Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSOD ataport.sys 0x0000008E


  • This topic is locked This topic is locked
137 replies to this topic

#1 SGasan116

SGasan116

  • Members
  • 251 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:13 AM

Posted 20 April 2012 - 07:18 PM

Hello!

I have PC with Q9650, 4GB memory, PNY nVidia 1.8GB videocard, Windows 7 Ultimate, Avira antivirus.
Everything was fine, but a few days ago I got BSOD with ataport.sys and Stop: 0x0000008E
And after this if I boot normally, Windows 7 Ultimate is crashing every time after a few minutes.
But it's works in safe mode (!), except for today - it crushed after 3 hours of use.

I tried everything: Avira, sfc /scandisk, chkdsk,
Comodo Cleaning Essentials, ComboFix, Windows Memory Test etc.

Some of programs for testing I wasn't able to install
b/c of Safe Mode. And I also can't use System Restore points, it's just fail each time I tried.

I don't want to reinstall Windows and rather will try fix it (of course if it possible to find a solution).
I attached two files with DDS logs.

Thank in advance and please help!
(English is my second language)

These DDS & GMER logs are from Windows 7 in SAFE MODE:

.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30
Run by Riverdale at 19:57:14 on 2012-04-20
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3071.1059 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\SeaMonkey\seamonkey.exe
C:\Program Files\SeaMonkey\plugin-container.exe
C:\Program Files\SeaMonkey\plugin-container.exe
C:\Program Files\Safari\Safari.exe
C:\Program Files\Safari\Apple Application Support\WebKit2WebProcess.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:Tabs
BHO: TBSB01620 Class: {58124a0b-dc32-4180-9bff-e0e21ae34026} - c:\program files\iminent toolbar\tbcore3.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: IEExtension.VDownloaderBHO: {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: HrefNewTabBHO Class: {9ee1a6e7-e822-4d0e-9664-815f94b00373} - c:\users\riverdale\appdata\local\epicnewtab\HrefIENewTab.dll
BHO: Facebackgrounds: {b11cbda9-6702-469e-9ce1-64e3971a6b44} - c:\users\riverdale\appdata\local\fb.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: TravelGraspBHO Class: {f1813754-5468-41d5-bb9f-a922bbb20399} - c:\users\riverdale\appdata\local\TravelGrasp.dll
TB: Copernic Desktop Search - Home Toolbar: {4a1c6093-14f9-44d7-860e-5d265cfca9d9} - c:\program files\copernic desktop search - home\toolbar\ToolbarContainer101000325.dll
TB: IMinent Toolbar: {977ae9cc-af83-45e8-9e03-e2798216e2d5} - c:\program files\iminent toolbar\tbcore3.dll
uRun: [SystemExplorerAutoStart] "c:\program files\system explorer\SystemExplorer.exe" /TRAY
uRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -startup
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
mRun: [Cmaudio8788GX] c:\windows\system\HsMgr.exe Envoke
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
uPolicies-explorer: NoThumbnailCache = 1 (0x1)
uPolicies-explorer: DisableThumbnailsOnNetworkFolders = 1 (0x1)
mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{48EC117C-0733-4B33-AC39-B177E543A6D6} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{D657EFC1-6459-4217-9A79-5FB9A4016C88} : DhcpNameServer = 192.168.0.1
STS: FencesShlExt Class: {1984dd45-52cf-49cd-ab77-18f378fea264} - c:\program files\stardock\fences\FencesMenu.dll
SEH: Directory Opus Shell Execute Hook: {3cf9ece0-1a9f-11d2-8c73-00c06c2005de} - c:\program files\gpsoftware\directory opus\dopuslib.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\riverdale\appdata\roaming\mozilla\firefox\profiles\w849fygt.default\
FF - prefs.js: browser.search.selectedEngine -
.
---- FIREFOX POLICIES ----
FF - user.js: extentions.y2layers.installId - f4e8f8ff-cfc3-450b-add0-6dd42f776bd6
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,TopRelatedTopics,BestVideoDownloader,
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-4-19 242240]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [2007-8-2 22784]
R3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\drivers\netr28u.sys [2009-5-25 734208]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
S1 SCT_SKMScan;SCT_SKMScan;c:\windows\system32\drivers\sct_skmscan.sys [2011-3-9 33568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-7-19 136176]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-3-7 654408]
S2 MDES;DVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-3-24 319488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-26 253088]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 cmudaxp;ASUS Xonar Essence STX Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [2011-7-19 1760256]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-7-19 136176]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-7-20 22344]
S3 qfumxu;qfumxu;c:\program files\comodo cleaning essentials\cce_1.6.183539.73_x32\cce\ccekrnl.dat [2012-2-13 320808]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-7-20 15872]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2011-12-10 27192]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
S3 SystemExplorerHelpService;System Explorer Service;c:\program files\system explorer\service\SystemExplorerService.exe [2012-2-23 536208]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-20 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-7-19 1343400]
S3 zhuqix;zhuqix;c:\program files\comodo cleaning essentials\cce_1.6.183539.73_x32\cce\ccekrnl.dat [2012-2-13 320808]
.
=============== Created Last 30 ================
.
2012-04-20 22:44:01 -------- d-----w- c:\programdata\ErrorEND
2012-04-20 22:43:56 -------- d-----w- c:\program files\ErrorEND
2012-04-20 22:41:47 -------- d-----w- c:\program files\NirSoft
2012-04-20 22:25:32 -------- d-----w- C:\Intel
2012-04-20 18:53:26 -------- d-sh--w- C:\$RECYCLE.BIN
2012-04-20 18:53:25 -------- d-----w- c:\users\riverdale\appdata\local\temp
2012-04-20 01:26:45 -------- d-----w- c:\users\riverdale\appdata\roaming\SpeedyPC Software
2012-04-20 01:26:45 -------- d-----w- c:\users\riverdale\appdata\roaming\DriverCure
2012-04-20 01:26:21 -------- d-----w- c:\programdata\SpeedyPC Software
2012-04-20 00:17:44 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-04-19 13:42:29 -------- d-----w- C:\CCE_Quarantine
2012-04-19 13:30:45 -------- d-----w- c:\program files\Comodo Cleaning Essentials
2012-04-19 03:42:03 -------- d-----w- c:\program files\Avast aswMBR 0.9.9
2012-04-19 03:22:03 -------- d-----w- c:\windows\system32\wbem\repository
2012-04-19 03:03:17 -------- d-----w- c:\program files\Kaspersky TDSSKiller
2012-04-19 02:56:39 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-19 02:55:38 624480 ----a-w- C:\DriverUpdate-setup.exe
2012-04-19 02:12:21 -------- d-----w- c:\programdata\Sophos
2012-04-19 02:12:18 73728 ----a-r- c:\users\riverdale\appdata\roaming\microsoft\installer\{b829e117-d072-41ea-9606-9826a38d34c1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2012-04-19 02:12:18 73728 ----a-r- c:\users\riverdale\appdata\roaming\microsoft\installer\{b829e117-d072-41ea-9606-9826a38d34c1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2012-04-19 02:12:18 73728 ----a-r- c:\users\riverdale\appdata\roaming\microsoft\installer\{b829e117-d072-41ea-9606-9826a38d34c1}\ARPPRODUCTICON.exe
2012-04-19 02:12:15 -------- d-----w- c:\program files\Sophos
2012-04-18 16:41:06 28488 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2012-04-18 14:39:50 -------- d-----w- c:\program files\GMER 1.0.15.15641
2012-04-15 04:04:04 -------- d-----w- c:\users\riverdale\appdata\roaming\foobar2000
2012-04-15 04:03:54 -------- d-----w- c:\program files\foobar2000
2012-04-11 07:01:05 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-11 07:01:05 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-11 07:01:05 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-04-11 07:01:05 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-11 07:00:47 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 07:00:46 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-07 03:55:17 -------- d-----w- c:\program files\TSTTB
2012-04-06 01:50:15 -------- d-----w- c:\program files\PDF-XChange Viewer
2012-04-05 15:10:31 -------- d-----w- c:\users\riverdale\appdata\local\Tracker Software
2012-04-04 03:09:52 -------- d-----w- c:\program files\EA
2012-03-27 13:14:43 -------- d-----w- c:\users\riverdale\appdata\roaming\Key Metric Software
2012-03-27 13:14:43 -------- d-----w- c:\program files\Key Metric Software
2012-03-27 13:14:43 -------- d-----w- c:\program files\common files\Key Metric Software
2012-03-27 13:14:38 -------- dc-h--w- c:\programdata\{E918F213-70D6-413C-ADD5-BC8B1B755B23}
2012-03-27 02:16:53 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-27 02:16:53 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-03-23 04:42:37 -------- d-----w- c:\users\riverdale\appdata\roaming\MediaMonkey
2012-03-23 04:42:33 -------- d-----w- c:\programdata\MediaMonkey
2012-03-23 04:42:30 -------- d-----w- c:\program files\MediaMonkey
.
==================== Find3M ====================
.
2012-04-04 19:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-20 01:47:44 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2012-02-17 05:34:22 919040 ----a-w- c:\windows\system32\rdpcorets.dll
2012-02-17 05:34:22 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 04:14:08 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:13:22 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-10 05:38:43 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-02-03 03:54:27 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-01-25 05:32:35 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-01-25 05:32:34 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-01-25 05:27:51 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2010-01-26 15:11:08 444283 ----a-w- c:\program files\common files\WinPcapNmap.exe
.
============= FINISH: 19:57:25.69 ===============

Attached Files


Edited by SGasan116, 20 April 2012 - 08:03 PM.


BC AdBot (Login to Remove)

 


#2 SGasan116

SGasan116
  • Topic Starter

  • Members
  • 251 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:13 AM

Posted 21 April 2012 - 06:38 AM

Tomorrow was new BSOD stop message: 0x0000009C

I was using SUPERAntiSpyware Free Edition as a last tool to fix.
It found some junk and after reboot it gave me "updates".

#3 SGasan116

SGasan116
  • Topic Starter

  • Members
  • 251 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:13 AM

Posted 22 April 2012 - 07:51 PM

Tried to run McAfee Labs Stinger in Safe Mode.
Again BSOD 0x0000008E

Somebody help, please!

#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:08:13 AM

Posted 24 April 2012 - 08:01 PM

Hi SGasan116,

Welcome to the forum and apologies for the delay.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]

#5 SGasan116

SGasan116
  • Topic Starter

  • Members
  • 251 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:13 AM

Posted 25 April 2012 - 06:02 AM

Scan result of Farbar Recovery Scan Tool (FRST written by farbar) Version: 22-04-2012
Ran by SYSTEM at 25-04-2012 06:41:30
Running from J:\
Windows 7 Ultimate (X86) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [Cmaudio8788GX] C:\Windows\system\HsMgr.exe Envoke [200704 2008-07-11] ()
HKLM\...\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start [81920 2005-08-11] (Macrovision Corporation)
HKLM\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462408 2012-04-04] (Malwarebytes Corporation)
HKLM\...\Run: [emsisoft anti-malware] "C:\Program Files\Emsisoft Anti-Malware\a2guard.exe" /d=60 [3357584 2012-02-01] (Emsi Software GmbH)
HKU\Riverdale\...\Run: [SystemExplorerAutoStart] "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY [2630800 2012-02-21] (Mister Group)
HKU\Riverdale\...\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup [249856 2005-08-11] (Macrovision Corporation)
HKU\Riverdale\...\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [3481408 2012-02-13] (DT Soft Ltd)
HKU\Riverdale\...\Run: [SystemExplorerAutoStart] "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY [2630800 2012-02-21] (Mister Group)
HKU\Riverdale\...\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup [249856 2005-08-11] (Macrovision Corporation)
HKU\Riverdale\...\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [3481408 2012-02-13] (DT Soft Ltd)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [X]
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

================================ Services (Whitelisted) ==================

2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE.EXE" [116608 2011-08-11] (SUPERAntiSpyware.com)
2 a2AntiMalware; "C:\Program Files\Emsisoft Anti-Malware\a2service.exe" [3025112 2012-01-22] (Emsi Software GmbH)
3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [253088 2012-04-13] (Adobe Systems Incorporated)
3 AWWLQURTTO; C:\Users\RIVERD~1\AppData\Local\Temp\AWWLQURTTO.exe [564096 2012-04-22] (Sysinternals - www.sysinternals.com)
3 ERFTSDW; C:\Users\RIVERD~1\AppData\Local\Temp\ERFTSDW.exe [564096 2012-04-22] (Sysinternals - www.sysinternals.com)
2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [136176 2011-07-19] (Google Inc.)
3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [136176 2011-07-19] (Google Inc.)
2 LeapFrog Connect Device Service; "C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe" [6141792 2011-11-12] (LeapFrog Enterprises, Inc.)
2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [654408 2012-04-04] (Malwarebytes Corporation)
2 MDES; C:\ASUS.SYS\CONFIG\DVMExportService.exe [319488 2009-03-24] (DeviceVM)
3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [536208 2012-02-21] (Mister Group)
3 TDHHQ; C:\Users\RIVERD~1\AppData\Local\Temp\TDHHQ.exe [592768 2012-04-22] (Sysinternals - www.sysinternals.com)

