Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My PC is Infected with Trojan.Dropper.BCMiner


  • This topic is locked This topic is locked
22 replies to this topic

#1 OMAR IZ

OMAR IZ

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:25 AM

Posted 09 July 2012 - 11:19 PM

Hello everyone. I am running Windows 7 Professional 64bit on my pc (i5 core 750 2.66mhz) and I've tried unsuccessfully to remove Trojan.Dropper.BCMiner with Malwarebytes but it keeps coming back. I tried a few other Trojan removal software (Windows MSRT) with no success. I would really appreciate it if someone could please help me with this, I'm at a loss.

This is the link to my previous post regarding this issue:
http://www.bleepingcomputer.com/forums/topic460000.html/page_gopid_2758046#entry2758046

Thank you for any assistance you can offer me.




DDS Log:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.5.1
Run by OMAR IZ at 23:51:03 on 2012-07-09
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16375.14339 [GMT -4:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Avid\Mbox\AudioDevMon.exe
C:\Program Files (x86)\Avid\Mbox Mini\AudioDevMon.exe
C:\Program Files (x86)\Avid\Mbox Pro\AudioDevMon.exe
C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
"C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
uRun: [Google Update] "C:\Users\OMAR IZ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CODEME~1.LNK - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
LSP: mswsock.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.254 192.168.33.1
TCP: Interfaces\{9E250E6A-E555-4F52-8FFB-6DC4BD0FD625} : DhcpNameServer = 192.168.1.254 192.168.33.1
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO-X64: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
BHO-X64: Yontoo Layers - No File
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
mRunOnce-x64: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\OMAR IZ\AppData\Roaming\Mozilla\Firefox\Profiles\e33xxdec.default-1341772191307\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Users\OMAR IZ\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 CodeMeter.exe;CodeMeter Runtime Server;C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2011-7-6 2304912]
R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
R2 DigiNet;Digidesign Ethernet Support;C:\Windows\system32\DRIVERS\diginet.sys --> C:\Windows\system32\DRIVERS\diginet.sys [?]
R2 MboxAudioDevMon;Mbox Audio Device Monitor;C:\Program Files (x86)\Avid\Mbox\AudioDevMon.exe [2010-10-7 1919504]
R2 MboxMiniAudioDevMon;Mbox Mini Audio Device Monitor;C:\Program Files (x86)\Avid\Mbox Mini\AudioDevMon.exe [2010-10-8 1919504]
R2 MboxProAudioDevMon;Mbox Pro Audio Device Monitor;C:\Program Files (x86)\Avid\Mbox Pro\AudioDevMon.exe [2010-10-8 1919504]
R2 PaceLicenseDServices;PACE License Services;C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2012-5-18 2938880]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\system32\DRIVERS\FLxHCIc.sys --> C:\Windows\system32\DRIVERS\FLxHCIc.sys [?]
R3 iLokDrvr;Usb Driver;C:\Windows\system32\DRIVERS\iLokDrvr.sys --> C:\Windows\system32\DRIVERS\iLokDrvr.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 dalwdmservice;dal service;C:\Windows\system32\drivers\dalwdm.sys --> C:\Windows\system32\drivers\dalwdm.sys [?]
S3 DG003;Service for Digidesign 003 Driver (WDM);C:\Windows\system32\DRIVERS\dg003.sys --> C:\Windows\system32\DRIVERS\dg003.sys [?]
S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2012-7-3 14216]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2012-7-3 8456]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-24 113120]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
S3 rt61x64;RT61 Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr6164.sys --> C:\Windows\system32\DRIVERS\netr6164.sys [?]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-6-24 1262400]
S4 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [2012-6-24 185632]
S4 RalinkRegistryWriter64;Ralink Registry Writer 64;C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [2012-6-24 211232]
S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272]
.
=============== Created Last 30 ================
.
2012-07-10 00:38:07 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2012-07-10 00:14:52 -------- d-----w- C:\Windows\System32\appmgmt
2012-07-10 00:13:33 -------- d-sh--w- C:\BOOT
2012-07-09 21:11:29 -------- d-----w- C:\Program Files (x86)\ESET
2012-07-09 04:44:42 -------- d-----w- C:\Program Files (x86)\Emsisoft Anti-Malware
2012-07-08 20:30:15 -------- d-----w- C:\Program Files (x86)\Loaris
2012-07-08 17:36:07 -------- d-----w- C:\ProgramData\Psicraft
2012-07-08 17:36:07 -------- d-----w- C:\Program Files (x86)\Psicraft
2012-07-07 00:35:13 -------- d-----w- C:\Users\OMAR IZ\AppData\Roaming\Malwarebytes
2012-07-07 00:35:07 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-07-07 00:35:07 -------- d-----w- C:\ProgramData\Malwarebytes
2012-07-07 00:35:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-04 20:02:26 -------- d-----w- C:\Program Files\Alex Feinman
2012-07-04 14:03:05 -------- d-----w- C:\Users\OMAR IZ\AppData\Local\NeoSmart_Technologies
2012-07-04 13:45:37 -------- d-----w- C:\Program Files (x86)\NeoSmart Technologies
2012-07-04 05:08:44 -------- d-----w- C:\ProgramData\Tarma Installer
2012-07-04 05:08:38 -------- d-----w- C:\Users\OMAR IZ\.swt
2012-07-04 05:08:36 -------- d-----w- C:\Users\OMAR IZ\AppData\Roaming\Azureus
2012-07-04 05:07:22 -------- d-----w- C:\Users\OMAR IZ\AppData\Local\CRE
2012-07-04 05:07:14 -------- d-----w- C:\Program Files (x86)\Conduit
2012-07-04 05:07:13 -------- d-----w- C:\Users\OMAR IZ\AppData\Local\Conduit
2012-07-04 00:36:00 89088 ----a-w- C:\Windows\System32\USB Image Tool.exe
2012-07-04 00:36:00 188928 ----a-w- C:\Windows\System32\usbitcmd.exe
2012-07-04 00:36:00 165376 ----a-w- C:\Windows\System32\usbit32.dll
2012-07-04 00:36:00 11776 ----a-w- C:\Windows\System32\USB Image Tool Helper.dll
2012-07-04 00:17:49 563 ----a-w- C:\Windows\System32\makeusb.bat
2012-07-04 00:17:49 512 ----a-w- C:\Windows\System32\Mbr.bin
2012-07-04 00:17:49 512 ----a-w- C:\Windows\System32\bs32.bin
2012-07-04 00:17:49 155648 ----a-w- C:\Windows\System32\BootSectImage.exe
2012-07-04 00:17:49 143360 ----a-w- C:\Windows\System32\GenBootSector.exe
2012-07-03 05:40:11 189576 ----a-w- C:\Windows\System32\drivers\EuFdDisk.sys
2012-07-03 05:40:10 57480 ----a-w- C:\Windows\System32\drivers\eubakup.sys
2012-07-03 05:40:10 19592 ----a-w- C:\Windows\System32\drivers\eudskacs.sys
2012-07-03 05:40:09 51336 ----a-w- C:\Windows\System32\drivers\EUBKMON.sys
2012-07-03 05:35:26 16256 ----a-w- C:\Windows\System32\EuEpmGdi.dll
2012-07-03 05:35:25 9096 ----a-w- C:\Windows\System32\EuGdiDrv.sys
2012-07-03 05:35:25 86408 ----a-w- C:\Windows\SysWow64\setupempdrv03.exe
2012-07-03 05:35:25 8456 ----a-w- C:\Windows\SysWow64\EuGdiDrv.sys
2012-07-03 05:35:25 3320192 ----a-w- C:\Windows\System32\BootMan.exe
2012-07-03 05:35:25 2469248 ----a-w- C:\Windows\SysWow64\BootMan.exe
2012-07-03 05:35:25 19840 ----a-w- C:\Windows\SysWow64\EuEpmGdi.dll
2012-07-03 05:35:25 16776 ----a-w- C:\Windows\System32\epmntdrv.sys
2012-07-03 05:35:25 14216 ----a-w- C:\Windows\SysWow64\epmntdrv.sys
2012-07-03 05:35:25 100232 ----a-w- C:\Windows\System32\setupempdrvx64.exe
2012-07-03 05:35:18 -------- d-----w- C:\Program Files (x86)\EASEUS
2012-06-28 10:28:27 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-06-28 10:28:27 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-06-28 10:28:25 902656 ----a-w- C:\Windows\System32\d2d1.dll
2012-06-28 10:28:25 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-06-28 10:28:25 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2012-06-28 10:26:37 -------- d-----w- C:\Users\OMAR IZ\AppData\Local\ElevatedDiagnostics
2012-06-28 09:40:34 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-06-26 02:36:26 -------- d-----w- C:\Users\OMAR IZ\AppData\Roaming\Final Draft
2012-06-26 02:36:26 -------- d-----w- C:\ProgramData\Final Draft
2012-06-25 21:53:58 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2012-06-25 21:52:26 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-06-25 21:52:26 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-06-25 21:52:26 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-06-25 21:52:26 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-06-25 21:52:26 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-06-25 21:52:26 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-06-25 21:52:26 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-06-25 21:42:04 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2012-06-25 21:42:04 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2012-06-25 21:42:03 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2012-06-25 21:42:03 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
2012-06-25 21:42:03 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2012-06-25 21:41:32 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2012-06-25 21:41:32 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2012-06-25 21:41:32 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2012-06-25 21:41:32 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2012-06-25 21:41:31 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-06-25 21:41:30 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-06-25 21:41:21 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-06-25 21:39:47 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2012-06-25 21:38:36 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-06-25 21:38:36 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-06-25 21:38:36 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-06-25 21:38:36 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-06-25 21:38:36 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-06-25 21:38:35 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-06-25 21:38:34 77312 ----a-w- C:\Windows\System32\packager.dll
2012-06-25 21:38:34 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-06-25 21:38:34 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-06-25 21:21:45 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-06-25 05:27:47 -------- d-----w- C:\Users\OMAR IZ\AppData\Roaming\Digidesign
2012-06-25 05:25:46 -------- d-----w- C:\Users\OMAR IZ\AvidLogFiles
2012-06-25 05:22:52 -------- d-----w- C:\ProgramData\Digidesign
2012-06-25 05:21:05 -------- d-----w- C:\ProgramData\DigiDriver
2012-06-25 05:20:05 -------- d-----w- C:\Program Files\Common Files\Digidesign
2012-06-25 05:17:12 -------- d-----w- C:\Program Files\Avid
2012-06-25 05:17:12 -------- d-----w- C:\Program Files (x86)\Avid
2012-06-25 05:15:56 -------- d-----w- C:\Program Files\Digidesign
2012-06-25 04:35:00 -------- d-----w- C:\Users\OMAR IZ\AppData\Roaming\Line 6
2012-06-25 04:34:59 -------- d-----w- C:\ProgramData\Line 6
2012-06-25 04:34:56 -------- d-----w- C:\Program Files\Common Files\Propellerhead Software
2012-06-25 04:34:19 -------- d-----w- C:\Program Files\CodeMeter
2012-06-25 04:34:19 -------- d-----w- C:\Program Files (x86)\CodeMeter
2012-06-25 04:32:35 -------- d-----w- C:\Program Files\Propellerhead
2012-06-25 04:27:20 163048 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin
2012-06-25 02:44:06 -------- d-----w- C:\Program Files (x86)\Propellerhead
2012-06-25 02:16:33 406528 ----a-w- C:\Windows\SysWow64\ReWire.dll
2012-06-25 02:16:33 338432 ----a-w- C:\Windows\SysWow64\REX Shared Library.dll
2012-06-25 02:08:56 -------- d-----w- C:\ProgramData\Propellerhead Software
2012-06-25 02:08:55 -------- d-----w- C:\Users\OMAR IZ\AppData\Roaming\Propellerhead Software
2012-06-25 01:45:18 -------- d-----w- C:\Digidesign Databases
2012-06-25 01:34:34 -------- d-----w- C:\Users\OMAR IZ\AppData\Roaming\Structure
2012-06-25 01:16:59 21520 ----a-w- C:\Windows\System32\drivers\diginet.sys
2012-06-25 01:16:31 -------- d-----w- C:\Program Files (x86)\Common Files\Digidesign
2012-06-25 00:49:18 -------- d-----w- C:\Users\OMAR IZ\AppData\Local\Mozilla
2012-06-25 00:45:22 -------- d-----w- C:\Users\OMAR IZ\AppData\Local\Google
2012-06-25 00:43:42 -------- d-----w- C:\Users\OMAR IZ\AppData\Local\Apps
2012-06-25 00:43:41 -------- d-----w- C:\Users\OMAR IZ\AppData\Local\Deployment
2012-06-24 22:57:13 25752 ----a-w- C:\Windows\System32\drivers\iLokDrvr.sys
2012-06-24 22:57:12 -------- d-----w- C:\ProgramData\PACE
2012-06-24 22:57:10 -------- d-----w- C:\Program Files (x86)\Common Files\PACE
2012-06-24 22:41:20 -------- d-----w- C:\Windows\pss
2012-06-24 21:51:04 -------- d-----w- C:\Users\OMAR IZ\AppData\Roaming\Trillium Lane
2012-06-24 21:48:42 -------- d-----w- C:\Users\OMAR IZ\AppData\Roaming\PACE Anti-Piracy
2012-06-24 21:48:42 -------- d-----w- C:\Users\OMAR IZ\AppData\Local\PACE Anti-Piracy
2012-06-24 21:48:42 -------- d-----w- C:\ProgramData\PACE Anti-Piracy
2012-06-24 21:48:42 -------- d-----w- C:\Program Files (x86)\Common Files\PACE Anti-Piracy
2012-06-24 21:44:06 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-06-24 21:44:06 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-06-24 21:44:06 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-06-24 21:44:06 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-06-24 21:44:06 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-06-24 21:44:06 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-06-24 21:44:06 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-06-24 21:43:27 -------- d-----w- C:\Users\OMAR IZ\AppData\Local\Apple
2012-06-24 21:41:08 -------- d-----w- C:\Program Files (x86)\Mediafour
2012-06-24 21:28:48 -------- d-----w- C:\Program Files (x86)\InterLok
2012-06-24 21:26:02 836096 ----a-w- C:\Windows\SysWow64\ilinet.dll
2012-06-24 21:26:02 348160 ------w- C:\Windows\SysWow64\msvcr71.dll
2012-06-24 21:26:01 217088 ------w- C:\Windows\SysWow64\qtmlClient.dll
2012-06-24 21:26:01 162832 ----a-w- C:\Windows\System32\drivers\Dalwdm.sys
2012-06-24 21:25:26 -------- d-----w- C:\Program Files (x86)\Digidesign
2012-06-24 21:19:33 -------- d-----w- C:\Users\OMAR IZ\AppData\Roaming\Auslogics
2012-06-24 21:19:28 -------- d-----w- C:\Program Files (x86)\Auslogics
2012-06-24 21:14:54 -------- d-----w- C:\Program Files\CCleaner
2012-06-24 21:13:46 23816 ----a-w- C:\Windows\System32\drivers\cpuz135_x64.sys
2012-06-24 21:13:46 -------- d-----w- C:\Program Files\CPUID
2012-06-24 21:08:00 2621723 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-06-24 21:06:27 -------- d-----w- C:\NVIDIA
2012-06-24 20:40:25 -------- d-----w- C:\Program Files (x86)\Oracle
2012-06-24 20:40:09 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-06-24 20:40:08 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-06-24 20:22:41 -------- d-----w- C:\Users\OMAR IZ\AppData\Local\Adobe
2012-06-24 20:21:05 1359976 ----a-w- C:\Windows\System32\nvhdagenco642040.dll
2012-06-24 20:19:59 1614440 ----a-w- C:\Windows\System32\nvdispco642090.dll
2012-06-24 20:19:58 1359976 ----a-w- C:\Windows\System32\nvgenco642040.dll
2012-06-24 20:19:42 68928 ----a-w- C:\Windows\System32\OpenCL.dll
2012-06-24 20:19:42 61248 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2012-06-24 20:19:30 15322432 ----a-w- C:\Windows\SysWow64\nvd3dum.dll
2012-06-24 20:19:09 2741568 ----a-w- C:\Windows\System32\nvapi64.dll
2012-06-24 20:19:09 11240 ----a-w- C:\Windows\System32\drivers\nvBridge.kmd
2012-06-24 20:10:47 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2012-06-24 20:10:45 -------- d-----w- C:\Program Files\NVIDIA Corporation
2012-06-24 20:10:45 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2012-06-24 20:07:04 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-24 20:07:04 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-24 20:05:03 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-06-24 20:05:03 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-06-24 20:05:03 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-06-24 20:02:30 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-24 20:02:24 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-24 20:02:18 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-24 20:02:18 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-24 19:38:59 222720 ----a-w- C:\Windows\System32\drivers\RT2500.sys
2012-06-24 19:08:06 -------- d-----w- C:\Program Files (x86)\Linksys Wireless-G PCI Wireless Network Monitor
2012-06-24 19:08:05 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-06-24 19:08:05 32768 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-06-24 19:08:05 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-06-24 19:08:05 176128 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-06-24 18:34:36 -------- d-----w- C:\Windows\Panther
2012-06-24 18:28:05 303616 ----a-w- C:\Windows\System32\RaCoInstx.dll
2012-06-24 18:28:05 -------- d-----w- C:\ProgramData\Ralink Driver
2012-06-24 18:27:52 -------- d-----w- C:\Program Files (x86)\Cisco
2012-06-24 18:27:46 2056192 ----a-w- C:\Windows\System32\RaCertMgr.dll
2012-06-24 18:27:46 1597440 ----a-w- C:\Windows\SysWow64\RaCertMgr.dll
2012-06-24 18:27:46 1050624 ----a-w- C:\Windows\SysWow64\RAIHV.dll
2012-06-24 18:27:46 1050624 ----a-w- C:\Windows\System32\RAIHV.dll
2012-06-24 18:27:46 104448 ----a-w- C:\Windows\SysWow64\RAEXTUI.dll
2012-06-24 18:27:46 104448 ----a-w- C:\Windows\System32\RAEXTUI.dll
2012-06-24 18:27:45 -------- d-----w- C:\Program Files (x86)\Ralink
2012-06-24 17:50:37 438784 ----a-w- C:\Windows\System32\drivers\netr6164.sys
2012-06-24 16:05:14 -------- d-----w- C:\Users\OMAR IZ\AppData\Local\Diagnostics
2012-06-24 15:58:11 52864 ----a-r- C:\Windows\SysWow64\SetupWizard.exe
2012-06-24 15:51:40 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
2012-06-24 15:51:40 346144 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2012-06-24 15:51:40 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2012-06-24 15:49:49 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2012-06-24 15:49:42 -------- d-----w- C:\Intel
2012-06-24 15:10:38 -------- d-----w- C:\Users\OMAR IZ\AppData\Local\VirtualStore
2012-06-24 14:48:50 -------- d-sh--w- C:\Recovery
.
==================== Find3M ====================
.
2012-06-24 14:49:28 419840 ----a-w- C:\Windows\System32\systemcpl.dll
2012-06-24 14:49:28 14848 ----a-w- C:\Windows\System32\slwga.dll
2012-06-24 14:49:28 13824 ----a-w- C:\Windows\SysWow64\slwga.dll
2012-06-24 14:49:27 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2012-06-24 14:49:27 1008640 ----a-w- C:\Windows\System32\user32.dll
2012-05-15 09:29:47 889664 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-05-15 09:29:46 63296 ----a-w- C:\Windows\System32\nvshext.dll
2012-05-15 09:29:46 118080 ----a-w- C:\Windows\System32\nvmctray.dll
2012-05-15 09:29:25 3149632 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-05-15 09:28:42 6151488 ----a-w- C:\Windows\System32\nvcpl.dll
2012-05-15 06:21:50 423744 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys
2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-04-19 00:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-04-19 00:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2012-04-18 17:08:08 31040 ----a-w- C:\Windows\System32\nvhdap64.dll
2012-04-18 17:08:03 188736 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2012-04-18 17:08:02 1451840 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
.
============= FINISH: 23:51:24.08 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:25 AM

Posted 10 July 2012 - 12:16 AM

Greetings And Welcome To The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flash-drive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]
Gringo[/b]
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 OMAR IZ

OMAR IZ
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:25 AM

Posted 10 July 2012 - 04:30 PM

Hi Gringo,

Thanks for helping me out. I followed the instructions you provided and entered System Recovery using the first method. No problems getting in to the scan. Attached below is the FRST log. I got an error message saying that my reply is too long so I will split the log and send it in two replies. Is there another way to send the log to you without it being in an attachment where I can send it as one reply or is what I'm doing OK?
I'll be waiting to hear from you on what to do next. Thanks again!

FRST.txt

Scan result of Farbar Recovery Scan Tool Version: 09-07-2012
Ran by SYSTEM at 10-07-2012 16:58:31
Running from I:\
Microsoft Windows XP Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

ATTENTION!:=====> THE OPERATING SYSTEM IS A X86 SYSTEM BUT THE BOOT DISK THAT IS USED TO BOOT TO RECOVERY ENVIRONMENT IS A X64 SYSTEM DISK.
========================== Registry (Whitelisted) =============

HKLM\...\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe [77824 2011-03-02] (Avid Technology, Inc.)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
HKU\OMAR IZ\...\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [15360 2008-04-13] (Microsoft Corporation)
HKU\OMAR IZ\...\Run: [DriverUpdaterPro] L:\Program Files\iXi Tools\Driver Updater Pro\DriverUpdaterPro.exe -t [x]
HKLM-x32\...\Winlogon: [Userinit] [x]
HKLM-x32\...\Winlogon: [Shell] [x ] ()
Winlogon\Notify\crypt32chain: crypt32.dll (Microsoft Corporation)
Winlogon\Notify\cryptnet: cryptnet.dll (Microsoft Corporation)
Winlogon\Notify\cscdll: cscdll.dll (Microsoft Corporation)
Winlogon\Notify\dimsntfy: %SystemRoot%\System32\dimsntfy.dll (Microsoft Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\Schedule: wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\sclgntfy: sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\SensLogn: WlNotify.dll (Microsoft Corporation)
Winlogon\Notify\termsrv: wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\wlballoon: wlnotify.dll (Microsoft Corporation)

==================== Services (Whitelisted) ======

4 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [257224 2012-06-16] (Adobe Systems Incorporated)
2 Alerter; C:\Windows\System32\alrsvc.dll [17408 2008-04-13] (Microsoft Corporation)
4 Apple Mobile Device; "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [55184 2012-05-24] (Apple Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [34312 2008-07-25] (Microsoft Corporation)
4 ClipSrv; C:\Windows\System32\clipsrv.exe [33280 2008-04-13] (Microsoft Corporation)
4 CodeMeter.exe; "C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe" [2304912 2011-07-06] (WIBU-SYSTEMS AG)
2 DigiRefresh; C:\Program Files\Digidesign\Drivers\MMERefresh.exe -s [77824 2011-03-02] (Avid Technology, Inc.)
3 digiSPTIService; "C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe" [159744 2011-03-02] (Avid Technology, Inc.)
3 dmadmin; C:\Windows\System32\dmadmin.exe /com [224768 2008-04-13] (Microsoft Corp., Veritas Software)
3 dmserver; C:\Windows\System32\dmserver.dll [23552 2008-04-13] (Microsoft Corp.)
2 ERSvc; C:\Windows\System32\ersvc.dll [23040 2008-04-13] (Microsoft Corporation)
2 Eventlog; C:\Windows\System32\services.exe [110592 2009-02-06] (Microsoft Corporation)
3 FastUserSwitchingCompatibility; C:\Windows\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
3 FontCache3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [46104 2008-07-29] (Microsoft Corporation)
2 helpsvc; C:\Windows\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-13] (Microsoft Corporation)
3 HTTPFilter; C:\Windows\System32\w3ssl.dll [15872 2008-04-13] (Microsoft Corporation)
4 idsvc; "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" [881664 2008-07-29] (Microsoft Corporation)
3 ImapiService; C:\WINDOWS\system32\imapi.exe [150528 2008-04-13] (Microsoft Corporation)
4 IomegaAccess; C:\WINDOWS\system32\IomegaAccess.exe /S [352256 2000-02-10] ( Iomega Corporation)
4 LightScribeService; "C:\Program Files\Common Files\LightScribe\LSSrvc.exe" [73728 2010-08-16] (Hewlett-Packard Company)
4 MacDrive8ServiceD; "C:\Program Files\Mediafour\MacDrive 8\MacDrive8ServiceD.exe" [152064 2009-09-02] (Mediafour Corporation)
4 MboxAudioDevMon; "C:\Program Files\Avid\Mbox\AudioDevMon.exe" [1919504 2010-10-07] (Avid)
4 MboxMiniAudioDevMon; "C:\Program Files\Avid\Mbox Mini\AudioDevMon.exe" [1919504 2010-10-08] (Avid)
4 MboxProAudioDevMon; "C:\Program Files\Avid\Mbox Pro\AudioDevMon.exe" [1919504 2010-10-08] (Avid)
4 Messenger; C:\Windows\System32\msgsvc.dll [33792 2008-04-13] (Microsoft Corporation)
3 mnmsrvc; C:\WINDOWS\system32\mnmsrvc.exe [32768 2008-04-13] (Microsoft Corporation)
4 Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208 2010-05-18] (Nero AG)
4 NetDDE; C:\Windows\System32\netdde.exe [111104 2008-04-13] (Microsoft Corporation)
4 NetDDEdsdm; C:\Windows\System32\netdde.exe [111104 2008-04-13] (Microsoft Corporation)
3 Nla; C:\Windows\System32\mswsock.dll [245248 2008-06-20] (Microsoft Corporation)
3 NtLmSsp; C:\Windows\System32\lsass.exe [13312 2008-04-13] (Microsoft Corporation)
3 NtmsSvc; C:\Windows\System32\ntmssvc.dll [435200 2008-04-13] (Microsoft Corporation)
4 nvsvc; C:\WINDOWS\system32\nvsvc32.exe [155752 2011-02-28] (NVIDIA Corporation)
2 PlugPlay; C:\Windows\System32\services.exe [110592 2009-02-06] (Microsoft Corporation)
2 PolicyAgent; C:\Windows\System32\lsass.exe [13312 2008-04-13] (Microsoft Corporation)
3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [141312 2008-04-13] (Microsoft Corporation)
3 RSVP; C:\Windows\System32\rsvp.exe [132608 2004-08-04] (Microsoft Corporation)
3 SCardSvr; C:\Windows\System32\SCardSvr.exe [95744 2008-04-13] (Microsoft Corporation)
2 srservice; C:\WINDOWS\system32\srsvc.dll [171008 2008-04-13] (Microsoft Corporation)
3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{62A93C05-F121-41AE-A1D2-9F8ECC0497F1} [5120 2008-04-13] (Microsoft Corporation)
3 SysmonLog; C:\Windows\System32\smlogsvc.exe [89600 2008-04-13] (Microsoft Corporation)
4 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-17] (Logitech Inc.)
3 UPS; C:\Windows\System32\ups.exe [18432 2008-04-13] (Microsoft Corporation)
3 WmdmPmSN; C:\WINDOWS\system32\mspmsnsv.dll [52224 2008-04-13] (Microsoft Corporation)
3 WPFFontCache_v0400; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [753504 2010-03-18] (Microsoft Corporation)
2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [6656 2008-04-13] (Microsoft Corporation)
2 WZCSVC; C:\Windows\System32\wzcsvc.dll [483840 2008-04-13] (Microsoft Corporation)
3 xmlprov; C:\Windows\System32\xmlprov.dll [129024 2008-04-13] (Microsoft Corporation)
4 ZipToA; C:\WINDOWS\system32\ZipToA.exe /S [356352 2000-02-10] (Iomega Corporation)
3 AppMgmt; C:\Windows\System32\appmgmts.dll [x]
4 WMP54Gv4SVC; "C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe" [x]

