 VgaSave - ok
21:12:52.0602 2124 VGPU - ok
21:12:52.0671 2124 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:12:52.0675 2124 vhdmp - ok
21:12:52.0815 2124 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:12:52.0817 2124 viaide - ok
21:12:52.0962 2124 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
21:12:52.0966 2124 vmbus - ok
21:12:53.0117 2124 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
21:12:53.0118 2124 VMBusHID - ok
21:12:53.0264 2124 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:12:53.0266 2124 volmgr - ok
21:12:53.0426 2124 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:12:53.0433 2124 volmgrx - ok
21:12:53.0617 2124 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:12:53.0621 2124 volsnap - ok
21:12:53.0776 2124 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
21:12:53.0779 2124 vsmraid - ok
21:12:53.0926 2124 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:12:53.0928 2124 vwifibus - ok
21:12:54.0076 2124 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:12:54.0078 2124 vwififlt - ok
21:12:54.0221 2124 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
21:12:54.0223 2124 WacomPen - ok
21:12:54.0388 2124 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:12:54.0390 2124 WANARP - ok
21:12:54.0402 2124 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:12:54.0404 2124 Wanarpv6 - ok
21:12:54.0563 2124 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
21:12:54.0564 2124 Wd - ok
21:12:54.0724 2124 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:12:54.0734 2124 Wdf01000 - ok
21:12:54.0910 2124 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:12:54.0911 2124 WfpLwf - ok
21:12:54.0975 2124 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:12:54.0976 2124 WIMMount - ok
21:12:55.0181 2124 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:12:55.0181 2124 WmiAcpi - ok
21:12:55.0353 2124 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:12:55.0355 2124 ws2ifsl - ok
21:12:55.0523 2124 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:12:55.0526 2124 WudfPf - ok
21:12:55.0603 2124 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:12:55.0607 2124 WUDFRd - ok
21:12:55.0686 2124 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:12:55.0700 2124 \Device\Harddisk0\DR0 - ok
21:12:55.0704 2124 Boot (0x1200) (2dc9705c8c17933cd0b05f2f49c6d215) \Device\Harddisk0\DR0\Partition0
21:12:55.0706 2124 \Device\Harddisk0\DR0\Partition0 - ok
21:12:55.0714 2124 Boot (0x1200) (e19f7274e76c0902b14fbf2df03bd763) \Device\Harddisk0\DR0\Partition1
21:12:55.0715 2124 \Device\Harddisk0\DR0\Partition1 - ok
21:12:55.0716 2124 ============================================================
21:12:55.0716 2124 Scan finished
21:12:55.0716 2124 ============================================================
21:12:55.0728 3812 Detected object count: 0
21:12:55.0729 3812 Actual detected object count: 0
21:13:45.0391 4500 Deinitialize success
working on losing my belly fat :D

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:55 PM

Posted 24 November 2011 - 09:21 PM

Hello

This is the tool I would like you to try and run next.

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.



Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 etoilethay

etoilethay
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 24 November 2011 - 09:45 PM

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-11-24 21:41:48
-----------------------------
21:41:48.231 OS Version: Windows x64 6.1.7601 Service Pack 1
21:41:48.231 Number of processors: 4 586 0x2502
21:41:48.232 ComputerName: ACER-PC UserName: Acer
21:41:49.301 Initialize success
21:42:27.453 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:42:27.457 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
21:42:27.496 Disk 0 MBR read successfully
21:42:27.500 Disk 0 MBR scan
21:42:27.504 Disk 0 Windows 7 default MBR code
21:42:27.509 Service scanning
21:42:27.977 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
21:42:28.556 Modules scanning
21:42:28.562 Disk 0 trace - called modules:
21:42:28.570 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys iaStor.sys hal.dll
21:42:28.577 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c29060]
21:42:28.582 3 CLASSPNP.SYS[fffff88001bc843f] -> nt!IofCallDriver -> [0xfffffa8004ab0cb0]
21:42:28.588 5 stdcfltn.sys[fffff88001b12c52] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004938050]
21:42:28.595 Scan finished successfully
21:44:16.440 Disk 0 MBR has been saved successfully to "C:\Users\Acer\Desktop\MBR.dat"
21:44:16.446 The log file has been saved successfully to "C:\Users\Acer\Desktop\aswMBR.txt"
working on losing my belly fat :D

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:55 PM

Posted 24 November 2011 - 09:57 PM

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 etoilethay

etoilethay
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:55 PM

Posted 24 November 2011 - 10:25 PM

Thankx

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by SYSTEM at 2011-11-24 22:19:17
Running from F:\
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [166424 2010-03-22] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [391192 2010-03-22] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [411672 2010-03-22] (Intel Corporation)
HKLM\...\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1436736 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2010-03-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [31072 2008-10-25] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [273528 2011-10-18] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [406992 2010-02-22] (Adobe Systems Incorporated)
HKU\Acer\...\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet [6276408 2011-08-21] (Yahoo! Inc.)
HKU\Acer\...\Run: [AdobeBridge] [x]
HKU\Acer\...\Run: [auditpol] C:\Users\Acer\AppData\Local\auditpol.exe [x]
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 64.71.255.198

==================== Services (Whitelisted) ======

2 IAStorDataMgrSvc; "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" [13336 2010-03-03] (Intel Corporation)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 Microsoft Office Groove Audit Service; "C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe" [65888 2008-10-25] (Microsoft Corporation)
2 FileZilla Server; "c:\xampp\filezillaftp\filezillaserver.exe" [x]
2 MsMpSvc; "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [x]
2 mysql; c:\xampp\mysql\bin\mysqld.exe --defaults-file=c:\xampp\mysql\bin\my.ini mysql [x]
3 NisSrv; "c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe" [x]