========================== Drivers (Whitelisted) =============

3 a2acc; \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [51632 2011-11-02] (Emsi Software GmbH)
0 AVG Anti-Rootkit; C:\Windows\System32\DRIVERS\avgarkt.sys [5632 2007-01-31] (GRISOFT, s.r.o.)
1 AvgArCln; C:\Windows\System32\DRIVERS\AvgArCln.sys [3968 2007-01-18] (GRISOFT, s.r.o.)
3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [78336 2009-07-13] (Microsoft Corporation)
3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [1760256 2011-03-10] (C-Media Inc)
3 DAdderFltr; C:\Windows\System32\drivers\dadder.sys [22784 2007-08-02] (Razer (Asia-Pacific) Pte Ltd)
1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-04-19] (DT Soft Ltd)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [22344 2012-04-04] (Malwarebytes Corporation)
3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [734208 2009-05-25] (Ralink Technology Corp.)
2 npf; C:\Windows\System32\drivers\npf.sys [50704 2010-01-26] (CACE Technologies, Inc.)
3 qfumxu; \??\C:\Program Files\Comodo Cleaning Essentials\cce_1.6.183539.73_x32\CCE\ccekrnl.dat [320808 2012-04-19] ()
3 Revoflt; C:\Windows\System32\DRIVERS\revoflt.sys [27192 2009-12-30] (VS Revo Group)
1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SCT_SKMScan; C:\Windows\System32\DRIVERS\sct_skmscan.sys [33568 2011-03-09] (Sophos Plc)
0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [48640 2005-03-03] (Protection Technology)
0 sfhlp02; C:\Windows\System32\drivers\sfhlp02.sys [6656 2005-02-23] (Protection Technology)
0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [20544 2004-12-03] (Protection Technology)
0 sptd; C:\Windows\System32\Drivers\sptd.sys [428088 2011-12-10] (Duplex Secure Ltd.)
3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
3 zhuqix; \??\C:\Program Files\Comodo Cleaning Essentials\cce_1.6.183539.73_x32\CCE\ccekrnl.dat [320808 2012-04-19] ()
0 aijey; C:\Windows\System32\drivers\htferpjl.sys [x]
3 DarkSpy; \??\C:\Windows\system32\DarkSpyKernel.sys [x]
3 DfSdkS; [x]
3 GetSusp; \??\C:\Windows\stinger.sys [x]
0 ovanvq; [x]
3 rootrepeal; \??\C:\Windows\system32\drivers\rootrepeal.sys [x]
3 Synth3dVsc; [x]
2 TMAgent; [x]
3 tsusbhub; [x]
3 VGPU; [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-04-24 10:14 - 2012-04-20 23:09 - 0000000 ____D C:\Users\All Users\Kaspersky Lab
2012-04-24 10:14 - 2012-04-20 23:09 - 0000000 ____D C:\ProgramData\Kaspersky Lab
2012-04-24 10:14 - 2012-04-20 23:09 - 0000000 ____D C:\Documents and Settings\All Users\Kaspersky Lab
2012-04-24 06:43 - 2012-04-20 10:53 - 0000000 ____D C:\$WINDOWS.~BT
2012-04-24 06:39 - 2012-01-11 00:01 - 0001890 ____A C:\Windows\diagerr.xml
2012-04-24 06:39 - 2009-07-13 20:52 - 0001890 ____A C:\Windows\diagwrn.xml
2012-04-24 06:31 - 2012-04-18 04:03 - 0000000 ____D C:\FRST
2012-04-24 05:14 - 2012-02-17 08:22 - 0000000 ____D C:\Users\All Users\Uniblue
2012-04-24 05:14 - 2012-02-17 08:22 - 0000000 ____D C:\ProgramData\Uniblue
2012-04-24 05:14 - 2012-02-17 08:22 - 0000000 ____D C:\Documents and Settings\All Users\Uniblue
2012-04-24 04:09 - 2011-11-25 06:22 - 0000000 ____D C:\Program Files\AC3Filter
2012-04-24 04:09 - 2010-11-20 04:18 - 1075200 ____A C:\Windows\System32\ac3filter.acm
2012-04-23 00:48 - 2011-11-25 05:22 - 0001314 ____A C:\Users\Riverdale\Desktop\?????? ???????? - Shortcut.lnk
2012-04-23 00:48 - 2011-11-25 05:22 - 0001314 ____A C:\Documents and Settings\Riverdale\Desktop\?????? ???????? - Shortcut.lnk
2012-04-22 19:03 - 2012-04-23 00:48 - 0000000 ____D C:\Users\Riverdale\DoctorWeb
2012-04-22 19:03 - 2012-04-23 00:48 - 0000000 ____D C:\Documents and Settings\Riverdale\DoctorWeb
2012-04-22 17:15 - 2012-04-20 18:59 - 0000000 ____D C:\Program Files\Emsisoft Anti-Malware
2012-04-22 17:15 - 2012-03-27 05:14 - 0001009 ____A C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2012-04-22 17:15 - 2012-03-27 05:14 - 0001009 ____A C:\Documents and Settings\Public\Desktop\Emsisoft Anti-Malware.lnk
2012-04-22 17:15 - 2011-08-27 05:43 - 0000000 ____D C:\Users\Riverdale\Documents\Anti-Malware
2012-04-22 17:15 - 2011-08-27 05:43 - 0000000 ____D C:\Documents and Settings\Riverdale\Documents\Anti-Malware
2012-04-22 16:43 - 2011-12-15 18:45 - 0000000 ____D C:\Program Files\stinger
2012-04-22 16:31 - 2011-07-19 02:14 - 0000000 ____D C:\Rustbfix
2012-04-22 16:14 - 2012-02-12 15:36 - 0002235 ____A C:\Users\Riverdale\Desktop\Kernel Detective - Shortcut.lnk
2012-04-22 16:14 - 2012-02-12 15:36 - 0002235 ____A C:\Documents and Settings\Riverdale\Desktop\Kernel Detective - Shortcut.lnk
2012-04-22 16:14 - 2011-08-03 04:41 - 0000000 ____D C:\Program Files\Kernel Detective v1.4.1
2012-04-22 15:59 - 2012-04-20 14:10 - 0000000 ____D C:\Program Files\SecurityXploded
2012-04-22 15:59 - 2012-04-18 18:12 - 0001165 ____A C:\Users\Riverdale\Desktop\SpyDLLRemover.lnk
2012-04-22 15:59 - 2012-04-18 18:12 - 0001165 ____A C:\Documents and Settings\Riverdale\Desktop\SpyDLLRemover.lnk
2012-04-22 15:32 - 2012-02-20 15:23 - 0001093 ____A C:\Users\Public\Desktop\AVG Anti-Rootkit Free.lnk
2012-04-22 15:32 - 2012-02-20 15:23 - 0001093 ____A C:\Documents and Settings\Public\Desktop\AVG Anti-Rootkit Free.lnk
2012-04-22 15:32 - 2011-07-24 22:42 - 0000000 ____D C:\Program Files\GRISOFT
2012-04-22 15:32 - 2010-11-20 04:29 - 0003968 ____A (GRISOFT, s.r.o.) C:\Windows\System32\Drivers\AvgArCln.sys
2012-04-22 15:29 - 2012-03-22 17:40 - 62844032 ____A (Trend Micro Inc.) C:\Users\Public\Desktop\Trend_Micro.exe
2012-04-22 15:29 - 2012-03-22 17:40 - 62844032 ____A (Trend Micro Inc.) C:\Documents and Settings\Public\Desktop\Trend_Micro.exe
2012-04-22 15:29 - 2012-03-05 04:04 - 0000000 ____D C:\Program Files\Trend Micro
2012-04-22 15:24 - 2011-07-19 02:14 - 0000000 ____D C:\Users\Riverdale\Pavark
2012-04-22 15:24 - 2011-07-19 02:14 - 0000000 ____D C:\Documents and Settings\Riverdale\Pavark
2012-04-22 07:28 - 2012-04-22 07:28 - 0000189 ____A C:\Users\Riverdale\Desktop\RootRepeal_crash_042212.112809.txt
2012-04-22 07:28 - 2012-04-22 07:28 - 0000189 ____A C:\Users\Riverdale\Desktop\RootRepeal_crash_042212.112808.txt
2012-04-22 07:28 - 2012-04-22 07:28 - 0000189 ____A C:\Documents and Settings\Riverdale\Desktop\RootRepeal_crash_042212.112809.txt
2012-04-22 07:28 - 2012-04-22 07:28 - 0000189 ____A C:\Documents and Settings\Riverdale\Desktop\RootRepeal_crash_042212.112808.txt
2012-04-22 07:28 - 2010-01-30 12:49 - 0472064 ____A ( ) C:\Users\Riverdale\Desktop\RootRepeal.exe
2012-04-22 07:28 - 2010-01-30 12:49 - 0472064 ____A ( ) C:\Documents and Settings\Riverdale\Desktop\RootRepeal.exe
2012-04-22 07:28 - 2009-08-13 07:14 - 0000188 ____A C:\Users\Riverdale\Desktop\RootRepeal_crash_042212.112807.txt
2012-04-22 07:28 - 2009-08-13 07:14 - 0000188 ____A C:\Documents and Settings\Riverdale\Desktop\RootRepeal_crash_042212.112807.txt
2012-04-20 19:28 - 2012-04-19 17:19 - 0135568 ____A C:\Windows\Minidump\042012-23790-01.dmp
2012-04-20 19:20 - 2012-04-20 11:03 - 0131440 ____A C:\Windows\Minidump\042012-29764-01.dmp
2012-04-20 18:55 - 2012-04-20 23:09 - 0069939 ____A C:\Users\Riverdale\Desktop\Activate Sound in SafeMode.zip
2012-04-20 18:55 - 2012-04-20 23:09 - 0069939 ____A C:\Documents and Settings\Riverdale\Desktop\Activate Sound in SafeMode.zip
2012-04-20 18:55 - 2012-01-22 16:56 - 0000000 ____D C:\Users\Riverdale\Desktop\Activate Sound in SafeMode
2012-04-20 18:55 - 2012-01-22 16:56 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\Activate Sound in SafeMode
2012-04-20 18:11 - 2012-04-04 19:47 - 0001602 ____A C:\Users\Riverdale\Desktop\BLUE SCREEN VIEW.lnk
2012-04-20 18:11 - 2012-04-04 19:47 - 0001602 ____A C:\Documents and Settings\Riverdale\Desktop\BLUE SCREEN VIEW.lnk
2012-04-20 16:56 - 2012-04-22 16:44 - 0000000 ____D C:\Program Files\SUPERAntiSpyware
2012-04-20 16:56 - 2012-04-20 23:09 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\SUPERAntiSpyware.com
2012-04-20 16:56 - 2012-04-20 23:09 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\SUPERAntiSpyware.com
2012-04-20 16:56 - 2012-03-17 19:09 - 0001921 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-04-20 16:56 - 2012-03-17 19:09 - 0001921 ____A C:\Documents and Settings\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-04-20 16:56 - 2011-07-24 04:23 - 0000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-04-20 16:56 - 2011-07-24 04:23 - 0000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2012-04-20 16:56 - 2011-07-24 04:23 - 0000000 ____D C:\Documents and Settings\All Users\SUPERAntiSpyware.com
2012-04-20 15:55 - 2012-04-18 19:48 - 0027373 ____A C:\Users\Riverdale\Desktop\attach.webarchive
2012-04-20 15:55 - 2012-04-18 19:48 - 0027373 ____A C:\Documents and Settings\Riverdale\Desktop\attach.webarchive
2012-04-20 14:44 - 2012-04-20 02:33 - 0000390 ____A C:\Windows\Tasks\ErrorEND.job
2012-04-20 14:44 - 2011-08-08 19:45 - 0000000 ____D C:\Users\All Users\ErrorEND
2012-04-20 14:44 - 2011-08-08 19:45 - 0000000 ____D C:\ProgramData\ErrorEND
2012-04-20 14:44 - 2011-08-08 19:45 - 0000000 ____D C:\Documents and Settings\All Users\ErrorEND
2012-04-20 14:41 - 2011-07-20 00:49 - 0000000 ____D C:\Program Files\NirSoft
2012-04-20 14:25 - 2012-04-25 02:20 - 0000000 ____D C:\Intel
2012-04-20 14:25 - 2012-04-20 14:25 - 0000000 ____D C:\Program Files\Intel
2012-04-20 14:25 - 2011-07-26 18:47 - 0000000 ____D C:\Users\Riverdale\Downloads\IMSM_V8901023
2012-04-20 14:25 - 2011-07-26 18:47 - 0000000 ____D C:\Documents and Settings\Riverdale\Downloads\IMSM_V8901023
2012-04-20 14:25 - 2011-07-19 02:15 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\InstallShield
2012-04-20 14:25 - 2011-07-19 02:15 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\InstallShield
2012-04-20 14:24 - 2012-04-20 14:25 - 24172114 ____A C:\Users\Riverdale\Downloads\IMSM_V8901023.zip
2012-04-20 14:24 - 2012-04-20 14:25 - 24172114 ____A C:\Documents and Settings\Riverdale\Downloads\IMSM_V8901023.zip
2012-04-20 14:19 - 2012-02-05 10:18 - 6074368 ____A C:\Users\Riverdale\Downloads\IPDT Installer 32Bit 1.42.0.0-13-9.exe
2012-04-20 14:19 - 2012-02-05 10:18 - 6074368 ____A C:\Documents and Settings\Riverdale\Downloads\IPDT Installer 32Bit 1.42.0.0-13-9.exe
2012-04-20 14:03 - 2011-12-09 23:24 - 0908576 ____A (Sun Microsystems, Inc.) C:\Users\Riverdale\Desktop\jxpiinstall.exe
2012-04-20 14:03 - 2011-12-09 23:24 - 0908576 ____A (Sun Microsystems, Inc.) C:\Documents and Settings\Riverdale\Desktop\jxpiinstall.exe
2012-04-20 13:31 - 2012-03-25 02:14 - 0000254 ____A C:\Windows\Tasks\PCUpdaterRunAtStartup.job
2012-04-20 10:57 - 2009-07-13 20:52 - 0013404 ____A C:\Windows\PFRO.log
2012-04-20 10:53 - - 0000000 __SHD C:\$RECYCLE.BIN
2012-04-20 10:29 - 2012-04-20 02:35 - 0155544 ____A C:\Windows\Minidump\042012-28953-01.dmp
2012-04-20 09:54 - 2012-04-20 19:20 - 0155544 ____A C:\Windows\Minidump\042012-30139-01.dmp
2012-04-20 09:39 - 2009-07-13 20:56 - 0000000 ____D C:\Windows\ERDNT
2012-04-20 09:36 - 2012-04-20 19:28 - 0155544 ____A C:\Windows\Minidump\042012-25537-01.dmp
2012-04-20 06:23 - 2012-04-20 09:54 - 0155544 ____A C:\Windows\Minidump\042012-30810-01.dmp
2012-04-20 02:35 - 2012-04-20 09:36 - 0155640 ____A C:\Windows\Minidump\042012-28938-01.dmp
2012-04-20 02:31 - 2012-04-20 02:31 - 0000290 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{A2D55918-D908-4873-8460-2FAA0BAFC898}.job
2012-04-19 20:41 - 2012-04-22 16:31 - 0000000 ____A C:\SophosBootTasks.txt
2012-04-19 17:26 - 2012-04-18 18:12 - 0000000 ____D C:\Users\All Users\SpeedyPC Software
2012-04-19 17:26 - 2012-04-18 18:12 - 0000000 ____D C:\ProgramData\SpeedyPC Software
2012-04-19 17:26 - 2012-04-18 18:12 - 0000000 ____D C:\Documents and Settings\All Users\SpeedyPC Software
2012-04-19 17:26 - 2012-02-20 16:00 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\SpeedyPC Software
2012-04-19 17:26 - 2012-02-20 16:00 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\SpeedyPC Software
2012-04-19 17:26 - 2011-09-10 06:10 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\DriverCure
2012-04-19 17:26 - 2011-09-10 06:10 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\DriverCure
2012-04-19 16:17 - 2009-07-13 15:50 - 0242240 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2012-04-19 07:02 - 2012-04-18 08:53 - 0155640 ____A C:\Windows\Minidump\041912-26910-01.dmp
2012-04-19 05:42 - 2012-04-20 10:51 - 0000000 ____A C:\Windows\System32\Drivers\etc\hosts.ccebak
2012-04-19 05:42 - 2012-02-18 10:43 - 0000000 ____D C:\CCE_Quarantine
2012-04-19 05:39 - - 0000027 ____A C:\Windows\System32\Drivers\etc\hosts
2012-04-19 05:30 - 2011-08-06 11:37 - 0000000 ____D C:\Program Files\Comodo Cleaning Essentials
2012-04-18 19:48 - 2012-03-16 21:43 - 0000512 ____A C:\Users\Riverdale\Desktop\MBR.dat
2012-04-18 19:48 - 2012-03-16 21:43 - 0000512 ____A C:\Documents and Settings\Riverdale\Desktop\MBR.dat
2012-04-18 19:48 - 2011-10-08 21:58 - 0002651 ____A C:\Users\Riverdale\Desktop\aswMBR.txt
2012-04-18 19:48 - 2011-10-08 21:58 - 0002651 ____A C:\Documents and Settings\Riverdale\Desktop\aswMBR.txt
2012-04-18 19:42 - 2012-02-20 15:23 - 0000000 ____D C:\Program Files\Avast aswMBR 0.9.9
2012-04-18 19:03 - 2011-07-19 05:49 - 0000000 ____D C:\Program Files\Kaspersky TDSSKiller
2012-04-18 18:56 - 2012-04-20 23:07 - 0000000 ____D C:\TDSSKiller_Quarantine
2012-04-18 18:56 - 2009-07-13 20:41 - 0000000 ____D C:\Users\Public\Documents\Downloaded Installers
2012-04-18 18:56 - 2009-07-13 20:41 - 0000000 ____D C:\Documents and Settings\Public\Documents\Downloaded Installers
2012-04-18 18:55 - 2012-04-20 23:09 - 0624480 ____A (SlimWare Utilities, Inc.) C:\DriverUpdate-setup.exe
2012-04-18 18:12 - 2012-04-12 04:19 - 0003213 ____A C:\Users\Riverdale\Desktop\Sophos Virus Removal Tool.lnk
2012-04-18 18:12 - 2012-04-12 04:19 - 0003213 ____A C:\Documents and Settings\Riverdale\Desktop\Sophos Virus Removal Tool.lnk
2012-04-18 18:12 - 2012-02-20 16:00 - 0000000 ____D C:\Program Files\Sophos
2012-04-18 18:12 - 2011-11-20 14:41 - 0000000 ____D C:\Users\All Users\Sophos
2012-04-18 18:12 - 2011-11-20 14:41 - 0000000 ____D C:\ProgramData\Sophos
2012-04-18 18:12 - 2011-11-20 14:41 - 0000000 ____D C:\Documents and Settings\All Users\Sophos
2012-04-18 09:26 - 2012-04-18 09:08 - 0144944 ____A C:\Windows\Minidump\041812-27534-01.dmp
2012-04-18 09:26 - 2009-07-13 20:52 - 146108824 ____A C:\Windows\MEMORY.DMP
2012-04-18 08:41 - 2012-04-04 11:56 - 0028488 ____A C:\Windows\System32\Drivers\mbamchameleon.sys
2012-04-18 06:39 - 2012-03-02 17:33 - 0000000 ____D C:\Program Files\GMER 1.0.15.15641
2012-04-17 20:34 - 2009-06-10 13:42 - 0023768 ____N C:\bootsqm.dat
2012-04-17 20:09 - 2011-10-09 09:03 - 18563031 ____A C:\Users\Riverdale\Desktop\SeaMonkey Setup 2.8.exe
2012-04-17 20:09 - 2011-10-09 09:03 - 18563031 ____A C:\Documents and Settings\Riverdale\Desktop\SeaMonkey Setup 2.8.exe
2012-04-17 19:36 - 2011-09-25 10:02 - 3913072 ____A (Microsoft Corporation) C:\Users\Riverdale\Desktop\ntoskrnl.exe
2012-04-17 19:36 - 2011-09-25 10:02 - 3913072 ____A (Microsoft Corporation) C:\Documents and Settings\Riverdale\Desktop\ntoskrnl.exe
2012-04-17 07:53 - 2011-08-28 07:03 - 35124856 ____A ( ) C:\Users\Riverdale\Downloads\AdbeRdr90_en_US.exe
2012-04-17 07:53 - 2011-08-28 07:03 - 35124856 ____A ( ) C:\Documents and Settings\Riverdale\Downloads\AdbeRdr90_en_US.exe
2012-04-15 18:40 - 2011-09-03 10:45 - 2186943 ____A C:\Users\Riverdale\Desktop\??????? ?????? ?? ??????? ????.webarchive
2012-04-15 18:40 - 2011-09-03 10:45 - 2186943 ____A C:\Documents and Settings\Riverdale\Desktop\??????? ?????? ?? ??????? ????.webarchive
2012-04-15 18:36 - 2012-01-16 16:14 - 1265749 ____A C:\Users\Riverdale\Desktop\Makarovsky history jews Rus Russian.webarchive
2012-04-15 18:36 - 2012-01-16 16:14 - 1265749 ____A C:\Documents and Settings\Riverdale\Desktop\Makarovsky history jews Rus Russian.webarchive
2012-04-14 20:04 - 2011-07-19 06:45 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\foobar2000
2012-04-14 20:04 - 2011-07-19 06:45 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\foobar2000
2012-04-14 20:03 - 2012-02-20 16:00 - 0000949 ____A C:\Users\Public\Desktop\foobar2000.lnk
2012-04-14 20:03 - 2012-02-20 16:00 - 0000949 ____A C:\Documents and Settings\Public\Desktop\foobar2000.lnk
2012-04-14 20:03 - 2011-08-11 16:59 - 0000000 ____D C:\Program Files\foobar2000
2012-04-14 11:39 - 2012-03-05 04:07 - 0207739 ____A C:\Users\Riverdale\Desktop\schedule April 16-22.rtf
2012-04-14 11:39 - 2012-03-05 04:07 - 0207739 ____A C:\Documents and Settings\Riverdale\Desktop\schedule April 16-22.rtf
2012-04-12 04:54 - 2011-09-03 11:36 - 3355153 ____A (Beyond CHM ) C:\Users\Riverdale\Downloads\BeyondCHM1.1_Trial_Installer.exe
2012-04-12 04:54 - 2011-09-03 11:36 - 3355153 ____A (Beyond CHM ) C:\Documents and Settings\Riverdale\Downloads\BeyondCHM1.1_Trial_Installer.exe
2012-04-12 04:02 - 2011-07-24 22:41 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\U3
2012-04-12 04:02 - 2011-07-24 22:41 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\U3
2012-04-11 19:33 - 2011-12-03 11:50 - 0000000 ____D C:\Users\Riverdale\Desktop\BOOKS & FAVORITES
2012-04-11 19:33 - 2011-12-03 11:50 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\BOOKS & FAVORITES
2012-04-10 23:04 - 2012-02-27 17:52 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-04-10 23:04 - 2012-02-27 17:18 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-04-10 23:04 - 2012-02-27 17:09 - 1103360 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-04-10 23:04 - 2012-02-27 17:06 - 1799168 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-04-10 23:04 - 2012-02-27 17:03 - 0072704 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-04-10 23:04 - 2011-07-20 04:02 - 9705984 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-04-10 23:04 - 2011-07-20 04:02 - 1792000 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-04-10 23:04 - 2011-07-20 04:02 - 12281856 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-04-10 23:04 - 2011-07-20 04:02 - 0176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-04-10 23:04 - 2011-05-02 20:30 - 1427456 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-04-10 23:04 - 2010-11-20 04:21 - 1127424 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-04-10 23:04 - 2009-07-13 17:16 - 0231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-04-10 23:04 - 2009-07-13 17:14 - 0716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-04-10 23:01 - 2009-07-13 17:20 - 0019824 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2012-04-10 23:01 - 2009-07-13 17:16 - 0172544 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-04-10 23:01 - 2009-07-13 17:14 - 0159232 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-04-10 23:01 - 2009-07-13 17:11 - 0005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2012-04-10 23:00 - 2009-07-13 17:16 - 3913072 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-04-10 23:00 - 2009-07-13 13:40 - 3968368 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2012-04-09 09:13 - 2011-07-28 12:31 - 0002130 ____A C:\Users\Public\Desktop\Google Earth.lnk
2012-04-09 09:13 - 2011-07-28 12:31 - 0002130 ____A C:\Documents and Settings\Public\Desktop\Google Earth.lnk
2012-04-07 16:08 - 2012-04-05 04:09 - 1692351 ____A C:\Users\Riverdale\Desktop\??????? ?????? ??????? ????? 00001373-00001374.webarchive
2012-04-07 16:08 - 2012-04-05 04:09 - 1692351 ____A C:\Documents and Settings\Riverdale\Desktop\??????? ?????? ??????? ????? 00001373-00001374.webarchive
2012-04-06 20:11 - 2011-10-09 10:02 - 0001327 ____A C:\Users\Riverdale\Desktop\The Suffering Ties That Bind.lnk
2012-04-06 20:11 - 2011-10-09 10:02 - 0001327 ____A C:\Documents and Settings\Riverdale\Desktop\The Suffering Ties That Bind.lnk
2012-04-06 19:55 - 2012-04-22 16:36 - 0000000 ____D C:\Program Files\TSTTB
2012-04-05 17:52 - 2011-08-15 13:03 - 0001070 ____A C:\Users\Riverdale\Desktop\PDF-XChange Viewer.lnk
2012-04-05 17:52 - 2011-08-15 13:03 - 0001070 ____A C:\Documents and Settings\Riverdale\Desktop\PDF-XChange Viewer.lnk
2012-04-05 17:50 - 2011-11-04 17:05 - 0000000 ____D C:\Program Files\PDF-XChange Viewer
2012-04-05 07:10 - 2011-11-28 07:47 - 0000000 ____D C:\Users\Riverdale\AppData\Local\Tracker Software
2012-04-05 07:10 - 2011-11-28 07:47 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Local\Tracker Software
2012-04-05 04:09 - 2011-12-03 11:39 - 0000000 ____D C:\Users\Riverdale\Desktop\?????? ??????
2012-04-05 04:09 - 2011-12-03 11:39 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\?????? ??????
2012-04-05 04:05 - 2011-08-18 19:24 - 0000000 ____D C:\Users\Riverdale\Desktop\????? ????? ?????? ???????
2012-04-05 04:05 - 2011-08-18 19:24 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\????? ????? ?????? ???????
2012-04-04 19:47 - 2011-11-20 18:13 - 1276482 ____A C:\Users\Riverdale\Desktop\Blindsight by Peter Watts.webarchive
2012-04-04 19:47 - 2011-11-20 18:13 - 1276482 ____A C:\Documents and Settings\Riverdale\Desktop\Blindsight by Peter Watts.webarchive
2012-04-03 20:53 - 2011-10-30 05:07 - 0000000 ____D C:\Users\Riverdale\Documents\BioWare
2012-04-03 20:53 - 2011-10-30 05:07 - 0000000 ____D C:\Documents and Settings\Riverdale\Documents\BioWare
2012-04-03 19:53 - 2012-03-26 18:13 - 0000071 ____A C:\Users\Riverdale\Desktop\Free guitar backing tracks for bands starting with T.URL
2012-04-03 19:53 - 2012-03-26 18:13 - 0000071 ____A C:\Documents and Settings\Riverdale\Desktop\Free guitar backing tracks for bands starting with T.URL
2012-04-03 19:29 - 2012-04-17 19:29 - 0001295 ____A C:\Users\Public\Desktop\Mass Effect 3.lnk
2012-04-03 19:29 - 2012-04-17 19:29 - 0001295 ____A C:\Documents and Settings\Public\Desktop\Mass Effect 3.lnk
2012-04-03 19:09 - 2011-08-23 15:58 - 0000000 ____D C:\Program Files\EA
2012-04-03 06:16 - 2012-01-15 16:10 - 0000000 ____D C:\Users\Riverdale\Desktop\MASS EFFECT 3 SHEPARD FILE
2012-04-03 06:16 - 2012-01-15 16:10 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\MASS EFFECT 3 SHEPARD FILE
2012-03-27 05:14 - 2012-04-22 16:15 - 0000000 ____D C:\Program Files\Key Metric Software
2012-03-27 05:14 - 2012-02-05 14:14 - 0000000 ____D C:\Program Files\Common Files\Key Metric Software
2012-03-27 05:14 - 2011-11-25 09:55 - 0001090 ____A C:\Users\Public\Desktop\Duplicate File Detective 3.lnk
2012-03-27 05:14 - 2011-11-25 09:55 - 0001090 ____A C:\Documents and Settings\Public\Desktop\Duplicate File Detective 3.lnk
2012-03-27 05:14 - 2011-08-28 06:25 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\Key Metric Software
2012-03-27 05:14 - 2011-08-28 06:25 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\Key Metric Software
2012-03-27 05:14 - 2011-07-19 06:42 - 0000000 __HDC C:\Users\All Users\{E918F213-70D6-413C-ADD5-BC8B1B755B23}
2012-03-27 05:14 - 2011-07-19 06:42 - 0000000 __HDC C:\ProgramData\{E918F213-70D6-413C-ADD5-BC8B1B755B23}
2012-03-27 05:14 - 2011-07-19 06:42 - 0000000 __HDC C:\Documents and Settings\All Users\{E918F213-70D6-413C-ADD5-BC8B1B755B23}
2012-03-26 18:47 - 2011-08-06 12:42 - 1116991 ____A C:\Users\Riverdale\Downloads\Unconfirmed 81613.crdownload
2012-03-26 18:47 - 2011-08-06 12:42 - 1116991 ____A C:\Documents and Settings\Riverdale\Downloads\Unconfirmed 81613.crdownload
2012-03-26 18:46 - 2012-02-18 15:10 - 0000174 ____A C:\Users\Public\Desktop\Amazon.url
2012-03-26 18:46 - 2012-02-18 15:10 - 0000174 ____A C:\Documents and Settings\Public\Desktop\Amazon.url
2012-03-26 18:38 - 2012-01-09 02:39 - 0000909 ____A C:\Users\Riverdale\Desktop\Jaangle.lnk
2012-03-26 18:38 - 2012-01-09 02:39 - 0000909 ____A C:\Documents and Settings\Riverdale\Desktop\Jaangle.lnk
2012-03-26 18:16 - 2012-04-13 10:33 - 0070304 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-03-26 18:16 - 2009-07-13 17:14 - 0418464 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-03-26 18:16 - - 0000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-03-26 18:13 - 2012-02-16 22:56 - 4137120 ____A (Adobe Systems Incorporated) C:\Users\Riverdale\Desktop\flashplayer11-2_p6_install_win_pi32_022712.exe
2012-03-26 18:13 - 2012-02-16 22:56 - 4137120 ____A (Adobe Systems Incorporated) C:\Documents and Settings\Riverdale\Desktop\flashplayer11-2_p6_install_win_pi32_022712.exe