========================== Drivers (Whitelisted) =============

4 ACPIEC; C:\Windows\System32\Drivers\ACPIEC.sys [11648 2004-08-04] (Microsoft Corporation)
3 aec; C:\Windows\System32\Drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation)
2 AegisP; C:\Windows\System32\Drivers\AegisP.sys [20747 2012-06-16] (Meetinghouse Data Communications)
3 Ambfilt; C:\Windows\System32\Drivers\Ambfilt.sys [1691480 2009-11-17] (Creative)
3 Arp1394; C:\Windows\System32\Drivers\Arp1394.sys [60800 2008-04-13] (Microsoft Corporation)
3 Atmarpc; C:\Windows\System32\Drivers\Atmarpc.sys [59904 2008-04-13] (Microsoft Corporation)
3 audstub; C:\Windows\System32\Drivers\audstub.sys [3072 2001-08-17] (Microsoft Corporation)
4 cbidf2k; C:\Windows\System32\Drivers\cbidf2k.sys [13952 2004-08-04] (Microsoft Corporation)
3 CCDECODE; C:\Windows\System32\Drivers\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
1 Cdaudio; C:\Windows\System32\Drivers\Cdaudio.sys [18688 2004-08-04] (Microsoft Corporation)
3 CompFilter; C:\Windows\System32\DRIVERS\lvbusflt.sys [22176 2012-01-17] (Logitech Inc.)
2 cpuz135; \??\C:\WINDOWS\system32\drivers\cpuz135_x32.sys [24328 2012-03-09] (CPUID)
3 dalwdmservice; C:\Windows\System32\drivers\dalwdm.sys [97808 2009-08-14] (Digidesign, A Division of Avid Technology, Inc.)
3 DG003; C:\Windows\System32\Drivers\DG003.sys [117296 2011-02-13] (Avid Technology, Inc.)
2 DigiNet; C:\Windows\System32\Drivers\DigiNet.sys [16400 2009-08-14] (Digidesign, A Division of Avid Technology, Inc.)
4 dmboot; C:\Windows\System32\Drivers\dmboot.sys [799744 2008-04-13] (Microsoft Corp., Veritas Software)
4 dmio; C:\Windows\System32\Drivers\dmio.sys [153344 2008-04-13] (Microsoft Corp., Veritas Software)
4 dmload; C:\Windows\System32\Drivers\dmload.sys [5888 2004-08-04] (Microsoft Corp., Veritas Software.)
3 DMusic; C:\Windows\System32\Drivers\DMusic.sys [52864 2008-04-13] (Microsoft Corporation)
1 Fips; C:\Windows\System32\Drivers\Fips.sys [44544 2008-04-13] (Microsoft Corporation)
3 FLxHCIc; C:\Windows\System32\Drivers\FLxHCIc.sys [89088 2010-04-17] (Fresco Logic)
0 Ftdisk; C:\Windows\System32\Drivers\Ftdisk.sys [125056 2004-08-04] (Microsoft Corporation)
3 Gpc; C:\Windows\System32\DRIVERS\msgpc.sys [35072 2008-04-13] (Microsoft Corporation)
3 GTNDIS5; \??\C:\WINDOWS\system32\GTNDIS5.SYS [15872 2003-09-25] (Printing Communications Assoc., Inc. (PCAUSA))
3 HDAudBus; C:\Windows\System32\Drivers\HDAudBus.sys [144384 2008-04-13] (Windows ® Server 2003 DDK provider)
3 iLokDrvr; C:\Windows\System32\Drivers\iLokDrvr.sys [54328 2012-06-21] (PACE Anti-Piracy, Inc.)
1 Imapi; C:\Windows\System32\Drivers\Imapi.sys [42112 2008-04-13] (Microsoft Corporation)
3 IntcAzAudAddService; C:\Windows\System32\drivers\RtkHDAud.sys [5878304 2010-03-17] (Realtek Semiconductor Corp.)
3 Ip6Fw; C:\Windows\System32\Drivers\Ip6Fw.sys [36608 2008-04-13] (Microsoft Corporation)
3 IpInIp; C:\Windows\System32\Drivers\IpInIp.sys [20864 2008-04-13] (Microsoft Corporation)
1 IPSec; C:\Windows\System32\Drivers\IPSec.sys [75264 2008-04-13] (Microsoft Corporation)
3 kmixer; C:\Windows\System32\Drivers\kmixer.sys [172416 2008-04-13] (Microsoft Corporation)
3 LVPr2Mon; C:\Windows\System32\Drivers\LVPr2Mon.sys [25824 2010-05-07] ()
3 LVRS; C:\Windows\System32\Drivers\LVRS.sys [312096 2012-01-17] (Logitech Inc.)
3 LVUVC; C:\Windows\System32\Drivers\LVUVC.sys [4332960 2012-01-17] (Logitech Inc.)
0 MDFSYSNT; C:\Windows\System32\Drivers\MDFSYSNT.sys [259176 2009-09-03] (Mediafour Corporation)
0 MDPMGRNT; C:\Windows\System32\Drivers\MDPMGRNT.sys [27488 2009-07-31] (Mediafour Corporation)
1 mnmdd; C:\Windows\System32\Drivers\mnmdd.sys [4224 2004-08-04] (Microsoft Corporation)
3 Monfilt; C:\Windows\System32\Drivers\Monfilt.sys [1395800 2009-11-17] (Creative Technology Ltd.)
3 NABTSFEC; C:\Windows\System32\Drivers\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation)
3 NdisIP; C:\Windows\System32\Drivers\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
3 NIC1394; C:\Windows\System32\Drivers\NIC1394.sys [61824 2008-04-13] (Microsoft Corporation)
3 nv; C:\Windows\System32\DRIVERS\nv4_mini.sys [9924800 2011-02-28] (NVIDIA Corporation)
3 NVHDA; C:\Windows\System32\drivers\nvhda32.sys [118248 2011-01-25] (NVIDIA Corporation)
3 NwlnkFlt; C:\Windows\System32\Drivers\NwlnkFlt.sys [12416 2004-08-04] (Microsoft Corporation)
3 NwlnkFwd; C:\Windows\System32\Drivers\NwlnkFwd.sys [32512 2004-08-04] (Microsoft Corporation)
3 PSched; C:\Windows\System32\Drivers\PSched.sys [69120 2008-04-13] (Microsoft Corporation)
3 Ptilink; C:\Windows\System32\Drivers\Ptilink.sys [17792 2004-08-04] (Parallel Technologies, Inc.)
3 Raspti; C:\Windows\System32\Drivers\Raspti.sys [16512 2004-08-04] (Microsoft Corporation)
1 redbook; C:\Windows\System32\Drivers\redbook.sys [57600 2008-04-13] (Microsoft Corporation)
3 RT2500; C:\Windows\System32\Drivers\RT2500.sys [243328 2005-10-20] (Ralink Technology Inc.)
3 RTLE8023xp; C:\Windows\System32\DRIVERS\Rtenicxp.sys [220112 2010-03-08] (Realtek Semiconductor Corporation )
3 SLIP; C:\Windows\System32\Drivers\SLIP.sys [11136 2008-04-13] (Microsoft Corporation)
0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [14776 2010-11-26] ()
3 splitter; C:\Windows\System32\Drivers\splitter.sys [6272 2008-04-13] (Microsoft Corporation)
4 sr; C:\Windows\System32\Drivers\sr.sys [73472 2008-04-13] (Microsoft Corporation)
3 streamip; C:\Windows\System32\Drivers\streamip.sys [15232 2008-04-13] (Microsoft Corporation)
3 swmidi; C:\Windows\System32\Drivers\swmidi.sys [56576 2008-04-13] (Microsoft Corporation)
3 sysaudio; C:\Windows\System32\Drivers\sysaudio.sys [60800 2008-04-13] (Microsoft Corporation)
3 UKS11LDR; C:\Windows\System32\Drivers\UKS11LDR.sys [13504 2012-06-17] (MIDIMAN)
3 Update; C:\Windows\System32\Drivers\Update.sys [384768 2008-04-13] (Microsoft Corporation)
3 USBAAPL; C:\Windows\System32\Drivers\USBAAPL.sys [43520 2012-04-25] (Apple, Inc.)
3 USBKT1X1; C:\Windows\System32\Drivers\USBKT1X1.sys [22304 2012-06-17] (Doug Fetter Software Wizardry)
3 wdmaud; C:\Windows\System32\Drivers\wdmaud.sys [83072 2008-04-13] (Microsoft Corporation)
3 WSTCODEC; C:\Windows\System32\Drivers\WSTCODEC.sys [19200 2008-04-13] (Microsoft Corporation)
4 Abiosdsk; [x]
4 abp480n5; [x]
4 adpu160m; [x]
4 Aha154x; [x]
4 aic78u2; [x]
4 aic78xx; [x]
4 AliIde; [x]
4 amsint; [x]
4 asc; [x]
4 asc3350p; [x]
4 asc3550; [x]
4 Atdisk; [x]
4 cd20xrnt; [x]
1 Changer; [x]
4 CmdIde; [x]
4 Cpqarray; [x]
4 dac2w2k; [x]
4 dac960nt; [x]
4 dpti2o; [x]
4 hpn; [x]
1 i2omgmt; [x]
4 i2omp; [x]
4 ini910u; [x]
4 IntelIde; [x]
1 lbrtfdc; [x]
4 mraid35x; [x]
1 PCIDump; [x]
3 PDCOMP; [x]
3 PDFRAME; [x]
3 PDRELI; [x]
3 PDRFRAME; [x]
4 perc2; [x]
4 perc2hib; [x]
4 ql1080; [x]
4 Ql10wnt; [x]
4 ql12160; [x]
4 ql1240; [x]
4 ql1280; [x]
4 Simbad; [x]
4 Sparrow; [x]
4 symc810; [x]
4 symc8xx; [x]
4 sym_hi; [x]
4 sym_u3; [x]
4 TosIde; [x]
4 ultra; [x]
4 ViaIde; [x]
3 WDICA; [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-07-10 16:58 - 2012-07-10 16:58 - 00000000 ____D C:\FRST
2012-07-02 21:39 - 2012-07-02 21:39 - 00000000 ____D C:\My Backups
2012-06-24 05:45 - 2012-06-24 05:46 - 00001848 ____A C:\Windows\setupapi.log
2012-06-24 05:15 - 2012-06-24 05:45 - 00000000 ____A C:\Windows\0.log
2012-06-24 05:07 - 2012-06-24 05:07 - 00000000 ____D C:\Program Files\rgcaudio software
2012-06-24 04:58 - 2012-06-24 04:58 - 00000000 ____D C:\Program Files\AnalogX
2012-06-24 04:43 - 2012-06-24 04:43 - 00000000 ____D C:\Documents and Settings\OMAR IZ\My Documents\CUBASE 1 AND EFFECTS
2012-06-24 04:27 - 2008-04-23 17:00 - 00016896 ____A C:\Documents and Settings\OMAR IZ\My Documents\Omar Budget.xls
2012-06-24 00:57 - 2012-06-24 00:57 - 00000000 ____D C:\Documents and Settings\OMAR IZ\My Documents\VCheck
2012-06-24 00:56 - 2012-06-24 00:56 - 00000000 ____D C:\Documents and Settings\OMAR IZ\My Documents\Sony Media Libraries
2012-06-24 00:56 - 2012-06-24 00:56 - 00000000 ____D C:\Documents and Settings\OMAR IZ\My Documents\Setup MIDI Sep 17 2004
2012-06-24 00:54 - 2012-06-24 01:01 - 00000000 ____D C:\Documents and Settings\OMAR IZ\My Documents\PT8_FILES
2012-06-24 00:52 - 2012-06-24 00:52 - 00000000 ____D C:\Documents and Settings\OMAR IZ\My Documents\musictheory.net
2012-06-24 00:47 - 2012-06-24 00:47 - 00000000 ____D C:\Documents and Settings\OMAR IZ\My Documents\iZotope Ozone Presets
2012-06-24 00:46 - 2012-06-24 00:46 - 00000000 ____D C:\Documents and Settings\OMAR IZ\My Documents\IKM.TRACKDELUX.VSRTA.3.0.1
2012-06-24 00:46 - 2012-06-24 00:46 - 00000000 ____D C:\Documents and Settings\OMAR IZ\My Documents\GRAM
2012-06-24 00:35 - 2012-06-30 04:14 - 00000000 ____D C:\Documents and Settings\OMAR IZ\My Documents\ClockWorks Win PDFs
2012-06-24 00:35 - 2012-06-24 00:35 - 00000000 ____D C:\Documents and Settings\OMAR IZ\My Documents\Bome's Mouse Keyboard
2012-06-24 00:35 - 2012-06-24 00:35 - 00000000 ____D C:\Documents and Settings\OMAR IZ\My Documents\ACID Pro 5.0 Projects
2012-06-24 00:35 - 2012-06-24 00:35 - 00000000 ____D C:\Documents and Settings\OMAR IZ\My Documents\Ableton
2012-06-24 00:33 - 2009-02-07 14:38 - 00001569 ____A C:\Documents and Settings\OMAR IZ\Desktop\CS-80V.lnk
2012-06-24 00:33 - 2008-12-20 12:54 - 00000709 ____A C:\Documents and Settings\OMAR IZ\Desktop\Torq LE.lnk
2012-06-24 00:33 - 2005-04-09 13:27 - 00001737 ____A C:\Documents and Settings\OMAR IZ\Desktop\Moog Modular V.lnk
2012-06-24 00:32 - 2012-06-24 00:32 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Desktop\Bomb Factory BF-3A v8.0
2012-06-24 00:31 - 2012-06-24 00:33 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Desktop\Xpand!
2012-06-24 00:19 - 2012-06-24 00:20 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Desktop\REASON + RECORD PDF
2012-06-24 00:19 - 2012-06-24 00:19 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Desktop\MoreSpace Drive
2012-06-24 00:18 - 2012-06-24 00:18 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Desktop\CUBASE 1 AND EFFECTS
2012-06-24 00:14 - 2012-06-24 00:14 - 00000000 ____D C:\CFusionMX
2012-06-24 00:13 - 2012-06-24 00:13 - 00000000 ____D C:\Waves Demo Installers
2012-06-24 00:13 - 2012-06-24 00:13 - 00000000 ____D C:\Sweetwater Utilities
2012-06-24 00:12 - 2012-06-24 00:12 - 00000000 ____D C:\protoolsvideo.com
2012-06-24 00:11 - 2003-09-25 06:57 - 00765815 ____A C:\Program Files\CS-80V.dpm.rsr
2012-06-24 00:10 - 2003-10-17 14:20 - 00524288 ____A (Digidesign, Inc.) C:\Program Files\CS-80V.dpm
2012-06-24 00:10 - 2002-03-04 18:37 - 00061440 ____A C:\Program Files\OSLoader.exe
2012-06-24 00:09 - 2012-06-24 00:09 - 00000000 ____D C:\Program Files\YAMAHA
2012-06-24 00:09 - 2012-06-24 00:09 - 00000000 ____D C:\Program Files\Wizoo
2012-06-23 23:31 - 2012-06-23 23:31 - 00000000 ____D C:\Program Files\UnH Solutions
2012-06-23 23:30 - 2012-06-23 23:30 - 00000000 ____D C:\Program Files\Triangle 2.1
2012-06-23 23:30 - 2012-06-23 23:30 - 00000000 ____D C:\Program Files\TimePad
2012-06-23 23:28 - 2012-06-23 23:28 - 00000000 ____D C:\Program Files\TCWorks
2012-06-23 23:28 - 2012-06-23 23:28 - 00000000 ____D C:\Program Files\TB Triforc 1.6
2012-06-23 23:26 - 2012-06-23 23:26 - 00000000 ____D C:\Program Files\Studio Buddy
2012-06-23 23:17 - 2012-06-23 23:17 - 00000000 ____D C:\Program Files\Sony Setup
2012-06-23 23:16 - 2012-06-23 23:16 - 00000000 ____D C:\Program Files\Sony
2012-06-23 23:15 - 2012-06-23 23:15 - 00000000 ____D C:\Program Files\SetMaker 2.0
2012-06-23 23:14 - 2012-06-23 23:14 - 00000000 ____D C:\Program Files\Roland
2012-06-23 23:11 - 2012-06-23 23:11 - 00000000 ____D C:\Program Files\PSP VintageWarmer
2012-06-23 23:11 - 2012-06-23 23:11 - 00000000 ____D C:\Program Files\PSP VintageMeter
2012-06-23 23:04 - 2012-06-23 23:04 - 00000000 ____D C:\Program Files\PlastiCZ
2012-06-23 23:02 - 2012-06-23 23:02 - 00000000 ____D C:\Program Files\PACE Anti-Piracy
2012-06-23 23:01 - 2012-06-23 23:01 - 00000000 ____D C:\Program Files\OzoneDX
2012-06-23 23:00 - 2012-06-23 23:00 - 00000000 ____D C:\Program Files\Nsaka
2012-06-23 23:00 - 2012-06-23 23:00 - 00000000 ____D C:\Program Files\Northpole
2012-06-23 23:00 - 2012-06-23 23:00 - 00000000 ____D C:\Program Files\NordBeat
2012-06-23 22:59 - 2012-06-23 22:59 - 00000000 ____D C:\Program Files\Native Instruments
2012-06-23 22:59 - 2012-06-23 22:59 - 00000000 ____D C:\Program Files\MySoftware
2012-06-23 22:59 - 2012-06-23 22:59 - 00000000 ____D C:\Program Files\Music Trainers 2.1.2
2012-06-23 22:58 - 2012-06-23 22:58 - 00000000 ____D C:\Program Files\MOTU
2012-06-23 22:57 - 2012-06-23 22:57 - 00000000 ____D C:\Program Files\Moog Modular V
2012-06-23 22:57 - 2012-06-23 22:57 - 00000000 ____D C:\Program Files\Mda Piano
2012-06-23 22:56 - 2012-06-23 22:56 - 00000000 ____D C:\Program Files\M-Audio
2012-06-23 22:56 - 2012-06-23 22:56 - 00000000 ____D C:\Program Files\Live Midi Keyboard
2012-06-23 22:55 - 2012-06-23 22:55 - 00000000 ____D C:\Program Files\KORG
2012-06-23 22:55 - 2012-06-23 22:55 - 00000000 ____D C:\Program Files\Juno 6
2012-06-23 22:43 - 2012-06-23 22:45 - 00000000 ____D C:\Program Files\Hanes T-ShirtMaker Lite
2012-06-23 22:40 - 2012-06-23 22:40 - 00000000 ____D C:\Program Files\GoldWave
2012-06-23 22:39 - 2012-06-23 22:39 - 00000000 ____D C:\Program Files\FXpansion
2012-06-23 22:38 - 2012-06-23 22:38 - 00000000 ____D C:\Program Files\FreeRIP3
2012-06-23 22:38 - 2012-06-23 22:38 - 00000000 ____D C:\Program Files\Final Draft Tagger
2012-06-23 22:38 - 2012-06-23 22:38 - 00000000 ____D C:\Program Files\Final Draft 7
2012-06-23 22:37 - 2012-06-23 22:37 - 00000000 ____D C:\Program Files\elysia
2012-06-23 22:36 - 2012-06-23 22:36 - 00000000 ____D C:\Program Files\Celtx
2012-06-23 22:36 - 2012-06-23 22:36 - 00000000 ____D C:\Program Files\Bome's Mouse Keyboard
2012-06-23 22:35 - 2012-06-23 22:35 - 00000000 ____D C:\Program Files\BBE
2012-06-23 22:32 - 2012-06-23 22:32 - 00000000 ____D C:\Program Files\Arturia
2012-06-23 22:32 - 2012-06-23 22:32 - 00000000 ____D C:\Program Files\Arptronv2.5
2012-06-23 22:32 - 2012-06-23 22:32 - 00000000 ____D C:\Program Files\Arppe 2600 va
2012-06-23 22:31 - 2012-06-23 22:31 - 00000000 ____D C:\Program Files\Arboretum Systems
2012-06-23 22:30 - 2012-06-23 22:30 - 00000000 ____D C:\Program Files\Antares Audio Technologies
2012-06-23 22:30 - 2012-06-23 22:30 - 00000000 ____D C:\Program Files\Antares
2012-06-23 22:28 - 2012-06-23 22:30 - 00000000 ____D C:\Program Files\Ableton
2012-06-23 22:27 - 2012-06-23 22:27 - 00000000 ____D C:\Program Files\Celemony
2012-06-23 21:43 - 2012-06-23 21:43 - 00000000 ____D C:\Program Files\IK Multimedia
2012-06-23 21:42 - 2012-06-23 21:42 - 00000000 ____D C:\Program Files\Flux
2012-06-23 21:35 - 2012-06-23 21:35 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
2012-06-23 21:28 - 2012-06-23 21:55 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Application Data\Skype
2012-06-23 20:18 - 2012-06-23 20:19 - 00000000 ____D C:\Windows\System32\QuickTime
2012-06-23 20:18 - 2002-12-21 15:04 - 00327680 ____A (eSellerate Inc.) C:\Windows\esellerateEngine.dll
2012-06-23 19:46 - 2012-06-23 20:51 - 00000000 ____D C:\Program Files\Common Files\DivX Shared
2012-06-23 19:40 - 2012-06-23 21:25 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DivX
2012-06-22 16:42 - 2012-06-23 23:39 - 00000000 ____D C:\Program Files\Waves
2012-06-22 16:14 - 2012-06-22 16:15 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Application Data\WinRAR
2012-06-22 16:14 - 2012-06-22 16:14 - 00000000 ____D C:\Program Files\WinRAR
2012-06-21 22:01 - 2012-06-23 23:18 - 00000000 ____D C:\Program Files\Steinberg
2012-06-21 22:01 - 2012-06-23 22:55 - 00000000 ____D C:\Program Files\iZotope
2012-06-21 22:01 - 2012-06-21 22:01 - 00000000 ____D C:\Program Files\Common Files\iZotope
2012-06-21 15:01 - 2012-06-21 15:01 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Digidesign
2012-06-21 14:58 - 2012-06-21 14:58 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DigiDriver
2012-06-21 14:57 - 2011-02-13 06:02 - 00117296 ____A (Avid Technology, Inc.) C:\Windows\System32\Drivers\dg003.sys
2012-06-21 14:55 - 2012-06-21 14:56 - 00000000 ____D C:\Program Files\Avid
2012-06-21 13:08 - 2012-06-23 23:57 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Application Data\Digidesign
2012-06-21 13:06 - 2012-06-21 13:06 - 00000000 ____D C:\Digidesign Databases
2012-06-21 12:58 - 2012-06-21 15:01 - 00000000 ____D C:\Program Files\Mediafour
2012-06-21 12:58 - 2012-06-21 15:01 - 00000000 ____D C:\Program Files\Common Files\Mediafour
2012-06-21 12:58 - 2012-06-21 12:58 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Mediafour
2012-06-21 12:47 - 2012-06-21 14:58 - 00001640 ____A C:\Documents and Settings\All Users\Desktop\Pro Tools LE.lnk
2012-06-21 12:45 - 2009-08-14 22:33 - 00097808 ____A (Digidesign, A Division of Avid Technology, Inc.) C:\Windows\System32\Drivers\Dalwdm.sys
2012-06-21 12:45 - 2009-08-14 22:33 - 00016400 ____A (Digidesign, A Division of Avid Technology, Inc.) C:\Windows\System32\Drivers\diginet.sys
2012-06-21 01:03 - 2012-06-21 01:03 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Application Data\Trillium Lane
2012-06-20 19:36 - 2012-06-22 16:25 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Application Data\PACE Anti-Piracy
2012-06-20 19:36 - 2012-06-22 16:25 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
2012-06-20 19:36 - 2012-06-20 19:36 - 00000000 ____D C:\Program Files\Common Files\PACE Anti-Piracy
2012-06-20 19:36 - 2012-06-20 19:36 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Local Settings\Application Data\PACE Anti-Piracy
2012-06-20 19:33 - 2012-06-20 19:34 - 00000000 ____D C:\Program Files\QuickTime
2012-06-20 19:30 - 2012-06-20 19:30 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Application Data\Structure
2012-06-20 19:12 - 2012-06-20 19:12 - 00000000 ____D C:\Program Files\InterLok
2012-06-20 19:10 - 2009-12-23 07:12 - 00630784 ____A (PACE Anti-Piracy) C:\Windows\System32\ilinet.dll
2012-06-20 19:10 - 2006-03-29 11:11 - 00233472 ____A (Propellerhead Software AB) C:\Windows\System32\REX Shared Library.dll
2012-06-20 19:10 - 2004-07-11 22:04 - 00348160 ____A (Microsoft Corporation) C:\Windows\System32\msvcr71.dll
2012-06-20 19:10 - 2001-06-27 06:13 - 00217088 ____A C:\Windows\System32\qtmlClient.dll
2012-06-20 19:08 - 2012-06-21 14:57 - 00000000 ____D C:\Program Files\Digidesign
2012-06-20 19:08 - 2012-06-21 14:57 - 00000000 ____D C:\Program Files\Common Files\Digidesign
2012-06-20 16:50 - 2012-06-20 16:54 - 00000453 ____A C:\Documents and Settings\OMAR IZ\My Documents\Original DEP text.rtf
2012-06-20 16:09 - 2008-04-13 10:46 - 00061696 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\ohci1394.sys
2012-06-20 16:09 - 2008-04-13 10:46 - 00061696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ohci1394.sys
2012-06-20 16:09 - 2008-04-13 10:46 - 00053376 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\1394bus.sys
2012-06-20 16:09 - 2008-04-13 10:46 - 00053376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\1394bus.sys
2012-06-20 16:09 - 2008-04-13 10:45 - 00020608 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\usbuhci.sys
2012-06-20 16:09 - 2008-04-13 10:45 - 00020608 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2012-06-20 16:09 - 2001-08-17 09:46 - 00006400 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\enum1394.sys
2012-06-20 16:09 - 2001-08-17 09:46 - 00006400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\enum1394.sys
2012-06-20 14:31 - 2009-05-18 09:17 - 00026600 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2012-06-20 14:31 - 2008-04-17 08:12 - 00107368 ____A (GEAR Software Inc.) C:\Windows\System32\GEARAspi.dll
2012-06-20 14:30 - 2012-06-23 22:45 - 00000000 ____D C:\Program Files\iPod
2012-06-20 14:30 - 2012-06-20 14:31 - 00000000 ____D C:\Program Files\iTunes
2012-06-20 14:29 - 2012-06-20 14:29 - 00000000 ____D C:\Program Files\Bonjour
2012-06-20 14:29 - 2012-06-20 14:29 - 00000000 ____D C:\Program Files\Apple Software Update
2012-06-20 14:29 - 2012-04-25 08:11 - 04547944 ____A (Apple, Inc.) C:\Windows\System32\usbaaplrc.dll
2012-06-20 14:29 - 2012-04-25 08:11 - 00043520 ____A (Apple, Inc.) C:\Windows\System32\Drivers\usbaapl.sys
2012-06-20 14:28 - 2012-06-20 14:30 - 00000000 ____D C:\Program Files\Common Files\Apple
2012-06-20 14:18 - 2012-06-20 14:21 - 00000000 ____D C:\Windows\SxsCaPendDel
2012-06-20 13:04 - 2012-06-20 13:04 - 00117312 ____A (Gibson Research Corp.) C:\Documents and Settings\OMAR IZ\Desktop\securable.exe
2012-06-20 12:05 - 2012-06-20 12:05 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Apple Computer
2012-06-19 20:36 - 2012-06-20 19:33 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Local Settings\Application Data\Apple Computer
2012-06-19 20:36 - 2012-06-20 16:58 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Application Data\Apple Computer
2012-06-19 20:33 - 2012-06-20 14:30 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Apple Computer
2012-06-19 20:33 - 2012-06-19 20:35 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2012-06-19 20:33 - 2012-06-19 20:33 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Local Settings\Application Data\Apple
2012-06-19 20:33 - 2012-06-19 20:33 - 00000000 ____D C:\Documents and Settings\NetworkService\Application Data\Apple Computer
2012-06-19 20:32 - 2012-06-20 14:28 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Apple
2012-06-19 18:23 - 2012-06-19 18:23 - 00000000 ____D C:\Documents and Settings\OMAR IZ\My Documents\Auralex Acoustics
2012-06-19 18:20 - 2012-06-19 18:20 - 00000000 ____D C:\Documents and Settings\OMAR IZ\My Documents\Sweetwater Utilities
2012-06-19 16:58 - 2012-06-24 05:14 - 00065536 ____A C:\Windows\System32\config\OAlerts.evt
2012-06-19 16:55 - 2012-06-19 16:55 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2012-06-19 16:55 - 2012-06-19 16:55 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2012-06-19 16:54 - 2012-06-19 16:54 - 00000000 ____D C:\Program Files\Microsoft Sync Framework
2012-06-19 16:54 - 2012-06-19 16:54 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2012-06-19 16:53 - 2012-06-19 16:53 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2012-06-19 16:51 - 2012-06-19 16:51 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2012-06-19 16:50 - 2012-06-19 16:57 - 00000000 ____D C:\Windows\SHELLNEW
2012-06-19 16:48 - 2012-06-19 16:54 - 00000000 ____D C:\Program Files\Microsoft Office
2012-06-19 16:48 - 2012-06-19 16:48 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Local Settings\Application Data\Microsoft Help
2012-06-19 16:47 - 2012-06-24 00:41 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2012-06-19 16:47 - 2012-06-19 16:47 - 00000000 __RHD C:\MSOCache
2012-06-19 16:20 - 2012-06-24 05:46 - 00000284 ____A C:\Windows\Tasks\SmartDefrag_Startup.job