========================== Drivers (Whitelisted) =============

2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [54072 2006-11-14] (Samsung Electronics)
3 dmvsc; C:\Windows\System32\drivers\dmvsc.sys [71168 2010-11-20] (Microsoft Corporation)
2 SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [11576 2006-11-14] (Samsung Electronics)
3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [88960 2010-11-20] (Microsoft Corporation)
3 terminpt; C:\Windows\System32\drivers\terminpt.sys [34816 2010-11-20] (Microsoft Corporation)
3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [31232 2010-11-20] (Microsoft Corporation)
3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [117248 2010-11-20] (Microsoft Corporation)
3 catchme; \??\C:\ComboFix\catchme.sys [x]
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-24 22:19 - 2011-11-24 22:19 - 0000000 ____D C:\FRST
2011-11-24 18:59 - 2011-11-24 18:59 - 0463080 ____A (CNET Download.com) C:\Users\Acer\Downloads\cnet_SpinnerChief_zip(1).exe
2011-11-24 18:58 - 2011-11-24 19:12 - 13935475 ____A C:\Users\Acer\Downloads\SpinnerChief.zip
2011-11-24 18:57 - 2011-11-24 18:57 - 0463080 ____A (CNET Download.com) C:\Users\Acer\Desktop\cnet_SpinnerChief_zip.exe
2011-11-24 18:44 - 2011-11-24 18:44 - 0001439 ____A C:\Users\Acer\Desktop\aswMBR.txt
2011-11-24 18:44 - 2011-11-24 18:44 - 0000512 ____A C:\Users\Acer\Desktop\MBR.dat
2011-11-24 18:40 - 2011-11-24 18:41 - 1916416 ____A (AVAST Software) C:\Users\Acer\Desktop\aswMBR.exe
2011-11-24 18:12 - 2011-11-24 18:13 - 0078134 ____A C:\TDSSKiller.2.6.21.0_24.11.2011_21.12.22_log.txt
2011-11-24 18:11 - 2011-11-24 18:11 - 1547774 ____A C:\Users\Acer\Downloads\tdsskiller (1).zip
2011-11-24 18:11 - 2011-11-24 18:11 - 0000348 ____A C:\TDSSKiller.2.6.19.0_24.11.2011_21.11.24_log.txt
2011-11-24 18:05 - 2011-11-24 18:11 - 0001892 ____A C:\TDSSKiller.2.6.19.0_24.11.2011_21.05.55_log.txt
2011-11-24 18:05 - 2011-11-24 18:05 - 1547774 ____A C:\Users\Acer\Downloads\tdsskiller.zip
2011-11-24 18:05 - 2011-11-24 18:05 - 0000348 ____A C:\TDSSKiller.2.6.19.0_24.11.2011_21.05.29_log.txt
2011-11-24 15:44 - 2011-11-24 15:44 - 0000000 __SHD C:\$RECYCLE.BIN
2011-11-24 15:42 - 2011-11-24 15:42 - 0023494 ____A C:\ComboFix.txt
2011-11-23 20:03 - 2011-11-23 20:03 - 0027303 ____A C:\Users\Acer\Downloads\Nuance_Dragon_NaturallySpeaking_11.5_Premium_(English).6817003.TPB (7).torrent
2011-11-23 19:36 - 2011-11-23 19:36 - 0002920 ____A C:\Users\Acer\Downloads\Dragon_Naturally_speaking_v11_Premium_Only_Crack_Files___error_f.5919804.TPB.torrent
2011-11-23 18:18 - 2011-11-23 18:26 - 209715200 ____A C:\Users\Acer\Downloads\Dragon Naturally Speaking 10.10 [www.Net4Download.com].part1.rar
2011-11-23 18:17 - 2011-11-23 18:25 - 209715200 ____A C:\Users\Acer\Downloads\Dragon Naturally Speaking 10.10 [www.Net4Download.com].part2.rar
2011-11-23 15:57 - 2011-11-23 16:14 - 209715200 ____A C:\Users\Acer\Downloads\Dragon Naturally Speaking 10.10 [www.Net4Download.com].part4.rar
2011-11-23 15:57 - 2011-11-23 16:13 - 209715200 ____A C:\Users\Acer\Downloads\Dragon Naturally Speaking 10.10 [www.Net4Download.com].part5.rar
2011-11-23 15:57 - 2011-11-23 16:13 - 209715200 ____A C:\Users\Acer\Downloads\Dragon Naturally Speaking 10.10 [www.Net4Download.com].part3.rar
2011-11-23 15:56 - 2011-11-23 16:12 - 209715200 ____A C:\Users\Acer\Downloads\Dragon Naturally Speaking 10.10 [www.Net4Download.com].part6.rar
2011-11-23 15:54 - 2011-11-23 16:06 - 124608126 ____A C:\Users\Acer\Downloads\Dragon Naturally Speaking 10.10 [www.Net4Download.com].part7.rar
2011-11-23 14:53 - 2011-11-23 14:53 - 0027303 ____A C:\Users\Acer\Downloads\Nuance_Dragon_NaturallySpeaking_11.5_Premium_(English).6817003.TPB (6).torrent
2011-11-23 13:40 - 2011-11-23 13:40 - 0027303 ____A C:\Users\Acer\Downloads\Nuance_Dragon_NaturallySpeaking_11.5_Premium_(English).6817003.TPB (5).torrent
2011-11-23 13:30 - 2011-11-23 13:30 - 0027303 ____A C:\Users\Acer\Downloads\Nuance_Dragon_NaturallySpeaking_11.5_Premium_(English).6817003.TPB (4).torrent
2011-11-23 13:20 - 2011-11-23 13:20 - 0027303 ____A C:\Users\Acer\Downloads\Nuance_Dragon_NaturallySpeaking_11.5_Premium_(English).6817003.TPB (3).torrent
2011-11-23 13:01 - 2011-11-23 13:01 - 0017179 ____A C:\Users\Acer\Downloads\Dragon_Naturally_Speaking_10_Preferred.4590007.TPB.torrent
2011-11-23 12:51 - 2011-11-23 12:51 - 0000000 ____D C:\Program Files (x86)\Nuance
2011-11-23 12:35 - 2011-11-23 12:35 - 0001011 ____A C:\Users\Acer\Desktop\FlashGet.lnk
2011-11-23 12:33 - 2011-11-23 12:34 - 4653240 ____A C:\Users\Acer\Downloads\flashget196en.exe
2011-11-23 12:31 - 2011-11-23 12:31 - 0027303 ____A C:\Users\Acer\Downloads\Nuance_Dragon_NaturallySpeaking_11.5_Premium_(English).6817003.TPB (2).torrent
2011-11-23 12:14 - 2011-11-23 12:14 - 0027303 ____A C:\Users\Acer\Downloads\Nuance_Dragon_NaturallySpeaking_11.5_Premium_(English).6817003.TPB (1).torrent
2011-11-23 12:10 - 2011-11-23 12:10 - 0017373 ____A C:\Users\Acer\Downloads\Dragon_Naturally_Speaking_V10_Preferred___serial_key.4480581.TPB (6).torrent
2011-11-23 12:09 - 2011-11-23 12:09 - 0017373 ____A C:\Users\Acer\Downloads\Dragon_Naturally_Speaking_V10_Preferred___serial_key.4480581.TPB (5).torrent
2011-11-23 12:05 - 2011-11-23 12:05 - 0023009 ____A C:\Users\Acer\Downloads\[isoHunt] Dragon NaturallySpeaking v11 Retail (1).torrent
2011-11-23 12:04 - 2011-11-23 12:04 - 0023009 ____A C:\Users\Acer\Downloads\[isoHunt] Dragon NaturallySpeaking v11 Retail.torrent
2011-11-23 12:01 - 2011-11-23 12:01 - 0017373 ____A C:\Users\Acer\Downloads\Dragon_Naturally_Speaking_V10_Preferred___serial_key.4480581.TPB (4).torrent
2011-11-23 11:59 - 2011-11-23 11:59 - 0017373 ____A C:\Users\Acer\Downloads\Dragon_Naturally_Speaking_V10_Preferred___serial_key.4480581.TPB (3).torrent
2011-11-23 11:58 - 2011-11-23 11:58 - 0017373 ____A C:\Users\Acer\Downloads\Dragon_Naturally_Speaking_V10_Preferred___serial_key.4480581.TPB (2).torrent
2011-11-23 11:56 - 2011-11-23 11:56 - 0017373 ____A C:\Users\Acer\Downloads\Dragon_Naturally_Speaking_V10_Preferred___serial_key.4480581.TPB (1).torrent
2011-11-23 11:49 - 2011-11-23 11:49 - 0017373 ____A C:\Users\Acer\Downloads\Dragon_Naturally_Speaking_V10_Preferred___serial_key.4480581.TPB.torrent
2011-11-23 09:43 - 2011-06-25 22:45 - 0256000 ____A C:\Windows\PEV.exe
2011-11-23 09:43 - 2009-04-19 20:56 - 0060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2011-11-23 09:43 - 2000-08-30 16:00 - 0518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2011-11-23 09:43 - 2000-08-30 16:00 - 0406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2011-11-23 09:43 - 2000-08-30 16:00 - 0098816 ____A C:\Windows\sed.exe
2011-11-23 09:43 - 2000-08-30 16:00 - 0080412 ____A C:\Windows\grep.exe
2011-11-23 09:43 - 2000-08-30 16:00 - 0068096 ____A C:\Windows\zip.exe
2011-11-23 09:41 - 2011-11-24 15:32 - 4306729 ____R (Swearware) C:\Users\Acer\Desktop\ComboFix.exe
2011-11-23 09:40 - 2011-11-23 09:40 - 4306335 ____A (Swearware) C:\Users\Acer\Downloads\ComboFix.exe
2011-11-23 05:58 - 2011-11-23 05:58 - 0607260 ____A (Swearware) C:\Users\Acer\Downloads\dds.scr
2011-11-23 05:54 - 2011-11-23 05:54 - 0050477 ____A C:\Users\Acer\Downloads\Defogger.exe
2011-11-23 05:54 - 2011-11-23 05:54 - 0050477 ____A C:\Users\Acer\Desktop\Defogger.exe
2011-11-19 19:15 - 2011-07-16 19:21 - 0302592 ____A C:\Users\Acer\Desktop\gmer.exe
2011-11-19 19:14 - 2011-11-19 19:14 - 0294216 ____A C:\Users\Acer\Desktop\gmer.zip
2011-11-19 19:05 - 2011-11-19 19:05 - 0011346 ____A C:\Users\Acer\Desktop\Attach.txt
2011-11-19 19:05 - 2011-11-19 19:05 - 0003355 ____A C:\Users\Acer\Desktop\Attach.zip
2011-11-19 19:04 - 2011-11-23 09:41 - 0018527 ____A C:\Users\Acer\Desktop\DDS.txt
2011-11-19 19:02 - 2011-11-23 05:58 - 0607260 ____R (Swearware) C:\Users\Acer\Desktop\dds.scr
2011-11-19 19:00 - 2011-11-19 19:00 - 0000000 ____A C:\Users\Acer\defogger_reenable
2011-11-19 18:55 - 2011-11-19 18:55 - 0001113 ____A C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
2011-11-19 18:55 - 2011-08-31 14:00 - 0025416 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2011-11-19 18:48 - 2011-11-19 18:48 - 0078672 ____A C:\TDSSKiller.2.6.19.0_19.11.2011_21.48.12_log.txt
2011-11-19 18:43 - 2011-11-24 09:33 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Acer\Desktop\TDSSKiller.exe
2011-11-19 18:43 - 2011-11-18 10:27 - 9851496 ____A (Malwarebytes Corporation ) C:\Users\Acer\Desktop\mbam-setup.exe
2011-11-19 18:43 - 2011-11-18 10:07 - 13222480 ____A (SUPERAntiSpyware.com) C:\Users\Acer\Desktop\SUPERAntiSpyware.exe
2011-11-19 18:43 - 2011-11-18 09:57 - 1008092 ____A C:\Users\Acer\Desktop\rkill.scr
2011-11-19 18:43 - 2011-11-18 09:52 - 0000335 ____A C:\Users\Acer\Desktop\FixExe.reg
2011-11-18 13:59 - 2011-11-18 13:59 - 0021391 ____A C:\Users\Acer\combofix.txt
2011-11-18 12:05 - 2011-11-23 09:50 - 0000000 ____D C:\Windows\ERDNT
2011-11-18 12:05 - 2010-11-07 09:20 - 0208896 ____A C:\Windows\MBR.exe
2011-11-18 12:04 - 2011-11-24 15:42 - 0000000 ____D C:\Qoobox
2011-11-18 11:25 - 2011-11-18 11:26 - 0078090 ____A C:\TDSSKiller.2.6.19.0_18.11.2011_14.25.51_log.txt
2011-11-18 10:38 - 2011-11-19 18:55 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-18 10:31 - 2011-11-18 10:32 - 0078090 ____A C:\TDSSKiller.2.6.19.0_18.11.2011_13.31.44_log.txt
2011-11-18 10:30 - 2011-11-18 10:31 - 0078090 ____A C:\TDSSKiller.2.6.19.0_18.11.2011_13.30.24_log.txt
2011-11-18 10:08 - 2011-11-19 18:47 - 0002048 ____A C:\Uninstall.dat
2011-11-18 10:06 - 2011-11-19 18:45 - 0000542 ____A C:\rkill.log
2011-11-18 07:23 - 2011-11-18 09:59 - 0000000 ____D C:\Users\All Users\Spybot - Search & Destroy
2011-11-18 07:23 - 2011-11-18 09:59 - 0000000 ____D C:\ProgramData\Spybot - Search & Destroy
2011-11-18 06:59 - 2011-11-18 06:59 - 0025160 ____A C:\Windows\System32\Drivers\hitmanpro35.sys
2011-11-18 06:58 - 2011-11-18 06:58 - 0000000 ____D C:\Users\All Users\Hitman Pro
2011-11-18 06:58 - 2011-11-18 06:58 - 0000000 ____D C:\ProgramData\Hitman Pro
2011-11-18 05:57 - 2011-11-18 05:57 - 0000733 ____A C:\Users\Acer\Downloads\image001.gif
2011-11-18 05:41 - 2011-11-18 05:41 - 0000000 ____D C:\Users\Acer\AppData\Roaming\Malwarebytes
2011-11-18 05:40 - 2011-11-18 05:40 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-11-18 05:40 - 2011-11-18 05:40 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-11-18 05:22 - 2011-11-18 09:43 - 0000000 ____D C:\Users\Acer\AppData\Roaming\Sammsoft
2011-11-18 05:19 - 2011-11-18 05:20 - 6639632 ____A (Support.com ) C:\Users\Acer\Downloads\ARO2011_bt.exe
2011-11-17 20:12 - 2011-11-17 20:12 - 0001889 ____A C:\Users\Acer\Desktop\CCleaner.lnk
2011-11-17 20:12 - 2011-11-17 20:12 - 0000000 ____D C:\Program Files (x86)\CCleaner
2011-11-17 20:08 - 2011-11-17 20:08 - 0347920 ____A (Microsoft Corporation) C:\Users\Acer\Downloads\MicrosoftFixit.ProgramInstallUninstall.Run.exe
2011-11-17 20:02 - 2011-11-17 20:03 - 2686709 ____A C:\Users\Acer\Downloads\CCleaner.zip
2011-11-17 16:53 - 2011-11-17 16:53 - 0306711 ____A C:\Users\Acer\Downloads\Attachments_2011_11_17.zip
2011-11-17 16:52 - 2011-11-17 16:52 - 0333030 ____A C:\Users\Acer\Downloads\November 15, 2011 RE- MicroSkills and A. Alhashimi.pdf
2011-11-17 15:20 - 2011-11-17 15:20 - 0027303 ____A C:\Users\Acer\Downloads\Nuance_Dragon_NaturallySpeaking_11.5_Premium_(English).6817003.TPB.torrent
2011-11-17 14:44 - 2011-11-17 14:44 - 0010857 ____A C:\Users\Acer\Downloads\Dragon_NaturallySpeaking_11.5_Service_Pack.6640002.TPB.torrent
2011-11-17 11:58 - 2011-11-18 07:11 - 0012409 ____A C:\Users\Acer\Documents\petition.docx
2011-11-17 11:13 - 2011-11-17 11:13 - 0473625 ____A C:\Users\Acer\Downloads\scan0001.jpg
2011-11-17 11:13 - 2011-11-17 11:13 - 0011597 ____A C:\Users\Acer\Documents\sample of exam.docx
2011-11-17 09:45 - 2011-11-17 10:12 - 1031168 ____A C:\Users\Acer\Documents\blood pressure monitor.msam
2011-11-17 08:15 - 2011-11-17 09:45 - 1645568 ____A C:\Users\Acer\Documents\blood pressure.msam
2011-11-17 08:14 - 2011-11-17 08:14 - 0000931 ____A C:\Users\Public\Desktop\Market Samurai.lnk
2011-11-17 08:14 - 2011-11-17 08:14 - 0000000 ____D C:\Program Files (x86)\Market Samurai
2011-11-16 16:11 - 2011-11-16 16:11 - 0306711 ____A C:\Users\Acer\Downloads\Attachments_2011_11_16 (1).zip
2011-11-16 05:53 - 2011-11-16 05:53 - 0306711 ____A C:\Users\Acer\Downloads\Attachments_2011_11_16.zip
2011-11-14 15:44 - 2011-11-14 16:11 - 0000000 ____D C:\Users\Acer\Desktop\sl2
2011-11-12 18:21 - 2011-11-12 18:21 - 0099774 ____A C:\Users\Acer\Downloads\WPRobot300.zip
2011-11-12 08:04 - 2011-11-12 08:04 - 0022483 ____A C:\Users\Acer\Desktop\download.htm
2011-11-12 07:50 - 2011-11-12 07:50 - 0024316 ____A C:\Users\Acer\Downloads\TurbulenceT3_Flat.jpg
2011-11-12 07:25 - 2011-11-12 07:25 - 0012046 ____A C:\Users\Acer\Desktop\mm_prod_icons3.jpg
2011-11-10 12:39 - 2011-11-10 14:45 - 0022528 ____A C:\Users\Acer\Downloads\alerts (Autosaved).xls
2011-11-10 11:49 - 2011-11-18 10:12 - 0000000 ____D C:\Users\Acer\AppData\Local\ElevatedDiagnostics
2011-11-10 10:52 - 2011-11-10 10:52 - 0000737 ____A C:\Users\Acer\Desktop\feeds.php
2011-11-10 10:43 - 2011-11-10 10:48 - 136623313 ____A C:\Users\Acer\Downloads\BHT (Easy Paycheck Formula).rar
2011-11-10 10:35 - 2011-11-10 10:37 - 57890524 ____A C:\Users\Acer\Downloads\Bonuses1.zip
2011-11-10 10:34 - 2011-11-10 10:36 - 55794792 ____A C:\Users\Acer\Downloads\Videos 6-10.zip
2011-11-10 10:33 - 2011-11-10 10:33 - 6226158 ____A C:\Users\Acer\Downloads\PDF and Plugins.zip
2011-11-10 10:33 - 2011-11-10 10:33 - 0000152 ____A C:\Users\Acer\Downloads\New Internet Shortcut (120).url
2011-11-10 10:33 - 2011-11-10 10:33 - 0000128 ____A C:\Users\Acer\Downloads\Free File Hosting Made Simple - MediaFire.URL
2011-11-10 08:35 - 2011-11-10 08:35 - 0000000 ____D C:\Program Files\Microsoft Synchronization Services
2011-11-10 08:35 - 2011-11-10 08:35 - 0000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2011-11-10 08:35 - 2011-11-10 08:35 - 0000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2011-11-10 08:35 - 2011-11-10 08:35 - 0000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-11-10 08:34 - 2011-11-10 08:34 - 0000000 ____D C:\Program Files (x86)\Microsoft WSE
2011-11-10 06:37 - 2011-11-10 06:37 - 0736905 ____A C:\Users\Acer\Downloads\snapshot.zip
2011-11-10 06:07 - 2011-11-10 06:07 - 0000000 ____D C:\Users\Acer\Downloads\flexsqueeze150
2011-11-09 21:35 - 2011-11-09 21:35 - 0003147 ____A C:\Users\Acer\Downloads\six pack abs jeb nov 11 (2).rtf
2011-11-09 20:58 - 2011-11-09 20:58 - 0001493 ____A C:\Users\Acer\Downloads\w003_hot_cook.txt
2011-11-09 19:40 - 2011-11-09 19:40 - 12034458 ____A C:\Users\Acer\Downloads\flexsqueeze150.zip
2011-11-09 12:59 - 2011-11-09 12:59 - 1959841 ____A C:\Users\Acer\Downloads\WP-Amazing (1).zip
2011-11-09 12:41 - 2011-11-14 11:22 - 0000000 ____D C:\Users\Acer\Desktop\amazon
2011-11-09 12:40 - 2011-11-09 12:40 - 0233752 ____A C:\Users\Acer\Downloads\wp-pagenavi.2.81.zip
2011-11-09 11:37 - 2011-11-09 11:37 - 3187626 ____A C:\Users\Acer\Downloads\theme003.zip
2011-11-09 11:11 - 2011-11-09 11:11 - 0008887 ____A C:\Users\Acer\Downloads\Analytics_self emp_20111009-20111108_(TrafficSourcesReport).pdf
2011-11-09 06:36 - 2011-11-09 06:36 - 0019160 ____A C:\Users\Acer\Downloads\dietsolution_thumbnail.jpg
2011-11-09 06:02 - 2011-11-09 06:02 - 0784794 ____A C:\Users\Acer\Desktop\Theme.zip
2011-11-09 05:41 - 2011-04-24 21:48 - 0000000 ____D C:\Users\Acer\Desktop\Theme
2011-11-09 05:23 - 2011-09-29 08:29 - 1923952 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-11-09 05:22 - 2011-09-28 20:03 - 3144704 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-08 18:08 - 2011-11-08 18:08 - 0000000 ____D C:\Users\All Users\IsolatedStorage
2011-11-08 18:08 - 2011-11-08 18:08 - 0000000 ____D C:\ProgramData\IsolatedStorage
2011-11-08 15:22 - 2011-11-08 15:22 - 7053984 ____A C:\Users\Acer\Downloads\InReviewTheme.zip
2011-11-08 15:17 - 2011-11-08 15:18 - 0311421 ____A (http://vgrabber.org) C:\Users\Acer\Downloads\setup.exe
2011-11-08 10:20 - 2011-11-08 10:20 - 0001094 ____A C:\Users\Acer\Downloads\config (2).php
2011-11-08 10:05 - 2011-11-08 10:05 - 0001711 ____A C:\Users\Acer\Downloads\config (1).php
2011-11-08 08:57 - 2011-11-09 06:29 - 0000000 ____D C:\Users\Acer\Desktop\images
2011-11-08 08:57 - 2011-11-08 08:57 - 0401584 ____A C:\Users\Acer\Desktop\images.zip
2011-11-08 08:29 - 2011-11-08 08:29 - 0001468 ____A C:\Users\Acer\Downloads\six pack abs jeb nov 11 (1).rtf
2011-11-08 08:18 - 2011-11-08 08:18 - 2006215 ____A C:\Users\Acer\Downloads\header master.psd
2011-11-08 08:14 - 2010-10-28 11:02 - 0000000 ____D C:\Users\Acer\Desktop\wordpress_review_theme_v1.4
2011-11-08 05:38 - 2011-11-08 05:39 - 7956493 ____A C:\Users\Acer\Downloads\sure-way-to-lose-bellyfat.com.zip
2011-11-07 18:32 - 2011-11-07 18:32 - 0031755 ____A C:\Users\Acer\Downloads\post-star-rating.zip
2011-11-07 17:49 - 2011-11-07 17:49 - 0016899 ____A C:\Users\Acer\Downloads\license (1).txt
2011-11-07 16:37 - 2011-11-07 16:40 - 0000000 ____D C:\Users\Acer\Desktop\November
2011-11-07 08:47 - 2011-11-07 08:47 - 0000000 ____D C:\Windows\System32\Macromed
2011-11-07 07:03 - 2011-11-07 07:03 - 0000000 ____D C:\Windows\System32\appmgmt
2011-11-07 06:53 - 2011-11-07 06:54 - 0183462 ____A C:\Windows\ntbtlog.txt