============ 3 Months Modified Files and Folders ===============

2012-04-25 06:41 - 2012-04-24 06:31 - 0000000 ____D C:\FRST
2012-04-25 02:24 - 2011-07-22 09:54 - 0683890 ____A C:\Windows\System32\perfh019.dat
2012-04-25 02:24 - 2011-07-22 09:54 - 0132444 ____A C:\Windows\System32\perfc019.dat
2012-04-25 02:24 - 2011-07-19 03:30 - 1533604 ____A C:\Windows\System32\PerfStringBackup.INI
2012-04-25 02:20 - 2012-04-20 10:57 - 0013404 ____A C:\Windows\PFRO.log
2012-04-25 02:20 - 2011-12-17 10:24 - 3111026 ____A C:\Windows\ntbtlog.txt
2012-04-25 02:20 - 2011-12-17 10:09 - 0000947 ____A C:\Windows\setupact.log
2012-04-25 02:20 - 2011-07-19 03:19 - 2415222784 __ASH C:\hiberfil.sys
2012-04-24 10:32 - 2011-08-06 10:59 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\Azureus
2012-04-24 10:32 - 2011-08-06 10:59 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\Azureus
2012-04-24 10:14 - 2012-04-24 10:14 - 0000000 ____D C:\Users\All Users\Kaspersky Lab
2012-04-24 10:14 - 2012-04-24 10:14 - 0000000 ____D C:\ProgramData\Kaspersky Lab
2012-04-24 10:14 - 2012-04-24 10:14 - 0000000 ____D C:\Documents and Settings\All Users\Kaspersky Lab
2012-04-24 09:53 - 2011-07-19 09:12 - 0000000 ____D C:\DOWNLOADS I
2012-04-24 06:43 - 2012-04-24 06:43 - 0000000 ____D C:\$WINDOWS.~BT
2012-04-24 06:39 - 2012-04-24 06:39 - 0001890 ____A C:\Windows\diagwrn.xml
2012-04-24 06:39 - 2012-04-24 06:39 - 0001890 ____A C:\Windows\diagerr.xml
2012-04-24 06:39 - 2011-12-17 10:09 - 0000000 ____A C:\Windows\setuperr.log
2012-04-24 05:14 - 2012-04-24 05:14 - 0000000 ____D C:\Users\All Users\Uniblue
2012-04-24 05:14 - 2012-04-24 05:14 - 0000000 ____D C:\ProgramData\Uniblue
2012-04-24 05:14 - 2012-04-24 05:14 - 0000000 ____D C:\Documents and Settings\All Users\Uniblue
2012-04-24 04:09 - 2012-04-24 04:09 - 0000000 ____D C:\Program Files\AC3Filter
2012-04-24 04:08 - 2012-03-22 20:42 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\MediaMonkey
2012-04-24 04:08 - 2012-03-22 20:42 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\MediaMonkey
2012-04-23 00:48 - 2012-04-23 00:48 - 0001314 ____A C:\Users\Riverdale\Desktop\?????? ???????? - Shortcut.lnk
2012-04-23 00:48 - 2012-04-23 00:48 - 0001314 ____A C:\Documents and Settings\Riverdale\Desktop\?????? ???????? - Shortcut.lnk
2012-04-22 19:14 - 2012-04-22 19:03 - 0000000 ____D C:\Users\Riverdale\DoctorWeb
2012-04-22 19:14 - 2012-04-22 19:03 - 0000000 ____D C:\Documents and Settings\Riverdale\DoctorWeb
2012-04-22 19:03 - 2012-04-22 17:15 - 0000000 ____D C:\Program Files\Emsisoft Anti-Malware
2012-04-22 19:03 - 2011-07-19 02:14 - 0000000 ____D C:\users\Riverdale
2012-04-22 17:15 - 2012-04-22 17:15 - 0001009 ____A C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2012-04-22 17:15 - 2012-04-22 17:15 - 0001009 ____A C:\Documents and Settings\Public\Desktop\Emsisoft Anti-Malware.lnk
2012-04-22 17:15 - 2012-04-22 17:15 - 0000000 ____D C:\Users\Riverdale\Documents\Anti-Malware
2012-04-22 17:15 - 2012-04-22 17:15 - 0000000 ____D C:\Documents and Settings\Riverdale\Documents\Anti-Malware
2012-04-22 16:47 - 2011-07-20 03:35 - 0000000 ____D C:\Windows\Minidump
2012-04-22 16:47 - 2011-07-19 03:19 - 0140687 ____N C:\Windows\Minidump\042212-47517-01.dmp
2012-04-22 16:44 - 2012-04-22 16:43 - 0000000 ____D C:\Program Files\stinger
2012-04-22 16:36 - 2012-04-22 15:29 - 0000000 ____D C:\Program Files\Trend Micro
2012-04-22 16:31 - 2012-04-22 16:31 - 0000000 ____D C:\Rustbfix
2012-04-22 16:15 - 2012-04-22 16:14 - 0000000 ____D C:\Program Files\Kernel Detective v1.4.1
2012-04-22 16:14 - 2012-04-22 16:14 - 0002235 ____A C:\Users\Riverdale\Desktop\Kernel Detective - Shortcut.lnk
2012-04-22 16:14 - 2012-04-22 16:14 - 0002235 ____A C:\Documents and Settings\Riverdale\Desktop\Kernel Detective - Shortcut.lnk
2012-04-22 15:59 - 2012-04-22 15:59 - 0001165 ____A C:\Users\Riverdale\Desktop\SpyDLLRemover.lnk
2012-04-22 15:59 - 2012-04-22 15:59 - 0001165 ____A C:\Documents and Settings\Riverdale\Desktop\SpyDLLRemover.lnk
2012-04-22 15:59 - 2012-04-22 15:59 - 0000000 ____D C:\Program Files\SecurityXploded
2012-04-22 15:32 - 2012-04-22 15:32 - 0001093 ____A C:\Users\Public\Desktop\AVG Anti-Rootkit Free.lnk
2012-04-22 15:32 - 2012-04-22 15:32 - 0001093 ____A C:\Documents and Settings\Public\Desktop\AVG Anti-Rootkit Free.lnk
2012-04-22 15:32 - 2012-04-22 15:32 - 0000000 ____D C:\Program Files\GRISOFT
2012-04-22 15:31 - 2012-04-22 15:29 - 62844032 ____A (Trend Micro Inc.) C:\Users\Public\Desktop\Trend_Micro.exe
2012-04-22 15:31 - 2012-04-22 15:29 - 62844032 ____A (Trend Micro Inc.) C:\Documents and Settings\Public\Desktop\Trend_Micro.exe
2012-04-22 15:24 - 2012-04-22 15:24 - 0000000 ____D C:\Users\Riverdale\Pavark
2012-04-22 15:24 - 2012-04-22 15:24 - 0000000 ____D C:\Documents and Settings\Riverdale\Pavark
2012-04-22 07:28 - 2012-04-22 07:28 - 0000189 ____A C:\Users\Riverdale\Desktop\RootRepeal_crash_042212.112809.txt
2012-04-22 07:28 - 2012-04-22 07:28 - 0000189 ____A C:\Users\Riverdale\Desktop\RootRepeal_crash_042212.112808.txt
2012-04-22 07:28 - 2012-04-22 07:28 - 0000189 ____A C:\Documents and Settings\Riverdale\Desktop\RootRepeal_crash_042212.112809.txt
2012-04-22 07:28 - 2012-04-22 07:28 - 0000189 ____A C:\Documents and Settings\Riverdale\Desktop\RootRepeal_crash_042212.112808.txt
2012-04-22 07:28 - 2012-04-22 07:28 - 0000188 ____A C:\Users\Riverdale\Desktop\RootRepeal_crash_042212.112807.txt
2012-04-22 07:28 - 2012-04-22 07:28 - 0000188 ____A C:\Documents and Settings\Riverdale\Desktop\RootRepeal_crash_042212.112807.txt
2012-04-22 05:59 - 2011-07-19 03:28 - 1849768 ____A C:\Windows\WindowsUpdate.log
2012-04-20 23:09 - 2012-04-20 18:55 - 0000000 ____D C:\Users\Riverdale\Desktop\Activate Sound in SafeMode
2012-04-20 23:09 - 2012-04-20 18:55 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\Activate Sound in SafeMode
2012-04-20 23:09 - 2012-04-20 16:56 - 0000000 ____D C:\Program Files\SUPERAntiSpyware
2012-04-20 23:09 - 2012-04-20 09:39 - 0000000 ____D C:\Windows\ERDNT
2012-04-20 23:09 - 2012-04-18 18:56 - 0000000 ____D C:\Users\Public\Documents\Downloaded Installers
2012-04-20 23:09 - 2012-04-18 18:56 - 0000000 ____D C:\Documents and Settings\Public\Documents\Downloaded Installers
2012-04-20 23:09 - 2012-04-18 06:39 - 0000000 ____D C:\Program Files\GMER 1.0.15.15641
2012-04-20 23:09 - 2012-03-10 11:54 - 0000000 ____D C:\Program Files\DAEMON Tools Lite
2012-04-20 23:09 - 2012-02-17 21:01 - 0000000 ____D C:\DOWNLOADS II
2012-04-20 23:09 - 2012-02-17 08:19 - 0000000 ____D C:\Users\All Users\InstallShield
2012-04-20 23:09 - 2012-02-17 08:19 - 0000000 ____D C:\ProgramData\InstallShield
2012-04-20 23:09 - 2012-02-17 08:19 - 0000000 ____D C:\Documents and Settings\All Users\InstallShield
2012-04-20 23:09 - 2011-07-29 18:39 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\IrfanView
2012-04-20 23:09 - 2011-07-29 18:39 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\IrfanView
2012-04-20 23:09 - 2011-07-20 06:06 - 0000000 ____D C:\Users\All Users\SystemExplorer
2012-04-20 23:09 - 2011-07-20 06:06 - 0000000 ____D C:\ProgramData\SystemExplorer
2012-04-20 23:09 - 2011-07-20 06:06 - 0000000 ____D C:\Documents and Settings\All Users\SystemExplorer
2012-04-20 23:09 - 2011-07-20 05:49 - 0000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2012-04-20 23:09 - 2011-07-19 23:04 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\Stegisoft
2012-04-20 23:09 - 2011-07-19 23:04 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\Stegisoft
2012-04-20 23:09 - 2011-07-19 03:18 - 0000000 ____D C:\Program Files\Mozilla Firefox
2012-04-20 23:09 - 2011-07-19 03:17 - 0000000 ____D C:\Program Files\Opera
2012-04-20 23:09 - 2011-04-17 19:47 - 0000000 ____D C:\Program Files\ComboFix by @sUBs
2012-04-20 23:09 - 2009-07-13 23:48 - 0000000 ___RD C:\Users\Public\Recorded TV
2012-04-20 23:09 - 2009-07-13 23:48 - 0000000 ___RD C:\Documents and Settings\Public\Recorded TV
2012-04-20 23:09 - 2009-07-13 20:52 - 0000000 ____D C:\Windows\Downloaded Program Files
2012-04-20 23:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\wfp
2012-04-20 23:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\DriverStore
2012-04-20 19:28 - 2012-04-20 19:28 - 0135568 ____A C:\Windows\Minidump\042012-23790-01.dmp
2012-04-20 19:28 - 2012-04-18 09:26 - 146108824 ____A C:\Windows\MEMORY.DMP
2012-04-20 19:20 - 2012-04-20 19:20 - 0131440 ____A C:\Windows\Minidump\042012-29764-01.dmp
2012-04-20 18:59 - 2012-04-19 05:42 - 0000000 ____D C:\CCE_Quarantine
2012-04-20 18:59 - 2011-07-27 11:06 - 0000000 ____D C:\Program Files\Hard Disk Sentinel
2012-04-20 18:59 - 2011-07-26 07:58 - 0000000 ____D C:\Program Files\efs
2012-04-20 18:55 - 2012-04-20 18:55 - 0069939 ____A C:\Users\Riverdale\Desktop\Activate Sound in SafeMode.zip
2012-04-20 18:55 - 2012-04-20 18:55 - 0069939 ____A C:\Documents and Settings\Riverdale\Desktop\Activate Sound in SafeMode.zip
2012-04-20 18:13 - 2012-04-20 14:44 - 0000000 ____D C:\Users\All Users\ErrorEND
2012-04-20 18:13 - 2012-04-20 14:44 - 0000000 ____D C:\ProgramData\ErrorEND
2012-04-20 18:13 - 2012-04-20 14:44 - 0000000 ____D C:\Documents and Settings\All Users\ErrorEND
2012-04-20 18:11 - 2012-04-20 18:11 - 0001602 ____A C:\Users\Riverdale\Desktop\BLUE SCREEN VIEW.lnk
2012-04-20 18:11 - 2012-04-20 18:11 - 0001602 ____A C:\Documents and Settings\Riverdale\Desktop\BLUE SCREEN VIEW.lnk
2012-04-20 16:56 - 2012-04-20 16:56 - 0001921 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-04-20 16:56 - 2012-04-20 16:56 - 0001921 ____A C:\Documents and Settings\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-04-20 16:56 - 2012-04-20 16:56 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\SUPERAntiSpyware.com
2012-04-20 16:56 - 2012-04-20 16:56 - 0000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-04-20 16:56 - 2012-04-20 16:56 - 0000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2012-04-20 16:56 - 2012-04-20 16:56 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\SUPERAntiSpyware.com
2012-04-20 16:56 - 2012-04-20 16:56 - 0000000 ____D C:\Documents and Settings\All Users\SUPERAntiSpyware.com
2012-04-20 16:28 - 2011-07-19 03:19 - 0140687 ____N C:\Windows\Minidump\042012-29452-01.dmp
2012-04-20 15:55 - 2012-04-20 15:55 - 0027373 ____A C:\Users\Riverdale\Desktop\attach.webarchive
2012-04-20 15:55 - 2012-04-20 15:55 - 0027373 ____A C:\Documents and Settings\Riverdale\Desktop\attach.webarchive
2012-04-20 14:44 - 2012-04-20 14:44 - 0000390 ____A C:\Windows\Tasks\ErrorEND.job
2012-04-20 14:41 - 2012-04-20 14:41 - 0000000 ____D C:\Program Files\NirSoft
2012-04-20 14:25 - 2012-04-20 14:25 - 0000000 ____D C:\Users\Riverdale\Downloads\IMSM_V8901023
2012-04-20 14:25 - 2012-04-20 14:25 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\InstallShield
2012-04-20 14:25 - 2012-04-20 14:25 - 0000000 ____D C:\Program Files\Intel
2012-04-20 14:25 - 2012-04-20 14:25 - 0000000 ____D C:\Intel
2012-04-20 14:25 - 2012-04-20 14:25 - 0000000 ____D C:\Documents and Settings\Riverdale\Downloads\IMSM_V8901023
2012-04-20 14:25 - 2012-04-20 14:25 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\InstallShield
2012-04-20 14:25 - 2012-04-20 14:24 - 24172114 ____A C:\Users\Riverdale\Downloads\IMSM_V8901023.zip
2012-04-20 14:25 - 2012-04-20 14:24 - 24172114 ____A C:\Documents and Settings\Riverdale\Downloads\IMSM_V8901023.zip
2012-04-20 14:25 - 2011-07-21 05:10 - 0000000 ___HD C:\Program Files\InstallShield Installation Information
2012-04-20 14:19 - 2012-04-20 14:19 - 6074368 ____A C:\Users\Riverdale\Downloads\IPDT Installer 32Bit 1.42.0.0-13-9.exe
2012-04-20 14:19 - 2012-04-20 14:19 - 6074368 ____A C:\Documents and Settings\Riverdale\Downloads\IPDT Installer 32Bit 1.42.0.0-13-9.exe
2012-04-20 14:10 - 2012-04-18 19:42 - 0000000 ____D C:\Program Files\Avast aswMBR 0.9.9
2012-04-20 14:10 - 2012-04-14 20:03 - 0000000 ____D C:\Program Files\foobar2000
2012-04-20 14:10 - 2011-12-28 12:04 - 0000000 ____D C:\Program Files\CCleaner
2012-04-20 14:10 - 2011-08-28 07:07 - 0000000 ____D C:\Program Files\SeaMonkey
2012-04-20 14:10 - 2011-07-19 20:05 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\TeraCopy
2012-04-20 14:10 - 2011-07-19 20:05 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\TeraCopy
2012-04-20 14:10 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\AppCompat
2012-04-20 14:03 - 2012-04-20 14:03 - 0908576 ____A (Sun Microsystems, Inc.) C:\Users\Riverdale\Desktop\jxpiinstall.exe
2012-04-20 14:03 - 2012-04-20 14:03 - 0908576 ____A (Sun Microsystems, Inc.) C:\Documents and Settings\Riverdale\Desktop\jxpiinstall.exe
2012-04-20 13:31 - 2012-04-20 13:31 - 0000254 ____A C:\Windows\Tasks\PCUpdaterRunAtStartup.job
2012-04-20 11:03 - 2011-07-19 03:19 - 0164855 ____N C:\Windows\Minidump\042012-29686-01.dmp
2012-04-20 10:57 - 2009-07-13 20:53 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-04-20 10:53 - 2012-04-20 10:53 - 0000000 __SHD C:\$RECYCLE.BIN
2012-04-20 10:53 - 2011-07-25 18:57 - 0000000 ____D C:\users\Stanislav
2012-04-20 10:53 - 2009-07-13 18:37 - 0000000 ___RD C:\users\Public
2012-04-20 10:52 - 2009-07-13 18:04 - 0000215 ____A C:\Windows\system.ini
2012-04-20 10:51 - 2012-04-19 05:39 - 0000027 ____A C:\Windows\System32\Drivers\etc\hosts
2012-04-20 10:51 - 2012-03-18 11:07 - 0000000 ____D C:\Program Files\IMinent Toolbar
2012-04-20 10:30 - 2012-04-20 10:29 - 0155544 ____A C:\Windows\Minidump\042012-28953-01.dmp
2012-04-20 09:54 - 2012-04-20 09:54 - 0155544 ____A C:\Windows\Minidump\042012-30139-01.dmp