2012-06-19 16:20 - 2012-05-08 14:35 - 00029528 ____A (IObit) C:\Windows\System32\SmartDefragBootTime.exe
2012-06-19 16:19 - 2012-06-19 16:19 - 00000000 ____D C:\Program Files\IObit
2012-06-19 16:19 - 2012-06-19 16:19 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Application Data\IObit
2012-06-19 16:19 - 2010-11-26 14:02 - 00014776 ____A C:\Windows\System32\Drivers\SmartDefragDriver.sys
2012-06-18 21:11 - 2012-06-18 21:11 - 00003584 ____A C:\Documents and Settings\OMAR IZ\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-18 20:40 - 2012-06-18 20:40 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Local Settings\Application Data\Nero
2012-06-17 22:25 - 2012-06-23 21:34 - 00000000 ____D C:\Program Files\Common Files\Adobe
2012-06-17 21:54 - 2008-04-13 16:12 - 00159232 ____A (Microsoft Corporation) C:\Windows\System32\ptpusd.dll
2012-06-17 21:54 - 2008-04-13 10:45 - 00015104 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\usbscan.sys
2012-06-17 21:54 - 2008-04-13 10:45 - 00015104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbscan.sys
2012-06-17 21:54 - 2001-08-17 18:36 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\ptpusb.dll
2012-06-17 21:53 - 2012-06-20 15:25 - 00000198 ____A C:\Documents and Settings\OMAR IZ\Application Data\default.rss
2012-06-17 21:52 - 2012-06-20 15:25 - 00000069 ____A C:\Windows\NeroDigital.ini
2012-06-17 21:27 - 2012-06-17 21:27 - 00000000 __HDC C:\Windows\$NtUninstallKB953356$
2012-06-17 21:16 - 2012-06-17 21:16 - 00000231 ____A C:\Windows\PowerReg.dat
2012-06-17 21:14 - 2012-06-17 21:14 - 00000000 ____D C:\Program Files\Iomega
2012-06-17 21:14 - 1999-12-17 05:13 - 00086016 ____A (MindVision Software) C:\Windows\unvise32.exe
2012-06-17 20:27 - 2012-06-17 20:27 - 00000000 ____D C:\Program Files\M-Audio USB Keyboard Device
2012-06-17 20:15 - 2012-06-17 20:27 - 00724992 ____A (Indigo Rose Corporation) C:\Windows\iun6002.exe
2012-06-17 20:15 - 2012-06-17 20:27 - 00082944 ____A (Doug Fetter Software Wizardry) C:\Windows\System32\usbkt1x1.dll
2012-06-17 20:15 - 2012-06-17 20:27 - 00022304 ____A (Doug Fetter Software Wizardry) C:\Windows\System32\Drivers\usbkt1x1.sys
2012-06-17 20:15 - 2012-06-17 20:27 - 00013504 ____A (MIDIMAN) C:\Windows\System32\Drivers\uks11ldr.sys
2012-06-17 12:10 - 2012-06-17 12:10 - 00000000 ____D C:\Program Files\CPUID
2012-06-17 12:10 - 2012-03-09 06:57 - 00024328 ____A (CPUID) C:\Windows\System32\Drivers\cpuz135_x32.sys
2012-06-17 09:04 - 2012-06-20 12:28 - 00000000 ____D C:\Documents and Settings\OMAR IZ\My Documents\Personal
2012-06-17 08:25 - 2012-06-17 08:25 - 00185432 ____A C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-73586283-838170752-725345543-1004-0.dat
2012-06-17 08:25 - 2012-06-17 08:25 - 00118538 ____A C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2012-06-17 08:09 - 2012-06-17 08:09 - 00000000 ____D C:\Windows\pss
2012-06-17 06:03 - 2012-06-19 16:57 - 00000000 ____D C:\Program Files\MSBuild
2012-06-17 06:03 - 2012-06-17 06:03 - 00000000 ____D C:\Windows\System32\XPSViewer
2012-06-17 06:03 - 2012-06-17 06:03 - 00000000 ____D C:\Program Files\Reference Assemblies
2012-06-17 06:03 - 2012-06-17 06:03 - 00000000 ____D C:\dd0fb8aa4f9000ea3d806acfdb22
2012-06-17 06:03 - 2008-07-06 04:06 - 01676288 ____N (Microsoft Corporation) C:\Windows\System32\xpssvcs.dll
2012-06-17 06:03 - 2008-07-06 04:06 - 01676288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\xpssvcs.dll
2012-06-17 06:03 - 2008-07-06 04:06 - 00575488 ____N (Microsoft Corporation) C:\Windows\System32\xpsshhdr.dll
2012-06-17 06:03 - 2008-07-06 04:06 - 00575488 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\xpsshhdr.dll
2012-06-17 06:03 - 2008-07-06 04:06 - 00117760 ____N (Microsoft Corporation) C:\Windows\System32\prntvpt.dll
2012-06-17 06:03 - 2008-07-06 04:06 - 00089088 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\filterpipelineprintproc.dll
2012-06-17 06:03 - 2008-07-06 02:50 - 00597504 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\printfilterpipelinesvc.exe
2012-06-17 04:53 - 2010-06-11 10:37 - 00013832 ____A (Windows ® Win 7 DDK provider) C:\Windows\System32\Drivers\AsrAppCharger.sys
2012-06-16 19:51 - 2012-06-16 19:51 - 00001134 ____A C:\Windows\System32\CM-Backup2-1455329-12Jun16-23-51-07.wbb
2012-06-16 19:07 - 2012-06-16 19:07 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Local Settings\Application Data\Logitech« Webcam Software
2012-06-16 19:04 - 2012-06-16 19:04 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Application Data\Line 6
2012-06-16 19:04 - 2012-06-16 19:04 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Line 6
2012-06-16 19:03 - 2012-06-16 19:37 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Application Data\Propellerhead Software
2012-06-16 19:03 - 2012-06-16 19:06 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Propellerhead Software
2012-06-16 19:03 - 2012-06-16 19:03 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2012-06-16 19:03 - 2012-06-16 19:03 - 00000000 ____D C:\Program Files\CodeMeter
2012-06-16 19:02 - 2012-06-16 19:02 - 00000722 ____A C:\Documents and Settings\All Users\Desktop\Reason.lnk
2012-06-16 19:01 - 2012-06-23 23:06 - 00000000 ____D C:\Program Files\Propellerhead
2012-06-16 17:43 - 2012-06-24 04:27 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-06-16 17:43 - 2012-06-16 17:45 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-06-16 17:43 - 2012-06-16 17:45 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-06-16 17:12 - 2012-06-16 17:12 - 00000000 ____D C:\Program Files\Audacity
2012-06-16 16:56 - 2012-06-16 16:56 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\LogiShrd
2012-06-16 16:54 - 2012-06-16 16:54 - 00000000 ____D C:\Documents and Settings\OMAR IZ\My Documents\SightSpeed Recordings
2012-06-16 16:54 - 2012-06-16 16:54 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Local Settings\Application Data\LogiShrd
2012-06-16 16:52 - 2012-06-16 17:02 - 00012133 ____A C:\Windows\System32\lvcoinst.log
2012-06-16 16:52 - 2012-06-16 16:52 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Application Data\Leadertech
2012-06-16 16:51 - 2012-06-24 05:46 - 00000216 ____A C:\Windows\wiadebug.log
2012-06-16 16:51 - 2012-06-24 05:46 - 00000049 ____A C:\Windows\wiaservc.log
2012-06-16 16:51 - 2012-06-16 17:02 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2012-06-16 16:51 - 2012-06-16 16:53 - 00000000 ____D C:\Program Files\Logitech
2012-06-16 16:51 - 2012-06-16 16:51 - 00000000 ____N C:\Windows\Sti_Trace.log
2012-06-16 16:51 - 2012-06-16 16:51 - 00000000 ____D C:\Windows\System32\logishrd
2012-06-16 16:51 - 2012-06-16 16:51 - 00000000 ____D C:\Program Files\Common Files\LWS
2012-06-16 16:51 - 2012-06-16 16:51 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Logitech
2012-06-16 16:51 - 2008-04-13 16:12 - 00016384 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\ipsink.ax
2012-06-16 16:51 - 2008-04-13 16:12 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ipsink.ax
2012-06-16 16:51 - 2008-04-13 10:46 - 00085248 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\nabtsfec.sys
2012-06-16 16:51 - 2008-04-13 10:46 - 00085248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\NABTSFEC.sys
2012-06-16 16:51 - 2008-04-13 10:46 - 00019200 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wstcodec.sys
2012-06-16 16:51 - 2008-04-13 10:46 - 00019200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WSTCODEC.SYS
2012-06-16 16:51 - 2008-04-13 10:46 - 00017024 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\ccdecode.sys
2012-06-16 16:51 - 2008-04-13 10:46 - 00017024 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\CCDECODE.sys
2012-06-16 16:51 - 2008-04-13 10:46 - 00015232 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\streamip.sys
2012-06-16 16:51 - 2008-04-13 10:46 - 00015232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\StreamIP.sys
2012-06-16 16:51 - 2008-04-13 10:46 - 00011136 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\slip.sys
2012-06-16 16:51 - 2008-04-13 10:46 - 00011136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\SLIP.sys
2012-06-16 16:51 - 2008-04-13 10:46 - 00010880 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\ndisip.sys
2012-06-16 16:51 - 2008-04-13 10:46 - 00010880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\NdisIP.sys
2012-06-16 16:51 - 2008-04-13 10:39 - 00005504 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mstee.sys
2012-06-16 16:51 - 2008-04-13 10:39 - 00005504 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\MSTEE.sys
2012-06-16 16:50 - 2008-04-13 16:12 - 00091136 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kswdmcap.ax
2012-06-16 16:50 - 2008-04-13 16:12 - 00091136 ____A (Microsoft Corporation) C:\Windows\System32\kswdmcap.ax
2012-06-16 16:50 - 2008-04-13 16:12 - 00061952 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kstvtune.ax
2012-06-16 16:50 - 2008-04-13 16:12 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\kstvtune.ax
2012-06-16 16:50 - 2008-04-13 16:12 - 00053760 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\vfwwdm32.dll
2012-06-16 16:50 - 2008-04-13 16:12 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\vfwwdm32.dll
2012-06-16 16:50 - 2008-04-13 16:12 - 00043008 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\ksxbar.ax
2012-06-16 16:50 - 2008-04-13 16:12 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\ksxbar.ax
2012-06-16 16:50 - 2008-04-13 16:12 - 00020992 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\dshowext.ax
2012-06-16 16:50 - 2008-04-13 16:12 - 00020992 ____A (Microsoft Corporation) C:\Windows\System32\dshowext.ax
2012-06-16 16:50 - 2008-04-13 10:45 - 00060032 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\usbaudio.sys
2012-06-16 16:50 - 2008-04-13 10:45 - 00060032 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBAUDIO.sys
2012-06-16 16:50 - 2008-04-13 10:45 - 00032128 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\usbccgp.sys
2012-06-16 16:50 - 2008-04-13 10:45 - 00032128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2012-06-16 16:43 - 2012-06-16 16:45 - 00000000 ____D C:\Program Files\Memorex exPressit Label Design Studio
2012-06-16 16:43 - 2012-06-16 16:43 - 00000000 ____D C:\Windows\MVUNINST
2012-06-16 16:43 - 2012-06-16 16:43 - 00000000 ____D C:\Program Files\Common Files\SureThing Shared
2012-06-16 16:41 - 2012-06-16 16:41 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\LightScribe
2012-06-16 16:40 - 2012-06-16 16:41 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Application Data\Nero
2012-06-16 16:32 - 2012-06-16 16:37 - 00000000 ____D C:\Program Files\Common Files\Nero
2012-06-16 16:32 - 2012-06-16 16:35 - 00000000 ____D C:\Program Files\Nero
2012-06-16 16:32 - 2012-06-16 16:33 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Nero
2012-06-16 16:32 - 2012-06-16 16:32 - 00000000 ____D C:\Program Files\Common Files\LightScribe
2012-06-16 16:10 - 2012-06-16 16:10 - 00000000 ____D C:\Program Files\CCleaner
2012-06-16 16:09 - 2001-08-17 05:59 - 00003072 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\audstub.sys
2012-06-16 16:08 - 2008-04-13 16:11 - 00021504 ____A (Microsoft Corporation) C:\Windows\System32\hidserv.dll
2012-06-16 16:08 - 2008-04-13 10:40 - 00057600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\redbook.sys
2012-06-16 16:07 - 2012-06-23 22:06 - 00000000 ___AD C:\Program Files\Common Files\Microsoft Shared
2012-06-16 16:07 - 2012-06-20 16:10 - 00558606 ____A C:\Windows\System32\PerfStringBackup.INI
2012-06-16 16:07 - 2012-06-16 16:07 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2012-06-16 16:07 - 2012-06-16 16:07 - 00000000 ____D C:\Program Files\Common Files\ODBC
2012-06-16 16:07 - 2012-06-15 22:05 - 00004161 ____A C:\Windows\ODBCINST.INI
2012-06-16 16:07 - 2008-04-13 16:12 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\usbui.dll
2012-06-16 16:07 - 2004-08-04 04:00 - 01685606 ___AC C:\Windows\System32\dllcache\sam.spd
2012-06-16 16:07 - 2004-08-04 04:00 - 00774144 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\spttseng.dll
2012-06-16 16:07 - 2004-08-04 04:00 - 00643717 ___AC C:\Windows\System32\dllcache\ltts1033.lxa
2012-06-16 16:07 - 2004-08-04 04:00 - 00605050 ___AC C:\Windows\System32\dllcache\r1033tts.lxa
2012-06-16 16:07 - 2004-08-04 04:00 - 00077824 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\spcommon.dll
2012-06-16 16:07 - 2004-08-04 04:00 - 00066594 ___AC C:\Windows\System32\dllcache\c_857.nls
2012-06-16 16:07 - 2004-08-04 04:00 - 00066594 ____A C:\Windows\System32\c_857.nls
2012-06-16 16:07 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_28603.nls
2012-06-16 16:07 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_28599.nls
2012-06-16 16:07 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_10081.nls
2012-06-16 16:07 - 2004-08-04 04:00 - 00066082 ____A C:\Windows\System32\c_28603.nls
2012-06-16 16:07 - 2004-08-04 04:00 - 00066082 ____A C:\Windows\System32\c_28599.nls
2012-06-16 16:07 - 2004-08-04 04:00 - 00066082 ____A C:\Windows\System32\c_10081.nls
2012-06-16 16:07 - 2004-08-04 04:00 - 00061440 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\spcplui.dll
2012-06-16 16:07 - 2004-08-04 04:00 - 00036864 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\sapisvr.exe
2012-06-16 16:07 - 2004-08-04 04:00 - 00006144 ___RA (Microsoft Corporation) C:\Windows\System32\kbdtuq.dll
2012-06-16 16:07 - 2004-08-04 04:00 - 00006144 ___RA (Microsoft Corporation) C:\Windows\System32\kbdtuf.dll
2012-06-16 16:07 - 2004-08-04 04:00 - 00006144 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdtuq.dll
2012-06-16 16:07 - 2004-08-04 04:00 - 00006144 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdtuf.dll
2012-06-16 16:07 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdazel.dll
2012-06-16 16:07 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdazel.dll
2012-06-16 16:07 - 2004-08-04 04:00 - 00000888 ___AC C:\Windows\System32\dllcache\sam.sdf
2012-06-16 16:06 - 2012-06-21 14:50 - 00326704 ____A C:\Windows\System32\FNTCACHE.DAT
2012-06-16 16:06 - 2012-06-16 16:06 - 00000062 __ASH C:\Documents and Settings\Default User\Local Settings\desktop.ini
2012-06-16 16:06 - 2012-06-16 16:06 - 00000062 __ASH C:\Documents and Settings\Default User\Application Data\desktop.ini
2012-06-16 16:06 - 2012-06-16 16:06 - 00000062 __ASH C:\Documents and Settings\All Users\Application Data\desktop.ini
2012-06-16 16:06 - 2012-06-16 02:18 - 01040722 ____A C:\Windows\setupapi.log.0.old
2012-06-16 16:06 - 2008-04-13 16:12 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\storprop.dll
2012-06-16 16:06 - 2008-04-13 16:12 - 00069120 ____A (Microsoft Corporation) C:\Windows\notepad.exe
2012-06-16 16:06 - 2008-04-13 16:11 - 00008704 ____A (Microsoft Corporation) C:\Windows\System32\batt.dll
2012-06-16 16:06 - 2008-04-13 10:54 - 00011264 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\irenum.sys
2012-06-16 16:06 - 2004-08-04 04:00 - 01086058 ___RA C:\Windows\SET4.tmp
2012-06-16 16:06 - 2004-08-04 04:00 - 01042903 ___RA C:\Windows\SET3.tmp
2012-06-16 16:06 - 2004-08-04 04:00 - 01042903 ___AC C:\Windows\System32\dllcache\SP2.CAT
2012-06-16 16:06 - 2004-08-04 04:00 - 00797189 ___AC C:\Windows\System32\dllcache\NT5IIS.CAT
2012-06-16 16:06 - 2004-08-04 04:00 - 00399645 ___AC C:\Windows\System32\dllcache\MAPIMIG.CAT
2012-06-16 16:06 - 2004-08-04 04:00 - 00176157 ___AC (Digi International, Inc.) C:\Windows\System32\dllcache\dgrpsetu.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00176157 ____A (Digi International, Inc.) C:\Windows\System32\dgrpsetu.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00103424 ___AC (Equinox Systems Inc.) C:\Windows\System32\dllcache\eqnclass.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00103424 ____A (Equinox Systems Inc.) C:\Windows\System32\EqnClass.Dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00085020 ___AC (Digi International) C:\Windows\System32\dllcache\dgsetup.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00085020 ____A (Digi International) C:\Windows\System32\dgsetup.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00066594 ___AC C:\Windows\System32\dllcache\c_869.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066594 ___AC C:\Windows\System32\dllcache\c_866.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066594 ___AC C:\Windows\System32\dllcache\c_855.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066594 ___AC C:\Windows\System32\dllcache\c_852.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066594 ___AC C:\Windows\System32\dllcache\c_737.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066594 ____A C:\Windows\System32\c_869.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066594 ____A C:\Windows\System32\c_866.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066594 ____A C:\Windows\System32\c_855.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066594 ____A C:\Windows\System32\c_852.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066594 ____A C:\Windows\System32\c_737.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_875.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_28597.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_28595.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_28594.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20127.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_10082.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_10029.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_10017.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_10010.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_10007.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_10006.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ____A C:\Windows\System32\c_875.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ____A C:\Windows\System32\C_28597.NLS
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ____A C:\Windows\System32\C_28595.NLS
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ____A C:\Windows\System32\C_28594.NLS
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ____A C:\Windows\System32\c_20127.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ____A C:\Windows\System32\c_10082.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ____A C:\Windows\System32\c_10029.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ____A C:\Windows\System32\c_10017.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ____A C:\Windows\System32\c_10010.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ____A C:\Windows\System32\c_10007.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00066082 ____A C:\Windows\System32\c_10006.nls
2012-06-16 16:06 - 2004-08-04 04:00 - 00037484 ___AC C:\Windows\System32\dllcache\MW770.CAT
2012-06-16 16:06 - 2004-08-04 04:00 - 00024661 ___AC (Perle Systems Ltd.) C:\Windows\System32\dllcache\spxcoins.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00024661 ____A (Perle Systems Ltd.) C:\Windows\System32\spxcoins.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00015360 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\taskman.exe
2012-06-16 16:06 - 2004-08-04 04:00 - 00015360 ____A (Microsoft Corporation) C:\Windows\TASKMAN.EXE
2012-06-16 16:06 - 2004-08-04 04:00 - 00013753 ___RA C:\Windows\SET8.tmp
2012-06-16 16:06 - 2004-08-04 04:00 - 00013472 ___AC C:\Windows\System32\dllcache\HPCRDP.CAT
2012-06-16 16:06 - 2004-08-04 04:00 - 00013312 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\irclass.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\irclass.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00008574 ___AC C:\Windows\System32\dllcache\IASNT4.CAT
2012-06-16 16:06 - 2004-08-04 04:00 - 00008192 ___RA (Microsoft Corporation) C:\Windows\System32\kbdhept.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00008192 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdhept.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00007382 ___AC C:\Windows\System32\dllcache\OEMBIOS.CAT
2012-06-16 16:06 - 2004-08-04 04:00 - 00007334 ___AC C:\Windows\System32\dllcache\wmerrenu.cat
2012-06-16 16:06 - 2004-08-04 04:00 - 00007168 ___RA (Microsoft Corporation) C:\Windows\System32\kbdcz.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00007168 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdcz.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___RA (Microsoft Corporation) C:\Windows\System32\kbdycl.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___RA (Microsoft Corporation) C:\Windows\System32\kbdsl1.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___RA (Microsoft Corporation) C:\Windows\System32\kbdsl.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___RA (Microsoft Corporation) C:\Windows\System32\kbdpl.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___RA (Microsoft Corporation) C:\Windows\System32\kbdhu.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___RA (Microsoft Corporation) C:\Windows\System32\kbdhela3.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___RA (Microsoft Corporation) C:\Windows\System32\kbdcz2.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___RA (Microsoft Corporation) C:\Windows\System32\kbdcz1.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___RA (Microsoft Corporation) C:\Windows\System32\kbdcr.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___RA (Microsoft Corporation) C:\Windows\System32\KBDAL.DLL