2011-11-06 19:05 - 2011-11-06 19:05 - 5369890 ____A C:\Users\Acer\Downloads\AzonSpy_Software_-_A_Look_Inside_(WSO)(360p_H.264-AAC).mp4
2011-11-06 19:04 - 2011-11-06 19:12 - 157353058 ____A C:\Users\Acer\Downloads\Azon_Spy.rar
2011-11-05 14:34 - 2011-11-05 14:34 - 0001468 ____A C:\Users\Acer\Downloads\six pack abs jeb nov 11.rtf
2011-11-05 14:34 - 2011-11-05 14:34 - 0000162 ___AH C:\Users\Acer\Downloads\~$x pack abs jeb nov 11.rtf
2011-11-04 14:47 - 2011-11-04 14:47 - 0018892 ____A C:\Users\Acer\Downloads\lenamena.JPG
2011-11-04 13:40 - 2011-11-10 12:39 - 0000555 ____A C:\Users\Acer\Downloads\alerts.csv
2011-11-04 12:11 - 2011-11-04 12:11 - 0043847 ____A C:\Users\Acer\Downloads\allproducts600.jpg
2011-11-04 11:59 - 2011-11-04 11:59 - 0059306 ____A C:\Users\Acer\Downloads\6packabs.jpg
2011-11-04 11:22 - 2011-11-04 11:22 - 0026266 ____A C:\Users\Acer\Downloads\3Easy-ToLoseWeightForGOOD.jpg
2011-11-04 11:07 - 2011-11-04 11:07 - 0045839 ____A C:\Users\Acer\Downloads\dietsolution girl.gif
2011-11-04 11:07 - 2011-11-04 11:07 - 0032094 ____A C:\Users\Acer\Downloads\SkyscraperBannerStickFigure(Impulse).gif
2011-11-04 10:48 - 2011-11-04 10:48 - 0015361 ____A C:\Users\Acer\Downloads\Burnfatbanner H.jpg
2011-11-04 10:28 - 2011-11-04 10:28 - 0039555 ____A C:\Users\Acer\Downloads\burnfat banner.jpg
2011-11-04 10:28 - 2011-11-04 10:27 - 0026638 ____A C:\Users\Acer\Downloads\thedietsolution banner.jpg
2011-11-04 10:23 - 2011-11-04 10:23 - 0013031 ____A C:\Users\Acer\Downloads\Truth about abs banner.gif
2011-11-03 17:16 - 2011-11-03 17:16 - 0948754 ____A C:\Users\Acer\Downloads\ripped_abs_and_fat_burning_secret_banner_ads.zip
2011-11-03 13:16 - 2011-11-03 13:16 - 0909600 ____A (Sun Microsystems, Inc.) C:\Users\Acer\Downloads\chromeinstall-6u29 (1).exe
2011-11-03 13:11 - 2011-11-03 13:11 - 0909600 ____A (Sun Microsystems, Inc.) C:\Users\Acer\Downloads\chromeinstall-6u29.exe
2011-11-03 12:36 - 2011-11-03 12:36 - 0000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2011-11-03 12:36 - 2011-11-03 12:36 - 0000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2011-11-03 08:09 - 2011-11-03 08:09 - 0635882 ____A C:\Users\Acer\Downloads\header.psd
2011-11-03 08:09 - 2011-11-03 08:09 - 0010889 ____A C:\Users\Acer\Documents\http1.docx
2011-11-03 07:51 - 2011-11-03 07:51 - 0041174 ____A C:\Users\Acer\Downloads\header.jpg
2011-11-03 07:34 - 2011-11-03 07:34 - 0361778 ____A C:\Users\Acer\Downloads\featured-content-gallery.3.2.0.zip
2011-11-03 07:21 - 2011-11-03 07:21 - 10355131 ____A C:\Users\Acer\Downloads\wp review themes.rar
2011-11-02 11:33 - 2011-11-02 11:33 - 0010603 ____A C:\Users\Acer\Documents\http.docx
2011-11-02 11:32 - 2011-11-02 11:32 - 0000000 ____D C:\Users\Acer\Documents\Visual Studio 2008
2011-11-02 11:31 - 2011-11-02 11:47 - 0000000 ____D C:\Users\Acer\Documents\Visual Studio 2010
2011-11-02 11:30 - 2011-11-02 11:30 - 0001937 ____A C:\Users\Acer\Desktop\plugin.xml
2011-11-02 11:26 - 2011-11-07 07:12 - 0000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2011-11-02 11:08 - 2011-11-02 11:09 - 0000000 ____D C:\Users\Acer\Documents\Visual Studio 2005
2011-11-02 11:05 - 2011-11-02 11:05 - 4711248 ____A (Microsoft Corporation) C:\Users\Acer\Downloads\vs_ultimateweb.exe
2011-11-02 10:59 - 2011-11-02 10:59 - 3266641 ____A C:\Users\Acer\Downloads\Hyperz.SL_Build_Kit.rar
2011-11-02 10:04 - 2011-11-02 10:04 - 0146208 ____A C:\Users\Acer\Downloads\rokbox_gallery.zip
2011-11-01 19:35 - 2011-11-01 19:35 - 0241363 ____A C:\Users\Acer\Downloads\bbc-world-service-widget.zip
2011-11-01 18:43 - 2011-11-01 18:43 - 0128783 ____A C:\Users\Acer\Downloads\wp-newsticker.zip
2011-11-01 18:34 - 2011-11-01 18:34 - 0023802 ____A C:\Users\Acer\Downloads\NewsTicker.zip
2011-11-01 16:45 - 2011-11-01 16:45 - 0005685 ____A C:\Users\Acer\Downloads\642.zip
2011-11-01 15:47 - 2011-11-01 15:47 - 0060605 ____A C:\Users\Acer\Desktop\sfnc_0.3.4.zip
2011-11-01 15:46 - 2011-11-01 15:46 - 0000000 ____D C:\Users\Acer\Downloads\sfnc_0.3.4
2011-11-01 15:46 - 2011-11-01 15:46 - 0000000 ____D C:\Users\Acer\Desktop\sfnc_0.3.4
2011-11-01 15:44 - 2011-11-01 15:44 - 0061466 ____A C:\Users\Acer\Downloads\sfnc_0.3.4 (1).zip
2011-11-01 15:29 - 2011-11-01 15:29 - 0061466 ____A C:\Users\Acer\Downloads\sfnc_0.3.4.zip
2011-11-01 14:46 - 2011-11-01 14:46 - 2223810 ____A C:\Users\Acer\Downloads\national_flags_2_0_4.zip
2011-11-01 14:36 - 2011-11-01 14:38 - 0000681 ____A C:\Users\Acer\Desktop\aboutus_body.html
2011-11-01 12:09 - 2011-11-01 12:09 - 0021605 ____A C:\Users\Acer\Downloads\My Resume (1) (1).docx
2011-11-01 06:40 - 2011-11-01 06:40 - 0088576 ____A C:\Users\Acer\Downloads\Alhashimi - Draft letter to MicroSkills.doc
2011-11-01 06:13 - 2011-11-01 06:14 - 0662838 ____A C:\Users\Acer\Downloads\31glassyred.zip
2011-10-31 22:10 - 2011-10-31 22:10 - 0722984 ____A C:\Users\Acer\Downloads\se_pro_collapsible.zip
2011-10-31 21:55 - 2011-10-31 21:56 - 1728880 ____A C:\Users\Acer\Downloads\rosier_cata.zip
2011-10-31 19:46 - 2011-10-31 19:46 - 18130339 ____A C:\Users\Acer\Downloads\Texture_Pack_1_gfxportfolio.co.uk_.zip
2011-10-31 19:37 - 2011-10-31 19:37 - 0000422 ____A C:\Users\Acer\Downloads\icon_user_online_rtl.gif
2011-10-31 18:39 - 2011-10-31 18:39 - 0101191 ____A C:\Users\Acer\Desktop\background.psd
2011-10-31 16:53 - 2011-10-31 16:53 - 0152620 ____A C:\Users\Acer\Downloads\Yahoo_Smiley_Pack_v1.0.2-2 (2).zip
2011-10-31 15:36 - 2011-10-31 15:36 - 0208528 ____A C:\Users\Acer\Downloads\automod-1001 (2).zip
2011-10-31 15:36 - 2011-02-13 09:56 - 0000000 ____D C:\Users\Acer\Desktop\upload
2011-10-31 14:49 - 2011-09-26 18:44 - 0000000 ___AD C:\Users\Acer\Desktop\Buttons menu MOD 2.2.0
2011-10-31 14:47 - 2011-10-31 14:47 - 0259831 ____A C:\Users\Acer\Downloads\buttons_menu_MOD_2_2_0.zip
2011-10-31 14:20 - 2011-10-31 14:20 - 0817888 ____A C:\Users\Acer\Downloads\logo1.psd
2011-10-31 13:50 - 2011-10-31 13:50 - 0062518 ____A C:\Users\Acer\Downloads\The_Ultimate_Gradient_Pack_1_by_photoshopland.zip
2011-10-31 06:39 - 2011-10-31 06:39 - 0000000 ____D C:\Users\Acer\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-10-31 06:03 - 2011-11-03 18:42 - 0000132 ____A C:\Users\Acer\AppData\Roaming\Adobe GIF Format CS5 Prefs
2011-10-31 06:03 - 2011-10-31 06:03 - 1265871 ____A C:\Users\Acer\Downloads\canstockphoto4112350 (1).psd
2011-10-31 05:12 - 2011-10-31 19:52 - 0011561 ____A C:\Users\Acer\Documents\How to install phpbb3.docx
2011-10-30 18:57 - 2011-10-30 18:57 - 0374937 ____A C:\Users\Acer\Downloads\prosilver_se_1.0.7 (4).zip
2011-10-30 18:36 - 2011-07-10 18:36 - 0000000 ____D C:\Users\Acer\Desktop\acp
2011-10-30 10:19 - 2011-10-30 10:19 - 0008093 ____A C:\Users\Acer\Downloads\style.php
2011-10-30 09:37 - 2011-10-30 09:37 - 0015128 ____A C:\Users\Acer\Downloads\LICENSE
2011-10-30 08:09 - 2011-10-30 08:09 - 0253064 ____A C:\Users\Acer\Downloads\arabic_1_0_3 (2).zip
2011-10-30 08:08 - 2011-10-30 08:09 - 2463079 ____A C:\Users\Acer\Downloads\phpBB-3.0.9 (4).zip
2011-10-29 18:58 - 2011-11-01 15:10 - 1447936 ____A C:\Users\Acer\Documents\belly fat.msam
2011-10-29 18:56 - 2011-10-29 18:56 - 0000000 ____D C:\Users\Acer\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
2011-10-29 18:47 - 2011-10-29 18:47 - 0159774 ____A C:\Users\Acer\Downloads\keyword_ideas_20111029_1947686.csv
2011-10-29 18:46 - 2011-10-29 18:46 - 0171784 ____A C:\Users\Acer\Downloads\keyword_ideas_20111029_1946775.csv
2011-10-29 18:44 - 2011-10-29 18:44 - 0199842 ____A C:\Users\Acer\Downloads\keyword_ideas_20111029_1944115.csv
2011-10-29 15:56 - 2011-10-29 15:56 - 0000446 ____A C:\Users\Acer\Downloads\hashimi_ameerata.sql.gz
2011-10-29 14:06 - 2011-10-29 14:06 - 0012288 ____A C:\Users\Acer\Downloads\Name (1)
2011-10-29 14:00 - 2011-10-29 14:01 - 7560853 ____A C:\Users\Acer\Downloads\vumpost_phpbb (1).zip
2011-10-29 14:00 - 2011-10-29 14:00 - 0012288 ____A C:\Users\Acer\Downloads\Name
2011-10-29 10:59 - 2011-10-29 10:59 - 0120822 ____A C:\Users\Acer\Downloads\database_update.php
2011-10-29 10:44 - 2011-10-29 13:51 - 0000000 ____D C:\Users\Acer\Desktop\public_html
2011-10-29 09:45 - 2011-07-14 15:14 - 0000000 ____D C:\Users\Acer\Desktop\phpBB-3.0.9
2011-10-29 09:41 - 2011-10-29 09:41 - 0000398 ____A C:\Users\Acer\Downloads\config.php
2011-10-29 09:34 - 2011-10-29 09:34 - 0374937 ____A C:\Users\Acer\Downloads\prosilver_se_1.0.7 (3).zip
2011-10-29 09:01 - 2011-10-29 09:07 - 46080000 ____A C:\Users\Acer\Downloads\backup-alameerat.com-10-29-2011.tar.gz
2011-10-29 08:48 - 2011-10-29 08:50 - 20469117 ____A C:\Users\Acer\Downloads\iTunes64Setup.exe
2011-10-28 14:18 - 2011-11-14 15:48 - 0000000 ____D C:\Users\Acer\Desktop\sharpleech
2011-10-28 14:10 - 2011-10-28 14:10 - 0555490 ____A C:\Users\Acer\Downloads\SharpLeech_2.0.0_BETA.zip
2011-10-28 14:10 - 2011-10-28 14:10 - 0004793 ____A C:\Users\Acer\Downloads\TehParadox.xml
2011-10-28 13:31 - 2011-10-28 13:31 - 0002167 ____A C:\Users\Acer\Downloads\Hyperz.html
2011-10-28 13:29 - 2011-10-28 13:29 - 0002167 ____A C:\Users\Acer\Downloads\Hyperz.txt
2011-10-28 09:49 - 2011-10-28 09:49 - 2742253 ____A C:\Users\Acer\Downloads\SL_Final_1.0.0_x64.rar
2011-10-28 08:25 - 2011-10-28 08:25 - 0001150 ____A C:\Users\Acer\Downloads\favicon.ico
2011-10-28 04:52 - 2011-10-28 04:52 - 0028957 ____A C:\Users\Acer\Desktop\Karem_Hashimi Oct -2011.docx
2011-10-28 04:50 - 2011-10-28 04:50 - 0099328 ____A C:\Users\Acer\Downloads\MauriceLeeResume.doc
2011-10-28 04:36 - 2011-10-28 04:36 - 0039401 ____A C:\Users\Acer\Downloads\Attachments_2011_10_28.zip
2011-10-27 16:40 - 2011-10-27 16:40 - 0605957 ____A C:\Users\Acer\Downloads\coffee_time_language_bigicons_psd.zip
2011-10-27 16:40 - 2011-10-27 16:40 - 0605957 ____A C:\Users\Acer\Downloads\coffee_time_language_bigicons_psd (1).zip
2011-10-27 16:39 - 2011-10-27 16:39 - 0613219 ____A C:\Users\Acer\Downloads\coffee_time.zip
2011-10-27 12:18 - 2011-10-27 12:18 - 0039401 ____A C:\Users\Acer\Downloads\Attachments_2011_10_27 (1).zip
2011-10-27 12:00 - 2011-10-27 12:03 - 0017323 ____A C:\Users\Acer\Downloads\Karem_Hashimi_cover letter_Oct_2011 Financial Analyst.docx
2011-10-27 11:10 - 2011-10-27 11:10 - 0014675 ____A C:\Users\Acer\Desktop\Karem_Hashimi_cover letter_Oct_2011.docx
2011-10-27 11:07 - 2011-10-27 11:07 - 0030208 ____A C:\Users\Acer\Downloads\Karem_Hashimi_cover letter_Sep_2011.doc
2011-10-27 10:52 - 2011-10-27 10:52 - 0056832 ____A C:\Users\Acer\Downloads\Posting Financial Analyst Oct 2011 highlighted (1).doc
2011-10-27 10:52 - 2011-10-27 10:52 - 0049938 ____A C:\Users\Acer\Downloads\Attachments_2011_10_27.zip
2011-10-27 10:51 - 2011-10-27 10:51 - 0013277 ____A C:\Users\Acer\Downloads\Karem_Hashimi_cover letter_Sep_2011.docx
2011-10-27 09:29 - 2011-10-27 09:29 - 0152620 ____A C:\Users\Acer\Downloads\Yahoo_Smiley_Pack_v1.0.2-2 (1).zip
2011-10-27 09:05 - 2011-10-27 09:05 - 0003872 ____A C:\Users\Acer\Downloads\cooltext581803832.png
2011-10-27 07:51 - 2011-10-27 07:51 - 0003228 ____A C:\Users\Acer\Downloads\cooltext581772044.png
2011-10-27 07:49 - 2011-10-27 07:49 - 0003938 ____A C:\Users\Acer\Downloads\cooltext581771428.png
2011-10-27 07:26 - 2011-10-27 07:26 - 0026621 ____A C:\Users\Acer\Downloads\cooltext581761519.png
2011-10-27 06:43 - 2011-10-27 06:43 - 0120852 ____A C:\Users\Acer\Downloads\cooltext581741190.png
2011-10-27 06:07 - 2011-10-27 06:07 - 5776657 ____A C:\Users\Acer\Downloads\274-grunge_edge_pack.zip
2011-10-27 05:59 - 2011-10-27 06:09 - 237450517 ____A C:\Users\Acer\Downloads\Noble_silver.rar
2011-10-26 18:09 - 2011-10-26 18:09 - 0056832 ____A C:\Users\Acer\Downloads\Posting Financial Analyst Oct 2011 highlighted.doc
2011-10-26 17:04 - 2011-10-26 17:09 - 54152613 ____A C:\Users\Acer\Downloads\DiZa_frames.rar
2011-10-26 17:02 - 2011-10-26 18:34 - 222926593 ____A C:\Users\Acer\Downloads\Nabor_ramok_vyrezov.rar
2011-10-26 16:50 - 2011-10-26 16:52 - 0000000 ____D C:\Program Files (x86)\Photo Frame Genius
2011-10-26 16:50 - 2011-10-26 16:50 - 2894824 ____A (Easytools,Inc ) C:\Users\Acer\Downloads\PhotoFrameGeniusEn.exe
2011-10-26 16:50 - 2011-10-26 16:50 - 0001037 ____A C:\Users\Acer\Desktop\Photo Frame.lnk
2011-10-26 16:50 - 2011-10-26 16:50 - 0000031 ____A C:\Windows\SysWOW64\Days5.ini
2011-10-26 16:42 - 2011-10-26 16:42 - 0001107 ____A C:\Users\Acer\Desktop\FramePhotoEditor.lnk
2011-10-26 16:41 - 2011-10-26 16:42 - 0000000 ____D C:\Program Files (x86)\FramePhotoEditor
2011-10-26 16:41 - 2011-10-26 16:41 - 10801765 ____A C:\Users\Acer\Downloads\photoed.exe
2011-10-26 15:28 - 2011-10-26 15:28 - 0000000 ____D C:\Users\Acer\PhotoFrame Logs
2011-10-26 15:25 - 2011-10-26 15:28 - 0000000 ____D C:\Users\Acer\AppData\Roaming\onOne Software
2011-10-26 15:24 - 2011-10-26 15:24 - 0000000 ____D C:\Users\All Users\onOne Software
2011-10-26 15:24 - 2011-10-26 15:24 - 0000000 ____D C:\ProgramData\onOne Software
2011-10-26 15:24 - 2011-10-26 15:24 - 0000000 ____D C:\Program Files (x86)\onOne Software
2011-10-26 15:22 - 2011-10-26 15:23 - 63959715 ____A C:\Users\Acer\Downloads\PhotoFrame_4.6.3_Free.zip
2011-10-26 14:33 - 2011-10-26 14:33 - 5245867 ____A C:\Users\Acer\Downloads\baroque_brush_40206.zip
2011-10-26 12:16 - 2011-10-26 12:16 - 0095409 ____A C:\Users\Acer\Downloads\canstockphoto4112350 (2).jpg
2011-10-26 11:34 - 2011-10-26 11:34 - 0018335 ____A C:\Users\Acer\Downloads\coollogo_com-68816689.png
2011-10-26 11:33 - 2011-10-26 11:33 - 0022309 ____A C:\Users\Acer\Downloads\coollogo_com-67204634.png
2011-10-26 11:30 - 2011-10-26 11:30 - 0028634 ____A C:\Users\Acer\Downloads\coollogo_com-67275430.png
2011-10-26 11:18 - 2011-10-26 11:18 - 0051786 ____A C:\Users\Acer\Downloads\coollogo_com-67275028.gif
2011-10-26 11:13 - 2011-10-26 11:13 - 0042174 ____A C:\Users\Acer\Downloads\coollogo_com-68815850.png
2011-10-26 11:03 - 2011-10-26 11:03 - 0041797 ____A C:\Users\Acer\Downloads\coollogo_com-67203790.png
2011-10-26 10:40 - 2011-10-26 10:40 - 0374937 ____A C:\Users\Acer\Downloads\prosilver_se_1.0.7 (2).zip
2011-10-26 08:31 - 2011-10-26 08:31 - 0241295 ____A C:\Users\Acer\Downloads\prosilverse.zip
2011-10-26 07:48 - 2011-10-26 07:48 - 0303524 ____A C:\Users\Acer\Downloads\prosilver_se_1.0.4.zip
2011-10-26 07:09 - 2011-10-26 07:09 - 0044351 ____A C:\Users\Acer\Downloads\ucp.php
2011-10-26 06:46 - 2011-10-26 06:46 - 0374937 ____A C:\Users\Acer\Downloads\prosilver_se_1.0.7 (1).zip
2011-10-26 06:34 - 2011-10-26 06:34 - 0152620 ____A C:\Users\Acer\Downloads\Yahoo_Smiley_Pack_v1.0.2-2.zip
2011-10-26 06:14 - 2011-10-26 06:15 - 2463079 ____A C:\Users\Acer\Downloads\phpBB-3.0.9 (3).zip
2011-10-26 05:55 - 2011-10-26 05:55 - 2672661 ____A C:\Users\Acer\Downloads\phpBB-3.0.9.zip
2011-10-25 19:15 - 2011-10-25 19:15 - 0009172 ____A C:\Users\Acer\Downloads\lang_arabic.zip
2011-10-25 17:43 - 2011-10-25 17:43 - 0374937 ____A C:\Users\Acer\Downloads\prosilver_se_1.0.7.zip
2011-10-25 17:20 - 2011-10-25 17:20 - 0725149 ____A C:\Users\Acer\Downloads\xandred.zip
2011-10-25 17:11 - 2011-10-25 17:11 - 1198937 ____A C:\Users\Acer\Downloads\rt_grunge_phpbb3.zip
2011-10-25 16:53 - 2011-10-25 16:53 - 0742973 ____A C:\Users\Acer\Downloads\Burnerz.zip
2011-10-25 14:46 - 2011-10-25 14:46 - 1106834 ____A C:\Users\Acer\Downloads\proglass_red_1.4.5.zip
2011-10-25 14:46 - 2011-10-25 14:46 - 0698719 ____A C:\Users\Acer\Downloads\Prospace.zip
2011-10-25 14:44 - 2011-10-25 14:44 - 0259703 ____A C:\Users\Acer\Downloads\maroon_fusion_1.0.9.zip
2011-10-25 14:41 - 2011-10-25 14:41 - 0588571 ____A C:\Users\Acer\Downloads\ggValentine_1.0.2.zip
2011-10-25 13:59 - 2009-07-18 17:10 - 0007357 ____A C:\Users\Acer\Desktop\overall_header.html
2011-10-25 13:18 - 2011-10-25 13:18 - 0067220 ____A C:\Users\Acer\Downloads\cooltext580937862.png
2011-10-25 13:14 - 2011-10-25 13:14 - 0032719 ____A C:\Users\Acer\Downloads\cooltext580936388.png
2011-10-25 13:11 - 2011-10-25 13:11 - 0032719 ____A C:\Users\Acer\Downloads\cooltext580935171.png
2011-10-25 13:07 - 2011-11-09 06:29 - 0000132 ____A C:\Users\Acer\AppData\Roaming\Adobe PNG Format CS5 Prefs
2011-10-25 11:08 - 2011-10-25 11:08 - 0095409 ____A C:\Users\Acer\Downloads\8lb.jpg
2011-10-25 11:02 - 2011-10-25 11:03 - 0095409 ____A C:\Users\Acer\Downloads\canstockphoto4112350.jpg
2011-10-25 09:36 - 2011-10-25 09:36 - 0352052 ____A C:\Users\Acer\Downloads\Tara1.0.0.zip
2011-10-25 09:19 - 2011-10-25 09:19 - 0414672 ____A C:\Users\Acer\Downloads\site_logo.psd
2011-10-25 09:15 - 2011-10-25 09:15 - 0885476 ____A C:\Users\Acer\Downloads\buttons.zip
2011-10-25 09:15 - 2011-10-25 09:15 - 0093601 ____A C:\Users\Acer\Downloads\button_pm_forward.psd
2011-10-25 09:13 - 2011-10-25 09:13 - 0020036 ____A C:\Users\Acer\Downloads\imageset
2011-10-25 08:33 - 2011-10-25 08:35 - 2751176 ____A C:\Users\Acer\Downloads\K_Kitty.zip
2011-10-25 08:08 - 2011-10-25 08:08 - 1078261 ____A C:\Users\Acer\Downloads\prostylize_darkblue_1.4.1 (1).zip
2011-10-25 08:03 - 2011-10-25 08:03 - 1078261 ____A C:\Users\Acer\Downloads\prostylize_darkblue_1.4.1.zip
2011-10-25 06:59 - 2011-10-25 07:00 - 44871680 ____A C:\Users\Acer\Downloads\backup-alameerat.com-10-25-2011.tar.gz
2011-10-25 06:57 - 2011-10-25 06:58 - 16589541 ____A C:\Users\Acer\Downloads\backup-10.25.2011_09-55-10_hashimi.tar.gz
2011-10-25 06:34 - 2011-10-25 06:34 - 0049938 ____A C:\Users\Acer\Downloads\Attachments_2011_10_25.zip