2012-04-20 09:36 - 2012-04-20 09:36 - 0155544 ____A C:\Windows\Minidump\042012-25537-01.dmp
2012-04-20 06:23 - 2012-04-20 06:23 - 0155544 ____A C:\Windows\Minidump\042012-30810-01.dmp
2012-04-20 02:35 - 2012-04-20 02:35 - 0155640 ____A C:\Windows\Minidump\042012-28938-01.dmp
2012-04-20 02:33 - 2012-03-26 18:16 - 0000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-04-20 02:31 - 2012-04-20 02:31 - 0000290 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{A2D55918-D908-4873-8460-2FAA0BAFC898}.job
2012-04-20 02:31 - 2009-07-13 20:53 - 0032600 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-04-19 20:41 - 2012-04-19 20:41 - 0000000 ____A C:\SophosBootTasks.txt
2012-04-19 20:36 - 2012-04-18 19:03 - 0000000 ____D C:\Program Files\Kaspersky TDSSKiller
2012-04-19 20:28 - 2012-04-19 17:26 - 0000000 ____D C:\Users\All Users\SpeedyPC Software
2012-04-19 20:28 - 2012-04-19 17:26 - 0000000 ____D C:\ProgramData\SpeedyPC Software
2012-04-19 20:28 - 2012-04-19 17:26 - 0000000 ____D C:\Documents and Settings\All Users\SpeedyPC Software
2012-04-19 17:26 - 2012-04-19 17:26 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\SpeedyPC Software
2012-04-19 17:26 - 2012-04-19 17:26 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\DriverCure
2012-04-19 17:26 - 2012-04-19 17:26 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\SpeedyPC Software
2012-04-19 17:26 - 2012-04-19 17:26 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\DriverCure
2012-04-19 17:21 - 2011-07-23 17:54 - 0000000 ____D C:\Users\Riverdale\AppData\Local\ElevatedDiagnostics
2012-04-19 17:21 - 2011-07-23 17:54 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Local\ElevatedDiagnostics
2012-04-19 17:19 - 2011-07-19 03:19 - 0164855 ____N C:\Windows\Minidump\041912-30778-01.dmp
2012-04-19 16:39 - 2012-04-19 05:30 - 0000000 ____D C:\Program Files\Comodo Cleaning Essentials
2012-04-19 16:17 - 2012-04-19 16:17 - 0242240 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2012-04-19 07:02 - 2012-04-19 07:02 - 0155640 ____A C:\Windows\Minidump\041912-26910-01.dmp
2012-04-19 05:42 - 2012-03-18 11:04 - 0000000 ____D C:\Program Files\Yontoo
2012-04-19 05:39 - 2012-04-19 05:42 - 0000000 ____A C:\Windows\System32\Drivers\etc\hosts.ccebak
2012-04-18 19:48 - 2012-04-18 19:48 - 0002651 ____A C:\Users\Riverdale\Desktop\aswMBR.txt
2012-04-18 19:48 - 2012-04-18 19:48 - 0002651 ____A C:\Documents and Settings\Riverdale\Desktop\aswMBR.txt
2012-04-18 19:48 - 2012-04-18 19:48 - 0000512 ____A C:\Users\Riverdale\Desktop\MBR.dat
2012-04-18 19:48 - 2012-04-18 19:48 - 0000512 ____A C:\Documents and Settings\Riverdale\Desktop\MBR.dat
2012-04-18 19:06 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\registration
2012-04-18 18:56 - 2012-04-18 18:56 - 0000000 ____D C:\TDSSKiller_Quarantine
2012-04-18 18:55 - 2012-04-18 18:55 - 0624480 ____A (SlimWare Utilities, Inc.) C:\DriverUpdate-setup.exe
2012-04-18 18:15 - 2011-07-19 03:19 - 0164855 ____N C:\Windows\Minidump\041812-26707-01.dmp
2012-04-18 18:12 - 2012-04-18 18:12 - 0003213 ____A C:\Users\Riverdale\Desktop\Sophos Virus Removal Tool.lnk
2012-04-18 18:12 - 2012-04-18 18:12 - 0003213 ____A C:\Documents and Settings\Riverdale\Desktop\Sophos Virus Removal Tool.lnk
2012-04-18 18:12 - 2012-04-18 18:12 - 0000000 ____D C:\Users\All Users\Sophos
2012-04-18 18:12 - 2012-04-18 18:12 - 0000000 ____D C:\ProgramData\Sophos
2012-04-18 18:12 - 2012-04-18 18:12 - 0000000 ____D C:\Program Files\Sophos
2012-04-18 18:12 - 2012-04-18 18:12 - 0000000 ____D C:\Documents and Settings\All Users\Sophos
2012-04-18 09:26 - 2012-04-18 09:26 - 0144944 ____A C:\Windows\Minidump\041812-27534-01.dmp
2012-04-18 09:18 - 2011-07-19 17:09 - 0000000 ____D C:\Users\All Users\Avira
2012-04-18 09:18 - 2011-07-19 17:09 - 0000000 ____D C:\ProgramData\Avira
2012-04-18 09:18 - 2011-07-19 17:09 - 0000000 ____D C:\Documents and Settings\All Users\Avira
2012-04-18 09:17 - 2011-07-19 12:48 - 0000000 ____D C:\Program Files\NVIDIA Corporation
2012-04-18 09:14 - 2011-12-17 15:33 - 0000000 ____D C:\Program Files\BlackIsle
2012-04-18 09:08 - 2011-07-19 03:19 - 0164567 ____N C:\Windows\Minidump\041812-27409-02.dmp
2012-04-18 08:54 - 2009-07-13 18:04 - 0002953 ____A C:\Windows\win.ini
2012-04-18 08:53 - 2011-07-19 03:19 - 0164567 ____N C:\Windows\Minidump\041812-34523-01.dmp
2012-04-18 08:41 - 2012-04-18 08:41 - 0028488 ____A C:\Windows\System32\Drivers\mbamchameleon.sys
2012-04-18 05:25 - 2011-07-19 03:19 - 0164567 ____N C:\Windows\Minidump\041812-26270-01.dmp
2012-04-18 05:19 - 2011-07-22 09:54 - 0000000 ____D C:\Windows\ru-RU
2012-04-18 04:20 - 2011-07-19 03:19 - 0164567 ____N C:\Windows\Minidump\041812-24492-01.dmp
2012-04-18 04:03 - 2011-07-19 18:59 - 0000038 ____A C:\dvmaccounts.ini
2012-04-18 04:03 - 2011-07-19 18:37 - 0000177 ____H C:\dvmexp.idx
2012-04-18 04:03 - 2009-07-13 20:34 - 0024880 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-04-18 04:03 - 2009-07-13 20:34 - 0024880 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-04-18 03:51 - 2011-07-19 03:19 - 0164567 ____N C:\Windows\Minidump\041812-28267-01.dmp
2012-04-17 21:07 - 2011-07-19 03:19 - 0164567 ____N C:\Windows\Minidump\041812-27346-01.dmp
2012-04-17 20:59 - 2011-07-31 16:49 - 0000000 ____D C:\Program Files\HijackThis
2012-04-17 20:56 - 2011-07-19 03:19 - 0164567 ____N C:\Windows\Minidump\041812-27393-01.dmp
2012-04-17 20:46 - 2011-07-19 03:19 - 0164567 ____N C:\Windows\Minidump\041812-27050-01.dmp
2012-04-17 20:34 - 2012-04-17 20:34 - 0023768 ____N C:\bootsqm.dat
2012-04-17 20:25 - 2011-07-19 03:19 - 0164567 ____N C:\Windows\Minidump\041812-25334-01.dmp
2012-04-17 20:17 - 2011-07-19 03:19 - 0164567 ____N C:\Windows\Minidump\041812-25989-01.dmp
2012-04-17 20:10 - 2011-08-28 07:07 - 0001896 ____A C:\Users\Public\Desktop\SeaMonkey.lnk
2012-04-17 20:10 - 2011-08-28 07:07 - 0001896 ____A C:\Documents and Settings\Public\Desktop\SeaMonkey.lnk
2012-04-17 20:09 - 2012-04-17 20:09 - 18563031 ____A C:\Users\Riverdale\Desktop\SeaMonkey Setup 2.8.exe
2012-04-17 20:09 - 2012-04-17 20:09 - 18563031 ____A C:\Documents and Settings\Riverdale\Desktop\SeaMonkey Setup 2.8.exe
2012-04-17 20:02 - 2012-03-14 17:28 - 0000000 ____D C:\NVIDIA
2012-04-17 19:29 - 2012-01-09 16:16 - 0001027 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-04-17 19:29 - 2012-01-09 16:16 - 0001027 ____A C:\Documents and Settings\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-04-17 19:21 - 2011-08-03 04:39 - 0000000 ____D C:\Program Files\Debugging Tools for Windows (x86)
2012-04-17 19:12 - 2011-07-19 03:19 - 0164567 ____N C:\Windows\Minidump\041712-25880-01.dmp
2012-04-17 19:06 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\LogFiles
2012-04-17 19:05 - 2011-07-19 03:19 - 0164567 ____N C:\Windows\Minidump\041712-49062-01.dmp
2012-04-17 17:55 - 2011-07-19 03:19 - 0164567 ____N C:\Windows\Minidump\041712-56222-01.dmp
2012-04-17 09:01 - 2011-07-19 03:19 - 0164695 ____N C:\Windows\Minidump\041712-59451-01.dmp
2012-04-17 07:56 - 2012-04-17 07:53 - 35124856 ____A ( ) C:\Users\Riverdale\Downloads\AdbeRdr90_en_US.exe
2012-04-17 07:56 - 2012-04-17 07:53 - 35124856 ____A ( ) C:\Documents and Settings\Riverdale\Downloads\AdbeRdr90_en_US.exe
2012-04-15 18:40 - 2012-04-15 18:40 - 2186943 ____A C:\Users\Riverdale\Desktop\??????? ?????? ?? ??????? ????.webarchive
2012-04-15 18:40 - 2012-04-15 18:40 - 2186943 ____A C:\Documents and Settings\Riverdale\Desktop\??????? ?????? ?? ??????? ????.webarchive
2012-04-15 18:36 - 2012-04-15 18:36 - 1265749 ____A C:\Users\Riverdale\Desktop\Makarovsky history jews Rus Russian.webarchive
2012-04-15 18:36 - 2012-04-15 18:36 - 1265749 ____A C:\Documents and Settings\Riverdale\Desktop\Makarovsky history jews Rus Russian.webarchive
2012-04-15 03:51 - 2011-07-19 02:14 - 0000000 ____D C:\Users\Riverdale\AppData\LocalLow
2012-04-15 03:51 - 2011-07-19 02:14 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\LocalLow
2012-04-14 20:52 - 2012-04-14 20:04 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\foobar2000
2012-04-14 20:52 - 2012-04-14 20:04 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\foobar2000
2012-04-14 20:03 - 2012-04-14 20:03 - 0000949 ____A C:\Users\Public\Desktop\foobar2000.lnk
2012-04-14 20:03 - 2012-04-14 20:03 - 0000949 ____A C:\Documents and Settings\Public\Desktop\foobar2000.lnk
2012-04-14 11:39 - 2012-04-14 11:39 - 0207739 ____A C:\Users\Riverdale\Desktop\schedule April 16-22.rtf
2012-04-14 11:39 - 2012-04-14 11:39 - 0207739 ____A C:\Documents and Settings\Riverdale\Desktop\schedule April 16-22.rtf
2012-04-13 10:33 - 2012-03-26 18:16 - 0418464 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-04-13 10:33 - 2012-03-26 18:16 - 0070304 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-04-12 05:22 - 2012-04-12 04:02 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\U3
2012-04-12 05:22 - 2012-04-12 04:02 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\U3
2012-04-12 04:54 - 2012-04-12 04:54 - 3355153 ____A (Beyond CHM ) C:\Users\Riverdale\Downloads\BeyondCHM1.1_Trial_Installer.exe
2012-04-12 04:54 - 2012-04-12 04:54 - 3355153 ____A (Beyond CHM ) C:\Documents and Settings\Riverdale\Downloads\BeyondCHM1.1_Trial_Installer.exe
2012-04-12 04:19 - 2011-12-09 23:25 - 0000000 ____D C:\Users\Riverdale\Desktop\SGasan116 PICTURES
2012-04-12 04:19 - 2011-12-09 23:25 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\SGasan116 PICTURES
2012-04-12 04:14 - 2012-04-11 19:33 - 0000000 ____D C:\Users\Riverdale\Desktop\BOOKS & FAVORITES
2012-04-12 04:14 - 2012-04-11 19:33 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\BOOKS & FAVORITES
2012-04-10 23:29 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\Microsoft.NET
2012-04-10 16:31 - 2012-04-24 04:09 - 1075200 ____A C:\Windows\System32\ac3filter.acm
2012-04-09 09:13 - 2012-04-09 09:13 - 0002130 ____A C:\Users\Public\Desktop\Google Earth.lnk
2012-04-09 09:13 - 2012-04-09 09:13 - 0002130 ____A C:\Documents and Settings\Public\Desktop\Google Earth.lnk
2012-04-09 09:12 - 2011-07-19 03:57 - 0000000 ____D C:\Program Files\Google
2012-04-08 08:09 - 2011-07-29 19:47 - 0010752 ____A C:\Users\Riverdale\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-04-08 08:09 - 2011-07-29 19:47 - 0010752 ____A C:\Documents and Settings\Riverdale\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-04-07 16:08 - 2012-04-07 16:08 - 1692351 ____A C:\Users\Riverdale\Desktop\??????? ?????? ??????? ????? 00001373-00001374.webarchive
2012-04-07 16:08 - 2012-04-07 16:08 - 1692351 ____A C:\Documents and Settings\Riverdale\Desktop\??????? ?????? ??????? ????? 00001373-00001374.webarchive
2012-04-07 14:07 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\NDF
2012-04-06 20:27 - 2011-10-09 09:40 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\BitTorrent
2012-04-06 20:27 - 2011-10-09 09:40 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\BitTorrent
2012-04-06 20:11 - 2012-04-06 20:11 - 0001327 ____A C:\Users\Riverdale\Desktop\The Suffering Ties That Bind.lnk
2012-04-06 20:11 - 2012-04-06 20:11 - 0001327 ____A C:\Documents and Settings\Riverdale\Desktop\The Suffering Ties That Bind.lnk
2012-04-06 20:00 - 2012-04-06 19:55 - 0000000 ____D C:\Program Files\TSTTB
2012-04-05 17:52 - 2012-04-05 17:52 - 0001070 ____A C:\Users\Riverdale\Desktop\PDF-XChange Viewer.lnk
2012-04-05 17:52 - 2012-04-05 17:52 - 0001070 ____A C:\Documents and Settings\Riverdale\Desktop\PDF-XChange Viewer.lnk
2012-04-05 17:50 - 2012-04-05 17:50 - 0000000 ____D C:\Program Files\PDF-XChange Viewer
2012-04-05 17:49 - 2011-12-28 12:04 - 0000925 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-04-05 17:49 - 2011-12-28 12:04 - 0000925 ____A C:\Documents and Settings\Public\Desktop\CCleaner.lnk
2012-04-05 17:48 - 2012-04-05 07:10 - 0000000 ____D C:\Users\Riverdale\AppData\Local\Tracker Software
2012-04-05 17:48 - 2012-04-05 07:10 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Local\Tracker Software
2012-04-05 07:35 - 2011-12-27 18:34 - 0000000 ____D C:\Users\Riverdale\Desktop\SCI-FI
2012-04-05 07:35 - 2011-12-27 18:34 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\SCI-FI
2012-04-05 07:30 - 2012-04-05 04:05 - 0000000 ____D C:\Users\Riverdale\Desktop\????? ????? ?????? ???????
2012-04-05 07:30 - 2012-04-05 04:05 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\????? ????? ?????? ???????
2012-04-05 04:09 - 2012-04-05 04:09 - 0000000 ____D C:\Users\Riverdale\Desktop\?????? ??????
2012-04-05 04:09 - 2012-04-05 04:09 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\?????? ??????
2012-04-04 20:44 - 2012-04-03 20:53 - 0000000 ____D C:\Users\Riverdale\Documents\BioWare
2012-04-04 20:44 - 2012-04-03 20:53 - 0000000 ____D C:\Documents and Settings\Riverdale\Documents\BioWare
2012-04-04 19:47 - 2012-04-04 19:47 - 1276482 ____A C:\Users\Riverdale\Desktop\Blindsight by Peter Watts.webarchive
2012-04-04 19:47 - 2012-04-04 19:47 - 1276482 ____A C:\Documents and Settings\Riverdale\Desktop\Blindsight by Peter Watts.webarchive
2012-04-04 11:56 - 2011-07-20 05:49 - 0022344 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-04-03 19:53 - 2012-04-03 19:53 - 0000071 ____A C:\Users\Riverdale\Desktop\Free guitar backing tracks for bands starting with T.URL
2012-04-03 19:53 - 2012-04-03 19:53 - 0000071 ____A C:\Documents and Settings\Riverdale\Desktop\Free guitar backing tracks for bands starting with T.URL
2012-04-03 19:29 - 2012-04-03 19:29 - 0001295 ____A C:\Users\Public\Desktop\Mass Effect 3.lnk