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdycl.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdsl1.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdsl.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdpl.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdhu.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdhela3.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdcz2.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdcz1.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdcr.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006656 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdal.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006144 ___RA (Microsoft Corporation) C:\Windows\System32\kbdlv1.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006144 ___RA (Microsoft Corporation) C:\Windows\System32\kbdlv.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006144 ___RA (Microsoft Corporation) C:\Windows\System32\kbdhela2.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006144 ___RA (Microsoft Corporation) C:\Windows\System32\kbdgkl.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006144 ___RA (Microsoft Corporation) C:\Windows\System32\kbdest.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006144 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdlv1.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006144 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdlv.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006144 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdhela2.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006144 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdgkl.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00006144 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdest.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdycc.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbduzb.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdur.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdtat.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdru1.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdru.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdro.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdpl1.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdmon.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdlt1.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdlt.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdkyr.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdkaz.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdhu1.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdhe319.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdhe220.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdhe.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdbu.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdblr.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___RA (Microsoft Corporation) C:\Windows\System32\kbdaze.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdycc.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbduzb.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdur.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdtat.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdru1.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdru.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdro.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdpl1.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdmon.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdlt1.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdlt.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdkyr.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdkaz.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdhu1.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdhe319.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdhe220.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdhe.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdbu.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdblr.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdaze.dll
2012-06-16 16:06 - 2004-08-04 04:00 - 00002577 ____N C:\Windows\System32\CONFIG.TMP
2012-06-16 16:06 - 2004-08-04 04:00 - 00001688 ____A C:\Windows\System32\AUTOEXEC.NT
2012-06-16 16:05 - 2012-06-23 20:56 - 00000211 __ASH C:\boot.ini
2012-06-16 16:05 - 2012-06-16 16:05 - 00917504 ____A C:\Windows\System32\config\system.sav
2012-06-16 16:05 - 2012-06-16 16:05 - 00634880 ____A C:\Windows\System32\config\software.sav
2012-06-16 16:05 - 2012-06-16 16:05 - 00094208 ____A C:\Windows\System32\config\default.sav
2012-06-16 16:04 - 2012-06-16 16:05 - 00262144 ____A C:\Windows\System32\config\userdiff
2012-06-16 16:04 - 2012-06-16 16:05 - 00001024 ___AH C:\Windows\System32\config\userdiff.LOG
2012-06-16 16:04 - 2012-06-16 16:05 - 00001024 ___AH C:\Windows\System32\config\TempKey.LOG
2012-06-16 15:58 - 2012-06-17 08:24 - 00000000 ____D C:\Windows\Help
2012-06-16 15:58 - 2012-06-17 06:03 - 00000000 ____D C:\Windows\System32\spool
2012-06-16 15:58 - 2012-06-16 16:00 - 00000000 ____D C:\Windows\System32\ras
2012-06-16 15:58 - 2012-06-16 16:00 - 00000000 ____D C:\Windows\System32\icsxml
2012-06-16 15:58 - 2012-06-16 15:59 - 00000000 ____D C:\Windows\System32\ias
2012-06-16 15:58 - 2012-06-16 15:59 - 00000000 ____D C:\Windows\System32\1033
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\System32\wins
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\System32\ShellExt
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\System32\mui
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\System32\inetsrv
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\System32\IME
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\System32\export
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\System32\Drivers\disdn
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\System32\dhcp
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\System32\3com_dmi
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\System32\3076
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\System32\2052
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\System32\1054
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\System32\1042
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\System32\1041
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\System32\1037
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\System32\1031
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\System32\1028
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\System32\1025
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\Resources
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\repair
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\Provisioning
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\mui
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\java
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\Driver Cache
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\Connection Wizard
2012-06-16 15:58 - 2012-06-16 15:58 - 00000000 ____D C:\Windows\addins
2012-06-16 15:58 - 2012-06-16 15:09 - 00000000 ____D C:\Windows\Media
2012-06-16 15:58 - 2012-06-16 14:54 - 00000000 ____D C:\Windows\System32\Setup
2012-06-16 15:58 - 2012-06-16 14:53 - 00000000 ____D C:\Windows\security
2012-06-16 15:58 - 2012-06-16 14:49 - 00000000 ____D C:\Windows\ime
2012-06-16 15:58 - 2012-06-16 14:48 - 00000000 ____D C:\Windows\System32\usmt
2012-06-16 15:58 - 2012-06-16 14:48 - 00000000 ____D C:\Windows\System32\npp
2012-06-16 15:58 - 2012-06-16 14:48 - 00000000 ____D C:\Windows\PeerNet
2012-06-16 15:58 - 2012-06-16 14:48 - 00000000 ____D C:\Windows\msagent
2012-06-16 15:58 - 2012-06-16 14:47 - 00000000 ____D C:\Windows\System32\oobe
2012-06-16 15:58 - 2012-06-16 14:47 - 00000000 ____D C:\Windows\system
2012-06-16 15:58 - 2012-06-15 22:04 - 00000000 ___RD C:\Windows\Web
2012-06-16 15:58 - 2012-06-15 22:03 - 00000000 ____D C:\Windows\pchealth
2012-06-16 15:58 - 2012-06-15 22:02 - 00000000 ____D C:\Windows\Cursors
2012-06-16 15:32 - 2012-06-16 15:32 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-06-16 15:24 - 2012-06-16 15:24 - 00000000 __SHD C:\Documents and Settings\OMAR IZ\IECompatCache
2012-06-16 15:23 - 2012-06-16 15:23 - 00000000 __SHD C:\Documents and Settings\OMAR IZ\PrivacIE
2012-06-16 15:21 - 2012-06-16 15:21 - 00000000 __SHD C:\Documents and Settings\OMAR IZ\IETldCache
2012-06-16 15:21 - 2012-06-16 15:21 - 00000000 __SHD C:\Documents and Settings\LocalService\IETldCache
2012-06-16 15:10 - 2012-06-16 15:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2718704$
2012-06-16 15:10 - 2012-06-16 15:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2709162$
2012-06-16 15:10 - 2012-06-16 15:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2707511$
2012-06-16 15:10 - 2012-06-16 15:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2699988$
2012-06-16 15:10 - 2012-06-16 15:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2695962$
2012-06-16 15:10 - 2012-06-16 15:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2686509$
2012-06-16 15:10 - 2012-06-16 15:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2685939$
2012-06-16 15:10 - 2012-06-16 15:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2676562$
2012-06-16 15:10 - 2012-06-16 15:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2661637$
2012-06-16 15:10 - 2012-06-16 15:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2659262$
2012-06-16 15:10 - 2012-06-16 15:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2653956$
2012-06-16 15:09 - 2012-06-16 15:20 - 00065536 ____A C:\Windows\System32\config\Internet.evt
2012-06-16 15:09 - 2012-06-16 15:09 - 00000000 __HDC C:\Windows\$NtUninstallKB2467659$
2012-06-16 15:09 - 2012-06-16 15:09 - 00000000 ____D C:\Windows\ie8updates
2012-06-16 15:09 - 2012-05-11 16:12 - 11111424 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ieframe.dll
2012-06-16 15:09 - 2012-05-11 06:42 - 02000384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iertutil.dll
2012-06-16 15:09 - 2012-05-11 06:42 - 00743424 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iedvtool.dll
2012-06-16 15:09 - 2012-05-11 06:42 - 00629760 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msfeeds.dll
2012-06-16 15:09 - 2012-05-11 06:42 - 00521728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\jsdbgui.dll
2012-06-16 15:09 - 2012-05-11 06:42 - 00247808 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ieproxy.dll
2012-06-16 15:09 - 2012-05-11 06:42 - 00055296 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msfeedsbs.dll
2012-06-16 15:09 - 2012-05-11 06:42 - 00012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\xpshims.dll
2012-06-16 15:09 - 2011-08-16 02:45 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iecompat.dll
2012-06-16 15:08 - 2012-06-16 15:09 - 00000000 __HDC C:\Windows\ie8
2012-06-16 15:06 - 2012-06-16 15:06 - 00000000 __HDC C:\Windows\$NtUninstallKB2646524$
2012-06-16 15:06 - 2012-06-16 15:06 - 00000000 __HDC C:\Windows\$NtUninstallKB2633952$
2012-06-16 15:06 - 2012-06-16 15:06 - 00000000 __HDC C:\Windows\$NtUninstallKB2631813$
2012-06-16 15:06 - 2012-06-16 15:06 - 00000000 __HDC C:\Windows\$NtUninstallKB2624667$
2012-06-16 15:06 - 2012-06-16 15:06 - 00000000 __HDC C:\Windows\$NtUninstallKB2620712$
2012-06-16 15:06 - 2012-06-16 15:06 - 00000000 __HDC C:\Windows\$NtUninstallKB2619339$
2012-06-16 15:06 - 2012-06-16 15:06 - 00000000 __HDC C:\Windows\$NtUninstallKB2618451$
2012-06-16 15:06 - 2012-06-16 15:06 - 00000000 __HDC C:\Windows\$NtUninstallKB2603381$
2012-06-16 15:06 - 2012-06-16 15:06 - 00000000 __HDC C:\Windows\$NtUninstallKB2598479$
2012-06-16 15:06 - 2012-06-16 15:06 - 00000000 __HDC C:\Windows\$NtUninstallKB2585542$
2012-06-16 15:06 - 2012-06-16 15:06 - 00000000 __HDC C:\Windows\$NtUninstallKB2584146$
2012-06-16 15:06 - 2012-06-16 15:06 - 00000000 __HDC C:\Windows\$NtUninstallKB2564958$
2012-06-16 15:06 - 2012-06-16 15:06 - 00000000 __HDC C:\Windows\$NtUninstallKB2544893-v2$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB971029$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2592799$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2570947$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2566454$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2544521$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2536276-v2$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2535512$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2510581$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2509553$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2508429$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2507938$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2507618$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2506212$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2485663$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2483185$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2481109$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2479943$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2478971$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2478960$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2476490$
2012-06-16 15:05 - 2012-06-16 15:05 - 00000000 __HDC C:\Windows\$NtUninstallKB2393802$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB982665$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB982132$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB981997$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB981322$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB979687$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB975558_WM8$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB970430$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB956744$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB2443105$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB2440591$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB2423089$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB2419632$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB2387149$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB2378111_WM9$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB2360937$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB2347290$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB2345886$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB2296011$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB2115168$
2012-06-16 15:04 - 2012-06-16 15:04 - 00000000 __HDC C:\Windows\$NtUninstallKB2079403$
2012-06-16 15:03 - 2012-06-16 15:03 - 00000000 __HDC C:\Windows\$NtUninstallKB973540_WM9$
2012-06-16 15:03 - 2012-06-16 15:03 - 00000000 __HDC C:\Windows\$NtUninstallKB951978$
2012-06-16 15:03 - 2012-05-02 05:46 - 00139656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\rdpwd.sys
2012-06-16 15:02 - 2012-01-11 11:06 - 00003072 ____N C:\Windows\System32\iacenc.dll
2012-06-16 15:02 - 2012-01-11 11:06 - 00003072 ____C C:\Windows\System32\dllcache\iacenc.dll
2012-06-16 15:00 - 2011-07-08 06:02 - 00010496 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ndistapi.sys
2012-06-16 15:00 - 2011-04-29 19:01 - 00758784 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\vgx.dll
2012-06-16 15:00 - 2011-04-21 05:37 - 00105472 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mup.sys
2012-06-16 14:59 - 2010-11-02 07:17 - 00040960 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ndproxy.sys
2012-06-16 14:58 - 2011-02-08 05:33 - 00978944 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mfc42.dll
2012-06-16 14:58 - 2010-10-11 06:59 - 00045568 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wab.exe
2012-06-16 14:58 - 2010-09-17 22:53 - 00953856 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mfc40u.dll
2012-06-16 14:58 - 2010-08-23 08:12 - 00617472 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\comctl32.dll
2012-06-16 14:55 - 2012-06-21 22:53 - 00095008 ____A C:\Documents and Settings\OMAR IZ\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2012-06-16 14:54 - 2012-06-16 14:54 - 00000259 ____A C:\Windows\System32\spupdwxp.log
2012-06-16 14:53 - 2012-06-16 14:53 - 00000000 __HDC C:\Windows\$NtUninstallKB982381$
2012-06-16 14:53 - 2012-06-16 14:53 - 00000000 __HDC C:\Windows\$NtUninstallKB980232$
2012-06-16 14:53 - 2012-06-16 14:53 - 00000000 __HDC C:\Windows\$NtUninstallKB980218$
2012-06-16 14:53 - 2012-06-16 14:53 - 00000000 __HDC C:\Windows\$NtUninstallKB979683$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB979559$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB979482$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB979309$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB978706$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB978601$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB978542$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB978338$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB978037$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB977914$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB975713$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB975562$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB975561$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB975560$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB975467$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB975025$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB974571$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB974392$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB974318$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB974112$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB973869$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB973815$
2012-06-16 14:52 - 2012-06-16 14:52 - 00000000 __HDC C:\Windows\$NtUninstallKB973687$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB973687_1$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB973507$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB972270$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB971657$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB971468$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB970238$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB969059$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB968389$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB967715$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB961501$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB960859$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB960803$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB960225$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB959426$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB958644$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB956844$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB956803$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB956802$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB956572$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB955759$
2012-06-16 14:51 - 2012-06-16 14:51 - 00000000 __HDC C:\Windows\$NtUninstallKB955069$
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 __HDC C:\Windows\$NtUninstallKB952954$
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 __HDC C:\Windows\$NtUninstallKB952287$
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 __HDC C:\Windows\$NtUninstallKB952004$
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 __HDC C:\Windows\$NtUninstallKB951748$
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 __HDC C:\Windows\$NtUninstallKB951376-v2$
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 __HDC C:\Windows\$NtUninstallKB950974$
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 __HDC C:\Windows\$NtUninstallKB950762$
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 __HDC C:\Windows\$NtUninstallKB946648$
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 __HDC C:\Windows\$NtUninstallKB923561$
2012-06-16 14:50 - 2012-06-16 14:50 - 00000000 __HDC C:\Windows\$NtUninstallKB2229593$
2012-06-16 14:48 - 2012-06-16 14:48 - 00000000 ____D C:\Windows\System32\scripting
2012-06-16 14:48 - 2012-06-16 14:48 - 00000000 ____D C:\Windows\System32\bits
2012-06-16 14:48 - 2012-06-16 14:48 - 00000000 ____D C:\Windows\l2schemas
2012-06-16 14:47 - 2012-06-16 14:49 - 00000000 ____D C:\Windows\network diagnostic
2012-06-16 14:45 - 2012-06-16 14:46 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2012-06-16 14:43 - 2004-08-04 04:00 - 00613334 ____C C:\Windows\System32\dllcache\wmplayer.chm
2012-06-16 14:43 - 2004-08-04 04:00 - 00572557 ____C C:\Windows\System32\dllcache\rtuner.wmv
2012-06-16 14:43 - 2004-08-04 04:00 - 00457607 ____C C:\Windows\System32\dllcache\mdlib.wmv
2012-06-16 14:43 - 2004-08-04 04:00 - 00381425 ____C C:\Windows\System32\dllcache\copycd.wmv
2012-06-16 14:43 - 2004-08-04 04:00 - 00375519 ____C C:\Windows\System32\dllcache\nuskin.wmv
2012-06-16 14:43 - 2004-08-04 04:00 - 00354468 ____C C:\Windows\System32\dllcache\wmpaud1.wav
2012-06-16 14:43 - 2004-08-04 04:00 - 00343204 ____C C:\Windows\System32\dllcache\wmpaud7.wav
2012-06-16 14:43 - 2004-08-04 04:00 - 00343204 ____C C:\Windows\System32\dllcache\wmpaud6.wav
2012-06-16 14:43 - 2004-08-04 04:00 - 00300969 ____C C:\Windows\System32\dllcache\viz.wmv
2012-06-16 14:43 - 2004-08-04 04:00 - 00172196 ____C C:\Windows\System32\dllcache\wmpaud9.wav
2012-06-16 14:43 - 2004-08-04 04:00 - 00172196 ____C C:\Windows\System32\dllcache\wmpaud8.wav
2012-06-16 14:43 - 2004-08-04 04:00 - 00172196 ____C C:\Windows\System32\dllcache\wmpaud3.wav
2012-06-16 14:43 - 2004-08-04 04:00 - 00097117 ____C C:\Windows\System32\dllcache\mplayer2.hlp
2012-06-16 14:43 - 2004-08-04 04:00 - 00086196 ____C C:\Windows\System32\dllcache\wmpaud5.wav
2012-06-16 14:43 - 2004-08-04 04:00 - 00086180 ____C C:\Windows\System32\dllcache\wmpaud4.wav
2012-06-16 14:43 - 2004-08-04 04:00 - 00086180 ____C C:\Windows\System32\dllcache\wmpaud2.wav
2012-06-16 14:43 - 2004-08-04 04:00 - 00077307 ____C C:\Windows\System32\dllcache\plyr_err.chm
2012-06-16 14:43 - 2004-08-04 04:00 - 00022060 ____C C:\Windows\System32\dllcache\npds.zip
2012-06-16 14:43 - 2004-08-04 04:00 - 00010457 ____C C:\Windows\System32\dllcache\wmptour.hta
2012-06-16 14:43 - 2004-08-04 04:00 - 00009585 ____C C:\Windows\System32\dllcache\controls.css
2012-06-16 14:43 - 2004-08-04 04:00 - 00008298 ____C C:\Windows\System32\dllcache\contents.htm
2012-06-16 14:43 - 2004-08-04 04:00 - 00006878 ____C C:\Windows\System32\dllcache\controls.js
2012-06-16 14:43 - 2004-08-04 04:00 - 00005971 ____C C:\Windows\System32\dllcache\events.js
2012-06-16 14:43 - 2004-08-04 04:00 - 00003187 ____C C:\Windows\System32\dllcache\tour.js
2012-06-16 14:43 - 2004-08-04 04:00 - 00001885 ____C C:\Windows\System32\dllcache\mplayer2.cnt
2012-06-16 14:43 - 2004-08-04 04:00 - 00001771 ____C C:\Windows\System32\dllcache\wmptour.css
2012-06-16 14:43 - 2004-08-04 04:00 - 00001148 ____C C:\Windows\System32\dllcache\snd.htm
2012-06-16 14:43 - 2004-08-04 04:00 - 00000420 ____C C:\Windows\System32\dllcache\wmploc.js
2012-06-16 14:43 - 2004-08-04 04:00 - 00000403 ____C C:\Windows\System32\dllcache\npdrmv2.zip
2012-06-16 14:43 - 2004-08-03 18:41 - 01309184 ____N (Smart Link) C:\Windows\System32\Drivers\mtlstrm.sys
2012-06-16 14:43 - 2004-08-03 18:41 - 01041536 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfdpsp2.sys
2012-06-16 14:43 - 2004-08-03 18:41 - 00685056 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfcxts2.sys
2012-06-16 14:43 - 2004-08-03 18:41 - 00404990 ____N (Smart Link) C:\Windows\System32\Drivers\slntamr.sys
2012-06-16 14:43 - 2004-08-03 18:41 - 00220032 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfbs2s2.sys
2012-06-16 14:43 - 2004-08-03 18:41 - 00180360 ____N (Smart Link) C:\Windows\System32\Drivers\ntmtlfax.sys
2012-06-16 14:43 - 2004-08-03 18:41 - 00129535 ____N (Smart Link) C:\Windows\System32\Drivers\slnt7554.sys