============ 3 Months Modified Files and Folders =============

2011-11-24 19:14 - 2011-10-02 13:45 - 1929332 ____A C:\Windows\WindowsUpdate.log
2011-11-24 19:12 - 2011-11-24 18:58 - 13935475 ____A C:\Users\Acer\Downloads\SpinnerChief.zip
2011-11-24 19:07 - 2009-07-13 21:13 - 0786686 ____A C:\Windows\System32\PerfStringBackup.INI
2011-11-24 18:59 - 2011-11-24 18:59 - 0463080 ____A (CNET Download.com) C:\Users\Acer\Downloads\cnet_SpinnerChief_zip(1).exe
2011-11-24 18:57 - 2011-11-24 18:57 - 0463080 ____A (CNET Download.com) C:\Users\Acer\Desktop\cnet_SpinnerChief_zip.exe
2011-11-24 18:44 - 2011-11-24 18:44 - 0001439 ____A C:\Users\Acer\Desktop\aswMBR.txt
2011-11-24 18:44 - 2011-11-24 18:44 - 0000512 ____A C:\Users\Acer\Desktop\MBR.dat
2011-11-24 18:41 - 2011-11-24 18:40 - 1916416 ____A (AVAST Software) C:\Users\Acer\Desktop\aswMBR.exe
2011-11-24 18:17 - 2011-10-03 15:06 - 0000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1917812455-3220424052-4218777028-1000UA.job
2011-11-24 18:13 - 2011-11-24 18:12 - 0078134 ____A C:\TDSSKiller.2.6.21.0_24.11.2011_21.12.22_log.txt
2011-11-24 18:11 - 2011-11-24 18:11 - 1547774 ____A C:\Users\Acer\Downloads\tdsskiller (1).zip
2011-11-24 18:11 - 2011-11-24 18:11 - 0000348 ____A C:\TDSSKiller.2.6.19.0_24.11.2011_21.11.24_log.txt
2011-11-24 18:11 - 2011-11-24 18:05 - 0001892 ____A C:\TDSSKiller.2.6.19.0_24.11.2011_21.05.55_log.txt
2011-11-24 18:05 - 2011-11-24 18:05 - 1547774 ____A C:\Users\Acer\Downloads\tdsskiller.zip
2011-11-24 18:05 - 2011-11-24 18:05 - 0000348 ____A C:\TDSSKiller.2.6.19.0_24.11.2011_21.05.29_log.txt
2011-11-24 15:51 - 2009-07-13 20:45 - 0026544 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-11-24 15:51 - 2009-07-13 20:45 - 0026544 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-11-24 15:44 - 2011-11-24 15:44 - 0000000 __SHD C:\$RECYCLE.BIN
2011-11-24 15:44 - 2011-10-02 13:42 - 3061202944 __ASH C:\hiberfil.sys
2011-11-24 15:44 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-11-24 15:44 - 2009-07-13 20:51 - 0028149 ____A C:\Windows\setupact.log
2011-11-24 15:42 - 2011-11-24 15:42 - 0023494 ____A C:\ComboFix.txt
2011-11-24 15:42 - 2011-11-18 12:04 - 0000000 ____D C:\Qoobox
2011-11-24 15:38 - 2010-11-20 19:47 - 0016324 ____A C:\Windows\PFRO.log
2011-11-24 15:38 - 2009-07-13 18:34 - 0000215 ____A C:\Windows\system.ini
2011-11-24 15:38 - 2009-07-13 18:34 - 0000027 ____A C:\Windows\System32\Drivers\etc\hosts
2011-11-24 15:32 - 2011-11-23 09:41 - 4306729 ____R (Swearware) C:\Users\Acer\Desktop\ComboFix.exe
2011-11-24 09:33 - 2011-11-19 18:43 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Acer\Desktop\TDSSKiller.exe
2011-11-23 20:03 - 2011-11-23 20:03 - 0027303 ____A C:\Users\Acer\Downloads\Nuance_Dragon_NaturallySpeaking_11.5_Premium_(English).6817003.TPB (7).torrent
2011-11-23 19:36 - 2011-11-23 19:36 - 0002920 ____A C:\Users\Acer\Downloads\Dragon_Naturally_speaking_v11_Premium_Only_Crack_Files___error_f.5919804.TPB.torrent
2011-11-23 18:26 - 2011-11-23 18:18 - 209715200 ____A C:\Users\Acer\Downloads\Dragon Naturally Speaking 10.10 [www.Net4Download.com].part1.rar
2011-11-23 18:25 - 2011-11-23 18:17 - 209715200 ____A C:\Users\Acer\Downloads\Dragon Naturally Speaking 10.10 [www.Net4Download.com].part2.rar
2011-11-23 16:14 - 2011-11-23 15:57 - 209715200 ____A C:\Users\Acer\Downloads\Dragon Naturally Speaking 10.10 [www.Net4Download.com].part4.rar
2011-11-23 16:13 - 2011-11-23 15:57 - 209715200 ____A C:\Users\Acer\Downloads\Dragon Naturally Speaking 10.10 [www.Net4Download.com].part5.rar
2011-11-23 16:13 - 2011-11-23 15:57 - 209715200 ____A C:\Users\Acer\Downloads\Dragon Naturally Speaking 10.10 [www.Net4Download.com].part3.rar
2011-11-23 16:12 - 2011-11-23 15:56 - 209715200 ____A C:\Users\Acer\Downloads\Dragon Naturally Speaking 10.10 [www.Net4Download.com].part6.rar
2011-11-23 16:06 - 2011-11-23 15:54 - 124608126 ____A C:\Users\Acer\Downloads\Dragon Naturally Speaking 10.10 [www.Net4Download.com].part7.rar
2011-11-23 14:53 - 2011-11-23 14:53 - 0027303 ____A C:\Users\Acer\Downloads\Nuance_Dragon_NaturallySpeaking_11.5_Premium_(English).6817003.TPB (6).torrent
2011-11-23 13:53 - 2011-10-02 10:54 - 0000000 ____D C:\Users\Acer\AppData\LocalLow
2011-11-23 13:40 - 2011-11-23 13:40 - 0027303 ____A C:\Users\Acer\Downloads\Nuance_Dragon_NaturallySpeaking_11.5_Premium_(English).6817003.TPB (5).torrent
2011-11-23 13:30 - 2011-11-23 13:30 - 0027303 ____A C:\Users\Acer\Downloads\Nuance_Dragon_NaturallySpeaking_11.5_Premium_(English).6817003.TPB (4).torrent
2011-11-23 13:20 - 2011-11-23 13:20 - 0027303 ____A C:\Users\Acer\Downloads\Nuance_Dragon_NaturallySpeaking_11.5_Premium_(English).6817003.TPB (3).torrent
2011-11-23 13:01 - 2011-11-23 13:01 - 0017179 ____A C:\Users\Acer\Downloads\Dragon_Naturally_Speaking_10_Preferred.4590007.TPB.torrent
2011-11-23 12:51 - 2011-11-23 12:51 - 0000000 ____D C:\Program Files (x86)\Nuance
2011-11-23 12:51 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Speech
2011-11-23 12:36 - 2011-10-04 15:34 - 0000000 ____D C:\Program Files (x86)\FlashGet
2011-11-23 12:35 - 2011-11-23 12:35 - 0001011 ____A C:\Users\Acer\Desktop\FlashGet.lnk
2011-11-23 12:34 - 2011-11-23 12:33 - 4653240 ____A C:\Users\Acer\Downloads\flashget196en.exe
2011-11-23 12:31 - 2011-11-23 12:31 - 0027303 ____A C:\Users\Acer\Downloads\Nuance_Dragon_NaturallySpeaking_11.5_Premium_(English).6817003.TPB (2).torrent
2011-11-23 12:14 - 2011-11-23 12:14 - 0027303 ____A C:\Users\Acer\Downloads\Nuance_Dragon_NaturallySpeaking_11.5_Premium_(English).6817003.TPB (1).torrent
2011-11-23 12:10 - 2011-11-23 12:10 - 0017373 ____A C:\Users\Acer\Downloads\Dragon_Naturally_Speaking_V10_Preferred___serial_key.4480581.TPB (6).torrent
2011-11-23 12:09 - 2011-11-23 12:09 - 0017373 ____A C:\Users\Acer\Downloads\Dragon_Naturally_Speaking_V10_Preferred___serial_key.4480581.TPB (5).torrent
2011-11-23 12:05 - 2011-11-23 12:05 - 0023009 ____A C:\Users\Acer\Downloads\[isoHunt] Dragon NaturallySpeaking v11 Retail (1).torrent
2011-11-23 12:04 - 2011-11-23 12:04 - 0023009 ____A C:\Users\Acer\Downloads\[isoHunt] Dragon NaturallySpeaking v11 Retail.torrent
2011-11-23 12:01 - 2011-11-23 12:01 - 0017373 ____A C:\Users\Acer\Downloads\Dragon_Naturally_Speaking_V10_Preferred___serial_key.4480581.TPB (4).torrent
2011-11-23 11:59 - 2011-11-23 11:59 - 0017373 ____A C:\Users\Acer\Downloads\Dragon_Naturally_Speaking_V10_Preferred___serial_key.4480581.TPB (3).torrent
2011-11-23 11:58 - 2011-11-23 11:58 - 0017373 ____A C:\Users\Acer\Downloads\Dragon_Naturally_Speaking_V10_Preferred___serial_key.4480581.TPB (2).torrent
2011-11-23 11:56 - 2011-11-23 11:56 - 0017373 ____A C:\Users\Acer\Downloads\Dragon_Naturally_Speaking_V10_Preferred___serial_key.4480581.TPB (1).torrent
2011-11-23 11:49 - 2011-11-23 11:49 - 0017373 ____A C:\Users\Acer\Downloads\Dragon_Naturally_Speaking_V10_Preferred___serial_key.4480581.TPB.torrent
2011-11-23 11:17 - 2011-10-03 15:06 - 0000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1917812455-3220424052-4218777028-1000Core.job
2011-11-23 10:30 - 2011-10-03 15:07 - 0002310 ____A C:\Users\Acer\Desktop\Google Chrome.lnk
2011-11-23 09:50 - 2011-11-18 12:05 - 0000000 ____D C:\Windows\ERDNT
2011-11-23 09:41 - 2011-11-19 19:04 - 0018527 ____A C:\Users\Acer\Desktop\DDS.txt
2011-11-23 09:40 - 2011-11-23 09:40 - 4306335 ____A (Swearware) C:\Users\Acer\Downloads\ComboFix.exe
2011-11-23 05:58 - 2011-11-23 05:58 - 0607260 ____A (Swearware) C:\Users\Acer\Downloads\dds.scr
2011-11-23 05:58 - 2011-11-19 19:02 - 0607260 ____R (Swearware) C:\Users\Acer\Desktop\dds.scr
2011-11-23 05:54 - 2011-11-23 05:54 - 0050477 ____A C:\Users\Acer\Downloads\Defogger.exe
2011-11-23 05:54 - 2011-11-23 05:54 - 0050477 ____A C:\Users\Acer\Desktop\Defogger.exe
2011-11-19 19:14 - 2011-11-19 19:14 - 0294216 ____A C:\Users\Acer\Desktop\gmer.zip
2011-11-19 19:05 - 2011-11-19 19:05 - 0011346 ____A C:\Users\Acer\Desktop\Attach.txt
2011-11-19 19:05 - 2011-11-19 19:05 - 0003355 ____A C:\Users\Acer\Desktop\Attach.zip
2011-11-19 19:00 - 2011-11-19 19:00 - 0000000 ____A C:\Users\Acer\defogger_reenable
2011-11-19 19:00 - 2011-10-02 10:54 - 0000000 ____D C:\users\Acer
2011-11-19 18:55 - 2011-11-19 18:55 - 0001113 ____A C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
2011-11-19 18:55 - 2011-11-18 10:38 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-19 18:48 - 2011-11-19 18:48 - 0078672 ____A C:\TDSSKiller.2.6.19.0_19.11.2011_21.48.12_log.txt
2011-11-19 18:47 - 2011-11-18 10:08 - 0002048 ____A C:\Uninstall.dat
2011-11-19 18:45 - 2011-11-18 10:06 - 0000542 ____A C:\rkill.log
2011-11-18 14:29 - 2011-10-20 13:13 - 0001138 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2011-11-18 14:29 - 2011-10-20 13:13 - 0000000 ____D C:\Users\Acer\AppData\Roaming\Mozilla
2011-11-18 14:29 - 2011-10-20 13:13 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2011-11-18 14:29 - 2011-10-03 08:01 - 0000000 ____D C:\Program Files (x86)\Microsoft Office
2011-11-18 14:23 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\config\TxR
2011-11-18 14:07 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\AppCompat
2011-11-18 14:06 - 2011-10-20 18:27 - 0000000 ____D C:\Program Files (x86)\3D Flash Animator 4 Release 5
2011-11-18 14:06 - 2011-10-11 05:03 - 0000000 ____D C:\Users\All Users\McAfee Security Scan
2011-11-18 14:06 - 2011-10-11 05:03 - 0000000 ____D C:\ProgramData\McAfee Security Scan
2011-11-18 14:06 - 2011-10-11 05:03 - 0000000 ____D C:\Program Files (x86)\McAfee Security Scan
2011-11-18 14:06 - 2011-10-06 17:52 - 0000000 ____D C:\xampp
2011-11-18 14:06 - 2011-10-03 15:06 - 0000000 ____D C:\Users\Acer\AppData\Local\Google
2011-11-18 14:06 - 2009-07-13 19:20 - 0000000 __RHD C:\users\Default
2011-11-18 14:06 - 2009-07-13 19:20 - 0000000 ___RD C:\users\Public
2011-11-18 14:06 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2011-11-18 14:04 - 2011-10-18 06:35 - 0000000 ____D C:\Users\All Users\Real
2011-11-18 14:04 - 2011-10-18 06:35 - 0000000 ____D C:\ProgramData\Real
2011-11-18 13:59 - 2011-11-18 13:59 - 0021391 ____A C:\Users\Acer\combofix.txt
2011-11-18 11:26 - 2011-11-18 11:25 - 0078090 ____A C:\TDSSKiller.2.6.19.0_18.11.2011_14.25.51_log.txt
2011-11-18 10:32 - 2011-11-18 10:31 - 0078090 ____A C:\TDSSKiller.2.6.19.0_18.11.2011_13.31.44_log.txt
2011-11-18 10:31 - 2011-11-18 10:30 - 0078090 ____A C:\TDSSKiller.2.6.19.0_18.11.2011_13.30.24_log.txt
2011-11-18 10:27 - 2011-11-19 18:43 - 9851496 ____A (Malwarebytes Corporation ) C:\Users\Acer\Desktop\mbam-setup.exe
2011-11-18 10:12 - 2011-11-10 11:49 - 0000000 ____D C:\Users\Acer\AppData\Local\ElevatedDiagnostics
2011-11-18 10:07 - 2011-11-19 18:43 - 13222480 ____A (SUPERAntiSpyware.com) C:\Users\Acer\Desktop\SUPERAntiSpyware.exe
2011-11-18 09:59 - 2011-11-18 07:23 - 0000000 ____D C:\Users\All Users\Spybot - Search & Destroy
2011-11-18 09:59 - 2011-11-18 07:23 - 0000000 ____D C:\ProgramData\Spybot - Search & Destroy
2011-11-18 09:57 - 2011-11-19 18:43 - 1008092 ____A C:\Users\Acer\Desktop\rkill.scr
2011-11-18 09:52 - 2011-11-19 18:43 - 0000335 ____A C:\Users\Acer\Desktop\FixExe.reg
2011-11-18 09:43 - 2011-11-18 05:22 - 0000000 ____D C:\Users\Acer\AppData\Roaming\Sammsoft
2011-11-18 08:01 - 2011-10-19 07:12 - 0009139 ____A C:\Users\Acer\AppData\Roaming\SmarThruOptions.xml
2011-11-18 07:11 - 2011-11-17 11:58 - 0012409 ____A C:\Users\Acer\Documents\petition.docx
2011-11-18 06:59 - 2011-11-18 06:59 - 0025160 ____A C:\Windows\System32\Drivers\hitmanpro35.sys
2011-11-18 06:58 - 2011-11-18 06:58 - 0000000 ____D C:\Users\All Users\Hitman Pro
2011-11-18 06:58 - 2011-11-18 06:58 - 0000000 ____D C:\ProgramData\Hitman Pro
2011-11-18 05:57 - 2011-11-18 05:57 - 0000733 ____A C:\Users\Acer\Downloads\image001.gif
2011-11-18 05:41 - 2011-11-18 05:41 - 0000000 ____D C:\Users\Acer\AppData\Roaming\Malwarebytes
2011-11-18 05:40 - 2011-11-18 05:40 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-11-18 05:40 - 2011-11-18 05:40 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-11-18 05:20 - 2011-11-18 05:19 - 6639632 ____A (Support.com ) C:\Users\Acer\Downloads\ARO2011_bt.exe
2011-11-17 20:12 - 2011-11-17 20:12 - 0001889 ____A C:\Users\Acer\Desktop\CCleaner.lnk
2011-11-17 20:12 - 2011-11-17 20:12 - 0000000 ____D C:\Program Files (x86)\CCleaner
2011-11-17 20:08 - 2011-11-17 20:08 - 0347920 ____A (Microsoft Corporation) C:\Users\Acer\Downloads\MicrosoftFixit.ProgramInstallUninstall.Run.exe
2011-11-17 20:03 - 2011-11-17 20:02 - 2686709 ____A C:\Users\Acer\Downloads\CCleaner.zip
2011-11-17 16:53 - 2011-11-17 16:53 - 0306711 ____A C:\Users\Acer\Downloads\Attachments_2011_11_17.zip
2011-11-17 16:52 - 2011-11-17 16:52 - 0333030 ____A C:\Users\Acer\Downloads\November 15, 2011 RE- MicroSkills and A. Alhashimi.pdf
2011-11-17 15:20 - 2011-11-17 15:20 - 0027303 ____A C:\Users\Acer\Downloads\Nuance_Dragon_NaturallySpeaking_11.5_Premium_(English).6817003.TPB.torrent
2011-11-17 14:44 - 2011-11-17 14:44 - 0010857 ____A C:\Users\Acer\Downloads\Dragon_NaturallySpeaking_11.5_Service_Pack.6640002.TPB.torrent
2011-11-17 11:13 - 2011-11-17 11:13 - 0473625 ____A C:\Users\Acer\Downloads\scan0001.jpg
2011-11-17 11:13 - 2011-11-17 11:13 - 0011597 ____A C:\Users\Acer\Documents\sample of exam.docx
2011-11-17 10:12 - 2011-11-17 09:45 - 1031168 ____A C:\Users\Acer\Documents\blood pressure monitor.msam
2011-11-17 09:45 - 2011-11-17 08:15 - 1645568 ____A C:\Users\Acer\Documents\blood pressure.msam
2011-11-17 08:14 - 2011-11-17 08:14 - 0000931 ____A C:\Users\Public\Desktop\Market Samurai.lnk
2011-11-17 08:14 - 2011-11-17 08:14 - 0000000 ____D C:\Program Files (x86)\Market Samurai
2011-11-17 07:36 - 2011-10-06 11:12 - 0000000 ____D C:\Users\Acer\AppData\Roaming\Voipwise
2011-11-16 16:11 - 2011-11-16 16:11 - 0306711 ____A C:\Users\Acer\Downloads\Attachments_2011_11_16 (1).zip
2011-11-16 05:53 - 2011-11-16 05:53 - 0306711 ____A C:\Users\Acer\Downloads\Attachments_2011_11_16.zip
2011-11-15 06:14 - 2011-10-18 11:45 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2011-11-14 16:11 - 2011-11-14 15:44 - 0000000 ____D C:\Users\Acer\Desktop\sl2
2011-11-14 15:48 - 2011-10-28 14:18 - 0000000 ____D C:\Users\Acer\Desktop\sharpleech
2011-11-14 15:45 - 2011-10-19 17:10 - 0000000 ____D C:\Users\Acer\AppData\Local\Hyperz
2011-11-14 11:22 - 2011-11-09 12:41 - 0000000 ____D C:\Users\Acer\Desktop\amazon
2011-11-12 18:21 - 2011-11-12 18:21 - 0099774 ____A C:\Users\Acer\Downloads\WPRobot300.zip
2011-11-12 08:04 - 2011-11-12 08:04 - 0022483 ____A C:\Users\Acer\Desktop\download.htm
2011-11-12 07:50 - 2011-11-12 07:50 - 0024316 ____A C:\Users\Acer\Downloads\TurbulenceT3_Flat.jpg
2011-11-12 07:25 - 2011-11-12 07:25 - 0012046 ____A C:\Users\Acer\Desktop\mm_prod_icons3.jpg
2011-11-10 14:45 - 2011-11-10 12:39 - 0022528 ____A C:\Users\Acer\Downloads\alerts (Autosaved).xls
2011-11-10 12:39 - 2011-11-04 13:40 - 0000555 ____A C:\Users\Acer\Downloads\alerts.csv
2011-11-10 11:55 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\NDF
2011-11-10 10:52 - 2011-11-10 10:52 - 0000737 ____A C:\Users\Acer\Desktop\feeds.php
2011-11-10 10:48 - 2011-11-10 10:43 - 136623313 ____A C:\Users\Acer\Downloads\BHT (Easy Paycheck Formula).rar
2011-11-10 10:37 - 2011-11-10 10:35 - 57890524 ____A C:\Users\Acer\Downloads\Bonuses1.zip
2011-11-10 10:36 - 2011-11-10 10:34 - 55794792 ____A C:\Users\Acer\Downloads\Videos 6-10.zip
2011-11-10 10:33 - 2011-11-10 10:33 - 6226158 ____A C:\Users\Acer\Downloads\PDF and Plugins.zip
2011-11-10 10:33 - 2011-11-10 10:33 - 0000152 ____A C:\Users\Acer\Downloads\New Internet Shortcut (120).url
2011-11-10 10:33 - 2011-11-10 10:33 - 0000128 ____A C:\Users\Acer\Downloads\Free File Hosting Made Simple - MediaFire.URL
2011-11-10 08:35 - 2011-11-10 08:35 - 0000000 ____D C:\Program Files\Microsoft Synchronization Services
2011-11-10 08:35 - 2011-11-10 08:35 - 0000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2011-11-10 08:35 - 2011-11-10 08:35 - 0000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2011-11-10 08:35 - 2011-11-10 08:35 - 0000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-11-10 08:34 - 2011-11-10 08:34 - 0000000 ____D C:\Program Files (x86)\Microsoft WSE
2011-11-10 08:34 - 2011-10-03 08:01 - 0000000 ____D C:\Users\All Users\Microsoft Help
2011-11-10 08:34 - 2011-10-03 08:01 - 0000000 ____D C:\ProgramData\Microsoft Help
2011-11-10 06:37 - 2011-11-10 06:37 - 0736905 ____A C:\Users\Acer\Downloads\snapshot.zip
2011-11-10 06:07 - 2011-11-10 06:07 - 0000000 ____D C:\Users\Acer\Downloads\flexsqueeze150
2011-11-09 21:35 - 2011-11-09 21:35 - 0003147 ____A C:\Users\Acer\Downloads\six pack abs jeb nov 11 (2).rtf
2011-11-09 20:58 - 2011-11-09 20:58 - 0001493 ____A C:\Users\Acer\Downloads\w003_hot_cook.txt
2011-11-09 20:51 - 2011-10-16 16:39 - 0000000 ____D C:\Users\Acer\AppData\Local\Paint.NET
2011-11-09 20:48 - 2009-07-13 20:45 - 4971576 ____A C:\Windows\System32\FNTCACHE.DAT
2011-11-09 20:47 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\System
2011-11-09 20:02 - 2011-10-04 14:42 - 52174280 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2011-11-09 19:40 - 2011-11-09 19:40 - 12034458 ____A C:\Users\Acer\Downloads\flexsqueeze150.zip
2011-11-09 12:59 - 2011-11-09 12:59 - 1959841 ____A C:\Users\Acer\Downloads\WP-Amazing (1).zip
2011-11-09 12:40 - 2011-11-09 12:40 - 0233752 ____A C:\Users\Acer\Downloads\wp-pagenavi.2.81.zip
2011-11-09 11:37 - 2011-11-09 11:37 - 3187626 ____A C:\Users\Acer\Downloads\theme003.zip
2011-11-09 11:11 - 2011-11-09 11:11 - 0008887 ____A C:\Users\Acer\Downloads\Analytics_self emp_20111009-20111108_(TrafficSourcesReport).pdf
2011-11-09 06:36 - 2011-11-09 06:36 - 0019160 ____A C:\Users\Acer\Downloads\dietsolution_thumbnail.jpg
2011-11-09 06:29 - 2011-11-08 08:57 - 0000000 ____D C:\Users\Acer\Desktop\images
2011-11-09 06:29 - 2011-10-25 13:07 - 0000132 ____A C:\Users\Acer\AppData\Roaming\Adobe PNG Format CS5 Prefs
2011-11-09 06:02 - 2011-11-09 06:02 - 0784794 ____A C:\Users\Acer\Desktop\Theme.zip
2011-11-08 18:08 - 2011-11-08 18:08 - 0000000 ____D C:\Users\All Users\IsolatedStorage
2011-11-08 18:08 - 2011-11-08 18:08 - 0000000 ____D C:\ProgramData\IsolatedStorage
2011-11-08 15:22 - 2011-11-08 15:22 - 7053984 ____A C:\Users\Acer\Downloads\InReviewTheme.zip
2011-11-08 15:18 - 2011-11-08 15:17 - 0311421 ____A (http://vgrabber.org) C:\Users\Acer\Downloads\setup.exe
2011-11-08 10:20 - 2011-11-08 10:20 - 0001094 ____A C:\Users\Acer\Downloads\config (2).php
2011-11-08 10:05 - 2011-11-08 10:05 - 0001711 ____A C:\Users\Acer\Downloads\config (1).php
2011-11-08 08:57 - 2011-11-08 08:57 - 0401584 ____A C:\Users\Acer\Desktop\images.zip
2011-11-08 08:29 - 2011-11-08 08:29 - 0001468 ____A C:\Users\Acer\Downloads\six pack abs jeb nov 11 (1).rtf
2011-11-08 08:18 - 2011-11-08 08:18 - 2006215 ____A C:\Users\Acer\Downloads\header master.psd
2011-11-08 05:39 - 2011-11-08 05:38 - 7956493 ____A C:\Users\Acer\Downloads\sure-way-to-lose-bellyfat.com.zip
2011-11-07 18:32 - 2011-11-07 18:32 - 0031755 ____A C:\Users\Acer\Downloads\post-star-rating.zip
2011-11-07 17:49 - 2011-11-07 17:49 - 0016899 ____A C:\Users\Acer\Downloads\license (1).txt
2011-11-07 16:40 - 2011-11-07 16:37 - 0000000 ____D C:\Users\Acer\Desktop\November
2011-11-07 08:47 - 2011-11-07 08:47 - 0000000 ____D C:\Windows\System32\Macromed
2011-11-07 07:12 - 2011-11-02 11:26 - 0000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2011-11-07 07:12 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files (x86)\MSBuild
2011-11-07 07:06 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\Microsoft Shared
2011-11-07 07:03 - 2011-11-07 07:03 - 0000000 ____D C:\Windows\System32\appmgmt
2011-11-07 06:54 - 2011-11-07 06:53 - 0183462 ____A C:\Windows\ntbtlog.txt
2011-11-06 19:12 - 2011-11-06 19:04 - 157353058 ____A C:\Users\Acer\Downloads\Azon_Spy.rar
2011-11-06 19:05 - 2011-11-06 19:05 - 5369890 ____A C:\Users\Acer\Downloads\AzonSpy_Software_-_A_Look_Inside_(WSO)(360p_H.264-AAC).mp4
2011-11-05 14:34 - 2011-11-05 14:34 - 0001468 ____A C:\Users\Acer\Downloads\six pack abs jeb nov 11.rtf
2011-11-05 14:34 - 2011-11-05 14:34 - 0000162 ___AH C:\Users\Acer\Downloads\~$x pack abs jeb nov 11.rtf