2012-04-03 19:29 - 2012-04-03 19:29 - 0001295 ____A C:\Documents and Settings\Public\Desktop\Mass Effect 3.lnk
2012-04-03 19:09 - 2012-04-03 19:09 - 0000000 ____D C:\Program Files\EA
2012-04-03 06:17 - 2012-04-03 06:16 - 0000000 ____D C:\Users\Riverdale\Desktop\MASS EFFECT 3 SHEPARD FILE
2012-04-03 06:17 - 2012-04-03 06:16 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\MASS EFFECT 3 SHEPARD FILE
2012-04-03 03:19 - 2012-02-18 23:29 - 0000000 ____D C:\Program Files\R.G. Mechanics
2012-04-01 04:36 - 2011-11-18 19:58 - 0000000 ____D C:\Users\Riverdale\Desktop\HI-FI
2012-04-01 04:36 - 2011-11-18 19:58 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\HI-FI
2012-03-28 23:02 - 2011-07-19 02:37 - 55154568 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-03-28 18:56 - 2011-07-19 05:00 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\uTorrent
2012-03-28 18:56 - 2011-07-19 05:00 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\uTorrent
2012-03-27 07:34 - 2012-03-18 20:18 - 0002479 ____A C:\Users\Public\Desktop\Safari.lnk
2012-03-27 07:34 - 2012-03-18 20:18 - 0002479 ____A C:\Documents and Settings\Public\Desktop\Safari.lnk
2012-03-27 07:34 - 2012-03-18 20:18 - 0000000 ____D C:\Program Files\Safari
2012-03-27 05:14 - 2012-03-27 05:14 - 0001090 ____A C:\Users\Public\Desktop\Duplicate File Detective 3.lnk
2012-03-27 05:14 - 2012-03-27 05:14 - 0001090 ____A C:\Documents and Settings\Public\Desktop\Duplicate File Detective 3.lnk
2012-03-27 05:14 - 2012-03-27 05:14 - 0000000 __HDC C:\Users\All Users\{E918F213-70D6-413C-ADD5-BC8B1B755B23}
2012-03-27 05:14 - 2012-03-27 05:14 - 0000000 __HDC C:\ProgramData\{E918F213-70D6-413C-ADD5-BC8B1B755B23}
2012-03-27 05:14 - 2012-03-27 05:14 - 0000000 __HDC C:\Documents and Settings\All Users\{E918F213-70D6-413C-ADD5-BC8B1B755B23}
2012-03-27 05:14 - 2012-03-27 05:14 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\Key Metric Software
2012-03-27 05:14 - 2012-03-27 05:14 - 0000000 ____D C:\Program Files\Key Metric Software
2012-03-27 05:14 - 2012-03-27 05:14 - 0000000 ____D C:\Program Files\Common Files\Key Metric Software
2012-03-27 05:14 - 2012-03-27 05:14 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\Key Metric Software
2012-03-26 18:47 - 2012-03-26 18:47 - 1116991 ____A C:\Users\Riverdale\Downloads\Unconfirmed 81613.crdownload
2012-03-26 18:47 - 2012-03-26 18:47 - 1116991 ____A C:\Documents and Settings\Riverdale\Downloads\Unconfirmed 81613.crdownload
2012-03-26 18:46 - 2011-08-13 06:52 - 0001839 ____A C:\Users\Public\Desktop\VDownloader.lnk
2012-03-26 18:46 - 2011-08-13 06:52 - 0001839 ____A C:\Documents and Settings\Public\Desktop\VDownloader.lnk
2012-03-26 18:46 - 2011-08-13 06:52 - 0000000 ____D C:\Program Files\VDownloader
2012-03-26 18:41 - 2011-11-25 07:52 - 0000000 ____D C:\Users\Riverdale\Documents\Music Collector
2012-03-26 18:41 - 2011-11-25 07:52 - 0000000 ____D C:\Documents and Settings\Riverdale\Documents\Music Collector
2012-03-26 18:38 - 2012-03-26 18:38 - 0000909 ____A C:\Users\Riverdale\Desktop\Jaangle.lnk
2012-03-26 18:38 - 2012-03-26 18:38 - 0000909 ____A C:\Documents and Settings\Riverdale\Desktop\Jaangle.lnk
2012-03-26 18:38 - 2011-07-23 18:26 - 0000000 ____D C:\Program Files\Jaangle
2012-03-26 18:13 - 2012-03-26 18:13 - 4137120 ____A (Adobe Systems Incorporated) C:\Users\Riverdale\Desktop\flashplayer11-2_p6_install_win_pi32_022712.exe
2012-03-26 18:13 - 2012-03-26 18:13 - 4137120 ____A (Adobe Systems Incorporated) C:\Documents and Settings\Riverdale\Desktop\flashplayer11-2_p6_install_win_pi32_022712.exe
2012-03-26 06:15 - 2011-11-25 10:11 - 0000000 ____D C:\Program Files\JetAudio
2012-03-25 11:00 - 2012-03-25 11:00 - 0015511 ____A C:\Users\Riverdale\Desktop\[rutracker.org].t3916096 (1).torrent
2012-03-25 11:00 - 2012-03-25 11:00 - 0015511 ____A C:\Documents and Settings\Riverdale\Desktop\[rutracker.org].t3916096 (1).torrent
2012-03-25 05:08 - 2012-03-25 05:08 - 0015511 ____A C:\Users\Riverdale\Downloads\[rutracker.org].t3916096.torrent
2012-03-25 05:08 - 2012-03-25 05:08 - 0015511 ____A C:\Documents and Settings\Riverdale\Downloads\[rutracker.org].t3916096.torrent
2012-03-25 02:14 - 2011-07-19 03:57 - 0000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-03-25 02:14 - 2011-07-19 03:57 - 0000888 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-03-24 16:07 - 2012-03-24 16:07 - 0016918 ____A C:\Users\Riverdale\Desktop\[rutracker.org].t702130.torrent
2012-03-24 16:07 - 2012-03-24 16:07 - 0016918 ____A C:\Documents and Settings\Riverdale\Desktop\[rutracker.org].t702130.torrent
2012-03-24 16:06 - 2012-03-24 16:07 - 0021226 ____A C:\Users\Riverdale\Desktop\[rutracker.org].t1154104.torrent
2012-03-24 16:06 - 2012-03-24 16:07 - 0021226 ____A C:\Documents and Settings\Riverdale\Desktop\[rutracker.org].t1154104.torrent
2012-03-24 16:06 - 2012-03-24 16:06 - 0020342 ____A C:\Users\Riverdale\Desktop\[rutracker.org].t1536251.torrent
2012-03-24 16:06 - 2012-03-24 16:06 - 0020342 ____A C:\Documents and Settings\Riverdale\Desktop\[rutracker.org].t1536251.torrent
2012-03-24 16:05 - 2012-03-24 16:05 - 0015411 ____A C:\Users\Riverdale\Desktop\[rutracker.org].t3488337.torrent
2012-03-24 16:05 - 2012-03-24 16:05 - 0015411 ____A C:\Documents and Settings\Riverdale\Desktop\[rutracker.org].t3488337.torrent
2012-03-24 16:02 - 2012-03-24 16:05 - 0015411 ____A C:\Users\Riverdale\Desktop\[rutracker.org].t3487887.torrent
2012-03-24 16:02 - 2012-03-24 16:05 - 0015411 ____A C:\Documents and Settings\Riverdale\Desktop\[rutracker.org].t3487887.torrent
2012-03-24 12:48 - 2012-03-24 12:48 - 0008341 ____A C:\Users\Riverdale\Desktop\[rutracker.org].t1219472.torrent
2012-03-24 12:48 - 2012-03-24 12:48 - 0008341 ____A C:\Documents and Settings\Riverdale\Desktop\[rutracker.org].t1219472.torrent
2012-03-22 20:43 - 2011-07-21 19:08 - 0000000 ____D C:\Users\Riverdale\AppData\Local\MediaMonkey
2012-03-22 20:43 - 2011-07-21 19:08 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Local\MediaMonkey
2012-03-22 20:42 - 2012-03-22 20:42 - 0000961 ____A C:\Users\Public\Desktop\MediaMonkey.lnk
2012-03-22 20:42 - 2012-03-22 20:42 - 0000961 ____A C:\Documents and Settings\Public\Desktop\MediaMonkey.lnk
2012-03-22 20:42 - 2012-03-22 20:42 - 0000000 ____D C:\Users\All Users\MediaMonkey
2012-03-22 20:42 - 2012-03-22 20:42 - 0000000 ____D C:\ProgramData\MediaMonkey
2012-03-22 20:42 - 2012-03-22 20:42 - 0000000 ____D C:\Program Files\MediaMonkey
2012-03-22 20:42 - 2012-03-22 20:42 - 0000000 ____D C:\Documents and Settings\All Users\MediaMonkey
2012-03-22 20:29 - 2012-03-22 20:29 - 0001398 ____A C:\Users\Riverdale\Desktop\TheThing.exe - Shortcut.lnk
2012-03-22 20:29 - 2012-03-22 20:29 - 0001398 ____A C:\Documents and Settings\Riverdale\Desktop\TheThing.exe - Shortcut.lnk
2012-03-22 17:40 - 2012-03-22 17:40 - 0000981 ____A C:\Users\Public\Desktop\The Thing.lnk
2012-03-22 17:40 - 2012-03-22 17:40 - 0000981 ____A C:\Documents and Settings\Public\Desktop\The Thing.lnk
2012-03-19 10:32 - 2012-03-19 10:28 - 0000000 ____D C:\Windows\System32\Adobe
2012-03-18 20:45 - 2012-03-18 20:45 - 0042705 ____A C:\Users\Riverdale\Desktop\[rutracker.org].t1522205.torrent
2012-03-18 20:45 - 2012-03-18 20:45 - 0042705 ____A C:\Documents and Settings\Riverdale\Desktop\[rutracker.org].t1522205.torrent
2012-03-18 20:44 - 2012-03-18 20:44 - 0023410 ____A C:\Users\Riverdale\Desktop\[rutracker.org].t1620288 (1).torrent
2012-03-18 20:44 - 2012-03-18 20:44 - 0023410 ____A C:\Documents and Settings\Riverdale\Desktop\[rutracker.org].t1620288 (1).torrent
2012-03-18 20:43 - 2012-03-18 20:44 - 0023410 ____A C:\Users\Riverdale\Desktop\[rutracker.org].t1620288.torrent
2012-03-18 20:43 - 2012-03-18 20:44 - 0023410 ____A C:\Documents and Settings\Riverdale\Desktop\[rutracker.org].t1620288.torrent
2012-03-18 20:40 - 2012-03-18 20:40 - 0016546 ____A C:\Users\Riverdale\Desktop\[pornolab.net].t1412129.torrent
2012-03-18 20:40 - 2012-03-18 20:40 - 0016546 ____A C:\Documents and Settings\Riverdale\Desktop\[pornolab.net].t1412129.torrent
2012-03-18 19:04 - 2012-03-17 19:11 - 0000000 ____D C:\Users\Riverdale\.columbus
2012-03-18 19:04 - 2012-03-17 19:11 - 0000000 ____D C:\Documents and Settings\Riverdale\.columbus
2012-03-18 16:01 - 2012-03-18 16:01 - 0131072 ____N C:\Windows\Minidump\031812-45333-01.dmp
2012-03-18 14:31 - 2012-03-18 14:31 - 0356676 ____A C:\Users\Riverdale\Desktop\dxwnd.02.01.40.rar
2012-03-18 14:31 - 2012-03-18 14:31 - 0356676 ____A C:\Documents and Settings\Riverdale\Desktop\dxwnd.02.01.40.rar
2012-03-18 13:12 - 2012-03-02 17:33 - 0000320 ____A C:\Windows\Tasks\GlaryInitialize.job
2012-03-18 13:04 - 2012-03-13 15:10 - 0000000 ____A C:\Users\Riverdale\AppData\Roaming\.googlewebacchosts
2012-03-18 13:04 - 2012-03-13 15:10 - 0000000 ____A C:\Documents and Settings\Riverdale\AppData\Roaming\.googlewebacchosts
2012-03-18 13:01 - 2012-03-18 11:07 - 0000830 ____A C:\Windows\System32\InstallUtil.InstallLog
2012-03-18 13:00 - 2012-03-18 13:00 - 0000000 ____D C:\Windows\pss
2012-03-18 12:24 - 2012-03-14 16:56 - 0000440 _RASH C:\Users\All Users\ntuser.pol
2012-03-18 12:24 - 2012-03-14 16:56 - 0000440 _RASH C:\ProgramData\ntuser.pol
2012-03-18 12:24 - 2012-03-14 16:56 - 0000440 _RASH C:\Documents and Settings\All Users\ntuser.pol
2012-03-18 11:12 - 2012-03-18 11:06 - 0000000 ____D C:\Users\Riverdale\AppData\Local\WeatherBug
2012-03-18 11:12 - 2012-03-18 11:06 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Local\WeatherBug
2012-03-18 11:06 - 2012-03-18 11:06 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\WeatherBug
2012-03-18 11:06 - 2012-03-18 11:06 - 0000000 ____D C:\Program Files\Setup Support for Weatherbug
2012-03-18 11:06 - 2012-03-18 11:06 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\WeatherBug
2012-03-18 11:04 - 2012-03-18 11:04 - 0000000 ____D C:\Users\All Users\Tarma Installer
2012-03-18 11:04 - 2012-03-18 11:04 - 0000000 ____D C:\ProgramData\Tarma Installer
2012-03-18 11:04 - 2012-03-18 11:04 - 0000000 ____D C:\Documents and Settings\All Users\Tarma Installer
2012-03-18 11:04 - 2012-03-05 19:31 - 0000000 ____D C:\Program Files\fbphotozoom
2012-03-18 04:45 - 2011-10-09 21:09 - 0000000 ____D C:\Games
2012-03-17 19:15 - 2012-03-17 19:15 - 0002387 ____A C:\Users\Riverdale\Desktop\CoolNovo.lnk
2012-03-17 19:15 - 2012-03-17 19:15 - 0002387 ____A C:\Documents and Settings\Riverdale\Desktop\CoolNovo.lnk
2012-03-17 19:15 - 2012-03-17 19:15 - 0000000 ____D C:\Users\Riverdale\AppData\Local\MapleStudio
2012-03-17 19:15 - 2012-03-17 19:15 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Local\MapleStudio
2012-03-17 19:13 - 2012-03-17 19:13 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\Tencent
2012-03-17 19:13 - 2012-03-17 19:13 - 0000000 ____D C:\Users\All Users\Tencent
2012-03-17 19:13 - 2012-03-17 19:13 - 0000000 ____D C:\ProgramData\Tencent
2012-03-17 19:13 - 2012-03-17 19:13 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\Tencent
2012-03-17 19:13 - 2012-03-17 19:13 - 0000000 ____D C:\Documents and Settings\All Users\Tencent
2012-03-17 19:09 - 2012-03-17 19:09 - 0000922 ____A C:\Users\Public\Desktop\SRWare Iron.lnk
2012-03-17 19:09 - 2012-03-17 19:09 - 0000922 ____A C:\Documents and Settings\Public\Desktop\SRWare Iron.lnk
2012-03-17 19:09 - 2012-03-17 19:09 - 0000000 ____D C:\Program Files\SRWare Iron
2012-03-17 15:36 - 2012-03-17 15:36 - 0000916 ____A C:\Users\Public\Desktop\LeapFrog Connect.lnk
2012-03-17 15:36 - 2012-03-17 15:36 - 0000916 ____A C:\Documents and Settings\Public\Desktop\LeapFrog Connect.lnk
2012-03-17 15:36 - 2012-03-17 15:36 - 0000000 ____D C:\Windows\9013B37099D4404B9DB9779B51CEB5FF.TMP
2012-03-17 15:35 - 2012-03-17 15:35 - 0005092 ____A C:\Windows\DPINST.LOG
2012-03-17 15:35 - 2012-03-17 15:35 - 0000000 ____D C:\Program Files\DIFX
2012-03-17 15:35 - 2012-03-17 15:30 - 0000000 ____D C:\Program Files\LeapFrog
2012-03-17 15:33 - 2011-07-21 03:25 - 0000000 ____D C:\Program Files\The KMPlayer
2012-03-17 15:30 - 2012-03-17 15:30 - 0000000 ____D C:\Users\Riverdale\Desktop\log
2012-03-17 15:30 - 2012-03-17 15:30 - 0000000 ____D C:\Users\All Users\Leapfrog
2012-03-17 15:30 - 2012-03-17 15:30 - 0000000 ____D C:\ProgramData\Leapfrog
2012-03-17 15:30 - 2012-03-17 15:30 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\log
2012-03-17 15:30 - 2012-03-17 15:30 - 0000000 ____D C:\Documents and Settings\All Users\Leapfrog
2012-03-17 08:49 - 2012-03-17 08:49 - 0000869 ____A C:\Users\Public\Desktop\Epic.lnk
2012-03-17 08:49 - 2012-03-17 08:49 - 0000869 ____A C:\Documents and Settings\Public\Desktop\Epic.lnk
2012-03-17 08:49 - 2012-03-17 08:49 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\Epic
2012-03-17 08:49 - 2012-03-17 08:49 - 0000000 ____D C:\Users\Riverdale\AppData\Local\Epic
2012-03-17 08:49 - 2012-03-17 08:49 - 0000000 ____D C:\Program Files\Epic
2012-03-17 08:49 - 2012-03-17 08:49 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\Epic
2012-03-17 08:49 - 2012-03-17 08:49 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Local\Epic
2012-03-17 08:49 - 2012-03-16 23:01 - 0000000 ____D C:\Users\Riverdale\AppData\Local\EpicNewTab
2012-03-17 08:49 - 2012-03-16 23:01 - 0000000 ____D C:\Program Files\EpicAssistants
2012-03-17 08:49 - 2012-03-16 23:01 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Local\EpicNewTab
2012-03-17 08:35 - 2012-03-17 08:33 - 19920728 ____A (Hidden Reflex ) C:\Users\Riverdale\Downloads\epic-setup(1).exe
2012-03-17 08:35 - 2012-03-17 08:33 - 19920728 ____A (Hidden Reflex ) C:\Documents and Settings\Riverdale\Downloads\epic-setup(1).exe