2012-06-16 14:43 - 2004-08-03 18:41 - 00126686 ____N (Smart Link) C:\Windows\System32\Drivers\mtlmnt5.sys
2012-06-16 14:43 - 2004-08-03 18:41 - 00095424 ____N (Smart Link) C:\Windows\System32\Drivers\slnthal.sys
2012-06-16 14:43 - 2004-08-03 18:41 - 00013776 ____N (Smart Link) C:\Windows\System32\Drivers\recagent.sys
2012-06-16 14:43 - 2004-08-03 18:41 - 00013240 ____N (Smart Link) C:\Windows\System32\Drivers\slwdmsup.sys
2012-06-16 14:43 - 2004-08-03 18:41 - 00011868 ____N (Conexant) C:\Windows\System32\Drivers\mdmxsdk.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00701440 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2mtag.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00452736 ____N (Matrox Graphics Inc.) C:\Windows\System32\Drivers\mtxparhm.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00327040 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2mtaa.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00166912 ____N (S3 Graphics, Inc.) C:\Windows\System32\Drivers\s3gnbm.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00104960 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinrvxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00073216 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atintuxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00063663 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1rvxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00063488 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxsxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00057856 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinbtxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00056623 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1btxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00052224 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinraxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00036463 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1tuxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00034735 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xsxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00031744 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxbxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00030671 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1raxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00029455 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xbxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00028672 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinsnxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00026367 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1snxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00025471 ____N (Intel® Corporation) C:\Windows\System32\Drivers\watv10nt.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00022271 ____N (Intel® Corporation) C:\Windows\System32\Drivers\watv06nt.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00021343 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1ttxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00014336 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinpdxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinttxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinmdxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00012047 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1pdxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00011935 ____N (Intel® Corporation) C:\Windows\System32\Drivers\wadv11nt.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00011871 ____N (Intel® Corporation) C:\Windows\System32\Drivers\wadv09nt.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00011807 ____N (Intel® Corporation) C:\Windows\System32\Drivers\wadv07nt.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00011615 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1mdxx.sys
2012-06-16 14:43 - 2004-08-03 18:29 - 00011295 ____N (Intel® Corporation) C:\Windows\System32\Drivers\wadv08nt.sys
2012-06-16 14:43 - 2004-07-17 18:55 - 00129045 ____N C:\Windows\System32\Drivers\cxthsfs2.cty
2012-06-16 14:43 - 2004-07-17 07:36 - 00064352 ____N C:\Windows\System32\Drivers\ativmc20.cod
2012-06-16 14:43 - 2004-07-17 07:35 - 00067866 ____N C:\Windows\System32\Drivers\netwlan5.img
2012-06-16 14:38 - 2009-08-06 15:23 - 00274288 ____A (Microsoft Corporation) C:\Windows\System32\mucltui.dll
2012-06-16 14:38 - 2009-08-06 15:23 - 00016736 ____A (Microsoft Corporation) C:\Windows\System32\mucltui.dll.mui
2012-06-16 02:34 - 2012-06-16 15:06 - 00009344 ____A C:\Windows\System32\TZLog.log
2012-06-16 02:34 - 2012-06-16 02:34 - 00000000 __HDC C:\Windows\$NtUninstallKB982381_0$
2012-06-16 02:34 - 2012-06-16 02:34 - 00000000 __HDC C:\Windows\$NtUninstallKB981793$
2012-06-16 02:34 - 2012-06-16 02:34 - 00000000 __HDC C:\Windows\$NtUninstallKB980218_0$
2012-06-16 02:34 - 2012-06-16 02:34 - 00000000 __HDC C:\Windows\$NtUninstallKB980195$
2012-06-16 02:34 - 2012-06-16 02:34 - 00000000 __HDC C:\Windows\$NtUninstallKB979559_0$
2012-06-16 02:34 - 2012-06-16 02:34 - 00000000 __HDC C:\Windows\$NtUninstallKB979482_0$
2012-06-16 02:34 - 2012-06-16 02:34 - 00000000 __HDC C:\Windows\$NtUninstallKB978695_WM9$
2012-06-16 02:34 - 2012-06-16 02:34 - 00000000 __HDC C:\Windows\$NtUninstallKB978542_0$
2012-06-16 02:34 - 2012-06-16 02:34 - 00000000 __HDC C:\Windows\$NtUninstallKB975562_0$
2012-06-16 02:34 - 2012-06-16 02:34 - 00000000 __HDC C:\Windows\$NtUninstallKB2229593_0$
2012-06-16 02:34 - 2012-06-03 19:35 - 56731752 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB981350$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB980232_0$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB979683_0$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB979402_WM9L$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB979309_0$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB978706_0$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB978601_0$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB978338_0$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB978037_0$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB977914_0$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB977816$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB975713_0$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB975561_0$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB975560_0$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB974392_0$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB974318_0$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB973904$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB972270_0$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB971468_0$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB955759_0$
2012-06-16 02:33 - 2012-06-16 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB952069_WM9$
2012-06-16 02:32 - 2012-06-16 14:48 - 00000000 ____D C:\Windows\ServicePackFiles
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB975467_0$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB975025_0$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB974571_0$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB974112_0$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB973869_0$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB973815_0$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB973687_0$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB973540_WM9L$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB973507_0$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB971961$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB971657_0$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB970238_0$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB969059_0$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB968389_0$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB961501_0$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB960859_0$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB960803_0$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB959426_0$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB958869$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB958470$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB956844_0$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB954155_WM9$
2012-06-16 02:32 - 2012-06-16 02:32 - 00000000 __HDC C:\Windows\$NtUninstallKB952004_0$
2012-06-16 02:31 - 2012-06-16 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB967715_0$
2012-06-16 02:31 - 2012-06-16 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB960225_0$
2012-06-16 02:31 - 2012-06-16 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB958644_0$
2012-06-16 02:31 - 2012-06-16 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB956803_0$
2012-06-16 02:31 - 2012-06-16 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB956802_0$
2012-06-16 02:31 - 2012-06-16 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB956572_0$
2012-06-16 02:31 - 2012-06-16 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB955069_0$
2012-06-16 02:31 - 2012-06-16 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB952954_0$
2012-06-16 02:31 - 2012-06-16 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB952287_0$
2012-06-16 02:31 - 2012-06-16 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB951748_0$
2012-06-16 02:31 - 2012-06-16 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB951376-v2_0$
2012-06-16 02:31 - 2012-06-16 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB950974_0$
2012-06-16 02:31 - 2012-06-16 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB950762_0$
2012-06-16 02:31 - 2012-06-16 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB946648_0$
2012-06-16 02:31 - 2012-06-16 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB944338-v2$
2012-06-16 02:31 - 2012-06-16 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB935448$
2012-06-16 02:31 - 2012-06-16 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB923561_0$
2012-06-16 02:30 - 2010-06-14 06:31 - 00744448 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\helpsvc.exe
2012-06-16 02:29 - 2011-11-08 05:46 - 00046080 ____N (Microsoft Corporation) C:\Windows\System32\tzchange.exe
2012-06-16 02:28 - 2011-07-15 05:29 - 00456320 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mrxsmb.sys
2012-06-16 02:27 - 2011-02-17 05:18 - 00357888 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\srv.sys
2012-06-16 02:27 - 2010-08-27 00:02 - 00119808 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\t2embed.dll
2012-06-16 02:27 - 2009-11-21 07:51 - 00471552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\aclayers.dll
2012-06-16 02:27 - 2009-10-15 08:28 - 00081920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\fontsub.dll
2012-06-16 02:24 - 2012-05-04 05:16 - 02148352 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrnlmp.exe
2012-06-16 02:24 - 2012-05-04 05:12 - 02192640 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ntoskrnl.exe
2012-06-16 02:24 - 2012-05-04 04:32 - 02026496 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrpamp.exe
2012-06-16 02:24 - 2011-02-17 04:32 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\xpsp4res.dll
2012-06-16 02:24 - 2010-12-20 09:26 - 00730112 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\lsasrv.dll
2012-06-16 02:24 - 2010-12-09 07:15 - 00718336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ntdll.dll
2012-06-16 02:24 - 2010-07-12 04:55 - 00218112 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wordpad.exe
2012-06-16 02:24 - 2009-03-06 06:22 - 00284160 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\pdh.dll
2012-06-16 02:24 - 2009-02-09 04:10 - 00617472 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\advapi32.dll
2012-06-16 02:24 - 2009-02-09 04:10 - 00473600 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\fastprox.dll
2012-06-16 02:24 - 2009-02-09 04:10 - 00453120 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmiprvsd.dll
2012-06-16 02:24 - 2009-02-09 04:10 - 00401408 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\rpcss.dll
2012-06-16 02:24 - 2009-02-06 03:11 - 00110592 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\services.exe
2012-06-16 02:24 - 2009-02-06 02:10 - 00227840 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmiprvse.exe
2012-06-16 02:24 - 2008-04-13 09:39 - 00689152 ____A (Microsoft Corporation) C:\Windows\System32\xpsp3res.dll
2012-06-16 02:23 - 2008-10-15 08:34 - 00337408 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\netapi32.dll
2012-06-16 02:22 - 2012-06-16 02:22 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2012-06-16 02:22 - 2008-06-13 03:05 - 00272128 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2012-06-16 02:22 - 2008-06-13 03:05 - 00272128 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bthport.sys
2012-06-16 02:22 - 2008-05-08 06:02 - 00203136 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\rmcast.sys
2012-06-16 02:19 - 2012-06-16 02:19 - 00000000 ____D C:\Windows\System32\PreInstall
2012-06-16 02:18 - 2012-06-17 21:27 - 00000000 ___HD C:\Windows\$hf_mig$
2012-06-16 02:18 - 2012-06-16 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB898461$
2012-06-16 02:15 - 2012-06-23 20:46 - 00000000 __SHD C:\Documents and Settings\OMAR IZ\UserData
2012-06-16 02:15 - 2009-08-06 15:24 - 00044768 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-16 02:15 - 2009-08-06 15:24 - 00021728 ____A (Microsoft Corporation) C:\Windows\System32\wucltui.dll.mui
2012-06-16 02:15 - 2009-08-06 15:24 - 00017632 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll.mui
2012-06-16 02:15 - 2009-08-06 15:24 - 00015072 ____A (Microsoft Corporation) C:\Windows\System32\wuaucpl.cpl.mui
2012-06-16 02:15 - 2009-08-06 15:24 - 00015064 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll.mui
2012-06-16 00:15 - 2012-06-16 00:15 - 00002422 ____A C:\Windows\System32\wpa.bak
2012-06-16 00:00 - 2012-06-16 00:00 - 00020747 ____A (Meetinghouse Data Communications) C:\Windows\System32\Drivers\AegisP.sys
2012-06-16 00:00 - 2012-06-16 00:00 - 00000308 ____A C:\Windows\System32\results.txt
2012-06-16 00:00 - 2005-11-09 00:41 - 00007870 ____A C:\Windows\System32\rt61.cat
2012-06-16 00:00 - 2005-11-06 23:51 - 00007878 ____A C:\Windows\System32\RT2500.CAT
2012-06-16 00:00 - 2005-10-27 11:06 - 00356096 ____A (Ralink Technology Inc.) C:\Windows\System32\rt61.sys
2012-06-16 00:00 - 2005-10-20 11:00 - 00243328 ____A (Ralink Technology Inc.) C:\Windows\System32\rt2500.sys
2012-06-16 00:00 - 2005-10-20 11:00 - 00243328 ____A (Ralink Technology Inc.) C:\Windows\System32\Drivers\RT2500.sys
2012-06-16 00:00 - 2005-02-01 14:18 - 00017992 ____A (Broadcom Corporation) C:\Windows\System32\Drivers\bcm42rly.sys
2012-06-16 00:00 - 2005-02-01 14:18 - 00017992 ____A (Broadcom Corporation) C:\Windows\System32\bcm42rly.sys
2012-06-16 00:00 - 2005-02-01 14:18 - 00017992 ____A (Broadcom Corporation) C:\Windows\bcm42rly.sys
2012-06-16 00:00 - 2003-10-13 11:30 - 00094208 ____A () C:\Windows\System32\GTW32N50.dll
2012-06-16 00:00 - 2003-09-25 19:28 - 00031930 ____A C:\Windows\System32\GTNDIS3.VXD
2012-06-16 00:00 - 2003-09-25 18:15 - 00015872 ____A (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\System32\GTNDIS5.sys
2012-06-15 23:59 - 2012-06-16 00:00 - 00000000 ____D C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor
2012-06-15 23:59 - 2012-06-15 23:59 - 00000920 ____A C:\Windows\System32\WLAN.INI
2012-06-15 23:39 - 2010-06-02 00:55 - 00527192 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_7.dll
2012-06-15 23:39 - 2010-06-02 00:55 - 00239960 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_7.dll
2012-06-15 23:39 - 2010-06-02 00:55 - 00074072 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_5.dll
2012-06-15 23:39 - 2010-05-26 07:41 - 02106216 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_43.dll
2012-06-15 23:39 - 2010-05-26 07:41 - 01998168 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_43.dll
2012-06-15 23:39 - 2010-05-26 07:41 - 01868128 ____A (Microsoft Corporation) C:\Windows\System32\d3dcsx_43.dll
2012-06-15 23:39 - 2010-05-26 07:41 - 00470880 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_43.dll
2012-06-15 23:39 - 2010-05-26 07:41 - 00248672 ____A (Microsoft Corporation) C:\Windows\System32\d3dx11_43.dll
2012-06-15 23:39 - 2010-02-04 06:01 - 00528216 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_6.dll
2012-06-15 23:39 - 2010-02-04 06:01 - 00238936 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_6.dll
2012-06-15 23:39 - 2010-02-04 06:01 - 00074072 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_4.dll
2012-06-15 23:39 - 2010-02-04 06:01 - 00022360 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_7.dll
2012-06-15 23:39 - 2009-09-04 13:44 - 00515416 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_5.dll
2012-06-15 23:39 - 2009-09-04 13:44 - 00238936 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_5.dll
2012-06-15 23:39 - 2009-09-04 13:44 - 00069464 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_3.dll
2012-06-15 23:39 - 2009-09-04 13:29 - 05501792 ____A (Microsoft Corporation) C:\Windows\System32\d3dcsx_42.dll
2012-06-15 23:39 - 2009-09-04 13:29 - 01974616 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_42.dll
2012-06-15 23:39 - 2009-09-04 13:29 - 01892184 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_42.dll
2012-06-15 23:39 - 2009-09-04 13:29 - 00453456 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_42.dll
2012-06-15 23:39 - 2009-09-04 13:29 - 00235344 ____A (Microsoft Corporation) C:\Windows\System32\d3dx11_42.dll
2012-06-15 23:39 - 2009-03-16 10:18 - 00517448 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_4.dll
2012-06-15 23:39 - 2009-03-16 10:18 - 00235352 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_4.dll
2012-06-15 23:39 - 2009-03-16 10:18 - 00022360 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_6.dll
2012-06-15 23:39 - 2009-03-09 11:27 - 04178264 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll
2012-06-15 23:39 - 2009-03-09 11:27 - 01846632 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_41.dll
2012-06-15 23:39 - 2009-03-09 11:27 - 00453456 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_41.dll
2012-06-15 23:39 - 2008-10-27 06:04 - 00514384 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_3.dll
2012-06-15 23:39 - 2008-10-27 06:04 - 00235856 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_3.dll
2012-06-15 23:39 - 2008-10-27 06:04 - 00070992 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_2.dll
2012-06-15 23:39 - 2008-10-27 06:04 - 00023376 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_5.dll
2012-06-15 23:39 - 2008-10-15 02:22 - 04379984 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_40.dll
2012-06-15 23:39 - 2008-10-15 02:22 - 02036576 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_40.dll
2012-06-15 23:39 - 2008-10-15 02:22 - 00452440 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll
2012-06-15 23:39 - 2008-07-31 06:41 - 00238088 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_2.dll
2012-06-15 23:39 - 2008-07-31 06:41 - 00068616 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_1.dll
2012-06-15 23:39 - 2008-07-31 06:40 - 00509448 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_2.dll
2012-06-15 23:39 - 2008-07-10 07:01 - 00467984 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_39.dll
2012-06-15 23:39 - 2008-07-10 07:00 - 03851784 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_39.dll
2012-06-15 23:39 - 2008-07-10 07:00 - 01493528 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_39.dll
2012-06-15 23:39 - 2008-05-30 10:19 - 00507400 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_1.dll
2012-06-15 23:39 - 2008-05-30 10:18 - 00238088 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_1.dll
2012-06-15 23:39 - 2008-05-30 10:17 - 00065032 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_0.dll
2012-06-15 23:39 - 2008-05-30 10:17 - 00025608 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_4.dll
2012-06-15 23:39 - 2008-05-30 10:11 - 03850760 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_38.dll
2012-06-15 23:39 - 2008-05-30 10:11 - 01491992 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_38.dll
2012-06-15 23:39 - 2008-05-30 10:11 - 00467984 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_38.dll
2012-06-15 23:39 - 2008-03-05 12:03 - 00479752 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_0.dll
2012-06-15 23:39 - 2008-03-05 12:03 - 00238088 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_0.dll
2012-06-15 23:39 - 2008-03-05 12:00 - 00025608 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_3.dll
2012-06-15 23:39 - 2008-03-05 11:56 - 03786760 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_37.dll
2012-06-15 23:39 - 2008-03-05 11:56 - 01420824 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_37.dll
2012-06-15 23:39 - 2008-02-05 19:07 - 00462864 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_37.dll
2012-06-15 23:39 - 2007-10-21 23:39 - 00267272 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_10.dll
2012-06-15 23:39 - 2007-10-21 23:37 - 00017928 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_2.dll
2012-06-15 23:39 - 2007-10-12 11:14 - 03734536 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_36.dll
2012-06-15 23:39 - 2007-10-12 11:14 - 01374232 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_36.dll
2012-06-15 23:39 - 2007-10-02 05:56 - 00444776 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_36.dll
2012-06-15 23:39 - 2007-07-19 20:57 - 00267112 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_9.dll
2012-06-15 23:39 - 2007-07-19 14:14 - 03727720 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_35.dll
2012-06-15 23:39 - 2007-07-19 14:14 - 01358192 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_35.dll
2012-06-15 23:39 - 2007-07-19 14:14 - 00444776 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_35.dll
2012-06-15 23:39 - 2007-06-20 16:46 - 00266088 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_8.dll
2012-06-15 23:39 - 2007-05-16 12:45 - 03497832 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_34.dll
2012-06-15 23:39 - 2007-05-16 12:45 - 01124720 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_34.dll
2012-06-15 23:39 - 2007-05-16 12:45 - 00443752 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_34.dll
2012-06-15 23:39 - 2007-04-04 14:55 - 00261480 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_7.dll
2012-06-15 23:39 - 2007-04-04 14:53 - 00081768 ____A (Microsoft Corporation) C:\Windows\System32\xinput1_3.dll