2011-11-04 14:47 - 2011-11-04 14:47 - 0018892 ____A C:\Users\Acer\Downloads\lenamena.JPG
2011-11-04 12:11 - 2011-11-04 12:11 - 0043847 ____A C:\Users\Acer\Downloads\allproducts600.jpg
2011-11-04 11:59 - 2011-11-04 11:59 - 0059306 ____A C:\Users\Acer\Downloads\6packabs.jpg
2011-11-04 11:22 - 2011-11-04 11:22 - 0026266 ____A C:\Users\Acer\Downloads\3Easy-ToLoseWeightForGOOD.jpg
2011-11-04 11:07 - 2011-11-04 11:07 - 0045839 ____A C:\Users\Acer\Downloads\dietsolution girl.gif
2011-11-04 11:07 - 2011-11-04 11:07 - 0032094 ____A C:\Users\Acer\Downloads\SkyscraperBannerStickFigure(Impulse).gif
2011-11-04 10:48 - 2011-11-04 10:48 - 0015361 ____A C:\Users\Acer\Downloads\Burnfatbanner H.jpg
2011-11-04 10:28 - 2011-11-04 10:28 - 0039555 ____A C:\Users\Acer\Downloads\burnfat banner.jpg
2011-11-04 10:27 - 2011-11-04 10:28 - 0026638 ____A C:\Users\Acer\Downloads\thedietsolution banner.jpg
2011-11-04 10:23 - 2011-11-04 10:23 - 0013031 ____A C:\Users\Acer\Downloads\Truth about abs banner.gif
2011-11-03 18:42 - 2011-10-31 06:03 - 0000132 ____A C:\Users\Acer\AppData\Roaming\Adobe GIF Format CS5 Prefs
2011-11-03 17:16 - 2011-11-03 17:16 - 0948754 ____A C:\Users\Acer\Downloads\ripped_abs_and_fat_burning_secret_banner_ads.zip
2011-11-03 13:16 - 2011-11-03 13:16 - 0909600 ____A (Sun Microsystems, Inc.) C:\Users\Acer\Downloads\chromeinstall-6u29 (1).exe
2011-11-03 13:11 - 2011-11-03 13:11 - 0909600 ____A (Sun Microsystems, Inc.) C:\Users\Acer\Downloads\chromeinstall-6u29.exe
2011-11-03 12:43 - 2011-10-03 08:08 - 0780534 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2011-11-03 12:36 - 2011-11-03 12:36 - 0000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2011-11-03 12:36 - 2011-11-03 12:36 - 0000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2011-11-03 08:09 - 2011-11-03 08:09 - 0635882 ____A C:\Users\Acer\Downloads\header.psd
2011-11-03 08:09 - 2011-11-03 08:09 - 0010889 ____A C:\Users\Acer\Documents\http1.docx
2011-11-03 07:51 - 2011-11-03 07:51 - 0041174 ____A C:\Users\Acer\Downloads\header.jpg
2011-11-03 07:34 - 2011-11-03 07:34 - 0361778 ____A C:\Users\Acer\Downloads\featured-content-gallery.3.2.0.zip
2011-11-03 07:21 - 2011-11-03 07:21 - 10355131 ____A C:\Users\Acer\Downloads\wp review themes.rar
2011-11-02 11:47 - 2011-11-02 11:31 - 0000000 ____D C:\Users\Acer\Documents\Visual Studio 2010
2011-11-02 11:33 - 2011-11-02 11:33 - 0010603 ____A C:\Users\Acer\Documents\http.docx
2011-11-02 11:32 - 2011-11-02 11:32 - 0000000 ____D C:\Users\Acer\Documents\Visual Studio 2008
2011-11-02 11:30 - 2011-11-02 11:30 - 0001937 ____A C:\Users\Acer\Desktop\plugin.xml
2011-11-02 11:09 - 2011-11-02 11:08 - 0000000 ____D C:\Users\Acer\Documents\Visual Studio 2005
2011-11-02 11:08 - 2011-10-03 08:01 - 0000000 ____D C:\Users\Acer\AppData\Local\Microsoft Help
2011-11-02 11:05 - 2011-11-02 11:05 - 4711248 ____A (Microsoft Corporation) C:\Users\Acer\Downloads\vs_ultimateweb.exe
2011-11-02 10:59 - 2011-11-02 10:59 - 3266641 ____A C:\Users\Acer\Downloads\Hyperz.SL_Build_Kit.rar
2011-11-02 10:04 - 2011-11-02 10:04 - 0146208 ____A C:\Users\Acer\Downloads\rokbox_gallery.zip
2011-11-01 19:35 - 2011-11-01 19:35 - 0241363 ____A C:\Users\Acer\Downloads\bbc-world-service-widget.zip
2011-11-01 18:43 - 2011-11-01 18:43 - 0128783 ____A C:\Users\Acer\Downloads\wp-newsticker.zip
2011-11-01 18:34 - 2011-11-01 18:34 - 0023802 ____A C:\Users\Acer\Downloads\NewsTicker.zip
2011-11-01 16:45 - 2011-11-01 16:45 - 0005685 ____A C:\Users\Acer\Downloads\642.zip
2011-11-01 15:47 - 2011-11-01 15:47 - 0060605 ____A C:\Users\Acer\Desktop\sfnc_0.3.4.zip
2011-11-01 15:46 - 2011-11-01 15:46 - 0000000 ____D C:\Users\Acer\Downloads\sfnc_0.3.4
2011-11-01 15:46 - 2011-11-01 15:46 - 0000000 ____D C:\Users\Acer\Desktop\sfnc_0.3.4
2011-11-01 15:44 - 2011-11-01 15:44 - 0061466 ____A C:\Users\Acer\Downloads\sfnc_0.3.4 (1).zip
2011-11-01 15:29 - 2011-11-01 15:29 - 0061466 ____A C:\Users\Acer\Downloads\sfnc_0.3.4.zip
2011-11-01 15:10 - 2011-10-29 18:58 - 1447936 ____A C:\Users\Acer\Documents\belly fat.msam
2011-11-01 14:46 - 2011-11-01 14:46 - 2223810 ____A C:\Users\Acer\Downloads\national_flags_2_0_4.zip
2011-11-01 14:38 - 2011-11-01 14:36 - 0000681 ____A C:\Users\Acer\Desktop\aboutus_body.html
2011-11-01 12:09 - 2011-11-01 12:09 - 0021605 ____A C:\Users\Acer\Downloads\My Resume (1) (1).docx
2011-11-01 06:40 - 2011-11-01 06:40 - 0088576 ____A C:\Users\Acer\Downloads\Alhashimi - Draft letter to MicroSkills.doc
2011-11-01 06:14 - 2011-11-01 06:13 - 0662838 ____A C:\Users\Acer\Downloads\31glassyred.zip
2011-10-31 22:10 - 2011-10-31 22:10 - 0722984 ____A C:\Users\Acer\Downloads\se_pro_collapsible.zip
2011-10-31 21:56 - 2011-10-31 21:55 - 1728880 ____A C:\Users\Acer\Downloads\rosier_cata.zip
2011-10-31 19:52 - 2011-10-31 05:12 - 0011561 ____A C:\Users\Acer\Documents\How to install phpbb3.docx
2011-10-31 19:46 - 2011-10-31 19:46 - 18130339 ____A C:\Users\Acer\Downloads\Texture_Pack_1_gfxportfolio.co.uk_.zip
2011-10-31 19:37 - 2011-10-31 19:37 - 0000422 ____A C:\Users\Acer\Downloads\icon_user_online_rtl.gif
2011-10-31 18:39 - 2011-10-31 18:39 - 0101191 ____A C:\Users\Acer\Desktop\background.psd
2011-10-31 16:53 - 2011-10-31 16:53 - 0152620 ____A C:\Users\Acer\Downloads\Yahoo_Smiley_Pack_v1.0.2-2 (2).zip
2011-10-31 15:36 - 2011-10-31 15:36 - 0208528 ____A C:\Users\Acer\Downloads\automod-1001 (2).zip
2011-10-31 14:47 - 2011-10-31 14:47 - 0259831 ____A C:\Users\Acer\Downloads\buttons_menu_MOD_2_2_0.zip
2011-10-31 14:20 - 2011-10-31 14:20 - 0817888 ____A C:\Users\Acer\Downloads\logo1.psd
2011-10-31 13:50 - 2011-10-31 13:50 - 0062518 ____A C:\Users\Acer\Downloads\The_Ultimate_Gradient_Pack_1_by_photoshopland.zip
2011-10-31 06:39 - 2011-10-31 06:39 - 0000000 ____D C:\Users\Acer\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-10-31 06:11 - 2011-10-16 17:31 - 0003912 ____A C:\Users\Acer\Downloads\site_logo1.gif
2011-10-31 06:03 - 2011-10-31 06:03 - 1265871 ____A C:\Users\Acer\Downloads\canstockphoto4112350 (1).psd
2011-10-30 18:57 - 2011-10-30 18:57 - 0374937 ____A C:\Users\Acer\Downloads\prosilver_se_1.0.7 (4).zip
2011-10-30 10:19 - 2011-10-30 10:19 - 0008093 ____A C:\Users\Acer\Downloads\style.php
2011-10-30 09:37 - 2011-10-30 09:37 - 0015128 ____A C:\Users\Acer\Downloads\LICENSE
2011-10-30 08:09 - 2011-10-30 08:09 - 0253064 ____A C:\Users\Acer\Downloads\arabic_1_0_3 (2).zip
2011-10-30 08:09 - 2011-10-30 08:08 - 2463079 ____A C:\Users\Acer\Downloads\phpBB-3.0.9 (4).zip
2011-10-29 18:56 - 2011-10-29 18:56 - 0000000 ____D C:\Users\Acer\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
2011-10-29 18:47 - 2011-10-29 18:47 - 0159774 ____A C:\Users\Acer\Downloads\keyword_ideas_20111029_1947686.csv
2011-10-29 18:46 - 2011-10-29 18:46 - 0171784 ____A C:\Users\Acer\Downloads\keyword_ideas_20111029_1946775.csv
2011-10-29 18:44 - 2011-10-29 18:44 - 0199842 ____A C:\Users\Acer\Downloads\keyword_ideas_20111029_1944115.csv
2011-10-29 15:56 - 2011-10-29 15:56 - 0000446 ____A C:\Users\Acer\Downloads\hashimi_ameerata.sql.gz
2011-10-29 14:06 - 2011-10-29 14:06 - 0012288 ____A C:\Users\Acer\Downloads\Name (1)
2011-10-29 14:01 - 2011-10-29 14:00 - 7560853 ____A C:\Users\Acer\Downloads\vumpost_phpbb (1).zip
2011-10-29 14:00 - 2011-10-29 14:00 - 0012288 ____A C:\Users\Acer\Downloads\Name
2011-10-29 13:51 - 2011-10-29 10:44 - 0000000 ____D C:\Users\Acer\Desktop\public_html
2011-10-29 10:59 - 2011-10-29 10:59 - 0120822 ____A C:\Users\Acer\Downloads\database_update.php
2011-10-29 09:41 - 2011-10-29 09:41 - 0000398 ____A C:\Users\Acer\Downloads\config.php
2011-10-29 09:34 - 2011-10-29 09:34 - 0374937 ____A C:\Users\Acer\Downloads\prosilver_se_1.0.7 (3).zip
2011-10-29 09:07 - 2011-10-29 09:01 - 46080000 ____A C:\Users\Acer\Downloads\backup-alameerat.com-10-29-2011.tar.gz
2011-10-29 08:50 - 2011-10-29 08:48 - 20469117 ____A C:\Users\Acer\Downloads\iTunes64Setup.exe
2011-10-28 14:10 - 2011-10-28 14:10 - 0555490 ____A C:\Users\Acer\Downloads\SharpLeech_2.0.0_BETA.zip
2011-10-28 14:10 - 2011-10-28 14:10 - 0004793 ____A C:\Users\Acer\Downloads\TehParadox.xml
2011-10-28 13:31 - 2011-10-28 13:31 - 0002167 ____A C:\Users\Acer\Downloads\Hyperz.html
2011-10-28 13:29 - 2011-10-28 13:29 - 0002167 ____A C:\Users\Acer\Downloads\Hyperz.txt
2011-10-28 10:07 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\LiveKernelReports
2011-10-28 09:49 - 2011-10-28 09:49 - 2742253 ____A C:\Users\Acer\Downloads\SL_Final_1.0.0_x64.rar
2011-10-28 08:25 - 2011-10-28 08:25 - 0001150 ____A C:\Users\Acer\Downloads\favicon.ico
2011-10-28 04:52 - 2011-10-28 04:52 - 0028957 ____A C:\Users\Acer\Desktop\Karem_Hashimi Oct -2011.docx
2011-10-28 04:50 - 2011-10-28 04:50 - 0099328 ____A C:\Users\Acer\Downloads\MauriceLeeResume.doc
2011-10-28 04:36 - 2011-10-28 04:36 - 0039401 ____A C:\Users\Acer\Downloads\Attachments_2011_10_28.zip
2011-10-27 16:40 - 2011-10-27 16:40 - 0605957 ____A C:\Users\Acer\Downloads\coffee_time_language_bigicons_psd.zip
2011-10-27 16:40 - 2011-10-27 16:40 - 0605957 ____A C:\Users\Acer\Downloads\coffee_time_language_bigicons_psd (1).zip
2011-10-27 16:39 - 2011-10-27 16:39 - 0613219 ____A C:\Users\Acer\Downloads\coffee_time.zip
2011-10-27 12:18 - 2011-10-27 12:18 - 0039401 ____A C:\Users\Acer\Downloads\Attachments_2011_10_27 (1).zip
2011-10-27 12:03 - 2011-10-27 12:00 - 0017323 ____A C:\Users\Acer\Downloads\Karem_Hashimi_cover letter_Oct_2011 Financial Analyst.docx
2011-10-27 11:10 - 2011-10-27 11:10 - 0014675 ____A C:\Users\Acer\Desktop\Karem_Hashimi_cover letter_Oct_2011.docx
2011-10-27 11:07 - 2011-10-27 11:07 - 0030208 ____A C:\Users\Acer\Downloads\Karem_Hashimi_cover letter_Sep_2011.doc
2011-10-27 10:52 - 2011-10-27 10:52 - 0056832 ____A C:\Users\Acer\Downloads\Posting Financial Analyst Oct 2011 highlighted (1).doc
2011-10-27 10:52 - 2011-10-27 10:52 - 0049938 ____A C:\Users\Acer\Downloads\Attachments_2011_10_27.zip
2011-10-27 10:51 - 2011-10-27 10:51 - 0013277 ____A C:\Users\Acer\Downloads\Karem_Hashimi_cover letter_Sep_2011.docx
2011-10-27 09:29 - 2011-10-27 09:29 - 0152620 ____A C:\Users\Acer\Downloads\Yahoo_Smiley_Pack_v1.0.2-2 (1).zip
2011-10-27 09:05 - 2011-10-27 09:05 - 0003872 ____A C:\Users\Acer\Downloads\cooltext581803832.png
2011-10-27 07:51 - 2011-10-27 07:51 - 0003228 ____A C:\Users\Acer\Downloads\cooltext581772044.png
2011-10-27 07:49 - 2011-10-27 07:49 - 0003938 ____A C:\Users\Acer\Downloads\cooltext581771428.png
2011-10-27 07:26 - 2011-10-27 07:26 - 0026621 ____A C:\Users\Acer\Downloads\cooltext581761519.png
2011-10-27 07:01 - 2011-10-03 15:19 - 0000000 ____D C:\Users\Acer\AppData\Roaming\Adobe
2011-10-27 06:43 - 2011-10-27 06:43 - 0120852 ____A C:\Users\Acer\Downloads\cooltext581741190.png
2011-10-27 06:09 - 2011-10-27 05:59 - 237450517 ____A C:\Users\Acer\Downloads\Noble_silver.rar
2011-10-27 06:07 - 2011-10-27 06:07 - 5776657 ____A C:\Users\Acer\Downloads\274-grunge_edge_pack.zip
2011-10-26 18:34 - 2011-10-26 17:02 - 222926593 ____A C:\Users\Acer\Downloads\Nabor_ramok_vyrezov.rar
2011-10-26 18:09 - 2011-10-26 18:09 - 0056832 ____A C:\Users\Acer\Downloads\Posting Financial Analyst Oct 2011 highlighted.doc
2011-10-26 17:09 - 2011-10-26 17:04 - 54152613 ____A C:\Users\Acer\Downloads\DiZa_frames.rar
2011-10-26 16:52 - 2011-10-26 16:50 - 0000000 ____D C:\Program Files (x86)\Photo Frame Genius
2011-10-26 16:50 - 2011-10-26 16:50 - 2894824 ____A (Easytools,Inc ) C:\Users\Acer\Downloads\PhotoFrameGeniusEn.exe
2011-10-26 16:50 - 2011-10-26 16:50 - 0001037 ____A C:\Users\Acer\Desktop\Photo Frame.lnk
2011-10-26 16:50 - 2011-10-26 16:50 - 0000031 ____A C:\Windows\SysWOW64\Days5.ini
2011-10-26 16:42 - 2011-10-26 16:42 - 0001107 ____A C:\Users\Acer\Desktop\FramePhotoEditor.lnk
2011-10-26 16:42 - 2011-10-26 16:41 - 0000000 ____D C:\Program Files (x86)\FramePhotoEditor
2011-10-26 16:41 - 2011-10-26 16:41 - 10801765 ____A C:\Users\Acer\Downloads\photoed.exe
2011-10-26 15:28 - 2011-10-26 15:28 - 0000000 ____D C:\Users\Acer\PhotoFrame Logs
2011-10-26 15:28 - 2011-10-26 15:25 - 0000000 ____D C:\Users\Acer\AppData\Roaming\onOne Software
2011-10-26 15:24 - 2011-10-26 15:24 - 0000000 ____D C:\Users\All Users\onOne Software
2011-10-26 15:24 - 2011-10-26 15:24 - 0000000 ____D C:\ProgramData\onOne Software
2011-10-26 15:24 - 2011-10-26 15:24 - 0000000 ____D C:\Program Files (x86)\onOne Software
2011-10-26 15:24 - 2011-10-03 06:20 - 0000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2011-10-26 15:23 - 2011-10-26 15:22 - 63959715 ____A C:\Users\Acer\Downloads\PhotoFrame_4.6.3_Free.zip
2011-10-26 14:33 - 2011-10-26 14:33 - 5245867 ____A C:\Users\Acer\Downloads\baroque_brush_40206.zip
2011-10-26 12:16 - 2011-10-26 12:16 - 0095409 ____A C:\Users\Acer\Downloads\canstockphoto4112350 (2).jpg
2011-10-26 11:34 - 2011-10-26 11:34 - 0018335 ____A C:\Users\Acer\Downloads\coollogo_com-68816689.png
2011-10-26 11:33 - 2011-10-26 11:33 - 0022309 ____A C:\Users\Acer\Downloads\coollogo_com-67204634.png
2011-10-26 11:30 - 2011-10-26 11:30 - 0028634 ____A C:\Users\Acer\Downloads\coollogo_com-67275430.png
2011-10-26 11:18 - 2011-10-26 11:18 - 0051786 ____A C:\Users\Acer\Downloads\coollogo_com-67275028.gif
2011-10-26 11:13 - 2011-10-26 11:13 - 0042174 ____A C:\Users\Acer\Downloads\coollogo_com-68815850.png
2011-10-26 11:03 - 2011-10-26 11:03 - 0041797 ____A C:\Users\Acer\Downloads\coollogo_com-67203790.png
2011-10-26 10:40 - 2011-10-26 10:40 - 0374937 ____A C:\Users\Acer\Downloads\prosilver_se_1.0.7 (2).zip
2011-10-26 08:31 - 2011-10-26 08:31 - 0241295 ____A C:\Users\Acer\Downloads\prosilverse.zip
2011-10-26 07:48 - 2011-10-26 07:48 - 0303524 ____A C:\Users\Acer\Downloads\prosilver_se_1.0.4.zip
2011-10-26 07:09 - 2011-10-26 07:09 - 0044351 ____A C:\Users\Acer\Downloads\ucp.php
2011-10-26 06:46 - 2011-10-26 06:46 - 0374937 ____A C:\Users\Acer\Downloads\prosilver_se_1.0.7 (1).zip
2011-10-26 06:34 - 2011-10-26 06:34 - 0152620 ____A C:\Users\Acer\Downloads\Yahoo_Smiley_Pack_v1.0.2-2.zip
2011-10-26 06:15 - 2011-10-26 06:14 - 2463079 ____A C:\Users\Acer\Downloads\phpBB-3.0.9 (3).zip
2011-10-26 05:55 - 2011-10-26 05:55 - 2672661 ____A C:\Users\Acer\Downloads\phpBB-3.0.9.zip
2011-10-25 19:15 - 2011-10-25 19:15 - 0009172 ____A C:\Users\Acer\Downloads\lang_arabic.zip
2011-10-25 17:43 - 2011-10-25 17:43 - 0374937 ____A C:\Users\Acer\Downloads\prosilver_se_1.0.7.zip
2011-10-25 17:20 - 2011-10-25 17:20 - 0725149 ____A C:\Users\Acer\Downloads\xandred.zip
2011-10-25 17:11 - 2011-10-25 17:11 - 1198937 ____A C:\Users\Acer\Downloads\rt_grunge_phpbb3.zip
2011-10-25 16:53 - 2011-10-25 16:53 - 0742973 ____A C:\Users\Acer\Downloads\Burnerz.zip
2011-10-25 14:46 - 2011-10-25 14:46 - 1106834 ____A C:\Users\Acer\Downloads\proglass_red_1.4.5.zip
2011-10-25 14:46 - 2011-10-25 14:46 - 0698719 ____A C:\Users\Acer\Downloads\Prospace.zip
2011-10-25 14:44 - 2011-10-25 14:44 - 0259703 ____A C:\Users\Acer\Downloads\maroon_fusion_1.0.9.zip
2011-10-25 14:41 - 2011-10-25 14:41 - 0588571 ____A C:\Users\Acer\Downloads\ggValentine_1.0.2.zip
2011-10-25 13:18 - 2011-10-25 13:18 - 0067220 ____A C:\Users\Acer\Downloads\cooltext580937862.png
2011-10-25 13:14 - 2011-10-25 13:14 - 0032719 ____A C:\Users\Acer\Downloads\cooltext580936388.png
2011-10-25 13:11 - 2011-10-25 13:11 - 0032719 ____A C:\Users\Acer\Downloads\cooltext580935171.png
2011-10-25 11:08 - 2011-10-25 11:08 - 0095409 ____A C:\Users\Acer\Downloads\8lb.jpg
2011-10-25 11:03 - 2011-10-25 11:02 - 0095409 ____A C:\Users\Acer\Downloads\canstockphoto4112350.jpg
2011-10-25 10:04 - 2011-10-05 10:51 - 0000000 ____D C:\Users\Acer\Desktop\Job Application
2011-10-25 09:36 - 2011-10-25 09:36 - 0352052 ____A C:\Users\Acer\Downloads\Tara1.0.0.zip
2011-10-25 09:19 - 2011-10-25 09:19 - 0414672 ____A C:\Users\Acer\Downloads\site_logo.psd
2011-10-25 09:15 - 2011-10-25 09:15 - 0885476 ____A C:\Users\Acer\Downloads\buttons.zip
2011-10-25 09:15 - 2011-10-25 09:15 - 0093601 ____A C:\Users\Acer\Downloads\button_pm_forward.psd
2011-10-25 09:13 - 2011-10-25 09:13 - 0020036 ____A C:\Users\Acer\Downloads\imageset
2011-10-25 08:35 - 2011-10-25 08:33 - 2751176 ____A C:\Users\Acer\Downloads\K_Kitty.zip
2011-10-25 08:08 - 2011-10-25 08:08 - 1078261 ____A C:\Users\Acer\Downloads\prostylize_darkblue_1.4.1 (1).zip
2011-10-25 08:03 - 2011-10-25 08:03 - 1078261 ____A C:\Users\Acer\Downloads\prostylize_darkblue_1.4.1.zip
2011-10-25 07:00 - 2011-10-25 06:59 - 44871680 ____A C:\Users\Acer\Downloads\backup-alameerat.com-10-25-2011.tar.gz
2011-10-25 06:58 - 2011-10-25 06:57 - 16589541 ____A C:\Users\Acer\Downloads\backup-10.25.2011_09-55-10_hashimi.tar.gz
2011-10-25 06:34 - 2011-10-25 06:34 - 0049938 ____A C:\Users\Acer\Downloads\Attachments_2011_10_25.zip
2011-10-24 18:50 - 2011-10-24 18:46 - 74910103 ____A C:\Users\Acer\Downloads\phpbb3_Themes.rar
2011-10-24 01:14 - 2011-10-11 05:03 - 0000000 ____D C:\Users\All Users\Adobe
2011-10-24 01:14 - 2011-10-11 05:03 - 0000000 ____D C:\ProgramData\Adobe
2011-10-23 13:32 - 2011-10-23 13:32 - 0278357 ____A C:\Users\Acer\Downloads\Floral_by_solenero73.zip
2011-10-23 13:17 - 2011-10-23 13:16 - 34752303 ____A C:\Users\Acer\Downloads\Crystal_Patterns_by_silver_.zip
2011-10-23 12:42 - 2011-10-11 05:03 - 0000000 ____D C:\Users\Acer\AppData\Local\Adobe
2011-10-23 12:37 - 2011-10-23 12:37 - 3936824 ____A C:\Users\Acer\Downloads\Flowers_a_1.rar
2011-10-23 12:35 - 2011-10-23 12:35 - 0051224 ____A C:\Users\Acer\Downloads\valentine_1.rar
2011-10-23 12:35 - 2011-10-23 12:35 - 0003021 ____A C:\Users\Acer\Downloads\B.rar
2011-10-23 12:34 - 2011-10-23 12:34 - 0002654 ____A C:\Users\Acer\Downloads\A.rar
2011-10-23 12:33 - 2011-10-23 12:33 - 0126389 ____A C:\Users\Acer\Downloads\Heritage_Platinum_Ps_Gradients_by_ElvenSword.zip
2011-10-23 12:31 - 2011-10-23 12:31 - 0005159 ____A C:\Users\Acer\Downloads\Golden_Metal_Gradients_by_Adoralyna.zip
2011-10-23 12:22 - 2011-10-23 12:22 - 0000000 ____D C:\Users\Acer\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2011-10-23 12:22 - 2011-10-23 12:22 - 0000000 ____D C:\Users\Acer\AppData\Roaming\Adobe Mini Bridge CS5
2011-10-23 11:35 - 2011-10-23 11:35 - 1295170 ____A C:\Users\Acer\Downloads\Tiaras_brush_set_3_by_Lileya.abr
2011-10-23 11:24 - 2011-10-23 11:24 - 1002070 ____A C:\Users\Acer\Downloads\Free_Floral_Brushes_Pack_1_by_ElenaSham.abr
2011-10-23 11:14 - 2011-10-23 11:14 - 2734792 ____A C:\Users\Acer\Downloads\Floral_Swirl_Brushes_by_Aka_Joe.zip
2011-10-23 11:12 - 2011-10-23 11:12 - 0003522 ____A C:\Users\Acer\Downloads\butterfly1plz.gif
2011-10-23 11:00 - 2011-10-23 11:00 - 0544337 ____A C:\Users\Acer\Downloads\STOCK_PHOTOSHOP_BRUSHES_flower_by_MaureenOlder.zip
2011-10-23 10:47 - 2011-10-23 10:47 - 1243576 ____A (Adobe Systems, Incorporated) C:\Users\Acer\Downloads\amtlib.dll
2011-10-23 10:20 - 2011-10-23 10:20 - 0059984 ____A C:\Users\Acer\Downloads\Release_NET20_2.0.rar
2011-10-23 10:18 - 2011-10-23 10:18 - 1034752 ____A (PDF Creator Technologies) C:\Users\Acer\Downloads\PDFCreatorSetup.exe
2011-10-23 10:18 - 2011-10-23 10:18 - 0001217 ____A C:\Users\Acer\Desktop\Continue FoxTab PDF Creator Installation.lnk
2011-10-22 20:04 - 2011-10-22 20:04 - 0000000 ____D C:\Users\All Users\regid.1986-12.com.adobe
2011-10-22 20:04 - 2011-10-22 20:04 - 0000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2011-10-22 20:04 - 2011-10-03 06:25 - 0108840 ____A C:\Users\Acer\AppData\Local\GDIPFONTCACHEV1.DAT
2011-10-22 19:59 - 2011-10-22 19:59 - 0000000 ____D C:\Program Files\Adobe
2011-10-22 19:59 - 2011-10-22 19:58 - 0000000 ____D C:\Program Files\Common Files\Adobe
2011-10-22 19:58 - 2011-10-11 05:03 - 0000000 ____D C:\Program Files (x86)\Adobe
2011-10-22 19:57 - 2011-10-22 19:57 - 0000000 ____D C:\Program Files (x86)\Adobe Media Player
2011-10-22 11:16 - 2011-10-22 11:16 - 0010488 ____A C:\Users\Acer\Documents\Keywords.docx
2011-10-22 08:40 - 2011-10-22 08:22 - 0233584 ____A C:\Users\Acer\Downloads\fiverr.com1.jpg
2011-10-21 19:36 - 2011-10-21 19:36 - 0028299 ____A C:\Users\Acer\Downloads\John_Prine_-_The_Great_Days_Anthology.3365331.TPB.torrent
2011-10-21 14:06 - 2011-10-21 14:06 - 3981530 ____A C:\Users\Acer\Downloads\wordpress-3.2.1 (2).zip
2011-10-21 13:25 - 2011-10-21 13:25 - 0547262 ____A C:\Users\Acer\Downloads\ping sites.pdf