2012-03-16 22:59 - 2011-10-30 14:36 - 0000000 ____D C:\Users\Riverdale\Desktop\Krivoy Rog Jazzmen
2012-03-16 22:59 - 2011-10-30 14:36 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\Krivoy Rog Jazzmen
2012-03-16 22:31 - 2012-03-16 21:08 - 189251697 ____A C:\Users\Riverdale\Desktop\???????????? ???????????? ???. ??? 3 [BY]PavelDAS[DDG](1).pdf
2012-03-16 22:31 - 2012-03-16 21:08 - 189251697 ____A C:\Documents and Settings\Riverdale\Desktop\???????????? ???????????? ???. ??? 3 [BY]PavelDAS[DDG](1).pdf
2012-03-16 21:43 - 2011-07-19 17:47 - 0001008 ____A C:\Users\Riverdale\Desktop\Maxthon 3.lnk
2012-03-16 21:43 - 2011-07-19 17:47 - 0001008 ____A C:\Documents and Settings\Riverdale\Desktop\Maxthon 3.lnk
2012-03-16 18:11 - 2012-03-16 18:11 - 0224201 ____A C:\Users\Riverdale\Desktop\EKI-3_OCRv1.html
2012-03-16 18:11 - 2012-03-16 18:11 - 0224201 ____A C:\Documents and Settings\Riverdale\Desktop\EKI-3_OCRv1.html
2012-03-16 18:11 - 2012-03-16 18:11 - 0000000 ____D C:\Users\Riverdale\Desktop\EKI-3_OCRv1_files
2012-03-16 18:11 - 2012-03-16 18:11 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\EKI-3_OCRv1_files
2012-03-15 14:16 - 2009-07-13 20:33 - 0315512 ____A C:\Windows\System32\FNTCACHE.DAT
2012-03-14 18:51 - 2012-03-14 18:20 - 0000000 ____D C:\Users\Riverdale\Desktop\???? ???
2012-03-14 18:51 - 2012-03-14 18:20 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\???? ???
2012-03-14 18:19 - 2012-03-14 18:19 - 0000000 ____D C:\Users\Riverdale\Downloads\desmond morris
2012-03-14 18:19 - 2012-03-14 18:19 - 0000000 ____D C:\Documents and Settings\Riverdale\Downloads\desmond morris
2012-03-14 17:29 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\Help
2012-03-12 19:55 - 2012-03-12 19:55 - 0000000 ____D C:\Absolute Fretboard, Guitar Speed, Guitar & Bass Ear Trainer
2012-03-12 16:50 - 2012-03-12 16:50 - 0000000 ____D C:\Users\Riverdale\Downloads\Harli_Enchighendaudio
2012-03-12 16:50 - 2012-03-12 16:50 - 0000000 ____D C:\Documents and Settings\Riverdale\Downloads\Harli_Enchighendaudio
2012-03-12 16:49 - 2012-01-18 07:56 - 0000000 ____D C:\Users\Riverdale\Desktop\Dr. John R. Christopher
2012-03-12 16:49 - 2012-01-18 07:56 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\Dr. John R. Christopher
2012-03-12 16:41 - 2012-03-12 16:41 - 0000000 ____D C:\Users\Riverdale\Desktop\rodzaevsky-sovremennaya-iudisazia-mira
2012-03-12 16:41 - 2012-03-12 16:41 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\rodzaevsky-sovremennaya-iudisazia-mira
2012-03-11 19:53 - 2012-03-11 19:53 - 0001015 ____A C:\Users\Riverdale\Desktop\FeyAccelerator.lnk
2012-03-11 19:53 - 2012-03-11 19:53 - 0001015 ____A C:\Documents and Settings\Riverdale\Desktop\FeyAccelerator.lnk
2012-03-11 19:52 - 2012-03-11 19:33 - 0000000 ____D C:\Program Files\FeyAccelerator
2012-03-11 19:33 - 2012-03-11 19:33 - 0000997 ____A C:\Users\Public\Desktop\FeyAccelerator.lnk
2012-03-11 19:33 - 2012-03-11 19:33 - 0000997 ____A C:\Documents and Settings\Public\Desktop\FeyAccelerator.lnk
2012-03-11 19:30 - 2012-03-11 19:24 - 0000000 ____D C:\Program Files\WireBooster
2012-03-11 19:24 - 2012-03-11 19:24 - 0000961 ____A C:\Users\Public\Desktop\WireBooster.lnk
2012-03-11 19:24 - 2012-03-11 19:24 - 0000961 ____A C:\Documents and Settings\Public\Desktop\WireBooster.lnk
2012-03-11 18:59 - 2011-07-23 21:15 - 0001028 ____A C:\Users\Riverdale\Desktop\Duplicate Cleaner.lnk
2012-03-11 18:59 - 2011-07-23 21:15 - 0001028 ____A C:\Documents and Settings\Riverdale\Desktop\Duplicate Cleaner.lnk
2012-03-11 18:59 - 2011-07-23 21:15 - 0000000 ____D C:\Program Files\Duplicate Cleaner
2012-03-11 15:50 - 2012-03-11 07:51 - 0000000 ____D C:\Users\Riverdale\Desktop\?????? ????????? & ???????? ????? ?????
2012-03-11 15:50 - 2012-03-11 07:51 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\?????? ????????? & ???????? ????? ?????
2012-03-11 05:50 - 2012-03-11 05:50 - 0000000 ____D C:\Users\Riverdale\Desktop\Kot_Begemot_99_priznakov_zhenwin_znakomitqsja_s_kotorymi_ne_stoit_ili_povestq_o_tom_kak_ja_do_zhizni_takoji_dokatilsja
2012-03-11 05:50 - 2012-03-11 05:50 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\Kot_Begemot_99_priznakov_zhenwin_znakomitqsja_s_kotorymi_ne_stoit_ili_povestq_o_tom_kak_ja_do_zhizni_takoji_dokatilsja
2012-03-10 13:02 - 2011-07-19 06:46 - 0078704 ____A C:\Users\Riverdale\AppData\Local\GDIPFONTCACHEV1.DAT
2012-03-10 13:02 - 2011-07-19 06:46 - 0078704 ____A C:\Documents and Settings\Riverdale\AppData\Local\GDIPFONTCACHEV1.DAT
2012-03-10 12:23 - 2012-03-10 12:14 - 0000000 ____D C:\Program Files\Akella
2012-03-10 11:54 - 2011-12-10 05:16 - 0001856 ____A C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2012-03-10 11:54 - 2011-12-10 05:16 - 0001856 ____A C:\Documents and Settings\Public\Desktop\DAEMON Tools Lite.lnk
2012-03-10 06:05 - 2012-03-10 06:05 - 0001175 ____A C:\Users\Riverdale\Desktop\TreeSize Professional.lnk
2012-03-10 06:05 - 2012-03-10 06:05 - 0001175 ____A C:\Documents and Settings\Riverdale\Desktop\TreeSize Professional.lnk
2012-03-10 06:05 - 2012-03-10 06:05 - 0000000 ____D C:\Program Files\JAM Software
2012-03-10 06:05 - 2011-07-19 20:00 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\JAM Software
2012-03-10 06:05 - 2011-07-19 20:00 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\JAM Software
2012-03-08 07:10 - 2012-03-05 04:42 - 0000000 ____D C:\Program Files\Akella Games
2012-03-08 07:09 - 2011-11-30 13:11 - 0000000 ____D C:\Program Files\Common Files\InstallShield
2012-03-08 06:28 - 2012-03-08 06:11 - 0000000 ____D C:\Program Files\XVI32
2012-03-08 06:12 - 2012-03-08 06:12 - 0001260 ____A C:\Users\Riverdale\Desktop\XVI32.exe.lnk
2012-03-08 06:12 - 2012-03-08 06:12 - 0001260 ____A C:\Documents and Settings\Riverdale\Desktop\XVI32.exe.lnk
2012-03-05 21:59 - 2012-04-17 19:36 - 3913072 ____A (Microsoft Corporation) C:\Users\Riverdale\Desktop\ntoskrnl.exe
2012-03-05 21:59 - 2012-04-17 19:36 - 3913072 ____A (Microsoft Corporation) C:\Documents and Settings\Riverdale\Desktop\ntoskrnl.exe
2012-03-05 21:59 - 2012-04-10 23:00 - 3968368 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2012-03-05 21:59 - 2012-04-10 23:00 - 3913072 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-03-05 21:26 - 2012-03-05 04:00 - 0000000 ____D C:\Program Files\Sauerbraten
2012-03-05 08:00 - 2012-03-03 14:16 - 0000000 ____D C:\Program Files\Microsoft Office
2012-03-05 08:00 - 2012-03-03 14:15 - 0000000 ____D C:\Program Files\MSECache
2012-03-05 08:00 - 2009-07-13 18:37 - 0000000 ____D C:\Program Files\Common Files\microsoft shared
2012-03-05 04:07 - 2012-03-05 04:07 - 0001781 ____A C:\Users\Riverdale\Desktop\Sauerbraten.lnk
2012-03-05 04:07 - 2012-03-05 04:07 - 0001781 ____A C:\Documents and Settings\Riverdale\Desktop\Sauerbraten.lnk
2012-03-05 04:06 - 2012-03-05 04:06 - 0002035 ____A C:\Users\Public\Desktop\Dear Esther.lnk
2012-03-05 04:06 - 2012-03-05 04:06 - 0002035 ____A C:\Documents and Settings\Public\Desktop\Dear Esther.lnk
2012-03-05 04:04 - 2012-03-05 04:04 - 0000000 ____D C:\Program Files\thechineseroom
2012-03-03 14:26 - 2012-03-03 14:26 - 0001832 ____A C:\Users\Riverdale\Desktop\OpenOffice 3.3.lnk
2012-03-03 14:26 - 2012-03-03 14:26 - 0001832 ____A C:\Documents and Settings\Riverdale\Desktop\OpenOffice 3.3.lnk
2012-03-03 14:25 - 2012-03-03 14:25 - 0002671 ____A C:\Users\Riverdale\Desktop\Microsoft Office Word Viewer 2003.lnk
2012-03-03 14:25 - 2012-03-03 14:25 - 0002671 ____A C:\Documents and Settings\Riverdale\Desktop\Microsoft Office Word Viewer 2003.lnk
2012-03-03 14:23 - 2012-03-03 14:23 - 0000000 ____D C:\Users\Riverdale\Desktop\kitya_karlson_-_povarennaya_kniga_samuraya
2012-03-03 14:23 - 2012-03-03 14:23 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\kitya_karlson_-_povarennaya_kniga_samuraya
2012-03-03 04:53 - 2011-12-28 08:32 - 0000000 ____D C:\Users\Riverdale\.FBReader
2012-03-03 04:53 - 2011-12-28 08:32 - 0000000 ____D C:\Documents and Settings\Riverdale\.FBReader
2012-03-03 04:50 - 2012-03-03 13:54 - 8660949 ____A C:\Users\Riverdale\Desktop\??.doc
2012-03-03 04:50 - 2012-03-03 13:54 - 8660949 ____A C:\Documents and Settings\Riverdale\Desktop\??.doc
2012-03-03 01:25 - 2012-03-03 01:25 - 0145648 ____A C:\Users\Riverdale\Desktop\GuitarPlayer 10 Things You Gotta Do to Play Like Jimmy Herring.htm
2012-03-03 01:25 - 2012-03-03 01:25 - 0145648 ____A C:\Documents and Settings\Riverdale\Desktop\GuitarPlayer 10 Things You Gotta Do to Play Like Jimmy Herring.htm
2012-03-03 01:25 - 2012-03-03 01:25 - 0000000 ____D C:\Users\Riverdale\Desktop\GuitarPlayer 10 Things You Gotta Do to Play Like Jimmy Herring_files
2012-03-03 01:25 - 2012-03-03 01:25 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\GuitarPlayer 10 Things You Gotta Do to Play Like Jimmy Herring_files
2012-03-02 21:24 - 2012-03-02 21:24 - 8312320 ____A C:\Users\Riverdale\Desktop\Copy of Pochemu_my_tak_zhivyom_Ili_borba_za_pravo_zhit.doc
2012-03-02 21:24 - 2012-03-02 21:24 - 8312320 ____A C:\Documents and Settings\Riverdale\Desktop\Copy of Pochemu_my_tak_zhivyom_Ili_borba_za_pravo_zhit.doc
2012-03-02 18:02 - 2012-03-02 18:02 - 0002132 ____A C:\Users\Public\Desktop\One-Click-Optimizer (WO9).lnk
2012-03-02 18:02 - 2012-03-02 18:02 - 0002132 ____A C:\Documents and Settings\Public\Desktop\One-Click-Optimizer (WO9).lnk
2012-03-02 18:02 - 2012-03-02 18:02 - 0001130 ____A C:\Users\Public\Desktop\Ashampoo WinOptimizer 9.lnk
2012-03-02 18:02 - 2012-03-02 18:02 - 0001130 ____A C:\Documents and Settings\Public\Desktop\Ashampoo WinOptimizer 9.lnk
2012-03-02 18:02 - 2011-07-27 18:03 - 0000000 ____D C:\Program Files\Ashampoo
2012-03-02 17:55 - 2012-03-02 17:55 - 0001157 ____A C:\Users\Riverdale\Desktop\Auslogics BoostSpeed.lnk
2012-03-02 17:55 - 2012-03-02 17:55 - 0001157 ____A C:\Documents and Settings\Riverdale\Desktop\Auslogics BoostSpeed.lnk
2012-03-02 17:33 - 2012-03-02 17:33 - 0000984 ____A C:\Users\Riverdale\Desktop\Glary Utilities.lnk
2012-03-02 17:33 - 2012-03-02 17:33 - 0000984 ____A C:\Documents and Settings\Riverdale\Desktop\Glary Utilities.lnk
2012-03-02 17:33 - 2012-03-02 17:32 - 0000000 ____D C:\Program Files\Glary Utilities
2012-02-29 21:46 - 2012-04-10 23:01 - 0019824 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2012-02-29 21:37 - 2012-04-10 23:01 - 0172544 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-02-29 21:33 - 2012-04-10 23:01 - 0159232 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-02-29 21:29 - 2012-04-10 23:01 - 0005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2012-02-27 17:52 - 2012-04-10 23:04 - 12281856 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-02-27 17:27 - 2012-04-10 23:04 - 9705984 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-02-27 17:18 - 2012-04-10 23:04 - 1799168 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-02-27 17:12 - 2012-04-10 23:04 - 1103360 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-02-27 17:11 - 2012-04-10 23:04 - 1427456 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-02-27 17:11 - 2012-04-10 23:04 - 1127424 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-02-27 17:09 - 2012-04-10 23:04 - 0231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-02-27 17:08 - 2012-04-10 23:04 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-02-27 17:06 - 2012-04-10 23:04 - 0716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-02-27 17:04 - 2012-04-10 23:04 - 1792000 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-02-27 17:03 - 2012-04-10 23:04 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-02-27 17:03 - 2012-04-10 23:04 - 0072704 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-02-27 16:59 - 2012-04-10 23:04 - 0176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-02-23 23:15 - 2012-02-23 23:15 - 0000000 ____D C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP
2012-02-23 23:15 - 2012-02-23 23:15 - 0000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2012-02-23 20:13 - 2012-02-23 20:13 - 1918298 ____A C:\Users\Riverdale\Desktop\posle3.pdf
2012-02-23 20:13 - 2012-02-23 20:13 - 1918298 ____A C:\Documents and Settings\Riverdale\Desktop\posle3.pdf
2012-02-23 17:41 - 2011-07-20 06:06 - 0001004 ____A C:\Users\Public\Desktop\System Explorer.lnk
2012-02-23 17:41 - 2011-07-20 06:06 - 0001004 ____A C:\Documents and Settings\Public\Desktop\System Explorer.lnk
2012-02-23 17:41 - 2011-07-20 06:06 - 0000000 ____D C:\Program Files\System Explorer
2012-02-20 16:00 - 2011-08-11 15:20 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\SlimBrowser
2012-02-20 16:00 - 2011-08-11 15:20 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\SlimBrowser
2012-02-20 16:00 - 2011-07-19 05:33 - 0000939 ____A C:\Users\Public\Desktop\FlashPeak SlimBrowser.lnk
2012-02-20 16:00 - 2011-07-19 05:33 - 0000939 ____A C:\Documents and Settings\Public\Desktop\FlashPeak SlimBrowser.lnk
2012-02-20 16:00 - 2011-07-19 05:33 - 0000000 ____D C:\Program Files\SlimBrowser
2012-02-20 15:23 - 2011-08-28 07:03 - 0001823 ____A C:\Users\Public\Desktop\Avant Browser.lnk
2012-02-20 15:23 - 2011-08-28 07:03 - 0001823 ____A C:\Documents and Settings\Public\Desktop\Avant Browser.lnk
2012-02-20 15:23 - 2011-08-28 07:03 - 0000000 ____D C:\Program Files\Avant Browser
2012-02-20 15:06 - 2011-08-28 07:03 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\Avant Profiles
2012-02-20 15:06 - 2011-08-28 07:03 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\Avant Profiles