#4 OMAR IZ

OMAR IZ
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:25 AM

Posted 10 July 2012 - 04:31 PM

FRST.txt continued


2012-06-15 23:39 - 2007-03-15 12:57 - 00443752 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_33.dll
2012-06-15 23:39 - 2007-03-12 12:42 - 03495784 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_33.dll
2012-06-15 23:39 - 2007-03-12 12:42 - 01123696 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_33.dll
2012-06-15 23:39 - 2007-03-05 08:42 - 00015128 ____A (Microsoft Corporation) C:\Windows\System32\x3daudio1_1.dll
2012-06-15 23:39 - 2007-01-24 11:27 - 00255848 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_6.dll
2012-06-15 23:39 - 2006-12-08 08:02 - 00251672 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_5.dll
2012-06-15 23:39 - 2006-11-29 09:06 - 03426072 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_32.dll
2012-06-15 23:39 - 2006-09-28 12:05 - 02414360 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_31.dll
2012-06-15 23:39 - 2006-09-28 12:05 - 00237848 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_4.dll
2012-06-15 23:39 - 2006-07-28 05:30 - 00236824 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_3.dll
2012-06-15 23:39 - 2006-07-28 05:30 - 00062744 ____A (Microsoft Corporation) C:\Windows\System32\xinput1_2.dll
2012-06-15 23:39 - 2006-05-31 03:24 - 00230168 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_2.dll
2012-06-15 23:39 - 2006-03-31 08:40 - 02388176 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_30.dll
2012-06-15 23:39 - 2006-03-31 08:39 - 00229584 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_1.dll
2012-06-15 23:39 - 2006-03-31 08:39 - 00062672 ____A (Microsoft Corporation) C:\Windows\System32\xinput1_1.dll
2012-06-15 23:39 - 2006-02-03 04:43 - 02332368 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_29.dll
2012-06-15 23:39 - 2006-02-03 04:42 - 00230096 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_0.dll
2012-06-15 23:39 - 2006-02-03 04:41 - 00014032 ____A (Microsoft Corporation) C:\Windows\System32\x3daudio1_0.dll
2012-06-15 23:39 - 2005-12-05 14:09 - 02323664 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_28.dll
2012-06-15 23:39 - 2005-12-05 14:07 - 00061136 ____A (Microsoft Corporation) C:\Windows\System32\xinput9_1_0.dll
2012-06-15 23:39 - 2005-07-22 15:59 - 02319568 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll
2012-06-15 23:39 - 2005-05-26 11:34 - 02297552 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_26.dll
2012-06-15 23:39 - 2005-03-18 13:19 - 02337488 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_25.dll
2012-06-15 23:39 - 2005-02-05 15:45 - 02222800 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_24.dll
2012-06-15 23:33 - 2012-06-15 23:33 - 00000000 __HDC C:\Windows\$MSI31Uninstall_KB893803v2$
2012-06-15 23:33 - 2012-06-15 23:33 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2012-06-15 23:33 - 2011-01-25 07:28 - 00837224 ____A (NVIDIA Corporation) C:\Windows\System32\nvhdagenco322040.dll
2012-06-15 23:33 - 2011-01-25 07:28 - 00118248 ___RA (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda32.sys
2012-06-15 23:33 - 2011-01-25 07:28 - 00026216 ___RA (NVIDIA Corporation) C:\Windows\System32\nvhdap32.dll
2012-06-15 23:33 - 2009-01-07 14:20 - 00016928 ____N (Microsoft Corporation) C:\Windows\System32\spmsg.dll
2012-06-15 23:32 - 2012-06-16 15:28 - 00256720 ____A C:\Windows\System32\nvdrsdb1.bin
2012-06-15 23:32 - 2012-06-16 15:28 - 00000001 ____A C:\Windows\System32\nvdrssel.bin
2012-06-15 23:32 - 2012-06-15 23:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2012-06-15 23:32 - 2012-06-15 23:49 - 00256720 ____A C:\Windows\System32\nvdrsdb0.bin
2012-06-15 23:32 - 2012-06-15 23:32 - 00000000 ____A C:\Windows\System32\nvdrswr.lk
2012-06-15 23:32 - 2011-02-28 20:35 - 14675968 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglnt.dll
2012-06-15 23:32 - 2011-02-28 20:35 - 13004800 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2012-06-15 23:32 - 2011-02-28 20:35 - 09924800 ___AC (NVIDIA Corporation) C:\Windows\System32\dllcache\nv4_mini.sys
2012-06-15 23:32 - 2011-02-28 20:35 - 09924800 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nv4_mini.sys
2012-06-15 23:32 - 2011-02-28 20:35 - 06407808 ___AC (NVIDIA Corporation) C:\Windows\System32\dllcache\nv4_disp.dll
2012-06-15 23:32 - 2011-02-28 20:35 - 06407808 ____A (NVIDIA Corporation) C:\Windows\System32\nv4_disp.dll
2012-06-15 23:32 - 2011-02-28 20:35 - 04984832 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2012-06-15 23:32 - 2011-02-28 20:35 - 02918504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2012-06-15 23:32 - 2011-02-28 20:35 - 02294442 ____A C:\Windows\System32\nvdata.bin
2012-06-15 23:32 - 2011-02-28 20:35 - 02252904 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2012-06-15 23:32 - 2011-02-28 20:35 - 01978880 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi.dll
2012-06-15 23:32 - 2011-02-28 20:35 - 00941160 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco322090.dll
2012-06-15 23:32 - 2011-02-28 20:35 - 00837736 ____A (NVIDIA Corporation) C:\Windows\System32\nvgenco322040.dll
2012-06-15 23:32 - 2011-02-28 20:35 - 00061440 ____A (Khronos Group) C:\Windows\System32\OpenCL.dll
2012-06-15 23:32 - 2011-02-28 20:35 - 00003630 ___RA C:\Windows\System32\nvinfo.pb
2012-06-15 23:22 - 2012-06-15 23:22 - 00940794 ____A C:\Windows\System32\LoopyMusic.wav
2012-06-15 23:22 - 2012-06-15 23:22 - 00146650 ____A C:\Windows\System32\BuzzingBee.wav
2012-06-15 23:22 - 2012-06-15 23:22 - 00000000 ____D C:\Windows\System32\Lang
2012-06-15 23:16 - 2012-06-15 23:16 - 00000000 __HDC C:\Windows\$NtUninstallWdf01009$
2012-06-15 23:16 - 2012-06-15 23:16 - 00000000 ___AH C:\Windows\System32\Drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2012-06-15 23:16 - 2012-06-15 23:16 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_FLxHCIc_01009.Wdf
2012-06-15 23:16 - 2010-04-17 14:11 - 00089088 ____A (Fresco Logic) C:\Windows\System32\Drivers\FLxHCIc.sys
2012-06-15 23:16 - 2008-11-07 14:55 - 00016928 ____N (Microsoft Corporation) C:\Windows\System32\spmsgXP_2k3.dll
2012-06-15 23:15 - 2012-06-16 16:05 - 00000000 ____D C:\Windows\RaidTool
2012-06-15 23:15 - 2012-06-15 23:15 - 00000000 ____D C:\RaidTool
2012-06-15 23:15 - 2010-03-08 02:41 - 00220112 ___RA (Realtek Semiconductor Corporation ) C:\Windows\System32\Drivers\Rtenicxp.sys
2012-06-15 23:15 - 2010-01-11 21:35 - 00100896 ___RA (Realtek Semiconductor Corporation) C:\Windows\System32\RTNUninst32.dll
2012-06-15 23:15 - 2010-01-11 21:35 - 00080416 ___RA C:\Windows\System32\RtNicProp32.dll
2012-06-15 23:15 - 2009-07-17 21:18 - 00093096 ___RA (JMicron Technology Corp.) C:\Windows\System32\Drivers\jraid.sys
2012-06-15 23:14 - 2008-04-13 11:17 - 00083072 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wdmaud.sys
2012-06-15 23:14 - 2008-04-13 11:15 - 00060800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sysaudio.sys
2012-06-15 23:14 - 2008-04-13 10:45 - 00172416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\kmixer.sys
2012-06-15 23:14 - 2008-04-13 10:45 - 00056576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\swmidi.sys
2012-06-15 23:14 - 2008-04-13 10:45 - 00052864 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dmusic.sys
2012-06-15 23:14 - 2008-04-13 10:45 - 00006272 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\splitter.sys
2012-06-15 23:14 - 2008-04-13 10:45 - 00002944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
2012-06-15 23:14 - 2008-04-13 10:39 - 00007552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mskssrv.sys
2012-06-15 23:14 - 2008-04-13 10:39 - 00005376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mspclock.sys
2012-06-15 23:14 - 2008-04-13 10:39 - 00004992 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mspqm.sys
2012-06-15 23:14 - 2008-04-13 08:39 - 00142592 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\aec.sys
2012-06-15 23:11 - 2012-06-22 17:27 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2012-06-15 23:11 - 2012-06-15 23:14 - 00000000 ____D C:\Program Files\Realtek
2012-06-15 23:11 - 2012-06-15 23:11 - 00000000 __HDC C:\Windows\$NtUninstallKB888111WXPSP2$
2012-06-15 23:11 - 2012-06-15 23:11 - 00000000 ____D C:\Windows\System32\RTCOM
2012-06-15 23:11 - 2010-03-17 00:52 - 19520544 ____A (Realtek Semiconductor Corp.) C:\Windows\RTHDCPL.EXE
2012-06-15 23:11 - 2010-03-17 00:52 - 09721888 ____A (Realtek Semiconductor Corp.) C:\Windows\RTLCPL.EXE
2012-06-15 23:11 - 2010-03-17 00:52 - 02815520 ____A (RealTek Semicoductor Corp.) C:\Windows\ALCWZRD.EXE
2012-06-15 23:11 - 2010-03-17 00:52 - 02177568 ____A (Realtek Semiconductor Corp.) C:\Windows\MicCal.exe
2012-06-15 23:11 - 2010-03-17 00:52 - 01833504 ____A (Realtek Semiconductor Corp.) C:\Windows\SkyTel.exe
2012-06-15 23:11 - 2010-03-17 00:52 - 01489440 ____A (Realtek Semiconductor Corp.) C:\Windows\RtlUpd.exe
2012-06-15 23:11 - 2010-03-17 00:52 - 00887328 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTSndMgr.CPL
2012-06-15 23:11 - 2010-03-17 00:52 - 00358944 ____A (Realtek Semiconductor Crop.) C:\Windows\vncutil.exe
2012-06-15 23:11 - 2010-03-17 00:52 - 00285216 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\ALSNDMGR.CPL
2012-06-15 23:11 - 2010-03-17 00:52 - 00129568 ____A (Realtek Semiconductor) C:\Windows\RtkAudioService.exe
2012-06-15 23:11 - 2010-03-17 00:52 - 00084512 ____A (Realtek Semiconductor Corp.) C:\Windows\SOUNDMAN.EXE
2012-06-15 23:11 - 2010-03-17 00:52 - 00064032 ____A (Realtek Semiconductor Corp.) C:\Windows\ALCMTR.EXE
2012-06-15 23:11 - 2010-03-17 00:52 - 00051232 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCoInstXP.dll
2012-06-15 23:11 - 2010-03-17 00:40 - 05878304 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RtkHDAud.sys
2012-06-15 23:11 - 2009-11-17 15:17 - 01395800 ____A (Creative Technology Ltd.) C:\Windows\System32\Drivers\Monfilt.sys
2012-06-15 23:11 - 2009-11-17 15:16 - 01691480 ____A (Creative) C:\Windows\System32\Drivers\Ambfilt.sys
2012-06-15 23:11 - 2009-01-07 14:21 - 00026144 ____A (Microsoft Corporation) C:\Windows\System32\spupdsvc.exe
2012-06-15 23:11 - 2008-04-13 16:12 - 00129536 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\ksproxy.ax
2012-06-15 23:11 - 2008-04-13 16:12 - 00129536 ____A (Microsoft Corporation) C:\Windows\System32\ksproxy.ax
2012-06-15 23:11 - 2008-04-13 16:11 - 00004096 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\ksuser.dll
2012-06-15 23:11 - 2008-04-13 16:11 - 00004096 ____A (Microsoft Corporation) C:\Windows\System32\ksuser.dll
2012-06-15 23:11 - 2008-04-13 10:45 - 00060160 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\drmk.sys
2012-06-15 23:11 - 2008-04-13 10:45 - 00060160 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2012-06-15 23:10 - 2012-06-15 23:59 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2012-06-15 23:10 - 2010-02-25 19:20 - 01247776 ___RA (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2012-06-15 23:08 - 2012-06-23 23:17 - 00000000 ____D C:\Intel
2012-06-15 23:08 - 2012-06-15 23:08 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2012-06-15 23:08 - 2012-06-15 23:08 - 00000000 ____D C:\Program Files\Intel
2012-06-15 23:08 - 2009-06-16 08:05 - 00053248 ____A (Windows XP Bundled build C-Centric Single User) C:\Windows\System32\CSVer.dll
2012-06-15 23:05 - 2012-06-17 04:53 - 00000000 ____D C:\Program Files\ASRock Utility
2012-06-15 22:41 - 2012-06-17 22:25 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Local Settings\Application Data\Adobe
2012-06-15 22:39 - 2012-06-23 21:35 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Application Data\Adobe
2012-06-15 22:39 - 2012-06-23 21:34 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Adobe
2012-06-15 22:39 - 2012-06-17 22:25 - 00000000 ____D C:\Program Files\Adobe
2012-06-15 22:39 - 2012-06-15 22:39 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2012-06-15 22:39 - 2012-06-15 22:39 - 00000000 ____D C:\Documents and Settings\OMAR IZ\Application Data\Macromedia
2012-06-15 22:15 - 2012-06-24 05:46 - 00000178 __ASH C:\Documents and Settings\OMAR IZ\ntuser.ini
2012-06-15 22:15 - 2012-06-24 05:45 - 00000062 __ASH C:\Documents and Settings\OMAR IZ\Local Settings\desktop.ini
2012-06-15 22:15 - 2012-06-16 16:06 - 00000062 __ASH C:\Documents and Settings\OMAR IZ\Application Data\desktop.ini
2012-06-15 22:07 - 2012-06-24 05:46 - 00032496 ____A C:\Windows\SchedLgU.Txt
2012-06-15 22:07 - 2012-06-24 05:46 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-06-15 22:07 - 2012-06-24 05:45 - 00000062 __ASH C:\Documents and Settings\NetworkService\Local Settings\desktop.ini
2012-06-15 22:07 - 2012-06-24 05:45 - 00000062 __ASH C:\Documents and Settings\LocalService\Local Settings\desktop.ini
2012-06-15 22:07 - 2012-06-15 22:07 - 00008192 ____A C:\Windows\REGLOCS.OLD
2012-06-15 22:07 - 2012-06-15 22:07 - 00000020 ___SH C:\Documents and Settings\NetworkService\ntuser.ini
2012-06-15 22:07 - 2012-06-15 22:07 - 00000020 ___SH C:\Documents and Settings\LocalService\ntuser.ini
2012-06-15 22:06 - 2008-04-13 16:11 - 00571392 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\tintlgnt.ime
2012-06-15 22:06 - 2008-04-13 16:11 - 00482304 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\pintlgnt.ime
2012-06-15 22:06 - 2008-04-13 16:11 - 00426041 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\voicepad.dll
2012-06-15 22:06 - 2008-04-13 16:11 - 00156672 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\winzm.ime
2012-06-15 22:06 - 2008-04-13 16:11 - 00156672 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\winsp.ime
2012-06-15 22:06 - 2008-04-13 16:11 - 00156672 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\winpy.ime
2012-06-15 22:06 - 2008-04-13 16:11 - 00086073 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\voicesub.dll
2012-06-15 22:06 - 2008-04-13 16:11 - 00079360 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\winar30.ime
2012-06-15 22:06 - 2008-04-13 16:11 - 00079360 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\phon.ime
2012-06-15 22:06 - 2008-04-13 16:11 - 00077824 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\quick.ime
2012-06-15 22:06 - 2008-04-13 16:11 - 00076288 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\uniime.dll
2012-06-15 22:06 - 2008-04-13 16:11 - 00072704 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wingb.ime
2012-06-15 22:06 - 2008-04-13 16:11 - 00065536 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\winime.ime
2012-06-15 22:06 - 2008-04-13 16:11 - 00065024 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\unicdime.ime
2012-06-15 22:06 - 2008-04-13 16:11 - 00026112 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\romanime.ime
2012-06-15 22:06 - 2008-04-13 16:10 - 00175104 ___AC C:\Windows\System32\dllcache\pintlcsa.dll
2012-06-15 22:06 - 2008-04-13 16:10 - 00067584 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\pmigrate.dll
2012-06-15 22:06 - 2008-04-13 16:10 - 00053760 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\pintlcsd.dll
2012-06-15 22:06 - 2008-04-13 16:10 - 00015872 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\padrs404.dll
2012-06-15 22:06 - 2008-04-13 16:10 - 00015360 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\padrs804.dll
2012-06-15 22:06 - 2008-04-13 16:10 - 00010240 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\tmigrate.dll
2012-06-15 22:06 - 2008-04-13 16:09 - 13463552 ___AC C:\Windows\System32\dllcache\hwxjpn.dll
2012-06-15 22:06 - 2008-04-13 16:09 - 00811064 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imjp81k.dll
2012-06-15 22:06 - 2008-04-13 16:09 - 00716856 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imjpcus.dll
2012-06-15 22:06 - 2008-04-13 16:09 - 00368696 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imjpcic.dll
2012-06-15 22:06 - 2008-04-13 16:09 - 00340023 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imjp81.ime
2012-06-15 22:06 - 2008-04-13 16:09 - 00315455 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imskf.dll
2012-06-15 22:06 - 2008-04-13 16:09 - 00274489 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imjputyc.dll
2012-06-15 22:06 - 2008-04-13 16:09 - 00106496 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imekrcic.dll
2012-06-15 22:06 - 2008-04-13 16:09 - 00102456 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imlang.dll
2012-06-15 22:06 - 2008-04-13 16:09 - 00094720 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imekr61.ime
2012-06-15 22:06 - 2008-04-13 16:09 - 00086016 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imekrmbx.dll
2012-06-15 22:06 - 2008-04-13 16:09 - 00081976 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imjpdct.dll
2012-06-15 22:06 - 2008-04-13 08:43 - 00070144 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\pintlphr.exe
2012-06-15 22:06 - 2004-08-04 04:00 - 10129408 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\hwxkor.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 01875968 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\msir3jp.lex
2012-06-15 22:06 - 2004-08-04 04:00 - 01158818 ___AC C:\Windows\System32\dllcache\korwbrkr.lex
2012-06-15 22:06 - 2004-08-04 04:00 - 00471102 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imskdic.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00455168 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\tintsetp.exe
2012-06-15 22:06 - 2004-08-04 04:00 - 00311359 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imepadsv.exe
2012-06-15 22:06 - 2004-08-04 04:00 - 00307257 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imjpdct.exe
2012-06-15 22:06 - 2004-08-04 04:00 - 00262200 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imjputy.exe
2012-06-15 22:06 - 2004-08-04 04:00 - 00233527 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imjprw.exe
2012-06-15 22:06 - 2004-08-04 04:00 - 00229439 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\multibox.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00208952 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imjpmig.exe
2012-06-15 22:06 - 2004-08-04 04:00 - 00196665 ___AC C:\Windows\System32\dllcache\imjpinst.exe
2012-06-15 22:06 - 2004-08-04 04:00 - 00185344 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\thawbrkr.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00155705 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imjpdsvr.exe
2012-06-15 22:06 - 2004-08-04 04:00 - 00143422 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\softkey.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00134339 ___AC C:\Windows\System32\dllcache\imekr.lex
2012-06-15 22:06 - 2004-08-04 04:00 - 00131584 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\pmxviceo.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00102463 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imepadsm.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00101376 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\srusbusd.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00098304 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\msir3jp.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00092416 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mga.sys
2012-06-15 22:06 - 2004-08-04 04:00 - 00092032 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mga.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00083748 ___AC C:\Windows\System32\dllcache\prcp.nls
2012-06-15 22:06 - 2004-08-04 04:00 - 00083748 ___AC C:\Windows\System32\dllcache\prc.nls
2012-06-15 22:06 - 2004-08-04 04:00 - 00079872 ___AC (Ricoh Co., Ltd.) C:\Windows\System32\dllcache\rwia330.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00079872 ___AC (Ricoh Co., Ltd.) C:\Windows\System32\dllcache\rwia001.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00070656 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\korwbrkr.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00059904 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imkrinst.exe
2012-06-15 22:06 - 2004-08-04 04:00 - 00059392 ___AC C:\Windows\System32\dllcache\imscinst.exe
2012-06-15 22:06 - 2004-08-04 04:00 - 00057398 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imjpdadm.exe
2012-06-15 22:06 - 2004-08-04 04:00 - 00048256 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\w32.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00047066 ___AC C:\Windows\System32\dllcache\ksc.nls
2012-06-15 22:06 - 2004-08-04 04:00 - 00045109 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imjpuex.exe
2012-06-15 22:06 - 2004-08-04 04:00 - 00044032 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\tintlphr.exe
2012-06-15 22:06 - 2004-08-04 04:00 - 00044032 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\imekrmig.exe
2012-06-15 22:06 - 2004-08-04 04:00 - 00041600 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\weitekp9.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00038912 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\sm9aw.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00036927 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\padrs411.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00031744 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\smb6w.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00031744 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\sma3w.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00031232 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\weitekp9.sys
2012-06-15 22:06 - 2004-08-04 04:00 - 00030208 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\sm87w.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00030208 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\sm81w.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00029184 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\sm8cw.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00028288 ___AC C:\Windows\System32\dllcache\xjis.nls
2012-06-15 22:06 - 2004-08-04 04:00 - 00026624 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\sm93w.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00026624 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\sm92w.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00026112 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\sm90w.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00026112 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\sm8dw.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00026112 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\sm8aw.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00026112 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\sm89w.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00025088 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\sm59w.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00021896 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\tdipx.sys
2012-06-15 22:06 - 2004-08-04 04:00 - 00019464 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\tdspx.sys
2012-06-15 22:06 - 2004-08-04 04:00 - 00018944 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\simptcp.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00018432 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\jupiw.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00016384 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\quser.exe
2012-06-15 22:06 - 2004-08-04 04:00 - 00015872 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\smierrsm.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00014848 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\register.exe
2012-06-15 22:06 - 2004-08-04 04:00 - 00014336 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\tsprof.exe
2012-06-15 22:06 - 2004-08-04 04:00 - 00014336 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\padrs412.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00013192 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\tdasync.sys
2012-06-15 22:06 - 2004-08-04 04:00 - 00011264 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\pmxmcro.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00010240 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\snmpstup.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00009728 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\query.exe
2012-06-15 22:06 - 2004-08-04 04:00 - 00009216 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdnecat.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00007680 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdnecnt.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00007168 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdnec95.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00006144 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\pmxgl.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00006144 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdth3.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00006144 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdth2.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00006144 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdinpun.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00006144 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbd101a.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\smimsgif.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\smierrsy.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdvntc.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdusa.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdurdu.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdth1.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdth0.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdsyr2.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdsyr1.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdintel.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdintam.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdinmar.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdinkan.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdinhin.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdinguj.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdindev.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdheb.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdfa.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbddiv2.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbddiv1.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbda3.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbda2.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbda1.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005120 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdgeo.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005120 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdarmw.dll
2012-06-15 22:06 - 2004-08-04 04:00 - 00005120 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdarme.dll
2012-06-15 22:06 - 2001-08-17 18:36 - 00065536 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_mailmsg.dll
2012-06-15 22:06 - 2001-08-17 18:36 - 00057856 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_scripto.dll
2012-06-15 22:06 - 2001-08-17 18:36 - 00038912 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_ntfsdrv.dll
2012-06-15 22:06 - 2001-08-17 18:36 - 00026112 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_seos.dll
2012-06-15 22:06 - 2001-08-17 18:36 - 00023040 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_regtrace.exe
2012-06-15 22:06 - 2001-08-17 18:36 - 00012288 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_smtpctrs.dll
2012-06-15 22:06 - 2001-08-17 18:36 - 00007168 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_snprfdll.dll
2012-06-15 22:05 - 2012-06-16 14:54 - 00316640 ____A C:\Windows\WMSysPr9.prx
2012-06-15 22:05 - 2012-06-15 22:05 - 00023392 ____A C:\Windows\System32\nscompat.tlb
2012-06-15 22:05 - 2012-06-15 22:05 - 00016832 ____A C:\Windows\System32\amcompat.tlb
2012-06-15 22:05 - 2012-06-15 22:05 - 00002577 ____A C:\Windows\System32\CONFIG.NT
2012-06-15 22:05 - 2012-06-15 22:05 - 00000000 _RASH C:\MSDOS.SYS
2012-06-15 22:05 - 2012-06-15 22:05 - 00000000 _RASH C:\IO.SYS
2012-06-15 22:05 - 2012-06-15 22:05 - 00000000 ____D C:\Windows\System32\xircom
2012-06-15 22:05 - 2012-06-15 22:05 - 00000000 ____D C:\Program Files\xerox
2012-06-15 22:05 - 2012-06-15 22:05 - 00000000 ____D C:\Program Files\microsoft frontpage
2012-06-15 22:05 - 2012-06-15 22:05 - 00000000 ____A C:\Windows\control.ini
2012-06-15 22:05 - 2012-06-15 22:05 - 00000000 ____A C:\CONFIG.SYS
2012-06-15 22:05 - 2012-06-15 22:05 - 00000000 ____A C:\AUTOEXEC.BAT
2012-06-15 22:05 - 2008-04-13 16:11 - 00078848 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\dayi.ime
2012-06-15 22:05 - 2008-04-13 16:11 - 00078336 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\chajei.ime
2012-06-15 22:05 - 2008-04-13 16:11 - 00021504 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\cintlgnt.ime
2012-06-15 22:05 - 2008-04-13 16:09 - 00198656 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\cintime.dll
2012-06-15 22:05 - 2008-04-13 16:09 - 00173568 ___AC C:\Windows\System32\dllcache\chtskf.dll
2012-06-15 22:05 - 2008-04-13 16:09 - 00097792 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\chtmbx.dll
2012-06-15 22:05 - 2008-04-13 16:09 - 00056320 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\chtskdic.dll
2012-06-15 22:05 - 2004-08-04 04:00 - 10096640 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\hwxcht.dll
2012-06-15 22:05 - 2004-08-04 04:00 - 01677824 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\chsbrkr.dll
2012-06-15 22:05 - 2004-08-04 04:00 - 00838144 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\chtbrkr.dll
2012-06-15 22:05 - 2004-08-04 04:00 - 00514587 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\edb500.dll
2012-06-15 22:05 - 2004-08-04 04:00 - 00480256 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\cintsetp.exe
2012-06-15 22:05 - 2004-08-04 04:00 - 00195618 ___AC C:\Windows\System32\dllcache\c_10002.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00189986 ___AC C:\Windows\System32\dllcache\c_1361.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00187938 ___AC C:\Windows\System32\dllcache\c_20005.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00186402 ___AC C:\Windows\System32\dllcache\c_20001.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00185378 ___AC C:\Windows\System32\dllcache\c_20003.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00180770 ___AC C:\Windows\System32\dllcache\c_20932.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00180258 ___AC C:\Windows\System32\dllcache\c_20004.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00180258 ___AC C:\Windows\System32\dllcache\c_20000.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00177698 ___AC C:\Windows\System32\dllcache\c_20949.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00177698 ___AC C:\Windows\System32\dllcache\c_10003.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00173602 ___AC C:\Windows\System32\dllcache\c_20936.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00173602 ___AC C:\Windows\System32\dllcache\c_20002.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00173602 ___AC C:\Windows\System32\dllcache\c_10008.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00162850 ___AC C:\Windows\System32\dllcache\c_10001.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00132608 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\fxsclntr.dll
2012-06-15 22:05 - 2004-08-04 04:00 - 00112128 ____A (Microsoft Corporation) C:\Windows\System32\mapi32.dll
2012-06-15 22:05 - 2004-08-04 04:00 - 00111104 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\fxscfgwz.dll
2012-06-15 22:05 - 2004-08-04 04:00 - 00108827 ___AC C:\Windows\System32\dllcache\hanja.lex
2012-06-15 22:05 - 2004-08-04 04:00 - 00082172 ___AC C:\Windows\System32\dllcache\bopomofo.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066728 ___AC C:\Windows\System32\dllcache\big5.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066594 ___AC C:\Windows\System32\dllcache\c_864.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066594 ___AC C:\Windows\System32\dllcache\c_862.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066594 ___AC C:\Windows\System32\dllcache\c_858.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066594 ___AC C:\Windows\System32\dllcache\c_720.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_870.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_708.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_28596.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_21027.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_21025.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20924.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20880.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20871.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20838.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20833.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20424.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20423.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20420.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20297.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20290.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20285.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20284.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20280.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20278.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20277.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20273.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20269.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20108.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20107.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20106.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_20105.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_1149.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_1148.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_1147.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_1146.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_1145.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_1144.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_1143.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_1142.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_1141.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_1140.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_1047.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_10021.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_10005.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00066082 ___AC C:\Windows\System32\dllcache\c_10004.nls