2011-10-21 04:30 - 2011-10-21 04:30 - 0291188 ____A C:\Windows\msxml4-KB954430-enu.LOG
2011-10-21 04:30 - 2011-10-21 04:30 - 0288534 ____A C:\Windows\msxml4-KB973688-enu.LOG
2011-10-21 04:30 - 2011-10-21 04:30 - 0000000 ____D C:\Program Files (x86)\MSXML 4.0
2011-10-20 18:27 - 2011-10-20 18:27 - 0000868 ____A C:\Users\Acer\Desktop\3D Flash Animator 4 Release 5.lnk
2011-10-20 18:26 - 2011-10-20 18:26 - 4374692 ____A C:\Users\Acer\Downloads\3D_Flash_Animator_4.0_Release_5.rar
2011-10-20 16:59 - 2011-10-18 08:34 - 0000000 ____D C:\Users\All Users\Symantec
2011-10-20 16:59 - 2011-10-18 08:34 - 0000000 ____D C:\Users\All Users\Norton
2011-10-20 16:59 - 2011-10-18 08:34 - 0000000 ____D C:\ProgramData\Symantec
2011-10-20 16:59 - 2011-10-18 08:34 - 0000000 ____D C:\ProgramData\Norton
2011-10-20 16:57 - 2011-10-20 16:57 - 2620218 ____A C:\Users\Acer\Downloads\BLOGSETUPTUTORIALS062509.zip
2011-10-20 15:51 - 2011-10-20 15:51 - 0000064 ____A C:\Users\Acer\Documents\2207.dbf
2011-10-20 15:45 - 2011-10-20 15:45 - 6374027 ____A C:\Users\Acer\Downloads\MassForumLeecher4.3.rar
2011-10-20 15:36 - 2011-10-20 15:36 - 0012104 ____A C:\Users\Acer\Documents\hypers sharpleech.docx
2011-10-20 13:13 - 2011-10-20 13:13 - 0000000 ____D C:\Users\Acer\AppData\Local\Mozilla
2011-10-20 11:40 - 2011-10-20 11:40 - 0155942 ____A C:\Users\Acer\Downloads\FBDtemplate.zip
2011-10-19 19:32 - 2011-10-19 19:32 - 0528233 ____A C:\Users\Acer\Downloads\openhouse.zip
2011-10-19 19:13 - 2011-10-19 19:13 - 0651143 ____A C:\Users\Acer\Downloads\repro.zip
2011-10-19 19:06 - 2011-10-19 19:06 - 0283354 ____A C:\Users\Acer\Downloads\agendarecife_wp.zip
2011-10-19 17:10 - 2011-10-19 17:10 - 0471487 ____A C:\Users\Acer\Downloads\SL_2.0.0_ALPHA.zip
2011-10-19 16:58 - 2011-10-19 16:56 - 50377624 ____A (Microsoft Corporation) C:\Users\Acer\Downloads\dotNetFx40_Full_x86_x64.exe
2011-10-19 11:03 - 2011-10-19 11:03 - 0061952 ____A C:\Users\Acer\Downloads\her resume Resume[1] (1).doc
2011-10-19 11:03 - 2011-10-19 11:03 - 0020402 ____A C:\Users\Acer\Downloads\Attachments_2011_10_19 (3).zip
2011-10-19 11:03 - 2011-10-19 11:03 - 0020402 ____A C:\Users\Acer\Downloads\Attachments_2011_10_19 (2).zip
2011-10-19 11:03 - 2011-10-19 11:03 - 0020402 ____A C:\Users\Acer\Downloads\Attachments_2011_10_19 (1).zip
2011-10-19 11:00 - 2011-10-19 11:00 - 0061952 ____A C:\Users\Acer\Downloads\her resume Resume[1].doc
2011-10-19 11:00 - 2011-10-19 11:00 - 0049664 ____A C:\Users\Acer\Downloads\Kustomer Support resumeb.doc
2011-10-19 10:37 - 2011-10-18 18:40 - 0010737 ____A C:\Users\Acer\Documents\resources.docx
2011-10-19 07:52 - 2011-10-19 07:52 - 3599828 ____A C:\Users\Acer\Downloads\Attachments_2011_10_19.zip
2011-10-19 07:24 - 2011-10-19 07:24 - 7560853 ____A C:\Users\Acer\Downloads\vumpost_phpbb.zip
2011-10-19 07:12 - 2011-10-19 07:12 - 0000000 ____D C:\Users\Acer\AppData\Roaming\SmarThru4
2011-10-19 07:12 - 2011-10-19 07:11 - 0000000 ____D C:\Program Files (x86)\SmarThru 4
2011-10-19 07:11 - 2011-10-19 07:11 - 0000828 ____A C:\Users\Public\Desktop\SmarThru 4.lnk
2011-10-19 07:11 - 2011-10-19 07:11 - 0000136 ____A C:\Windows\Readiris.ini
2011-10-19 07:11 - 2011-10-19 07:11 - 0000000 ____D C:\Program Files (x86)\Readiris10
2011-10-19 07:11 - 2011-10-19 05:24 - 0000163 ____A C:\Windows\setup.log
2011-10-19 07:09 - 2011-10-19 07:05 - 154298538 ____A (Samsung ) C:\Users\Acer\Downloads\20070816143225781_Smarthru4_SCX-4100_Vista.exe
2011-10-19 05:53 - 2011-10-19 05:53 - 0000000 ___RD C:\Users\Acer\Documents\Scanned Documents
2011-10-19 05:53 - 2011-10-19 05:53 - 0000000 ____D C:\Users\Acer\Documents\Fax
2011-10-19 05:46 - 2011-10-19 05:46 - 5492905 ____A (Samsung ) C:\Users\Acer\Downloads\SCX-4100_Win7_Scan.exe
2011-10-19 05:24 - 2011-10-19 05:24 - 0000000 ____D C:\Program Files (x86)\Readiris
2011-10-19 05:24 - 2011-10-19 04:28 - 0000000 ____D C:\Program Files (x86)\SAMSUNG
2011-10-19 05:24 - 2009-07-13 18:34 - 0000659 ____A C:\Windows\win.ini
2011-10-19 05:15 - 2011-10-19 05:05 - 110663489 ____A (Samsung ) C:\Users\Acer\Downloads\SCX-4100_Smarthru4.exe
2011-10-19 04:52 - 2011-10-19 07:56 - 2388647 ____A C:\Users\Acer\Documents\termination.jpg
2011-10-19 04:52 - 2011-10-19 07:56 - 1509291 ____A C:\Users\Acer\Documents\Contract.jpg
2011-10-19 04:26 - 2011-10-19 04:26 - 10068559 ____A (Samsung ) C:\Users\Acer\Downloads\SCX-4100_Win7_GDI.exe
2011-10-18 19:27 - 2011-10-17 12:03 - 0012863 ____A C:\Users\Acer\Documents\Acer Alhashimi- Lawyer Meeting.docx
2011-10-18 18:04 - 2011-10-18 11:45 - 0000000 ____D C:\Users\Acer\AppData\Roaming\Yahoo!
2011-10-18 11:45 - 2011-10-18 11:45 - 0001141 ____A C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2011-10-18 11:45 - 2011-10-18 11:45 - 0000000 ____D C:\Windows\SysWOW64\Macromed
2011-10-18 11:45 - 2011-10-18 11:45 - 0000000 ____D C:\Users\All Users\Yahoo! Companion
2011-10-18 11:45 - 2011-10-18 11:45 - 0000000 ____D C:\Users\All Users\Yahoo!
2011-10-18 11:45 - 2011-10-18 11:45 - 0000000 ____D C:\ProgramData\Yahoo! Companion
2011-10-18 11:45 - 2011-10-18 11:45 - 0000000 ____D C:\ProgramData\Yahoo!
2011-10-18 11:45 - 2011-10-18 11:41 - 0000000 ____D C:\Program Files (x86)\Yahoo!
2011-10-18 11:41 - 2011-10-18 11:41 - 0423952 ____A (Yahoo! Inc.) C:\Users\Acer\Downloads\msgr11us.exe
2011-10-18 09:36 - 2011-10-13 17:31 - 0008416 ____A C:\Users\Acer\Documents\userdatabase alameerat.xlsx
2011-10-18 08:34 - 2011-10-18 08:34 - 0000000 ____D C:\Users\All Users\NortonInstaller
2011-10-18 08:34 - 2011-10-18 08:34 - 0000000 ____D C:\ProgramData\NortonInstaller
2011-10-18 06:38 - 2011-10-18 06:38 - 0000127 ____A C:\Users\Acer\Downloads\drwho1 (1).ram
2011-10-18 06:35 - 2011-10-18 06:35 - 0001268 ____A C:\Users\Public\Desktop\RealPlayer.lnk
2011-10-18 06:35 - 2011-10-18 06:35 - 0000000 ____D C:\Program Files (x86)\Real
2011-10-18 06:35 - 2011-10-18 06:14 - 0000000 ____D C:\Users\Acer\AppData\Roaming\Real
2011-10-18 06:35 - 2009-09-04 09:38 - 0198832 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2011-10-18 06:35 - 2009-09-04 09:38 - 0006656 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll
2011-10-18 06:35 - 2009-09-04 09:38 - 0005632 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll
2011-10-18 06:35 - 2007-11-14 07:13 - 0499712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2011-10-18 06:35 - 2007-11-14 07:13 - 0348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2011-10-18 06:34 - 2011-10-18 06:34 - 0000000 ____D C:\Users\Acer\AppData\Local\Real
2011-10-18 06:34 - 2011-10-18 06:28 - 0085402 ____A C:\Users\Acer\Documents\keywords.xlsx
2011-10-18 06:24 - 2011-10-18 06:24 - 0019376 ____A C:\Users\Acer\Downloads\keyword_ideas_20111018_0724608.csv
2011-10-18 06:23 - 2011-10-18 06:23 - 0019898 ____A C:\Users\Acer\Downloads\keyword_ideas_20111018_0723909.csv
2011-10-18 06:22 - 2011-10-18 06:22 - 0021052 ____A C:\Users\Acer\Downloads\keyword_ideas_20111018_0722499.csv
2011-10-18 06:21 - 2011-10-18 06:21 - 0020296 ____A C:\Users\Acer\Downloads\keyword_ideas_20111018_0721585.csv
2011-10-18 06:20 - 2011-10-18 06:20 - 0018910 ____A C:\Users\Acer\Downloads\keyword_ideas_20111018_0720128.csv
2011-10-18 06:16 - 2011-10-18 06:16 - 0684288 ____A (RealNetworks, Inc.) C:\Users\Acer\Downloads\RealPlayer.exe
2011-10-18 06:14 - 2011-10-18 06:14 - 0000127 ____A C:\Users\Acer\Downloads\drwho1.ram
2011-10-18 06:14 - 2011-10-18 06:14 - 0000000 ____D C:\Users\Acer\Documents\The KMPlayer
2011-10-18 05:34 - 2011-10-18 05:32 - 20655876 ____A C:\Users\Acer\Downloads\???? ???.. ??? ????? ?????? ..????? 1.. ????? - 18.cbr
2011-10-17 18:35 - 2011-10-17 11:15 - 0001088 ____A C:\Users\Acer\Downloads\forum_unread.gif
2011-10-17 17:57 - 2011-10-17 17:57 - 0018351 ____A C:\Users\Acer\Downloads\license.txt
2011-10-17 17:57 - 2011-10-17 17:57 - 0004234 ____A C:\Users\Acer\Downloads\install.xml
2011-10-17 17:34 - 2011-10-17 17:34 - 0162851 ____A C:\Users\Acer\Downloads\Prettyphoto Attachment Mod 1.0.2.zip
2011-10-17 17:09 - 2011-10-17 17:09 - 0003138 ____A C:\Users\Acer\Downloads\develop.zip
2011-10-17 17:08 - 2011-10-17 17:08 - 0004841 ____A C:\Users\Acer\Downloads\adm.zip
2011-10-17 16:55 - 2011-10-17 16:55 - 0032659 ____A C:\Users\Acer\Downloads\automod_logo.png
2011-10-17 16:35 - 2011-10-17 16:35 - 0003617 ____A C:\Users\Acer\Downloads\install_versions.php
2011-10-17 15:11 - 2011-10-17 15:11 - 0208528 ____A C:\Users\Acer\Downloads\automod-1001 (1).zip
2011-10-17 15:03 - 2011-10-17 15:03 - 0024827 ____A C:\Users\Acer\Downloads\easy_resizer.zip
2011-10-17 11:12 - 2011-10-17 11:04 - 0001058 ____A C:\Users\Acer\Downloads\forum_read.gif
2011-10-17 11:10 - 2011-10-17 11:10 - 0008462 ____A C:\Users\Acer\Downloads\bunch.jpg
2011-10-17 11:07 - 2011-10-17 11:07 - 0073786 ____A C:\Users\Acer\Downloads\zoom-v3.php
2011-10-17 11:03 - 2011-10-17 11:03 - 0024578 ____A C:\Users\Acer\Downloads\pink daisy.jpg
2011-10-17 05:27 - 2011-10-17 05:27 - 0004321 ____A C:\Users\Acer\Downloads\imageset.cfg
2011-10-16 18:27 - 2011-10-16 18:27 - 0020036 ____A C:\Users\Acer\Downloads\site_logo2.gif
2011-10-16 17:14 - 2011-10-16 17:14 - 0203194 ____A C:\Users\Acer\Downloads\site_logo1.png
2011-10-16 16:39 - 2011-10-16 16:39 - 0001176 ____A C:\Users\Public\Desktop\Paint.NET.lnk
2011-10-16 16:39 - 2011-10-16 16:39 - 0000000 ____D C:\Program Files\Paint.NET
2011-10-16 16:39 - 2011-10-16 16:38 - 3730109 ____A C:\Users\Acer\Downloads\Paint.NET.3.5.10.Install.zip
2011-10-16 16:37 - 2011-10-16 16:37 - 0694448 ____A (iBryte) C:\Users\Acer\Downloads\Gimp_Setup.exe
2011-10-16 09:18 - 2011-10-16 09:18 - 0017878 ____A C:\Users\Acer\Downloads\3866.zip
2011-10-16 08:25 - 2011-10-16 08:25 - 0023116 ____A C:\Users\Acer\Downloads\can-stock-photo_crystal tara.jpg
2011-10-16 08:25 - 2011-10-16 08:25 - 0010120 ____A C:\Users\Acer\Downloads\can-stock-photo_tiara.jpg
2011-10-15 17:34 - 2011-10-15 17:34 - 1567067 ____A C:\Users\Acer\Downloads\crown_vector_set_148710.zip
2011-10-15 15:43 - 2011-10-15 15:43 - 0020272 ____A C:\Users\Acer\Downloads\crowns.png
2011-10-15 15:42 - 2011-10-15 15:42 - 0026431 ____A C:\Users\Acer\Downloads\crowns.jpg
2011-10-15 15:39 - 2011-10-15 15:39 - 0509350 ____A C:\Users\Acer\Downloads\crowns.eps
2011-10-15 14:25 - 2011-10-15 14:25 - 0799846 ____A C:\Users\Acer\Downloads\Crown_and_Tiara_Brushes_by_mirrorimagestock.abr
2011-10-15 13:51 - 2011-10-15 13:51 - 0027043 ____A C:\Users\Acer\Downloads\crown.jpg
2011-10-15 13:50 - 2011-10-15 13:50 - 0056766 ____A C:\Users\Acer\Downloads\final.jpg
2011-10-14 07:19 - 2011-10-14 07:19 - 0039843 ____A C:\Users\Acer\Downloads\no_avatar.zip
2011-10-14 07:18 - 2011-10-14 07:18 - 0208528 ____A C:\Users\Acer\Downloads\automod-1001.zip
2011-10-13 21:55 - 2011-10-13 21:55 - 0775963 ____A C:\Users\Acer\Downloads\Default Random %27No Avatar%27 1.0.4a.zip
2011-10-13 20:51 - 2011-10-13 20:51 - 0304332 ____A C:\Users\Acer\Downloads\set7-100_100.zip
2011-10-13 20:33 - 2011-10-05 10:35 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2011-10-13 18:19 - 2011-10-13 18:19 - 0019911 ____A C:\Users\Acer\Documents\?????? ?????? ??????.docx
2011-10-13 11:42 - 2011-10-13 11:42 - 0043360 ____A C:\Users\Acer\Downloads\cooltext575284572.png
2011-10-13 11:34 - 2011-10-13 11:34 - 0043128 ____A C:\Users\Acer\Downloads\cooltext575281110.png
2011-10-13 10:55 - 2011-10-13 07:23 - 0200927 ____A C:\Users\Acer\Downloads\london (1).png
2011-10-13 10:09 - 2011-10-13 10:09 - 0020618 ____A C:\Users\Acer\Downloads\colours.css
2011-10-13 10:04 - 2011-10-13 10:04 - 0068091 ____A C:\Users\Acer\Downloads\paisly.jpg
2011-10-13 10:04 - 2011-10-13 05:28 - 0193404 ____A C:\Users\Acer\Downloads\london.png
2011-10-13 09:38 - 2011-10-13 09:19 - 0909505 ____A C:\Users\Acer\Downloads\baqa.png
2011-10-13 09:28 - 2011-10-13 09:28 - 0008455 ____A C:\Users\Acer\Downloads\overall_header.html
2011-10-13 09:17 - 2011-10-13 09:17 - 0235372 ____A C:\Users\Acer\Downloads\vector3-by-karenbak.zip
2011-10-13 08:50 - 2011-10-13 08:50 - 0009038 ____A C:\Users\Acer\Downloads\strip.jpg
2011-10-13 08:46 - 2011-10-13 08:46 - 0444043 ____A C:\Users\Acer\Downloads\strip.png
2011-10-13 08:43 - 2011-10-13 08:43 - 0374266 ____A C:\Users\Acer\Downloads\london (2).png
2011-10-13 08:42 - 2011-10-13 08:41 - 1657448 ____A C:\Users\Acer\Downloads\banner-vector.zip
2011-10-13 07:25 - 2011-10-13 07:25 - 0237687 ____A C:\Users\Acer\Downloads\allfreevectors_colorfull_seamless_background.png
2011-10-13 06:32 - 2011-10-13 05:42 - 0010571 ____A C:\Users\Acer\Downloads\london.jpg
2011-10-13 06:12 - 2011-10-13 06:10 - 0512619 ____A C:\Users\Acer\Downloads\colorfull-seamless-background (1).zip
2011-10-13 06:02 - 2011-10-13 06:02 - 0011094 ____A C:\Users\Acer\Downloads\common (2).css
2011-10-13 06:00 - 2011-10-13 06:00 - 0303119 ____A C:\Users\Acer\Downloads\prosilver.zip
2011-10-13 05:51 - 2011-10-13 05:51 - 0011094 ____A C:\Users\Acer\Downloads\common (1).css
2011-10-13 05:20 - 2011-10-13 05:20 - 0136816 ____A C:\Users\Acer\Downloads\allfreevectors_free_Blossom_tree_.png
2011-10-13 04:49 - 2011-10-13 04:49 - 0011094 ____A C:\Users\Acer\Downloads\common.css
2011-10-12 22:22 - 2011-10-12 22:15 - 2397972 ____A C:\Users\Acer\Downloads\7-799-Flowerfield.rar
2011-10-12 22:19 - 2011-10-12 22:18 - 11226360 ____A C:\Users\Acer\Downloads\flower_art_nes.zip
2011-10-12 22:16 - 2011-10-12 22:14 - 0942728 ____A C:\Users\Acer\Downloads\free_Blossom_tree.zip
2011-10-12 22:14 - 2011-10-12 22:14 - 0296568 ____A C:\Users\Acer\Downloads\allfreevectors_grape.zip
2011-10-12 22:13 - 2011-10-12 22:13 - 0356324 ____A C:\Users\Acer\Downloads\Musy Soned Background Vector Graphic.zip
2011-10-12 22:10 - 2011-10-12 22:09 - 2672661 ____A C:\Users\Acer\Downloads\phpBB-3.0.9 (2).zip
2011-10-12 22:06 - 2011-10-12 22:05 - 0512619 ____A C:\Users\Acer\Downloads\colorfull-seamless-background.zip
2011-10-12 22:04 - 2011-10-12 22:04 - 2526422 ____A C:\Users\Acer\Downloads\Orange Flowers vector art background.ai.zip
2011-10-12 22:01 - 2011-10-12 22:01 - 19690224 ____A C:\Users\Acer\Downloads\tileable-grungy-stars-photoshop-patterns-webtreats.zip
2011-10-12 22:01 - 2011-10-12 22:01 - 11570779 ____A C:\Users\Acer\Downloads\tileable-grungy-stars-jpg-texture-pack-webtreats.zip
2011-10-12 21:52 - 2011-10-12 21:48 - 0000000 ____D C:\Users\Acer\wp styles arabic
2011-10-12 21:33 - 2011-10-12 21:16 - 53294185 ____A C:\Users\Acer\Downloads\Grunge_floral_textures.rar
2011-10-12 21:20 - 2011-10-12 21:19 - 3684376 ____A C:\Users\Acer\Downloads\vector_flowers_postcard.zip
2011-10-12 21:09 - 2011-10-12 21:09 - 2568433 ____A C:\Users\Acer\Downloads\grunge-florals-frame.zip
2011-10-12 20:42 - 2011-10-12 20:42 - 0116672 ____A C:\Users\Acer\Downloads\images (1)
2011-10-12 19:21 - 2011-10-12 19:21 - 0000638 ____A C:\Users\Acer\Downloads\style (1).cfg
2011-10-12 19:17 - 2011-10-12 19:17 - 0052518 ____A C:\Users\Acer\Downloads\coollogo_com-62431966.png
2011-10-12 19:13 - 2011-10-12 19:13 - 0051851 ____A C:\Users\Acer\Downloads\coollogo_com-62573478.gif
2011-10-12 18:42 - 2011-10-12 18:42 - 0116672 ____A C:\Users\Acer\Downloads\images
2011-10-12 18:15 - 2011-10-12 18:13 - 0002795 ____A C:\Users\Acer\Downloads\body-bg.png
2011-10-12 17:58 - 2011-10-12 17:58 - 0032535 ____A C:\Users\Acer\Downloads\cooltext574813628MouseOver.png
2011-10-12 17:48 - 2011-10-12 17:48 - 0000917 ____A C:\Users\Acer\Downloads\ReadMe.txt
2011-10-12 16:26 - 2011-10-12 16:26 - 1995238 ____A C:\Users\Acer\Downloads\the_pearls.zip
2011-10-12 15:15 - 2011-10-12 15:15 - 0000667 ____A C:\Users\Acer\Downloads\style.cfg
2011-10-12 14:21 - 2011-10-12 14:21 - 2672661 ____A C:\Users\Acer\Downloads\phpBB-3.0.9 (1).zip
2011-10-12 14:11 - 2011-10-12 14:11 - 0939347 ____A C:\Users\Acer\Downloads\Attriuum.zip
2011-10-12 13:19 - 2011-10-12 13:19 - 3454500 ____A C:\Users\Acer\Downloads\vector-flowers-clip-art.zip
2011-10-12 13:18 - 2011-10-12 13:18 - 0576461 ____A C:\Users\Acer\Downloads\floral-ornament-design.zip
2011-10-12 13:18 - 2011-10-12 13:17 - 4994126 ____A C:\Users\Acer\Downloads\vector-background-art.zip
2011-10-12 10:56 - 2011-10-12 10:56 - 0481776 ____A C:\Users\Acer\Downloads\1864.zip
2011-10-12 10:34 - 2011-10-12 10:33 - 0597853 ____A C:\Users\Acer\Downloads\11420.zip
2011-10-12 09:07 - 2011-10-12 09:07 - 0036352 ____A C:\Users\Acer\Downloads\Consultation Info by Email (2).doc
2011-10-12 08:36 - 2011-10-12 08:35 - 3981490 ____A C:\Users\Acer\Downloads\wordpress-3.2.1 (1) (1).zip
2011-10-12 08:07 - 2011-10-12 08:07 - 0000185 ____A C:\Users\Acer\Downloads\index (1).php
2011-10-12 07:30 - 2011-10-12 07:30 - 0009626 ____A C:\Users\Acer\Downloads\style.css
2011-10-12 07:13 - 2011-10-12 07:10 - 3981490 ____A C:\Users\Acer\Downloads\wordpress-3.2.1 (1).zip
2011-10-12 07:04 - 2011-10-12 07:04 - 1113052 ____A C:\Users\Acer\Downloads\wordpress-3.2.1-ar (2) (1).zip
2011-10-12 06:31 - 2011-10-12 06:27 - 3981485 ____A C:\Users\Acer\Downloads\wordpress-3.2.1.zip
2011-10-12 06:15 - 2011-10-12 05:31 - 4392292 ____A C:\Users\Acer\Downloads\wordpress-3.2.1-ar (2).zip
2011-10-12 06:10 - 2011-10-12 06:10 - 0002685 ____A C:\Users\Acer\Downloads\wp-config.php
2011-10-12 05:22 - 2011-10-12 05:22 - 0201178 ____A C:\Users\Acer\Downloads\3aela.zip
2011-10-12 05:14 - 2011-10-12 05:14 - 4407131 ____A C:\Users\Acer\Downloads\wordpress-3.2.1-ar (1) (1).zip
2011-10-12 05:12 - 2011-10-11 05:03 - 0001866 ____A C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2011-10-12 05:12 - 2011-10-11 05:03 - 0001864 ____A C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
2011-10-11 19:22 - 2011-10-11 19:22 - 0015938 ____A C:\Users\Acer\Downloads\twentyeleven.pot
2011-10-11 19:16 - 2011-10-11 19:15 - 4407131 ____A C:\Users\Acer\Downloads\wordpress-3.2.1-ar (1).zip
2011-10-11 13:08 - 2011-10-11 13:08 - 0001400 ____A C:\Users\Acer\Downloads\index.php
2011-10-11 13:05 - 2011-10-11 13:05 - 0606779 ____A C:\Users\Acer\Documents\index.html.docx
2011-10-11 12:19 - 2011-10-11 12:19 - 0036352 ____A C:\Users\Acer\Downloads\Consultation Info by Email (1).doc
2011-10-11 08:25 - 2011-10-11 08:25 - 0015795 ____A C:\Users\Acer\Documents\fedral government post secondary recruitment.docx
2011-10-11 07:53 - 2011-10-11 07:53 - 0021580 ____A C:\Users\Acer\Downloads\My Resume (1).docx
2011-10-11 07:16 - 2011-10-11 07:16 - 0036352 ____A C:\Users\Acer\Downloads\Consultation Info by Email.doc
2011-10-11 05:54 - 2011-10-11 05:54 - 0044672 ____A C:\Users\Acer\Downloads\Pink Flower.zip
2011-10-11 05:48 - 2011-10-11 05:48 - 0063714 ____A C:\Users\Acer\Downloads\purple_beauty.zip
2011-10-11 05:04 - 2011-10-11 05:04 - 0002019 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk
2011-10-11 05:03 - 2011-10-11 05:03 - 0000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2011-10-11 05:03 - 2011-10-11 05:03 - 0000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2011-10-11 05:03 - 2011-10-11 05:03 - 0000000 ____D C:\Users\All Users\McAfee
2011-10-11 05:03 - 2011-10-11 05:03 - 0000000 ____D C:\ProgramData\McAfee
2011-10-10 19:20 - 2011-10-10 19:20 - 0892467 ____A C:\Users\Acer\Downloads\koi.zip
2011-10-10 19:19 - 2011-10-10 19:19 - 0329543 ____A C:\Users\Acer\Downloads\Craftwork.zip
2011-10-10 19:14 - 2011-10-10 19:13 - 0769910 ____A C:\Users\Acer\Downloads\PinkWorld.zip
2011-10-10 18:53 - 2011-10-10 18:53 - 0001477 ____A C:\Users\Acer\Downloads\include-parent-theme-rtl-css.0.1.zip
2011-10-10 18:21 - 2011-10-10 18:21 - 0000000 ____D C:\Users\Acer\AppData\Roaming\Artisteer
2011-10-10 18:21 - 2011-10-10 18:21 - 0000000 ____D C:\Users\Acer\AppData\Roaming\Apple Computer
2011-10-10 18:21 - 2011-10-10 18:21 - 0000000 ____D C:\Users\Acer\AppData\Local\Apple Computer
2011-10-10 18:13 - 2011-10-10 18:13 - 0001129 ____A C:\Users\Acer\Desktop\Artisteer 3.lnk
2011-10-10 18:12 - 2011-10-10 18:12 - 0000000 ____D C:\Program Files (x86)\Artisteer 3
2011-10-10 18:11 - 2011-10-10 17:55 - 96775166 ____A C:\Users\Acer\Downloads\Artisteer 3.0 and keygen.rar
2011-10-10 17:56 - 2011-10-10 17:56 - 5756527 ____A C:\Users\Acer\Downloads\arabic wordpress themes by karwanpro (01).zip
2011-10-10 09:49 - 2011-10-08 13:23 - 0000000 ____D C:\Users\Acer\AppData\Local\Microsoft Games
2011-10-10 07:50 - 2011-10-10 07:42 - 0606765 ____A C:\Users\Acer\Documents\????????1.docx