2012-02-20 14:35 - 2012-02-20 14:35 - 0000000 ____D C:\Users\All Users\48
2012-02-20 14:35 - 2012-02-20 14:35 - 0000000 ____D C:\ProgramData\48
2012-02-20 14:35 - 2012-02-20 14:35 - 0000000 ____D C:\Documents and Settings\All Users\48
2012-02-20 14:34 - 2012-02-20 14:34 - 0000000 ____D C:\Users\Riverdale\Documents\My Received Files
2012-02-20 14:34 - 2012-02-20 14:34 - 0000000 ____D C:\Documents and Settings\Riverdale\Documents\My Received Files
2012-02-20 06:06 - 2011-10-09 21:38 - 0000000 ____D C:\Windows\System32\directx
2012-02-20 06:05 - 2012-02-20 06:05 - 0001588 ____A C:\Users\Riverdale\Desktop\????????? L.A.Noire.lnk
2012-02-20 06:05 - 2012-02-20 06:05 - 0001588 ____A C:\Documents and Settings\Riverdale\Desktop\????????? L.A.Noire.lnk
2012-02-20 06:05 - 2012-02-20 06:05 - 0001566 ____A C:\Users\Riverdale\Desktop\L.A.Noire.lnk
2012-02-20 06:05 - 2012-02-20 06:05 - 0001566 ____A C:\Documents and Settings\Riverdale\Desktop\L.A.Noire.lnk
2012-02-19 17:59 - 2012-02-19 16:00 - 0000000 ____D C:\Program Files\LucasArts
2012-02-19 17:47 - 2012-02-19 17:36 - 0043520 ____A C:\Windows\System32\CmdLineExt03.dll
2012-02-19 14:06 - 2012-02-19 14:06 - 0001143 ____A C:\Users\Public\Desktop\Comodo Dragon.lnk
2012-02-19 14:06 - 2012-02-19 14:06 - 0001143 ____A C:\Documents and Settings\Public\Desktop\Comodo Dragon.lnk
2012-02-19 13:56 - 2012-02-19 13:56 - 0427204 ____A C:\Users\Riverdale\Desktop\??????? ????????? ? ??????????????? (?????????) ??????? .htm
2012-02-19 13:56 - 2012-02-19 13:56 - 0427204 ____A C:\Documents and Settings\Riverdale\Desktop\??????? ????????? ? ??????????????? (?????????) ??????? .htm
2012-02-18 23:42 - 2011-09-12 04:22 - 0000000 ____D C:\Users\Riverdale\AppData\Local\SKIDROW
2012-02-18 23:42 - 2011-09-12 04:22 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Local\SKIDROW
2012-02-18 23:40 - 2012-02-18 23:40 - 0001222 ____A C:\Users\Riverdale\Desktop\Saints Row. The Third.lnk
2012-02-18 23:40 - 2012-02-18 23:40 - 0001222 ____A C:\Documents and Settings\Riverdale\Desktop\Saints Row. The Third.lnk
2012-02-18 23:40 - 2012-02-18 23:40 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\Saints Row. The Third
2012-02-18 23:40 - 2012-02-18 23:40 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\Saints Row. The Third
2012-02-18 16:10 - 2012-02-18 16:10 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\R.G.BestCLub
2012-02-18 16:10 - 2012-02-18 16:10 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\R.G.BestCLub
2012-02-18 15:13 - 2012-02-18 15:13 - 0000000 ____D C:\Users\Riverdale\Documents\Remedy
2012-02-18 15:13 - 2012-02-18 15:13 - 0000000 ____D C:\Documents and Settings\Riverdale\Documents\Remedy
2012-02-18 15:12 - 2012-02-18 15:12 - 0001147 ____A C:\Users\Riverdale\Desktop\Alan Wake.lnk
2012-02-18 15:12 - 2012-02-18 15:12 - 0001147 ____A C:\Documents and Settings\Riverdale\Desktop\Alan Wake.lnk
2012-02-18 15:10 - 2012-02-18 15:10 - 0002057 ____A C:\Users\Public\Desktop\Alan Wake.lnk
2012-02-18 15:10 - 2012-02-18 15:10 - 0002057 ____A C:\Documents and Settings\Public\Desktop\Alan Wake.lnk
2012-02-18 14:52 - 2012-02-18 14:52 - 0000000 ____D C:\Program Files\Remedy Entertainment
2012-02-18 11:41 - 2011-12-22 18:56 - 0000000 ____D C:\Program Files\R.G. Catalyst
2012-02-18 11:13 - 2012-02-18 11:13 - 0000000 ____D C:\Users\Riverdale\Documents\Rockstar Games
2012-02-18 11:13 - 2012-02-18 11:13 - 0000000 ____D C:\Documents and Settings\Riverdale\Documents\Rockstar Games
2012-02-18 11:11 - 2012-02-18 11:11 - 0000000 ____D C:\Users\All Users\Rockstar Games
2012-02-18 11:11 - 2012-02-18 11:11 - 0000000 ____D C:\ProgramData\Rockstar Games
2012-02-18 11:11 - 2012-02-18 11:11 - 0000000 ____D C:\Program Files\Rockstar Games
2012-02-18 11:11 - 2012-02-18 11:11 - 0000000 ____D C:\Documents and Settings\All Users\Rockstar Games
2012-02-18 11:10 - 2011-08-06 11:55 - 0000000 ____D C:\Vuze Downloads
2012-02-18 10:43 - 2012-02-18 10:43 - 0000701 ____A C:\Users\Riverdale\Desktop\Call of Duty- Modern Warfare 3.lnk
2012-02-18 10:43 - 2012-02-18 10:43 - 0000701 ____A C:\Documents and Settings\Riverdale\Desktop\Call of Duty- Modern Warfare 3.lnk
2012-02-18 10:43 - 2012-02-18 09:59 - 0000000 ____D C:\Call of Duty- Modern Warfare 3
2012-02-18 08:24 - 2012-02-18 08:12 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\DarknessII
2012-02-18 08:24 - 2012-02-18 08:12 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\DarknessII
2012-02-18 08:08 - 2012-02-18 08:08 - 0001122 ____A C:\Users\Public\Desktop\The Darkness II.lnk
2012-02-18 08:08 - 2012-02-18 08:08 - 0001122 ____A C:\Documents and Settings\Public\Desktop\The Darkness II.lnk
2012-02-18 07:58 - 2012-02-18 07:58 - 0000000 ____D C:\Program Files\Black_Box
2012-02-17 21:05 - 2012-02-17 21:05 - 0384388 ____A C:\Users\Riverdale\Desktop\TRACTATE OF LOVE & CONCEITED MAMMAL -- ??????? ? ????? & ??????????? ?????????????.htm
2012-02-17 21:05 - 2012-02-17 21:05 - 0384388 ____A C:\Documents and Settings\Riverdale\Desktop\TRACTATE OF LOVE & CONCEITED MAMMAL -- ??????? ? ????? & ??????????? ?????????????.htm
2012-02-17 21:05 - 2012-02-17 21:05 - 0000000 ____D C:\Users\Riverdale\Desktop\TRACTATE OF LOVE & CONCEITED MAMMAL -- ??????? ? ????? & ??????????? ?????????????_files
2012-02-17 21:05 - 2012-02-17 21:05 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\TRACTATE OF LOVE & CONCEITED MAMMAL -- ??????? ? ????? & ??????????? ?????????????_files
2012-02-17 09:41 - 2011-10-07 16:09 - 0000000 ____D C:\Program Files\The Saboteur
2012-02-17 08:36 - 2012-02-17 08:36 - 0001537 ____A C:\Users\Riverdale\Desktop\BG&E.lnk
2012-02-17 08:36 - 2012-02-17 08:36 - 0001537 ____A C:\Documents and Settings\Riverdale\Desktop\BG&E.lnk
2012-02-17 08:29 - 2012-02-17 08:29 - 0001687 ____A C:\Users\Riverdale\Desktop\Beyond Good & Evil Settings Application.lnk
2012-02-17 08:29 - 2012-02-17 08:29 - 0001687 ____A C:\Documents and Settings\Riverdale\Desktop\Beyond Good & Evil Settings Application.lnk
2012-02-17 08:22 - 2012-02-17 08:22 - 0000000 ____D C:\Users\All Users\Trymedia
2012-02-17 08:22 - 2012-02-17 08:22 - 0000000 ____D C:\ProgramData\Trymedia
2012-02-17 08:22 - 2012-02-17 08:22 - 0000000 ____D C:\Documents and Settings\All Users\Trymedia
2012-02-17 08:18 - 2012-02-17 08:18 - 0000000 ____D C:\Program Files\Ubisoft
2012-02-17 08:15 - 2012-02-17 08:15 - 0540024 ____A C:\Users\Riverdale\Desktop\????? ???????.htm
2012-02-17 08:15 - 2012-02-17 08:15 - 0540024 ____A C:\Documents and Settings\Riverdale\Desktop\????? ???????.htm
2012-02-17 08:15 - 2012-02-17 08:14 - 0000000 ____D C:\Users\Riverdale\Desktop\????? ???????_files
2012-02-17 08:15 - 2012-02-17 08:14 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\????? ???????_files
2012-02-16 22:56 - 2012-02-16 22:56 - 0001340 ____A C:\Users\Riverdale\Desktop\FixWin v 1.2.lnk
2012-02-16 22:56 - 2012-02-16 22:56 - 0001340 ____A C:\Documents and Settings\Riverdale\Desktop\FixWin v 1.2.lnk
2012-02-16 22:56 - 2011-07-27 20:17 - 0000000 ____D C:\Program Files\FixWin
2012-02-16 21:34 - 2012-03-14 20:29 - 0919040 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2012-02-16 21:34 - 2012-03-14 20:29 - 0826880 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-02-16 20:14 - 2012-03-14 20:29 - 0183808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-02-16 20:13 - 2012-03-14 20:29 - 0024576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-02-16 00:24 - 2011-07-19 02:15 - 0000174 ___SH C:\Users\Riverdale\Start Menu\Programs\Startup\desktop.ini
2012-02-16 00:24 - 2011-07-19 02:15 - 0000174 ___SH C:\Users\Riverdale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-02-16 00:24 - 2011-07-19 02:15 - 0000174 ___SH C:\Documents and Settings\Riverdale\Start Menu\Programs\Startup\desktop.ini
2012-02-16 00:24 - 2011-07-19 02:15 - 0000174 ___SH C:\Documents and Settings\Riverdale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-02-12 15:50 - 2012-02-12 15:50 - 0000922 ____A C:\Users\Riverdale\Desktop\?????? ???????? - ????? ???? ?? ?????? [2011, ???? ?? ??????, RUS] (?????????) RuTracker.org (ex torrents.ru).website
2012-02-12 15:50 - 2012-02-12 15:50 - 0000922 ____A C:\Documents and Settings\Riverdale\Desktop\?????? ???????? - ????? ???? ?? ?????? [2011, ???? ?? ??????, RUS] (?????????) RuTracker.org (ex torrents.ru).website
2012-02-12 15:48 - 2012-02-12 15:48 - 0000485 ____A C:\Users\Riverdale\Desktop\Gibson's Learn & Master Guitar with Steve Krenz -The Complete Course [2010, DVD-based guitar course, DVDRip, ENG] RuTracker..website
2012-02-12 15:48 - 2012-02-12 15:48 - 0000485 ____A C:\Documents and Settings\Riverdale\Desktop\Gibson's Learn & Master Guitar with Steve Krenz -The Complete Course [2010, DVD-based guitar course, DVDRip, ENG] RuTracker..website
2012-02-12 15:36 - 2012-02-04 04:54 - 0918590 ____A C:\Users\Riverdale\Desktop\kaganovich.htm
2012-02-12 15:36 - 2012-02-04 04:54 - 0918590 ____A C:\Documents and Settings\Riverdale\Desktop\kaganovich.htm
2012-02-12 15:00 - 2012-02-12 15:00 - 0000922 ____A C:\Users\Riverdale\Desktop\?????? ??? - ?????????????? ???????? [Zeitgeist Movement Russia (Vlad gur), 2007 ?., 160-256 kbps, MP3] RuTracker.org (ex to.website
2012-02-12 15:00 - 2012-02-12 15:00 - 0000922 ____A C:\Documents and Settings\Riverdale\Desktop\?????? ??? - ?????????????? ???????? [Zeitgeist Movement Russia (Vlad gur), 2007 ?., 160-256 kbps, MP3] RuTracker.org (ex to.website
2012-02-12 14:50 - 2012-02-12 14:50 - 0000966 ____A C:\Users\Riverdale\Desktop\???????? ? ???????????? ?????????? ? ??????????? ????? ?????? - A conversation with Social Innovator & Futurist Jacque Fresco [.website
2012-02-12 14:50 - 2012-02-12 14:50 - 0000966 ____A C:\Documents and Settings\Riverdale\Desktop\???????? ? ???????????? ?????????? ? ??????????? ????? ?????? - A conversation with Social Innovator & Futurist Jacque Fresco [.website
2012-02-12 14:50 - 2012-02-12 14:50 - 0000963 ____A C:\Users\Riverdale\Desktop\??????? ????? (? ???? ???????) - The Story of Stuff (with Annie Leonard) (??? ???? - Louis Fox) [2007 ?., ???????????????? ????.website
2012-02-12 14:50 - 2012-02-12 14:50 - 0000963 ____A C:\Documents and Settings\Riverdale\Desktop\??????? ????? (? ???? ???????) - The Story of Stuff (with Annie Leonard) (??? ???? - Louis Fox) [2007 ?., ???????????????? ????.website
2012-02-11 17:37 - 2011-07-22 03:06 - 0000000 ____D C:\Users\Riverdale\AppData\Roaming\DAEMON Tools Lite
2012-02-11 17:37 - 2011-07-22 03:06 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Roaming\DAEMON Tools Lite
2012-02-09 21:38 - 2012-03-14 20:29 - 1077248 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-02-05 14:14 - 2012-02-05 14:14 - 0004188 ____A C:\Windows\System32\jupdate-1.6.0_30-b12.log
2012-02-05 14:14 - 2012-02-05 14:14 - 0000000 ____D C:\Program Files\Common Files\Java
2012-02-05 14:14 - 2011-07-24 04:23 - 0000000 ____D C:\Program Files\Java
2012-02-05 14:12 - 2012-02-05 14:12 - 0910112 ____A (Sun Microsystems, Inc.) C:\Users\Riverdale\Downloads\jxpiinstall.exe
2012-02-05 14:12 - 2012-02-05 14:12 - 0910112 ____A (Sun Microsystems, Inc.) C:\Documents and Settings\Riverdale\Downloads\jxpiinstall.exe
2012-02-05 10:23 - 2012-02-05 10:23 - 0029738 ____A C:\Users\Riverdale\Downloads\schedule feb 6-12.docx
2012-02-05 10:23 - 2012-02-05 10:23 - 0029738 ____A C:\Documents and Settings\Riverdale\Downloads\schedule feb 6-12.docx
2012-02-05 10:18 - 2012-02-05 10:18 - 0776320 ____A (Adobe Systems Incorporated) C:\Users\Riverdale\Downloads\install_flashplayer11x32_mssd_aih.exe
2012-02-05 10:18 - 2012-02-05 10:18 - 0776320 ____A (Adobe Systems Incorporated) C:\Documents and Settings\Riverdale\Downloads\install_flashplayer11x32_mssd_aih.exe
2012-02-05 10:09 - 2011-08-28 07:21 - 0000000 ____D C:\Users\Riverdale\AppData\Local\Apple Computer
2012-02-05 10:09 - 2011-08-28 07:21 - 0000000 ____D C:\Documents and Settings\Riverdale\AppData\Local\Apple Computer
2012-02-05 09:17 - 2012-02-05 09:17 - 0000000 ____D C:\Users\Riverdale\Desktop\klushev-1
2012-02-05 09:17 - 2012-02-05 09:17 - 0000000 ____D C:\Users\Riverdale\Desktop\alc
2012-02-05 09:17 - 2012-02-05 09:17 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\klushev-1
2012-02-05 09:17 - 2012-02-05 09:17 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\alc
2012-02-05 09:16 - 2012-02-05 09:16 - 1246030 ____A C:\Users\Riverdale\Downloads\klushev-1.zip
2012-02-05 09:16 - 2012-02-05 09:16 - 1246030 ____A C:\Documents and Settings\Riverdale\Downloads\klushev-1.zip
2012-02-05 09:15 - 2012-02-05 09:15 - 0000000 ____D C:\Users\Riverdale\Desktop\zhaprizo_sebastyan_lovushka_dlya_zolushki.fb2
2012-02-05 09:15 - 2012-02-05 09:15 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\zhaprizo_sebastyan_lovushka_dlya_zolushki.fb2
2012-02-02 19:54 - 2012-03-14 20:29 - 2343424 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-02-01 21:30 - 2011-08-22 02:58 - 0000000 ____D C:\Users\Riverdale\Desktop\RUTRACKER.ORG 2011
2012-02-01 21:30 - 2011-08-22 02:58 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\RUTRACKER.ORG 2011
2012-01-30 19:37 - 2012-01-30 19:37 - 0918590 ____A C:\Users\Riverdale\Desktop\kaganovich - kremlevskiy volk.htm
2012-01-30 19:37 - 2012-01-30 19:37 - 0918590 ____A C:\Documents and Settings\Riverdale\Desktop\kaganovich - kremlevskiy volk.htm
2012-01-30 17:38 - 2012-01-30 17:38 - 0000000 ____D C:\Users\Riverdale\Desktop\kristof_agota_tolstaya_tetrad.fb2
2012-01-30 17:38 - 2012-01-30 17:38 - 0000000 ____D C:\Documents and Settings\Riverdale\Desktop\kristof_agota_tolstaya_tetrad.fb2