2012-06-15 22:05 - 2004-08-04 04:00 - 00057856 ___AC (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esuimgd.dll
2012-06-15 22:05 - 2004-08-04 04:00 - 00057399 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\cplexe.exe
2012-06-15 22:05 - 2004-08-04 04:00 - 00054528 ___AC (Philips Semiconductors GmbH) C:\Windows\System32\dllcache\cap7146.sys
2012-06-15 22:05 - 2004-08-04 04:00 - 00045056 ___AC (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esunid.dll
2012-06-15 22:05 - 2004-08-04 04:00 - 00036864 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\hanjadic.dll
2012-06-15 22:05 - 2004-08-04 04:00 - 00031744 ___AC (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esucmd.dll
2012-06-15 22:05 - 2004-08-04 04:00 - 00031744 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\fxsroute.dll
2012-06-15 22:05 - 2004-08-04 04:00 - 00025856 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\et4000.sys
2012-06-15 22:05 - 2004-08-04 04:00 - 00018944 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\cprofile.exe
2012-06-15 22:05 - 2004-08-04 04:00 - 00015872 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\chgport.exe
2012-06-15 22:05 - 2004-08-04 04:00 - 00014848 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\flattemp.exe
2012-06-15 22:05 - 2004-08-04 04:00 - 00014336 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\chgusr.exe
2012-06-15 22:05 - 2004-08-04 04:00 - 00013312 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\chglogon.exe
2012-06-15 22:05 - 2004-08-04 04:00 - 00011264 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\fxssend.exe
2012-06-15 22:05 - 2004-08-04 04:00 - 00010752 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\c_iscii.dll
2012-06-15 22:05 - 2004-08-04 04:00 - 00009728 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\change.exe
2012-06-15 22:05 - 2004-08-04 04:00 - 00006656 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\c_is2022.dll
2012-06-15 22:05 - 2004-08-04 04:00 - 00006144 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\ftlx041e.dll
2012-06-15 22:05 - 2001-08-17 18:36 - 00045056 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_aqadmin.dll
2012-06-15 22:05 - 2001-08-17 18:36 - 00043520 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_fcachdll.dll
2012-06-15 22:05 - 2001-08-17 18:36 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_adsiisex.dll
2012-06-15 22:04 - 2012-06-24 05:46 - 01622685 ____A C:\Windows\WindowsUpdate.log
2012-06-15 22:04 - 2012-06-22 16:25 - 00000000 __AHD C:\Program Files\WindowsUpdate
2012-06-15 22:04 - 2012-06-16 16:09 - 00000000 ____D C:\Windows\System32\DirectX
2012-06-15 22:04 - 2012-06-15 22:04 - 00000749 __RAH C:\Windows\WindowsShell.Manifest
2012-06-15 22:04 - 2012-06-15 22:04 - 00000749 __RAH C:\Windows\System32\wuaucpl.cpl.manifest
2012-06-15 22:04 - 2012-06-15 22:04 - 00000749 __RAH C:\Windows\System32\sapi.cpl.manifest
2012-06-15 22:04 - 2012-06-15 22:04 - 00000749 __RAH C:\Windows\System32\nwc.cpl.manifest
2012-06-15 22:04 - 2012-06-15 22:04 - 00000749 __RAH C:\Windows\System32\ncpa.cpl.manifest
2012-06-15 22:04 - 2012-06-15 22:04 - 00000749 __RAH C:\Windows\System32\cdplayer.exe.manifest
2012-06-15 22:04 - 2012-06-15 22:04 - 00000488 __RAH C:\Windows\System32\WindowsLogon.manifest
2012-06-15 22:04 - 2012-06-15 22:04 - 00000488 __RAH C:\Windows\System32\logonui.exe.manifest
2012-06-15 22:04 - 2012-06-15 22:04 - 00000000 __SHD C:\Documents and Settings\All Users\DRM
2012-06-15 22:04 - 2012-06-15 22:04 - 00000000 ___RD C:\Windows\Offline Web Pages
2012-06-15 22:04 - 2004-08-04 04:00 - 04399505 ___AC C:\Windows\System32\dllcache\nls302en.lex
2012-06-15 22:03 - 2012-06-22 16:22 - 00000000 ____D C:\Program Files\Common Files\System
2012-06-15 22:03 - 2012-06-20 19:36 - 00000000 ____D C:\Program Files\Outlook Express
2012-06-15 22:03 - 2012-06-17 08:08 - 00000000 ____D C:\Windows\System32\Restore
2012-06-15 22:03 - 2012-06-16 15:04 - 00000000 ____D C:\Program Files\Movie Maker
2012-06-15 22:03 - 2012-06-16 14:48 - 00000000 ____D C:\Windows\srchasst
2012-06-15 22:03 - 2012-06-16 14:48 - 00000000 ____D C:\Program Files\NetMeeting
2012-06-15 22:03 - 2012-06-15 22:03 - 00000000 ____D C:\Windows\System32\Macromed
2012-06-15 22:03 - 2012-06-15 22:03 - 00000000 ____D C:\Program Files\Common Files\Services
2012-06-15 22:03 - 2012-06-15 22:03 - 00000000 ____D C:\Program Files\Common Files\MSSoap
2012-06-15 22:03 - 2011-10-10 06:22 - 00692736 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2012-06-15 22:03 - 2010-11-18 10:12 - 00081920 ____A (Microsoft Corporation) C:\Windows\System32\isign32.dll
2012-06-15 22:03 - 2010-06-18 05:36 - 03558912 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\moviemk.exe
2012-06-15 22:03 - 2009-08-06 15:24 - 00327896 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wucltui.dll
2012-06-15 22:03 - 2009-08-06 15:24 - 00327896 ____A (Microsoft Corporation) C:\Windows\System32\wucltui.dll
2012-06-15 22:03 - 2009-08-06 15:24 - 00217816 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wuaucpl.cpl
2012-06-15 22:03 - 2009-08-06 15:24 - 00217816 ____A (Microsoft Corporation) C:\Windows\System32\wuaucpl.cpl
2012-06-15 22:03 - 2009-08-06 15:24 - 00053472 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wuauclt.exe
2012-06-15 22:03 - 2009-08-06 15:24 - 00053472 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-15 22:03 - 2009-08-06 15:24 - 00035552 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wups.dll
2012-06-15 22:03 - 2009-08-06 15:24 - 00035552 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-15 22:03 - 2009-08-06 15:23 - 01929952 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wuaueng.dll
2012-06-15 22:03 - 2009-08-06 15:23 - 01929952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-15 22:03 - 2009-08-06 15:23 - 00575704 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wuapi.dll
2012-06-15 22:03 - 2009-08-06 15:23 - 00575704 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-15 22:03 - 2009-08-06 15:23 - 00209624 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wuweb.dll
2012-06-15 22:03 - 2009-08-06 15:23 - 00209624 ____A (Microsoft Corporation) C:\Windows\System32\wuweb.dll
2012-06-15 22:03 - 2009-07-27 14:27 - 00128512 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\dhtmled.ocx
2012-06-15 22:03 - 2009-06-21 13:44 - 00153088 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\triedit.dll
2012-06-15 22:03 - 2008-05-01 06:33 - 00331776 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\msadce.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00786432 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\migrate.exe
2012-06-15 22:03 - 2008-04-13 16:12 - 00774144 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\setup_wm.exe
2012-06-15 22:03 - 2008-04-13 16:12 - 00409088 ____A (Microsoft Corporation) C:\Windows\System32\qmgr.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00364544 ___AC (Microsoft Corporation (written by Digital Renaissance Inc.)) C:\Windows\System32\dllcache\npdsplay.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00274944 ____A (Microsoft Corporation) C:\Windows\System32\mstask.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00252928 ____A (Microsoft Corporation) C:\Windows\System32\msoeacct.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00239104 ____A (Microsoft Corporation) C:\Windows\System32\srrstr.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00226816 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\npdrmv2.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00221184 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wmpns.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00192512 ____A (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00188416 ____A (Microsoft Corporation) C:\Windows\System32\msh261.drv
2012-06-15 22:03 - 2008-04-13 16:12 - 00183296 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng1.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00171008 ____A (Microsoft Corporation) C:\Windows\System32\srsvc.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00165888 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt1.exe
2012-06-15 22:03 - 2008-04-13 16:12 - 00105984 ____A (Microsoft Corporation) C:\Windows\System32\msoert2.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00098304 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wmpband.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00073728 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wmplayer.exe
2012-06-15 22:03 - 2008-04-13 16:12 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\srclient.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00045568 ____A (Microsoft Corporation) C:\Windows\System32\safrslv.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\safrcdlg.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\racpldlg.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00032768 ____A (Microsoft Corporation) C:\Windows\System32\mnmsrvc.exe
2012-06-15 22:03 - 2008-04-13 16:12 - 00029696 ____A (Microsoft Corporation) C:\Windows\System32\safrdm.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00028672 ____A (Microsoft Corporation) C:\Windows\System32\nmmkcert.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\fltmc.exe
2012-06-15 22:03 - 2008-04-13 16:12 - 00018944 ____A (Microsoft Corporation) C:\Windows\System32\qmgrprxy.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\mstinit.exe
2012-06-15 22:03 - 2008-04-13 16:12 - 00010240 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\npwmsdrm.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00006656 ____A (Microsoft Corporation) C:\Windows\System32\wuauserv.dll
2012-06-15 22:03 - 2008-04-13 16:12 - 00004639 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mplayer2.exe
2012-06-15 22:03 - 2008-04-13 16:11 - 00368640 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mpvis.dll
2012-06-15 22:03 - 2008-04-13 16:11 - 00274432 ____A (Microsoft Corporation) C:\Windows\System32\inetcfg.dll
2012-06-15 22:03 - 2008-04-13 16:11 - 00081920 ____A (Microsoft Corporation) C:\Windows\System32\ils.dll
2012-06-15 22:03 - 2008-04-13 16:11 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\icwdial.dll
2012-06-15 22:03 - 2008-04-13 16:11 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\msconf.dll
2012-06-15 22:03 - 2008-04-13 16:11 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\icwphbk.dll
2012-06-15 22:03 - 2008-04-13 16:11 - 00034560 ____A (Microsoft Corporation) C:\Windows\System32\mnmdd.dll
2012-06-15 22:03 - 2008-04-13 16:11 - 00033792 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\custsat.dll
2012-06-15 22:03 - 2008-04-13 16:11 - 00032768 ____A (Intel Corporation) C:\Windows\System32\isrdbg32.dll
2012-06-15 22:03 - 2008-04-13 16:11 - 00016896 ____A (Microsoft Corporation) C:\Windows\System32\fltlib.dll
2012-06-15 22:03 - 2008-04-13 16:11 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\bitsprx2.dll
2012-06-15 22:03 - 2008-04-13 16:11 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\bitsprx3.dll
2012-06-15 22:03 - 2008-04-13 10:36 - 00073472 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sr.sys
2012-06-15 22:03 - 2008-04-13 10:32 - 00129792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fltmgr.sys
2012-06-15 22:03 - 2008-04-13 08:22 - 00048128 ____A (Microsoft Corporation) C:\Windows\System32\inetres.dll
2012-06-15 22:03 - 2004-08-04 04:00 - 00235520 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mssoap1.dll
2012-06-15 22:03 - 2004-08-04 04:00 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\msg723.acm
2012-06-15 22:03 - 2004-08-04 04:00 - 00099840 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\helphost.exe
2012-06-15 22:03 - 2004-08-04 04:00 - 00093184 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\ieinfo5.ocx
2012-06-15 22:03 - 2004-08-04 04:00 - 00073728 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\icwtutor.exe
2012-06-15 22:03 - 2004-08-04 04:00 - 00064512 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\acctres.dll
2012-06-15 22:03 - 2004-08-04 04:00 - 00064512 ____A (Microsoft Corporation) C:\Windows\System32\acctres.dll
2012-06-15 22:03 - 2004-08-04 04:00 - 00061440 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\icwres.dll
2012-06-15 22:03 - 2004-08-04 04:00 - 00048680 ___SH C:\Windows\winnt256.bmp
2012-06-15 22:03 - 2004-08-04 04:00 - 00048680 ___SH C:\Windows\winnt.bmp
2012-06-15 22:03 - 2004-08-04 04:00 - 00047104 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\srdiag.exe
2012-06-15 22:03 - 2004-08-04 04:00 - 00040960 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\trialoc.dll
2012-06-15 22:03 - 2004-08-04 04:00 - 00039936 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\msinfo32.exe
2012-06-15 22:03 - 2004-08-04 04:00 - 00035328 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\notiflag.exe
2012-06-15 22:03 - 2004-08-04 04:00 - 00025088 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wisc10.dll
2012-06-15 22:03 - 2004-08-04 04:00 - 00023552 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mssoapr.dll
2012-06-15 22:03 - 2004-08-04 04:00 - 00021504 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\brpinfo.dll
2012-06-15 22:03 - 2004-08-04 04:00 - 00016384 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\isignup.exe
2012-06-15 22:03 - 2004-08-04 04:00 - 00016384 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\icfgnt5.dll
2012-06-15 22:03 - 2004-08-04 04:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\icfgnt5.dll
2012-06-15 22:03 - 2004-08-04 04:00 - 00012288 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wb32.exe
2012-06-15 22:03 - 2004-08-04 04:00 - 00012288 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\nmevtmsg.dll
2012-06-15 22:03 - 2004-08-04 04:00 - 00012288 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\cb32.exe
2012-06-15 22:03 - 2004-08-04 04:00 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\nmevtmsg.dll
2012-06-15 22:03 - 2004-08-04 04:00 - 00011264 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\atrace.dll
2012-06-15 22:03 - 2004-08-04 04:00 - 00011264 ____A (Microsoft Corporation) C:\Windows\System32\atrace.dll
2012-06-15 22:03 - 2004-08-04 04:00 - 00006656 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\hcappres.dll
2012-06-15 22:03 - 2004-08-04 04:00 - 00000984 ___AC C:\Windows\System32\dllcache\srframe.mmf
2012-06-15 22:03 - 2004-08-04 04:00 - 00000065 ___RH C:\Windows\Tasks\desktop.ini
2012-06-15 22:03 - 2004-08-04 04:00 - 00000002 ____A C:\Windows\System32\desktop.ini
2012-06-15 22:03 - 2004-08-04 04:00 - 00000002 ____A C:\Windows\desktop.ini
2012-06-15 22:02 - 2012-06-16 14:50 - 00000000 ____D C:\Program Files\Messenger
2012-06-15 22:02 - 2012-06-15 22:05 - 00000000 ____D C:\Windows\Registration
2012-06-15 22:02 - 2012-06-15 22:02 - 00021640 ____A C:\Windows\System32\emptyregdb.dat
2012-06-15 22:02 - 2012-06-15 22:02 - 00000037 ____A C:\Windows\vbaddin.ini
2012-06-15 22:02 - 2012-06-15 22:02 - 00000036 ____A C:\Windows\vb.ini
2012-06-15 22:02 - 2012-06-15 22:02 - 00000000 ____D C:\Program Files\Online Services
2012-06-15 22:02 - 2012-06-15 22:02 - 00000000 ____D C:\Program Files\MSN Gaming Zone
2012-06-15 22:02 - 2012-06-15 22:02 - 00000000 ____D C:\Program Files\ComPlus Applications
2012-06-15 22:02 - 2004-08-04 04:00 - 02178131 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\shvlres.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 01817687 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\bckgres.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 01175635 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\hrtzres.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 01039955 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\cmnresm.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00780885 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\chkrres.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00753236 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\rvseres.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00605696 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\getuname.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00605696 ____A (Microsoft Corporation) C:\Windows\System32\getuname.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00227840 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\avtapi.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00227840 ____A (Microsoft Corporation) C:\Windows\System32\avtapi.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00217160 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\cmnclim.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00138752 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\sndvol32.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00138752 ____A (Microsoft Corporation) C:\Windows\System32\sndvol32.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00119808 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\winmine.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00119808 ____A (Microsoft Corporation) C:\Windows\System32\winmine.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00114688 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\calc.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00114688 ____A (Microsoft Corporation) C:\Windows\System32\calc.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00113222 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\zoneclim.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00093702 ____A C:\Windows\System32\subrange.uce
2012-06-15 22:02 - 2004-08-04 04:00 - 00082501 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\bckg.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00080384 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\charmap.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00080384 ____A (Microsoft Corporation) C:\Windows\System32\charmap.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00073216 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\avwav.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\avwav.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00066113 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\shvl.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00065978 ____A C:\Windows\Soap Bubbles.bmp
2012-06-15 22:02 - 2004-08-04 04:00 - 00065954 ____A C:\Windows\Prairie Wind.bmp
2012-06-15 22:02 - 2004-08-04 04:00 - 00065832 ____A C:\Windows\Santa Fe Stucco.bmp
2012-06-15 22:02 - 2004-08-04 04:00 - 00060458 ____A C:\Windows\System32\ideograf.uce
2012-06-15 22:02 - 2004-08-04 04:00 - 00057409 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\hrtz.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00056832 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\sol.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00056832 ____A (Microsoft Corporation) C:\Windows\System32\sol.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00048706 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\rvse.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00044544 ____A (Hilgraeve, Inc.) C:\Windows\System32\hticons.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00042577 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\bckgzm.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00042575 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\chkrzm.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00042574 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\rvsezm.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00042573 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\shvlzm.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00042573 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\hrtzzm.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00041029 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\zcorem.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00040515 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\chkr.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00036937 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\zclientm.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00035328 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\winchat.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00035328 ____A (Microsoft Corporation) C:\Windows\System32\winchat.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00032339 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\uniansi.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00029760 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\znetm.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00026680 ____A C:\Windows\River Sumida.bmp
2012-06-15 22:02 - 2004-08-04 04:00 - 00026582 ____A C:\Windows\Greenstone.bmp
2012-06-15 22:02 - 2004-08-04 04:00 - 00024006 ____A C:\Windows\System32\gb2312.uce
2012-06-15 22:02 - 2004-08-04 04:00 - 00022984 ____A C:\Windows\System32\bopomofo.uce
2012-06-15 22:02 - 2004-08-04 04:00 - 00017362 ____A C:\Windows\Rhododendron.bmp
2012-06-15 22:02 - 2004-08-04 04:00 - 00017336 ____A C:\Windows\Gone Fishing.bmp
2012-06-15 22:02 - 2004-08-04 04:00 - 00017062 ____A C:\Windows\Coffee Bean.bmp
2012-06-15 22:02 - 2004-08-04 04:00 - 00016740 ____A C:\Windows\System32\shiftjis.uce
2012-06-15 22:02 - 2004-08-04 04:00 - 00016730 ____A C:\Windows\FeatherTexture.bmp
2012-06-15 22:02 - 2004-08-04 04:00 - 00016384 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\avmeter.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\avmeter.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00013894 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\zonelibm.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00013312 ___AC (Hilgraeve, Inc.) C:\Windows\System32\dllcache\htrn_jis.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00012876 ____A C:\Windows\System32\korean.uce
2012-06-15 22:02 - 2004-08-04 04:00 - 00009522 ____A C:\Windows\Zapotec.bmp
2012-06-15 22:02 - 2004-08-04 04:00 - 00008484 ____A C:\Windows\System32\kanji_2.uce
2012-06-15 22:02 - 2004-08-04 04:00 - 00006948 ____A C:\Windows\System32\kanji_1.uce
2012-06-15 22:02 - 2004-08-04 04:00 - 00005632 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\write.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\write.exe
2012-06-15 22:02 - 2004-08-04 04:00 - 00004677 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\zeeverm.dll
2012-06-15 22:02 - 2004-08-04 04:00 - 00001272 ____A C:\Windows\Blue Lace 16.bmp
2012-06-15 22:01 - 2012-06-16 14:48 - 00000000 ____D C:\Windows\System32\Com
2012-06-15 22:01 - 2012-06-16 14:48 - 00000000 ____D C:\Program Files\Windows NT
2012-06-15 22:01 - 2012-06-15 22:02 - 00000000 ____D C:\Windows\System32\MsDtc
2012-06-15 22:01 - 2012-06-15 22:01 - 00000000 ____D C:\Program Files\MSN
2012-06-15 22:01 - 2012-05-02 05:46 - 00139656 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-15 22:01 - 2011-02-01 23:58 - 02067456 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2012-06-15 22:01 - 2011-01-27 03:57 - 00677888 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2012-06-15 22:01 - 2009-12-16 10:43 - 00343040 ____A (Microsoft Corporation) C:\Windows\System32\mspaint.exe
2012-06-15 22:01 - 2009-06-10 05:19 - 02066432 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mstscax.dll
2012-06-15 22:01 - 2008-06-12 06:23 - 00956928 ____A (Microsoft Corporation) C:\Windows\System32\msdtctm.dll
2012-06-15 22:01 - 2008-06-12 06:23 - 00428032 ____A (Microsoft Corporation) C:\Windows\System32\msdtcprx.dll
2012-06-15 22:01 - 2008-06-12 06:23 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\msdtcuiu.dll
2012-06-15 22:01 - 2008-06-12 06:23 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\mtxoci.dll
2012-06-15 22:01 - 2008-06-12 06:23 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\msdtclog.dll
2012-06-15 22:01 - 2008-04-13 16:13 - 00087176 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-06-15 22:01 - 2008-04-13 16:13 - 00040840 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\termdd.sys
2012-06-15 22:01 - 2008-04-13 16:13 - 00021896 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-06-15 22:01 - 2008-04-13 16:13 - 00012040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdpipe.sys
2012-06-15 22:01 - 2008-04-13 16:12 - 00538624 ____A (Microsoft Corporation) C:\Windows\System32\spider.exe
2012-06-15 22:01 - 2008-04-13 16:12 - 00295424 ____A (Microsoft Corporation) C:\Windows\System32\termsrv.dll
2012-06-15 22:01 - 2008-04-13 16:12 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\accwiz.exe
2012-06-15 22:01 - 2008-04-13 16:12 - 00147968 ____A (Microsoft Corporation) C:\Windows\System32\rdchost.dll
2012-06-15 22:01 - 2008-04-13 16:12 - 00141312 ____A (Microsoft Corporation) C:\Windows\System32\sessmgr.exe
2012-06-15 22:01 - 2008-04-13 16:12 - 00131584 ____A (Microsoft Corporation) C:\Windows\System32\sndrec32.exe
2012-06-15 22:01 - 2008-04-13 16:12 - 00123392 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mplay32.exe
2012-06-15 22:01 - 2008-04-13 16:12 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\mplay32.exe
2012-06-15 22:01 - 2008-04-13 16:12 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\clipbrd.exe
2012-06-15 22:01 - 2008-04-13 16:12 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\tscfgwmi.dll
2012-06-15 22:01 - 2008-04-13 16:12 - 00068608 ____A (Microsoft Corporation) C:\Windows\System32\access.cpl
2012-06-15 22:01 - 2008-04-13 16:12 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\rdshost.exe
2012-06-15 22:01 - 2008-04-13 16:12 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\rdpclip.exe
2012-06-15 22:01 - 2008-04-13 16:12 - 00060416 ____A (Microsoft Corporation) C:\Windows\System32\remotepg.dll
2012-06-15 22:01 - 2008-04-13 16:12 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\stclient.dll
2012-06-15 22:01 - 2008-04-13 16:12 - 00056320 ____A (Microsoft Corporation) C:\Windows\System32\servdeps.dll
2012-06-15 22:01 - 2008-04-13 16:12 - 00034304 ____A (Microsoft Corporation) C:\Windows\System32\mtxlegih.dll
2012-06-15 22:01 - 2008-04-13 16:12 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\mtxdm.dll
2012-06-15 22:01 - 2008-04-13 16:12 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\rdpsnd.dll
2012-06-15 22:01 - 2008-04-13 16:12 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\qprocess.exe
2012-06-15 22:01 - 2008-04-13 16:12 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\rdsaddin.exe
2012-06-15 22:01 - 2008-04-13 16:12 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\xolehlp.dll
2012-06-15 22:01 - 2008-04-13 16:12 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\msdtc.exe
2012-06-15 22:01 - 2008-04-13 16:12 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dcomcnfg.exe
2012-06-15 22:01 - 2008-04-13 16:12 - 00004096 ____A (Microsoft Corporation) C:\Windows\System32\mtxex.dll
2012-06-15 22:01 - 2008-04-13 16:11 - 01267200 ____A (Microsoft Corporation) C:\Windows\System32\comsvcs.dll
2012-06-15 22:01 - 2008-04-13 16:11 - 00625664 ____A (Microsoft Corporation) C:\Windows\System32\catsrvut.dll
2012-06-15 22:01 - 2008-04-13 16:11 - 00539648 ____A (Microsoft Corporation) C:\Windows\System32\comuid.dll
2012-06-15 22:01 - 2008-04-13 16:11 - 00498688 ____A (Microsoft Corporation) C:\Windows\System32\clbcatq.dll
2012-06-15 22:01 - 2008-04-13 16:11 - 00347136 ____A (Hilgraeve, Inc.) C:\Windows\System32\hypertrm.dll
2012-06-15 22:01 - 2008-04-13 16:11 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\catsrv.dll
2012-06-15 22:01 - 2008-04-13 16:11 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\cmprops.dll
2012-06-15 22:01 - 2008-04-13 16:11 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\comsnap.dll
2012-06-15 22:01 - 2008-04-13 16:11 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\clbcatex.dll
2012-06-15 22:01 - 2008-04-13 16:11 - 00097792 ____A (Microsoft Corporation) C:\Windows\System32\comrepl.dll
2012-06-15 22:01 - 2008-04-13 16:11 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\catsrvps.dll
2012-06-15 22:01 - 2008-04-13 16:11 - 00060416 ____A (Microsoft Corporation) C:\Windows\System32\colbact.dll
2012-06-15 22:01 - 2008-04-13 16:11 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\licwmi.dll
2012-06-15 22:01 - 2008-04-13 16:11 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\cfgbkend.dll
2012-06-15 22:01 - 2008-04-13 16:11 - 00028160 ____A (Microsoft Corporation) C:\Windows\System32\comaddin.dll
2012-06-15 22:01 - 2008-04-13 16:11 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\mmfutil.dll
2012-06-15 22:01 - 2008-04-13 16:11 - 00011264 ____A (Microsoft Corporation) C:\Windows\System32\icaapi.dll
2012-06-15 22:01 - 2008-04-13 10:32 - 00196224 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpdr.sys
2012-06-15 22:01 - 2004-08-04 04:00 - 00407552 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mstsc.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00273920 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\msiprov.dll
2012-06-15 22:01 - 2004-08-04 04:00 - 00126976 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mshearts.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\mshearts.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00120320 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\dsprov.dll
2012-06-15 22:01 - 2004-08-04 04:00 - 00116224 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\updprov.dll
2012-06-15 22:01 - 2004-08-04 04:00 - 00075264 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wmipicmp.dll
2012-06-15 22:01 - 2004-08-04 04:00 - 00063488 ____A C:\Windows\System32\wmimgmt.msc
2012-06-15 22:01 - 2004-08-04 04:00 - 00061952 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\tmplprov.dll
2012-06-15 22:01 - 2004-08-04 04:00 - 00061440 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wmimsg.dll
2012-06-15 22:01 - 2004-08-04 04:00 - 00059904 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wbemdisp.tlb
2012-06-15 22:01 - 2004-08-04 04:00 - 00059904 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\trnsprov.dll
2012-06-15 22:01 - 2004-08-04 04:00 - 00055296 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\freecell.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\freecell.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00053248 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\fwdprov.dll
2012-06-15 22:01 - 2004-08-04 04:00 - 00052224 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wmitimep.dll
2012-06-15 22:01 - 2004-08-04 04:00 - 00045568 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wmi2xml.dll
2012-06-15 22:01 - 2004-08-04 04:00 - 00044544 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\tscupgrd.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00044544 ____A (Microsoft Corporation) C:\Windows\System32\tscupgrd.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00040960 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\smtpcons.dll
2012-06-15 22:01 - 2004-08-04 04:00 - 00033792 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\regini.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\regini.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00031232 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wbemads.tlb
2012-06-15 22:01 - 2004-08-04 04:00 - 00022016 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\qwinsta.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00022016 ____A (Microsoft Corporation) C:\Windows\System32\qwinsta.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00020992 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\msg.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00020992 ____A (Microsoft Corporation) C:\Windows\System32\msg.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00019456 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mtsadmin.tlb
2012-06-15 22:01 - 2004-08-04 04:00 - 00016896 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\unsecapp.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00016896 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\tsshutdn.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00016896 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\qappsrv.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00016896 ____A (Microsoft Corporation) C:\Windows\System32\tsshutdn.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00016896 ____A (Microsoft Corporation) C:\Windows\System32\qappsrv.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00016384 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\winmgmtr.dll
2012-06-15 22:01 - 2004-08-04 04:00 - 00016384 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\tskill.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\tskill.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00015872 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\rwinsta.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00015872 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\cdmodem.dll
2012-06-15 22:01 - 2004-08-04 04:00 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\rwinsta.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\cdmodem.dll
2012-06-15 22:01 - 2004-08-04 04:00 - 00015360 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\logoff.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\logoff.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00014848 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\tsdiscon.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00014848 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\tscon.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00014848 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\shadow.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\tsdiscon.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\tscon.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\shadow.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00013312 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\winmgmt.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00013223 ____A C:\Windows\System32\tslabels.ini
2012-06-15 22:01 - 2004-08-04 04:00 - 00012288 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wbemads.dll
2012-06-15 22:01 - 2004-08-04 04:00 - 00009728 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\reset.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\reset.exe
2012-06-15 22:01 - 2004-08-04 04:00 - 00004096 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\rdpcfgex.dll
2012-06-15 22:01 - 2004-08-04 04:00 - 00004096 ____A (Microsoft Corporation) C:\Windows\System32\rdpcfgex.dll
2012-06-15 22:01 - 2004-08-04 04:00 - 00003286 ____A C:\Windows\System32\tslabels.h
2012-06-15 22:01 - 2004-08-04 04:00 - 00001931 ____A C:\Windows\System32\msdtcprf.ini
2012-06-15 22:01 - 2004-08-04 04:00 - 00001161 ____A C:\Windows\System32\usrlogon.cmd
2012-06-15 22:01 - 2004-08-04 04:00 - 00000768 ____A C:\Windows\System32\msdtcprf.h