2011-10-10 07:50 - 2011-10-10 07:42 - 0026385 ____A C:\Users\Acer\Documents\????????1.htm
2011-10-10 07:50 - 2011-10-10 07:42 - 0000000 ____D C:\Users\Acer\Documents\????????1_files
2011-10-10 07:31 - 2011-10-09 14:51 - 0138199 ____A C:\Users\Acer\Documents\????????.htm
2011-10-10 07:31 - 2011-10-09 14:51 - 0000000 ____D C:\Users\Acer\Documents\????????_files
2011-10-10 07:22 - 2011-10-09 14:51 - 0050034 ____A C:\Users\Acer\Documents\????????.docx
2011-10-10 06:14 - 2011-10-10 06:14 - 384345314 ____A C:\Windows\MEMORY.DMP
2011-10-10 06:14 - 2011-10-10 06:14 - 0673728 ____A C:\Windows\Minidump\101011-15412-01.dmp
2011-10-10 06:14 - 2011-10-10 06:14 - 0000000 ____D C:\Windows\Minidump
2011-10-09 14:51 - 2011-10-09 14:51 - 0000162 ___AH C:\Users\Acer\Documents\~$??????.htm
2011-10-09 14:37 - 2011-10-09 14:37 - 0000162 ___AH C:\Users\Acer\Documents\~$??????.docx
2011-10-09 08:12 - 2011-10-09 08:00 - 5075919 ____A C:\Users\Acer\Downloads\?????? ???????.pdf
2011-10-09 07:33 - 2011-10-09 07:33 - 0103936 ____A C:\Users\Acer\Downloads\CH_4.doc
2011-10-08 15:24 - 2011-10-08 08:17 - 0026985 ____A C:\Users\Acer\Documents\alameerat.htm
2011-10-08 15:24 - 2011-10-08 08:17 - 0000000 ____D C:\Users\Acer\Documents\alameerat_files
2011-10-08 14:16 - 2011-10-08 14:16 - 3521627 ____A C:\Users\Acer\Documents\??????.htm
2011-10-08 14:16 - 2011-10-08 14:16 - 0363959 ____A C:\Users\Acer\Documents\??????.docx
2011-10-08 14:16 - 2011-10-08 14:16 - 0000000 ____D C:\Users\Acer\Documents\??????_files
2011-10-08 13:05 - 2011-10-08 11:19 - 0028598 ____A C:\Users\Acer\Documents\any.html
2011-10-08 13:05 - 2011-10-08 11:19 - 0000000 ____D C:\Users\Acer\Documents\any_files
2011-10-08 11:07 - 2011-10-08 08:36 - 0028769 ____A C:\Users\Acer\Documents\ala.htm
2011-10-08 11:07 - 2011-10-08 08:36 - 0000000 ____D C:\Users\Acer\Documents\ala_files
2011-10-08 08:36 - 2011-10-08 08:36 - 0348022 ____A C:\Users\Acer\Documents\ala.docx
2011-10-08 08:16 - 2011-10-08 08:16 - 0415927 ____A C:\Users\Acer\Documents\alameerat.docx
2011-10-08 07:53 - 2011-10-08 07:53 - 1034648 ____A C:\Users\Acer\Documents\any.html.docx
2011-10-08 07:53 - 2011-10-08 07:53 - 1034639 ____A C:\Users\Acer\Documents\?????????.docx
2011-10-08 07:39 - 2011-10-08 07:39 - 0007396 ____A C:\Users\Acer\Downloads\1199067_abstract_tree_2.jpg
2011-10-07 11:52 - 2011-10-07 11:52 - 0043319 ____A C:\Users\Acer\Downloads\stock-photo-16835580-tiara-on-the-white-background.jpg
2011-10-06 17:54 - 2011-10-06 17:54 - 0000606 ____A C:\Users\Acer\Desktop\XAMPP Control Panel.lnk
2011-10-06 17:51 - 2011-10-06 17:50 - 84881998 ____A C:\Users\Acer\Downloads\xampp-win32-1.7.7-VC9-installer.exe
2011-10-06 17:48 - 2011-10-06 17:48 - 21178760 ____A (TuneUp Software) C:\Users\Acer\Downloads\TuneUpUtilities2011_en-US.exe
2011-10-06 16:02 - 2011-10-06 16:02 - 0000001 ____A C:\Users\Acer\Downloads\cpbackup-exclude.conf
2011-10-06 15:02 - 2011-10-06 15:01 - 1433414 ____A C:\Users\Acer\Downloads\backup-10.5.2011_20-58-21_hashimi (1).tar.gz
2011-10-06 14:45 - 2011-10-06 14:45 - 9874920 ____A C:\Users\Acer\Downloads\4031.zip
2011-10-06 12:14 - 2011-10-06 12:14 - 4407131 ____A C:\Users\Acer\Downloads\wordpress-3.2.1-ar.zip
2011-10-06 11:12 - 2011-10-06 11:12 - 5314432 ____A (Finarea S.A. Switzerland ) C:\Users\Acer\Downloads\setupVoipWise.exe
2011-10-06 11:12 - 2011-10-06 11:12 - 0001174 ____A C:\Users\Acer\Desktop\Voipwise.lnk
2011-10-06 11:12 - 2011-10-06 11:12 - 0000000 ____D C:\Program Files (x86)\Voipwise.com
2011-10-05 19:26 - 2011-10-05 19:26 - 0204942 ____A C:\Users\Acer\ar.zip
2011-10-05 19:24 - 2011-10-05 19:24 - 0196897 ____A C:\Users\Acer\Downloads\ar.rar
2011-10-05 19:21 - 2011-10-05 19:21 - 0253064 ____A C:\Users\Acer\Downloads\arabic_1_0_3 (1) (2).zip
2011-10-05 19:13 - 2011-10-05 19:13 - 0253064 ____A C:\Users\Acer\Downloads\arabic_1_0_3 (1) (1).zip
2011-10-05 18:57 - 2011-10-03 08:05 - 0000000 ____D C:\Users\Acer\AppData\Roaming\WinRAR
2011-10-05 18:42 - 2011-10-05 18:42 - 0172535 ____A C:\Users\Acer\Downloads\lang_en.zip
2011-10-05 18:17 - 2011-10-05 18:17 - 0067627 ____A C:\Users\Acer\Downloads\install.php
2011-10-05 18:07 - 2011-10-05 18:07 - 0253064 ____A C:\Users\Acer\Downloads\arabic_1_0_3 (1).zip
2011-10-05 17:59 - 2011-10-05 17:59 - 1433414 ____A C:\Users\Acer\Downloads\backup-10.5.2011_20-58-21_hashimi.tar.gz
2011-10-05 15:06 - 2011-10-05 15:06 - 0000169 ____A C:\Users\Acer\Downloads\index.htm
2011-10-05 14:49 - 2011-10-05 14:49 - 0015934 ____A C:\Users\Acer\Downloads\posting.php
2011-10-05 14:41 - 2011-10-05 14:41 - 0253064 ____A C:\Users\Acer\Downloads\arabic_1_0_3.zip
2011-10-05 13:49 - 2011-10-05 13:49 - 0039065 ____A C:\Users\Acer\Downloads\php.ini
2011-10-05 13:49 - 2011-10-05 13:49 - 0039065 ____A C:\Users\Acer\Downloads\php (1).ini
2011-10-05 10:43 - 2011-10-05 10:43 - 6425656 ____A C:\Users\Acer\Downloads\Choobies.themepack
2011-10-05 10:42 - 2011-10-05 10:42 - 2167925 ____A C:\Users\Acer\Downloads\BakeHouse.themepack
2011-10-05 10:41 - 2011-10-05 10:41 - 1372550 ____A C:\Users\Acer\Downloads\AnHsinPuTzu.themepack
2011-10-05 10:40 - 2011-10-05 10:40 - 10307226 ____A C:\Users\Acer\Downloads\ZuneCharacters.themepack
2011-10-05 10:40 - 2011-10-05 10:40 - 10307226 ____A C:\Users\Acer\Downloads\ZuneCharacters (1).themepack
2011-10-05 10:35 - 2011-10-05 10:35 - 6284664 ____A (Microsoft Corporation) C:\Users\Acer\Downloads\Silverlight.exe
2011-10-05 04:48 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\rescache
2011-10-05 03:54 - 2011-10-02 10:54 - 0000000 ____D C:\Users\Acer\AppData\Local\VirtualStore
2011-10-04 15:34 - 2011-10-04 15:34 - 0000000 ____D C:\Users\Acer\AppData\Roaming\FlashGet
2011-10-04 15:16 - 2011-10-04 15:16 - 0000000 ___AH C:\Users\Acer\Documents\Default.rdp
2011-10-04 15:14 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\PolicyDefinitions
2011-10-04 15:04 - 2011-10-04 14:43 - 0003766 ____A C:\Windows\IE9_main.log
2011-10-04 15:04 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\servicing
2011-10-04 15:03 - 2011-10-04 15:03 - 3695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2011-10-04 15:03 - 2011-10-04 15:03 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2011-10-04 15:03 - 2011-10-04 15:03 - 1492992 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2011-10-04 15:03 - 2011-10-04 15:03 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2011-10-04 15:03 - 2011-10-04 15:03 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-10-04 15:03 - 2011-10-04 15:03 - 0434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-10-04 15:03 - 2011-10-04 15:03 - 0353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2011-10-04 15:03 - 2011-10-04 15:03 - 0165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2011-10-04 15:03 - 2011-10-04 15:03 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2011-10-04 15:03 - 2011-10-04 15:03 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2011-10-04 15:03 - 2011-10-04 15:03 - 0150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2011-10-04 15:03 - 2011-10-04 15:03 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2011-10-04 15:03 - 2011-10-04 15:03 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2011-10-04 15:03 - 2011-10-04 15:03 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2011-10-04 15:03 - 2011-10-04 15:03 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2011-10-04 15:03 - 2011-10-04 15:03 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2011-10-04 15:03 - 2011-10-04 15:03 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2011-10-04 15:03 - 2011-10-04 15:03 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2011-10-04 15:03 - 2011-10-04 15:03 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2011-10-04 15:03 - 2011-10-04 15:03 - 0072822 ____A C:\Windows\SysWOW64\ieuinit.inf
2011-10-04 15:03 - 2011-10-04 15:03 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2011-10-04 15:03 - 2011-10-04 15:03 - 0066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2011-10-04 15:03 - 2011-10-04 15:03 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-10-04 15:03 - 2011-10-04 15:03 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2011-10-04 15:03 - 2011-10-04 15:03 - 0011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2011-10-04 15:03 - 2011-10-04 15:03 - 0010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-10-04 15:03 - 2011-10-04 15:03 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-10-04 14:41 - 2011-10-03 08:03 - 0000000 ____D C:\Program Files (x86)\Microsoft Works
2011-10-03 19:59 - 2011-10-03 19:59 - 0000000 ____D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2011-10-03 19:54 - 2011-10-03 19:54 - 0000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2011-10-03 19:54 - 2011-10-03 19:54 - 0000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2011-10-03 18:43 - 2011-10-03 18:43 - 0027116 ____A C:\Users\Acer\Downloads\My Resume and Cletter (3).docx
2011-10-03 18:42 - 2011-10-03 18:42 - 0025814 ____A C:\Users\Acer\Downloads\My Resume and Cletter.docx
2011-10-03 16:59 - 2011-10-03 16:59 - 0021081 ____A C:\Users\Acer\Downloads\My Resume.docx
2011-10-03 15:19 - 2011-10-03 15:19 - 0000000 ____D C:\Users\Acer\AppData\Roaming\Macromedia
2011-10-03 15:06 - 2011-10-03 15:05 - 0000000 ____D C:\Users\Acer\AppData\Local\Deployment
2011-10-03 15:05 - 2011-10-03 15:05 - 0000000 ____D C:\Users\Acer\AppData\Local\Apps\2.0
2011-10-03 14:59 - 2009-07-13 19:20 - 0000000 __RHD C:\Users\Public\Libraries
2011-10-03 08:11 - 2011-10-03 08:11 - 0002693 ____A C:\Users\Acer\Desktop\Microsoft Office Word 2007.lnk
2011-10-03 08:08 - 2011-10-03 08:08 - 0001945 ____A C:\Windows\epplauncher.mif
2011-10-03 08:08 - 2011-10-03 08:08 - 0000000 ____D C:\Program Files\Microsoft Security Client
2011-10-03 08:08 - 2011-10-03 08:08 - 0000000 ____D C:\Program Files (x86)\Microsoft Security Client
2011-10-03 08:05 - 2011-10-03 08:05 - 0001921 ____A C:\Users\Public\Desktop\Pure Codec Player.lnk
2011-10-03 08:05 - 2011-10-03 08:05 - 0000055 ____A C:\Windows\srstati.ini
2011-10-03 08:05 - 2011-10-03 08:05 - 0000000 ____D C:\Users\All Users\Apple Computer
2011-10-03 08:05 - 2011-10-03 08:05 - 0000000 ____D C:\ProgramData\Apple Computer
2011-10-03 08:05 - 2011-10-03 08:05 - 0000000 ____D C:\Program Files (x86)\WinRAR
2011-10-03 08:05 - 2011-10-03 08:05 - 0000000 ____D C:\Program Files (x86)\Pure Codec
2011-10-03 08:05 - 2011-10-03 08:05 - 0000000 ____D C:\Program Files (x86)\AviSynth 2.5
2011-10-03 08:03 - 2011-10-03 08:03 - 0000000 ____D C:\Windows\PCHEALTH
2011-10-03 08:03 - 2011-10-03 08:03 - 0000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2011-10-03 08:03 - 2010-11-20 23:16 - 0000000 ____D C:\Windows\ShellNew
2011-10-03 08:02 - 2011-10-03 08:02 - 0000000 ____D C:\Program Files\Microsoft Office
2011-10-03 08:02 - 2011-10-03 08:01 - 0000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2011-10-03 08:01 - 2011-10-03 08:01 - 0000000 ___RD C:\MSOCache
2011-10-03 07:57 - 2011-10-03 07:53 - 0001159 ____A C:\freefallprotection.log
2011-10-03 07:55 - 2011-10-03 07:55 - 0000000 ____D C:\Program Files\STMicroelectronics
2011-10-03 07:55 - 2011-10-03 06:19 - 0000000 ____D C:\Program Files (x86)\Intel
2011-10-03 07:53 - 2011-10-03 07:53 - 0749152 ____A C:\Windows\System32\oem13.inf
2011-10-03 07:53 - 2011-10-03 07:53 - 0000000 ____D C:\Program Files (x86)\STMicroelectronics
2011-10-03 07:53 - 2011-10-03 07:53 - 0000000 ____D C:\Program Files (x86)\Cisco
2011-10-03 07:53 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\zh-TW
2011-10-03 07:53 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\zh-HK
2011-10-03 07:53 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\zh-CN
2011-10-03 07:53 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\tr-TR
2011-10-03 07:53 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\th-TH
2011-10-03 07:53 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\sv-SE
2011-10-03 07:52 - 2011-10-03 07:52 - 4720704 ____A (Broadcom Corporation) C:\Windows\System32\Drivers\BCMWL664.SYS
2011-10-03 07:52 - 2011-10-03 07:52 - 3905848 ____A (Broadcom Corporation) C:\Windows\System32\bcmihvsrv64.dll
2011-10-03 07:52 - 2011-10-03 07:52 - 3571512 ____A (Broadcom Corporation) C:\Windows\System32\bcmihvui64.dll
2011-10-03 07:52 - 2011-10-03 07:52 - 0095544 ____A (Broadcom Corporation) C:\Windows\System32\bcmwlcoi.dll
2011-10-03 07:52 - 2011-10-03 07:52 - 0006656 ____A C:\Windows\System32\bcmwlrc.dll
2011-10-03 07:52 - 2011-10-03 07:52 - 0000000 ____D C:\Program Files\Broadcom
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\sl-SI
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\sk-SK
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\ru-RU
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\ro-RO
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\pt-PT
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\pt-BR
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\pl-PL
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\nl-NL
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\nb-NO
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\lv-LV
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\lt-LT
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\ko-KR
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\ja-JP
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\it-IT
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\hu-HU
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\hr-HR
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\he-IL
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\fr-FR
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\fi-FI
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\et-EE
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\es-ES
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\el-GR
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\de-DE
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\da-DK
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\cs-CZ
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\bg-BG
2011-10-03 07:52 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\ar-SA
2011-10-03 07:45 - 2011-10-03 07:27 - 0005850 ____A C:\Windows\DPINST.LOG
2011-10-03 07:26 - 2011-10-03 07:26 - 0000000 ____D C:\Program Files (x86)\MyDrivers
2011-10-03 06:41 - 2011-10-03 06:41 - 83818976 ____A C:\Users\Acer\Downloads\R258276.exe
2011-10-03 06:25 - 2011-10-03 06:25 - 0000000 ____D C:\Users\Acer\AppData\Roaming\Intel Corporation
2011-10-03 06:23 - 2011-10-03 06:23 - 0000000 ____D C:\Program Files\Common Files\Intel
2011-10-03 06:23 - 2011-10-03 06:22 - 6075728 ____A C:\Users\Acer\Downloads\R242823.exe
2011-10-03 06:22 - 2011-10-03 06:21 - 42229520 ____A C:\Users\Acer\Downloads\R264614.exe
2011-10-03 06:22 - 2011-10-03 06:19 - 0000000 ____D C:\Intel
2011-10-03 06:21 - 2011-10-03 06:21 - 0000000 ____D C:\Users\Acer\AppData\Roaming\InstallShield
2011-10-03 06:21 - 2011-10-03 06:19 - 11143064 ____A C:\Users\Acer\Downloads\R263958.exe
2011-10-03 06:20 - 2011-10-03 06:19 - 11511840 ____A C:\Users\Acer\Downloads\R243815.exe
2011-10-03 06:20 - 2011-10-03 06:17 - 6195128 ____A C:\Users\Acer\Downloads\R243820.exe
2011-10-03 06:19 - 2011-10-03 06:19 - 0000000 ____D C:\dell
2011-10-03 06:19 - 2011-10-03 06:17 - 5697520 ____A C:\Users\Acer\Downloads\R243176.exe
2011-10-03 06:19 - 2011-10-03 06:16 - 3912304 ____A C:\Users\Acer\Downloads\R224473.exe
2011-10-02 14:42 - 2009-07-13 21:38 - 0025600 __ASH C:\Windows\System32\config\BCD-Template.LOG
2011-10-02 14:42 - 2009-07-13 21:32 - 0028672 ____A C:\Windows\System32\config\BCD-Template
2011-10-02 13:46 - 2009-07-13 21:01 - 0116385 ____A C:\Windows\SysWOW64\license.rtf
2011-10-02 13:46 - 2009-07-13 21:01 - 0116385 ____A C:\Windows\System32\license.rtf
2011-10-02 13:45 - 2011-10-02 13:45 - 0001355 ____A C:\Windows\TSSysprep.log
2011-10-02 13:45 - 2009-07-13 20:46 - 0002790 ____A C:\Windows\DtcInstall.log
2011-10-02 13:45 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\sysprep
2011-10-02 13:44 - 2011-10-02 13:44 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2011-10-02 13:43 - 2010-11-20 23:16 - 0000000 ____D C:\Windows\CSC
2011-10-02 11:16 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\System32\restore
2011-10-02 10:55 - 2011-10-02 10:55 - 0000174 __ASH C:\Users\Acer\Start Menu\Programs\Startup\desktop.ini
2011-10-02 10:55 - 2011-10-02 10:55 - 0000174 __ASH C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2011-10-02 10:54 - 2011-10-02 14:42 - 0000000 ____D C:\Windows\Panther
2011-10-02 10:54 - 2011-10-02 10:54 - 0000020 ___SH C:\Users\Acer\ntuser.ini
2011-10-02 10:54 - 2011-10-02 10:54 - 0000000 __SHD C:\Users\Acer\Templates
2011-10-02 10:54 - 2011-10-02 10:54 - 0000000 __SHD C:\Users\Acer\Start Menu
2011-10-02 10:54 - 2011-10-02 10:54 - 0000000 __SHD C:\Users\Acer\PrintHood
2011-10-02 10:54 - 2011-10-02 10:54 - 0000000 __SHD C:\Users\Acer\NetHood
2011-10-02 10:54 - 2011-10-02 10:54 - 0000000 __SHD C:\Users\Acer\My Documents
2011-10-02 10:54 - 2011-10-02 10:54 - 0000000 __SHD C:\Users\Acer\Documents\My Videos
2011-10-02 10:54 - 2011-10-02 10:54 - 0000000 __SHD C:\Users\Acer\Documents\My Pictures
2011-10-02 10:54 - 2011-10-02 10:54 - 0000000 __SHD C:\Users\Acer\Documents\My Music
2011-10-02 10:54 - 2011-10-02 10:54 - 0000000 __SHD C:\Users\Acer\AppData\Local\Temporary Internet Files
2011-10-02 10:54 - 2011-10-02 10:54 - 0000000 __SHD C:\Users\Acer\AppData\Local\History
2011-10-02 10:54 - 2011-10-02 10:54 - 0000000 ____D C:\Recovery
2011-09-29 08:29 - 2011-11-09 05:23 - 1923952 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-09-28 20:03 - 2011-11-09 05:22 - 3144704 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-09-26 18:44 - 2011-10-31 14:49 - 0000000 ___AD C:\Users\Acer\Desktop\Buttons menu MOD 2.2.0
2011-08-31 21:34 - 2011-10-13 19:34 - 17781760 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-08-31 21:24 - 2011-10-13 19:34 - 2309120 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2011-08-31 21:24 - 2011-10-13 19:34 - 10886144 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-08-31 21:18 - 2011-10-13 19:34 - 1344512 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-08-31 21:17 - 2011-10-13 19:34 - 1389056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-08-31 21:16 - 2011-10-13 19:34 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-08-31 21:15 - 2011-10-13 19:34 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-08-31 21:14 - 2011-10-13 19:34 - 0818176 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2011-08-31 21:12 - 2011-10-13 19:34 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-08-31 21:12 - 2011-10-13 19:34 - 2143744 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-08-31 21:12 - 2011-10-13 19:34 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-08-31 21:08 - 2011-10-13 19:34 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-08-31 18:36 - 2011-10-13 19:34 - 12275200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-08-31 18:35 - 2011-10-13 19:34 - 1798144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2011-08-31 18:33 - 2011-10-13 19:34 - 9704960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-08-31 18:28 - 2011-10-13 19:34 - 1126912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-08-31 18:28 - 2011-10-13 19:34 - 1102848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-08-31 18:27 - 2011-10-13 19:34 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-08-31 18:26 - 2011-10-13 19:34 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-08-31 18:24 - 2011-10-13 19:34 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2011-08-31 18:23 - 2011-10-13 19:34 - 1791488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-08-31 18:23 - 2011-10-13 19:34 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-08-31 18:22 - 2011-10-13 19:34 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-08-31 18:21 - 2011-10-13 19:34 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-08-31 14:00 - 2011-11-19 18:55 - 0025416 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys