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 12%
Total physical RAM: 4095.12 MB
Available physical RAM: 3599.95 MB
Total Pagefile: 4093.39 MB
Available Pagefile: 3609.93 MB
Total Virtual: 2047.88 MB
Available Virtual: 1959.23 MB

======================= Partitions =========================

2 Drive c: () (Fixed) (Total:279.36 GB) (Free:43.12 GB) NTFS
3 Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive e: () (Fixed) (Total:1863.01 GB) (Free:111.75 GB) NTFS
5 Drive f: () (Fixed) (Total:931.51 GB) (Free:55.29 GB) NTFS
6 Drive h: (Windows 7 Ultima) (CDROM) (Total:2.39 GB) (Free:0 GB) UDF
8 Drive j: (LEXAR) (Removable) (Total:0.93 GB) (Free:0.93 GB) FAT32
9 Drive k: (New Volume) (Fixed) (Total:2328.76 GB) (Free:793.02 GB) NTFS
10 Drive l: () (Fixed) (Total:2794.52 GB) (Free:164.47 GB) NTFS
11 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
12 Drive y: () (Fixed) (Total:931.51 GB) (Free:53.92 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B
Disk 1 Online 279 GB 0 B
Disk 2 Online 1863 GB 0 B
Disk 3 Online 931 GB 0 B
Disk 4 Online 960 MB 0 B
Disk 5 Online 2328 GB 0 B
Disk 6 Online 2794 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 931 GB 31 KB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 Y NTFS Partition 931 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 279 GB 101 MB

======================================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D System Rese NTFS Partition 100 MB Healthy

======================================================================================================

Disk: 1
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 C NTFS Partition 279 GB Healthy

======================================================================================================

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1863 GB 1024 KB

======================================================================================================

Disk: 2
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 E NTFS Partition 1863 GB Healthy

======================================================================================================

Partitions of Disk 3:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 931 GB 1024 KB

======================================================================================================

Disk: 3
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 6 F NTFS Partition 931 GB Healthy

======================================================================================================

Partitions of Disk 4:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 955 MB 16 KB

======================================================================================================

Disk: 4
Partition 1
Type : 0B
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 7 J LEXAR FAT32 Removable 955 MB Healthy

======================================================================================================

Partitions of Disk 5:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 2328 GB 1024 KB

======================================================================================================

Disk: 5
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 8 K New Volume NTFS Partition 2328 GB Healthy

======================================================================================================

Partitions of Disk 6:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 2794 GB 1024 KB

======================================================================================================

Disk: 6
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 9 L NTFS Partition 2794 GB Healthy

======================================================================================================
==========================================================
TDL4: custom:26000022


==========================================================

Last Boot: 2012-04-08 23:22

======================= End Of Log ==========================

#6 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:08:13 AM

Posted 25 April 2012 - 06:12 AM

The scan shows the traces of MBR infection. We will fix that.

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

start
cmd: bootrec /FixMbr
TDL4: custom:26000022
end

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options and select Command Prompt.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Also restart, let it boot normally and see how the system performs in normal mode.

#7 SGasan116

SGasan116
  • Topic Starter

  • Members
  • 251 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:13 AM

Posted 25 April 2012 - 07:28 AM

Fix result of Farbar Recovery Tool (FRST written by farbar) Version: 22-04-2012
Ran by SYSTEM at 2012-04-25 08:23:27 R:1
Running from J:\

==============================================


========= bootrec /FixMbr =========

’žT h e o p e r a t i o n c o m p l e t e d s u c c e s s f u l l y .

========= End of CMD: =========


The operation completed successfully.
The operation completed successfully.

==== End of Fixlog ====

#8 SGasan116

SGasan116
  • Topic Starter

  • Members
  • 251 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:13 AM

Posted 25 April 2012 - 07:39 AM

Tried to boot in normal mode and again BSOD!

stop: 0x0000007e (0x0000005, 0x83A13907, 0x807869B4, 0x807865903)

AVGARKT.SYS - address 83A13907 BASE at 83A13000

#9 SGasan116

SGasan116
  • Topic Starter

  • Members
  • 251 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:13 AM

Posted 25 April 2012 - 09:17 AM

Did search and found that avgarkt.sys belongs to AVG free tool.
Uninstalled it and now got another BSOD:

STOP: 0x000000C9 (0x00000004, 0x8B06C030, 0x00000000, 0x00000000)
crush dump...

I can attach 2 image files from BlueScreenView, in case if you need them.

#10 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:08:13 AM

Posted 25 April 2012 - 09:30 AM

Did search and found that avgarkt.sys belongs to AVG free tool.
Uninstalled it and now got another BSOD:

Since you decide to make changes on your own you may do the rest. Alternatively you can post your problem on open frums where everybody can give advise and you are not bound to follow them.

#11 SGasan116

SGasan116
  • Topic Starter

  • Members
  • 251 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:13 AM

Posted 25 April 2012 - 09:43 AM

I'm really sorry!

I'm in desperate need for my PC and I didn't know
that it can be inappropriate to act on my own while waiting for support.
I just thought that it can help somehow. Please continue with advices.

I'm apologize, really.

#12 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:08:13 AM

Posted 25 April 2012 - 10:12 AM

No worries.:)

The infection is taken care off. Now We have to rule out other possibilities.

First please go to the following folder:

C:\Windows\Minidump

Open the folder and remove all the Minidump_date_number.dmp files. I would like to have a clean folder and in case a new dmp file is made by the Windows I'm going to ask you to go to this folder and upload it for me.

I would like you to uninstall the following programs:

SUPERAntiSpyware
BitTorrent
µTorrent
Comodo Dragon
DAEMON Tools Lite
Java™ 6 Update 22
Sophos Virus Removal Tool


Please remove any other security program. But make sure you use the computer for trouble-shouting. Going to internet without protection might make the case more complicated that it is now.

Please let me you have done them.

#13 SGasan116

SGasan116
  • Topic Starter

  • Members
  • 251 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:13 AM

Posted 25 April 2012 - 12:03 PM

Did removal except last two. It say something about Windows Installer Service can't be accessed b/c
Windows Installer wasn't properly installed. But I can remove them with REVO Uninstaller.

Also each time I tried to open Comodo Dragon it gave me each time BSOD: 0x0000008E, so I also uninstalled it with REVO.

#14 SGasan116

SGasan116
  • Topic Starter

  • Members
  • 251 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:13 AM

Posted 25 April 2012 - 12:04 PM

Should I proceed with REVO for last two programms: Java22 and Sophos?

Edited by SGasan116, 25 April 2012 - 12:05 PM.


#15 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:08:13 AM

Posted 25 April 2012 - 12:09 PM

Yes please do.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users