========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 16%
Total physical RAM: 3892.52 MB
Available physical RAM: 3269.22 MB
Total Pagefile: 3890.72 MB
Available Pagefile: 3253.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:422.16 GB) NTFS
3 Drive f: (KINGSTON) (Removable) (Total:3.73 GB) (Free:0.73 GB) FAT32
4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
5 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 3828 MB 0 B

Partitions of Disk 0:

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 465 GB 101 MB

Disk: 0
Partition 1
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy

==========================================================

Last Boot: 2011-11-21 16:12

======================= End Of Log ==========================

Edited by etoilethay, 25 November 2011 - 02:00 PM.

working on losing my belly fat :D

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:55 PM

Posted 25 November 2011 - 10:13 PM

Hello

This is what we need to do

System Recovery Environment

To access the System Recovery Environment, simply boot your PC,

  • just before the system loads the Windows operating system, hit the [F8] Function 8 key on your keyboard which will launch the Advanced Boot Options menu.
  • There you will see a new option 'Repair Your Computer', select this option and hit 'Enter' on your keyboard.
  • Now, from the System Recovery Options dialog, select the "Operating System" you want to repair, then click Next:
  • From the "Choose a Recovery Tool" dialog menu, select "Command Prompt":

    [list]type the following commands one at a time and press enter after each line
  • DISKPART
  • LIST DISK
  • SELECT DISK 0
  • LIST PARTITION
  • SELECT PARTITION 5
  • ACTIVE
  • LIST PARTITION
  • SELECT PARTITION 4
  • DELETE PARTITION
  • EXIT (to exit DiskPart)
  • EXIT (to exit the Command Prompt)

now restart the computer

gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users