============ 3 Months Modified Files ========================

2012-06-24 05:46 - 2012-06-24 05:45 - 00001848 ____A C:\Windows\setupapi.log
2012-06-24 05:46 - 2012-06-19 16:20 - 00000284 ____A C:\Windows\Tasks\SmartDefrag_Startup.job
2012-06-24 05:46 - 2012-06-16 16:51 - 00000216 ____A C:\Windows\wiadebug.log
2012-06-24 05:46 - 2012-06-16 16:51 - 00000049 ____A C:\Windows\wiaservc.log
2012-06-24 05:46 - 2012-06-15 22:15 - 00000178 __ASH C:\Documents and Settings\OMAR IZ\ntuser.ini
2012-06-24 05:46 - 2012-06-15 22:07 - 00032496 ____A C:\Windows\SchedLgU.Txt
2012-06-24 05:46 - 2012-06-15 22:07 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-06-24 05:46 - 2012-06-15 22:04 - 01622685 ____A C:\Windows\WindowsUpdate.log
2012-06-24 05:45 - 2012-06-24 05:15 - 00000000 ____A C:\Windows\0.log
2012-06-24 05:45 - 2012-06-15 22:15 - 00000062 __ASH C:\Documents and Settings\OMAR IZ\Local Settings\desktop.ini
2012-06-24 05:45 - 2012-06-15 22:07 - 00000062 __ASH C:\Documents and Settings\NetworkService\Local Settings\desktop.ini
2012-06-24 05:45 - 2012-06-15 22:07 - 00000062 __ASH C:\Documents and Settings\LocalService\Local Settings\desktop.ini
2012-06-24 05:14 - 2012-06-19 16:58 - 00065536 ____A C:\Windows\System32\config\OAlerts.evt
2012-06-24 04:27 - 2012-06-16 17:43 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-06-24 00:00 - 2004-08-04 04:00 - 00002422 ____A C:\Windows\System32\wpa.dbl
2012-06-23 20:56 - 2012-06-16 16:05 - 00000211 __ASH C:\boot.ini
2012-06-23 20:56 - 2004-08-04 04:00 - 00000552 ____A C:\Windows\win.ini
2012-06-23 20:56 - 2004-08-04 04:00 - 00000227 ____A C:\Windows\system.ini
2012-06-21 22:53 - 2012-06-16 14:55 - 00095008 ____A C:\Documents and Settings\OMAR IZ\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2012-06-21 14:58 - 2012-06-21 12:47 - 00001640 ____A C:\Documents and Settings\All Users\Desktop\Pro Tools LE.lnk
2012-06-21 14:57 - 2009-12-23 07:36 - 00054328 ____A (PACE Anti-Piracy, Inc.) C:\Windows\System32\Drivers\iLokDrvr.sys
2012-06-21 14:50 - 2012-06-16 16:06 - 00326704 ____A C:\Windows\System32\FNTCACHE.DAT
2012-06-20 16:54 - 2012-06-20 16:50 - 00000453 ____A C:\Documents and Settings\OMAR IZ\My Documents\Original DEP text.rtf
2012-06-20 16:10 - 2012-06-16 16:07 - 00558606 ____A C:\Windows\System32\PerfStringBackup.INI
2012-06-20 15:25 - 2012-06-17 21:53 - 00000198 ____A C:\Documents and Settings\OMAR IZ\Application Data\default.rss
2012-06-20 15:25 - 2012-06-17 21:52 - 00000069 ____A C:\Windows\NeroDigital.ini
2012-06-20 13:04 - 2012-06-20 13:04 - 00117312 ____A (Gibson Research Corp.) C:\Documents and Settings\OMAR IZ\Desktop\securable.exe
2012-06-18 21:11 - 2012-06-18 21:11 - 00003584 ____A C:\Documents and Settings\OMAR IZ\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-17 21:16 - 2012-06-17 21:16 - 00000231 ____A C:\Windows\PowerReg.dat
2012-06-17 20:27 - 2012-06-17 20:15 - 00724992 ____A (Indigo Rose Corporation) C:\Windows\iun6002.exe
2012-06-17 20:27 - 2012-06-17 20:15 - 00082944 ____A (Doug Fetter Software Wizardry) C:\Windows\System32\usbkt1x1.dll
2012-06-17 20:27 - 2012-06-17 20:15 - 00022304 ____A (Doug Fetter Software Wizardry) C:\Windows\System32\Drivers\usbkt1x1.sys
2012-06-17 20:27 - 2012-06-17 20:15 - 00013504 ____A (MIDIMAN) C:\Windows\System32\Drivers\uks11ldr.sys
2012-06-17 08:25 - 2012-06-17 08:25 - 00185432 ____A C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-73586283-838170752-725345543-1004-0.dat
2012-06-17 08:25 - 2012-06-17 08:25 - 00118538 ____A C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2012-06-16 19:51 - 2012-06-16 19:51 - 00001134 ____A C:\Windows\System32\CM-Backup2-1455329-12Jun16-23-51-07.wbb
2012-06-16 19:02 - 2012-06-16 19:02 - 00000722 ____A C:\Documents and Settings\All Users\Desktop\Reason.lnk
2012-06-16 17:45 - 2012-06-16 17:43 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-06-16 17:45 - 2012-06-16 17:43 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-06-16 17:02 - 2012-06-16 16:52 - 00012133 ____A C:\Windows\System32\lvcoinst.log
2012-06-16 16:51 - 2012-06-16 16:51 - 00000000 ____N C:\Windows\Sti_Trace.log
2012-06-16 16:06 - 2012-06-16 16:06 - 00000062 __ASH C:\Documents and Settings\Default User\Local Settings\desktop.ini
2012-06-16 16:06 - 2012-06-16 16:06 - 00000062 __ASH C:\Documents and Settings\Default User\Application Data\desktop.ini
2012-06-16 16:06 - 2012-06-16 16:06 - 00000062 __ASH C:\Documents and Settings\All Users\Application Data\desktop.ini
2012-06-16 16:06 - 2012-06-15 22:15 - 00000062 __ASH C:\Documents and Settings\OMAR IZ\Application Data\desktop.ini
2012-06-16 16:05 - 2012-06-16 16:05 - 00917504 ____A C:\Windows\System32\config\system.sav
2012-06-16 16:05 - 2012-06-16 16:05 - 00634880 ____A C:\Windows\System32\config\software.sav
2012-06-16 16:05 - 2012-06-16 16:05 - 00094208 ____A C:\Windows\System32\config\default.sav
2012-06-16 16:05 - 2012-06-16 16:04 - 00262144 ____A C:\Windows\System32\config\userdiff
2012-06-16 16:05 - 2012-06-16 16:04 - 00001024 ___AH C:\Windows\System32\config\userdiff.LOG
2012-06-16 16:05 - 2012-06-16 16:04 - 00001024 ___AH C:\Windows\System32\config\TempKey.LOG
2012-06-16 15:28 - 2012-06-15 23:32 - 00256720 ____A C:\Windows\System32\nvdrsdb1.bin
2012-06-16 15:28 - 2012-06-15 23:32 - 00000001 ____A C:\Windows\System32\nvdrssel.bin
2012-06-16 15:20 - 2012-06-16 15:09 - 00065536 ____A C:\Windows\System32\config\Internet.evt
2012-06-16 15:06 - 2012-06-16 02:34 - 00009344 ____A C:\Windows\System32\TZLog.log
2012-06-16 14:54 - 2012-06-16 14:54 - 00000259 ____A C:\Windows\System32\spupdwxp.log
2012-06-16 14:54 - 2012-06-15 22:05 - 00316640 ____A C:\Windows\WMSysPr9.prx
2012-06-16 14:46 - 2004-08-04 04:00 - 00250048 _RASH C:\ntldr
2012-06-16 02:18 - 2012-06-16 16:06 - 01040722 ____A C:\Windows\setupapi.log.0.old
2012-06-16 00:15 - 2012-06-16 00:15 - 00002422 ____A C:\Windows\System32\wpa.bak
2012-06-16 00:00 - 2012-06-16 00:00 - 00020747 ____A (Meetinghouse Data Communications) C:\Windows\System32\Drivers\AegisP.sys
2012-06-16 00:00 - 2012-06-16 00:00 - 00000308 ____A C:\Windows\System32\results.txt
2012-06-15 23:59 - 2012-06-15 23:59 - 00000920 ____A C:\Windows\System32\WLAN.INI
2012-06-15 23:49 - 2012-06-15 23:32 - 00256720 ____A C:\Windows\System32\nvdrsdb0.bin
2012-06-15 23:32 - 2012-06-15 23:32 - 00000000 ____A C:\Windows\System32\nvdrswr.lk
2012-06-15 23:22 - 2012-06-15 23:22 - 00940794 ____A C:\Windows\System32\LoopyMusic.wav
2012-06-15 23:22 - 2012-06-15 23:22 - 00146650 ____A C:\Windows\System32\BuzzingBee.wav
2012-06-15 23:16 - 2012-06-15 23:16 - 00000000 ___AH C:\Windows\System32\Drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2012-06-15 23:16 - 2012-06-15 23:16 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_FLxHCIc_01009.Wdf
2012-06-15 22:07 - 2012-06-15 22:07 - 00008192 ____A C:\Windows\REGLOCS.OLD
2012-06-15 22:07 - 2012-06-15 22:07 - 00000020 ___SH C:\Documents and Settings\NetworkService\ntuser.ini
2012-06-15 22:07 - 2012-06-15 22:07 - 00000020 ___SH C:\Documents and Settings\LocalService\ntuser.ini
2012-06-15 22:05 - 2012-06-16 16:07 - 00004161 ____A C:\Windows\ODBCINST.INI
2012-06-15 22:05 - 2012-06-15 22:05 - 00023392 ____A C:\Windows\System32\nscompat.tlb
2012-06-15 22:05 - 2012-06-15 22:05 - 00016832 ____A C:\Windows\System32\amcompat.tlb
2012-06-15 22:05 - 2012-06-15 22:05 - 00002577 ____A C:\Windows\System32\CONFIG.NT
2012-06-15 22:05 - 2012-06-15 22:05 - 00000000 _RASH C:\MSDOS.SYS
2012-06-15 22:05 - 2012-06-15 22:05 - 00000000 _RASH C:\IO.SYS
2012-06-15 22:05 - 2012-06-15 22:05 - 00000000 ____A C:\Windows\control.ini
2012-06-15 22:05 - 2012-06-15 22:05 - 00000000 ____A C:\CONFIG.SYS
2012-06-15 22:05 - 2012-06-15 22:05 - 00000000 ____A C:\AUTOEXEC.BAT
2012-06-15 22:04 - 2012-06-15 22:04 - 00000749 __RAH C:\Windows\WindowsShell.Manifest
2012-06-15 22:04 - 2012-06-15 22:04 - 00000749 __RAH C:\Windows\System32\wuaucpl.cpl.manifest
2012-06-15 22:04 - 2012-06-15 22:04 - 00000749 __RAH C:\Windows\System32\sapi.cpl.manifest
2012-06-15 22:04 - 2012-06-15 22:04 - 00000749 __RAH C:\Windows\System32\nwc.cpl.manifest
2012-06-15 22:04 - 2012-06-15 22:04 - 00000749 __RAH C:\Windows\System32\ncpa.cpl.manifest
2012-06-15 22:04 - 2012-06-15 22:04 - 00000749 __RAH C:\Windows\System32\cdplayer.exe.manifest
2012-06-15 22:04 - 2012-06-15 22:04 - 00000488 __RAH C:\Windows\System32\WindowsLogon.manifest
2012-06-15 22:04 - 2012-06-15 22:04 - 00000488 __RAH C:\Windows\System32\logonui.exe.manifest
2012-06-15 22:02 - 2012-06-15 22:02 - 00021640 ____A C:\Windows\System32\emptyregdb.dat
2012-06-15 22:02 - 2012-06-15 22:02 - 00000037 ____A C:\Windows\vbaddin.ini
2012-06-15 22:02 - 2012-06-15 22:02 - 00000036 ____A C:\Windows\vb.ini
2012-06-03 19:35 - 2012-06-16 02:34 - 56731752 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-05-31 05:22 - 2012-05-31 05:22 - 00599040 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\crypt32.dll
2012-05-31 05:22 - 2004-08-04 04:00 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-05-16 07:08 - 2010-04-16 08:09 - 00916992 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wininet.dll
2012-05-16 07:08 - 2004-08-04 04:00 - 00916992 ____N (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-05-15 05:20 - 2010-05-01 21:22 - 01863168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\win32k.sys
2012-05-15 05:20 - 2004-08-04 04:00 - 01863168 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-05-11 16:12 - 2012-06-16 15:09 - 11111424 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ieframe.dll
2012-05-11 16:12 - 2009-03-08 00:39 - 11111424 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-05-11 06:42 - 2012-06-16 15:09 - 02000384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iertutil.dll
2012-05-11 06:42 - 2012-06-16 15:09 - 00743424 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iedvtool.dll
2012-05-11 06:42 - 2012-06-16 15:09 - 00629760 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msfeeds.dll
2012-05-11 06:42 - 2012-06-16 15:09 - 00521728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\jsdbgui.dll
2012-05-11 06:42 - 2012-06-16 15:09 - 00247808 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ieproxy.dll
2012-05-11 06:42 - 2012-06-16 15:09 - 00055296 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msfeedsbs.dll
2012-05-11 06:42 - 2012-06-16 15:09 - 00012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\xpshims.dll
2012-05-11 06:42 - 2010-04-16 08:09 - 06007808 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mshtml.dll
2012-05-11 06:42 - 2010-04-16 08:09 - 01212416 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\urlmon.dll
2012-05-11 06:42 - 2010-04-16 08:09 - 00184320 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iepeers.dll
2012-05-11 06:42 - 2009-03-08 10:09 - 00387584 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iedkcs32.dll
2012-05-11 06:42 - 2009-03-08 00:34 - 01469440 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\inetcpl.cpl
2012-05-11 06:42 - 2009-03-08 00:34 - 00206848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\occache.dll
2012-05-11 06:42 - 2009-03-08 00:34 - 00105984 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\url.dll
2012-05-11 06:42 - 2009-03-08 00:34 - 00043520 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\licmgr10.dll
2012-05-11 06:42 - 2009-03-08 00:33 - 00025600 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\jsproxy.dll
2012-05-11 06:42 - 2009-03-08 00:32 - 02000384 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-05-11 06:42 - 2009-03-08 00:32 - 00629760 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-05-11 06:42 - 2009-03-08 00:32 - 00611840 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mstime.dll
2012-05-11 06:42 - 2009-03-08 00:31 - 00067072 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mshtmled.dll
2012-05-11 06:42 - 2009-03-08 00:31 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-05-11 06:42 - 2004-08-04 04:00 - 06007808 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-05-11 06:42 - 2004-08-04 04:00 - 01469440 ____N (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-05-11 06:42 - 2004-08-04 04:00 - 01212416 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-05-11 06:42 - 2004-08-04 04:00 - 00611840 ____N (Microsoft Corporation) C:\Windows\System32\mstime.dll
2012-05-11 06:42 - 2004-08-04 04:00 - 00387584 ____N (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-05-11 06:42 - 2004-08-04 04:00 - 00206848 ____N (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-05-11 06:42 - 2004-08-04 04:00 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-05-11 06:42 - 2004-08-04 04:00 - 00105984 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-05-11 06:42 - 2004-08-04 04:00 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-05-11 06:42 - 2004-08-04 04:00 - 00043520 ____N (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-05-11 06:42 - 2004-08-04 04:00 - 00025600 ____N (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-05-11 03:38 - 2009-03-08 00:32 - 00174080 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ie4uinit.exe
2012-05-11 03:38 - 2004-08-04 04:00 - 00385024 ____N (Microsoft Corporation) C:\Windows\System32\html.iec
2012-05-11 03:38 - 2004-08-04 04:00 - 00174080 ____N (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-05-08 14:35 - 2012-06-19 16:20 - 00029528 ____A (IObit) C:\Windows\System32\SmartDefragBootTime.exe
2012-05-04 05:16 - 2012-06-16 02:24 - 02148352 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrnlmp.exe
2012-05-04 05:16 - 2004-08-04 04:00 - 02148352 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-05-04 05:12 - 2012-06-16 02:24 - 02192640 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ntoskrnl.exe
2012-05-04 04:32 - 2012-06-16 02:24 - 02026496 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrpamp.exe
2012-05-04 04:32 - 2009-02-07 15:02 - 02069120 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrnlpa.exe
2012-05-04 04:32 - 2004-08-03 14:59 - 02026496 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2012-05-02 05:46 - 2012-06-16 15:03 - 00139656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\rdpwd.sys
2012-05-02 05:46 - 2012-06-15 22:01 - 00139656 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-04-25 08:11 - 2012-06-20 14:29 - 04547944 ____A (Apple, Inc.) C:\Windows\System32\usbaaplrc.dll
2012-04-25 08:11 - 2012-06-20 14:29 - 00043520 ____A (Apple, Inc.) C:\Windows\System32\Drivers\usbaapl.sys
2012-04-20 11:29 - 2012-04-20 11:29 - 00081920 ____N (Microsoft Corporation) C:\Windows\System32\ieencode.dll
2012-04-20 11:29 - 2012-04-20 11:29 - 00081920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ieencode.dll
2012-04-20 11:29 - 2010-04-16 08:09 - 01510400 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\shdocvw.dll
2012-04-20 11:29 - 2010-04-16 08:09 - 01025024 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\browseui.dll
2012-04-20 11:29 - 2004-08-04 04:00 - 01510400 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2012-04-20 11:29 - 2004-08-04 04:00 - 01025024 ____A (Microsoft Corporation) C:\Windows\System32\browseui.dll
2012-04-18 16:56 - 2012-04-18 16:56 - 00094208 ____A (Apple Inc.) C:\Windows\System32\QuickTimeVR.qtx
2012-04-18 16:56 - 2012-04-18 16:56 - 00069632 ____A (Apple Inc.) C:\Windows\System32\QuickTime.qts


========================= Known DLLs (Whitelisted) ============

C:\Windows\SysWOW64\advapi32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\comdlg32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\gdi32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\imagehlp.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\kernel32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\lz32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\ole32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\oleaut32.dll IS MISSING <==== ATTENTION!
[2004-08-04 04:00] - [2008-04-13 16:12] - 0074752 ____A (Microsoft Corporation) C:\Windows\System32\olecli32.dll
C:\Windows\SysWOW64\olecli32.dll IS MISSING <==== ATTENTION!
[2004-08-04 04:00] - [2008-04-13 16:12] - 0037376 ____A (Microsoft Corporation) C:\Windows\System32\olecnv32.dll
C:\Windows\SysWOW64\olecnv32.dll IS MISSING <==== ATTENTION!
[2004-08-04 04:00] - [2004-08-04 04:00] - 0022016 ____A (Microsoft Corporation) C:\Windows\System32\olesvr32.dll
C:\Windows\SysWOW64\olesvr32.dll IS MISSING <==== ATTENTION!
[2004-08-04 04:00] - [2004-08-04 04:00] - 0069120 ____A (Microsoft Corporation) C:\Windows\System32\olethk32.dll
C:\Windows\SysWOW64\olethk32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\rpcrt4.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\shell32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\url.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\urlmon.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\user32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\version.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\wininet.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\wldap32.dll IS MISSING <==== ATTENTION!

========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe
[2004-08-04 04:00] - [2008-04-13 16:12] - 0507904 ____A (Microsoft Corporation) ED0EF0A136DEC83DF69F04118870003E

C:\Windows\System32\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\explorer.exe
[2004-08-04 04:00] - [2008-04-13 16:12] - 1033728 ____A (Microsoft Corporation) 12896823FB95BFB3DC9B46BCAEDC9923

C:\Windows\SysWOW64\explorer.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\svchost.exe
[2004-08-04 04:00] - [2008-04-13 16:12] - 0014336 ____A (Microsoft Corporation) 27C6D03BCDB8CFEB96B716F3D8BE3E18

C:\Windows\SysWOW64\svchost.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\services.exe
[2004-08-04 04:00] - [2009-02-06 03:11] - 0110592 ____A (Microsoft Corporation) 65DF52F5B8B6E9BBD183505225C37315

C:\Windows\System32\User32.dll
[2004-08-04 04:00] - [2008-04-13 16:12] - 0578560 ____A (Microsoft Corporation) B26B135FF1B9F60C9388B4A7D16F600B

C:\Windows\SysWOW64\User32.dll IS MISSING <==== ATTENTION!.
C:\Windows\System32\userinit.exe
[2004-08-04 04:00] - [2008-04-13 16:12] - 0026112 ____A (Microsoft Corporation) A93AEE1928A9D7CE3E16D24EC7380F89

C:\Windows\SysWOW64\userinit.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\Drivers\volsnap.sys
[2004-08-04 04:00] - [2008-04-13 10:41] - 0052352 ____A (Microsoft Corporation) 4C8FCB5CC53AAB716D810740FE59D025


==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 6%
Total physical RAM: 16375.05 MB
Available physical RAM: 15309.46 MB
Total Pagefile: 16373.25 MB
Available Pagefile: 15311.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:931.5 GB) (Free:829.17 GB) NTFS
2 Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive e: (Audio A) (Fixed) (Total:931.51 GB) (Free:640.68 GB) NTFS
4 Drive f: (Win7-Pro.64) (Fixed) (Total:74.43 GB) (Free:20.72 GB) NTFS
5 Drive g: (MPD26 INSTALLER) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS
7 Drive i: (CSX USB) (Removable) (Total:3.76 GB) (Free:3.71 GB) NTFS
11 Drive m: (CODEMETER) (Fixed) (Total:0.04 GB) (Free:0 GB) FAT32
12 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 8 MB
Disk 1 Online 74 GB 0 B
Disk 2 Online 931 GB 0 B
Disk 3 Online 3850 MB 0 B
Disk 4 No Media 0 B 0 B
Disk 5 No Media 0 B 0 B
Disk 6 No Media 0 B 0 B
Disk 7 No Media 0 B 0 B
Disk 8 Online 39 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 931 GB 31 KB

==================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Partition 931 GB Healthy

==================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 74 GB 101 MB

==================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D System Rese NTFS Partition 100 MB Healthy

==================================================================================

Disk: 1
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F Win7-Pro.64 NTFS Partition 74 GB Healthy

==================================================================================

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 931 GB 31 KB

==================================================================================

Disk: 2
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 E Audio A NTFS Partition 931 GB Healthy

==================================================================================

Partitions of Disk 3:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3849 MB 64 KB

==================================================================================

Disk: 3
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 I CSX USB NTFS Removable 3849 MB Healthy

==================================================================================

Partitions of Disk 8:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 39 MB 31 KB

==================================================================================

Disk: 8
Partition 1
Type : 0B
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 10 M CODEMETER FAT32 Partition 39 MB Healthy

==================================================================================
======================= End Of Log ==========================

#5 OMAR IZ

OMAR IZ
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:25 AM

Posted 10 July 2012 - 04:52 PM

Gringo, my apologies. I just realized that I ran the FRST scan on Windows XP and not Windows 7 Professional. :oopsign:
Here is the new FRST scan log results for Windows 7 Professional on my PC.


FRST.txt

Scan result of Farbar Recovery Scan Tool Version: 09-07-2012
Ran by SYSTEM at 10-07-2012 17:42:22
Running from H:\
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-04-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe [77824 2011-03-02] (Avid Technology, Inc.)
HKU\OMAR IZ\...\Run: [Google Update] "C:\Users\OMAR IZ\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2012-06-24] (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.33.1
Startup: C:\Users\All Users\Start Menu\Programs\Startup\CodeMeter Control Center.lnk
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)

==================== Services (Whitelisted) ======

2 CodeMeter.exe; "C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe" [2304912 2011-07-06] (WIBU-SYSTEMS AG)
2 DigiRefresh; C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe -s [77824 2011-03-02] (Avid Technology, Inc.)
3 digiSPTIService; "C:\Program Files (x86)\Digidesign\Pro Tools\digiSPTIService.exe" [159744 2011-03-02] (Avid Technology, Inc.)
2 MboxAudioDevMon; "C:\Program Files (x86)\Avid\Mbox\AudioDevMon.exe" [1919504 2010-10-07] (Avid)
2 MboxMiniAudioDevMon; "C:\Program Files (x86)\Avid\Mbox Mini\AudioDevMon.exe" [1919504 2010-10-08] (Avid)
2 MboxProAudioDevMon; "C:\Program Files (x86)\Avid\Mbox Pro\AudioDevMon.exe" [1919504 2010-10-08] (Avid)
2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" [2938880 2012-05-17] (PACE Anti-Piracy, Inc.)
4 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [185632 2009-07-14] (Ralink Technology, Corp.)
4 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [211232 2009-07-14] (Ralink Technology, Corp.)

========================== Drivers (Whitelisted) =============

3 dalwdmservice; C:\Windows\System32\drivers\dalwdm.sys [162832 2008-12-03] (Digidesign, A Division of Avid Technology, Inc.)
3 DG003; C:\Windows\System32\Drivers\DG003.sys [191792 2011-02-13] (Avid Technology, Inc.)
2 DigiNet; C:\Windows\System32\Drivers\DigiNet.sys [21520 2008-12-03] (Digidesign, A Division of Avid Technology, Inc.)
3 epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] ()
3 EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] ()
3 FLxHCIc; C:\Windows\System32\Drivers\FLxHCIc.sys [108032 2010-04-17] (Fresco Logic)
3 iLokDrvr; C:\Windows\System32\Drivers\iLokDrvr.sys [25752 2012-06-24] ()
3 RT2500; C:\Windows\System32\Drivers\RT2500.sys [222720 2005-10-20] (Ralink Technology Inc.)
3 rt61x64; C:\Windows\System32\DRIVERS\netr6164.sys [438784 2009-06-02] (Ralink Technology, Corp.)
3 swmidi; [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-07-10 17:42 - 2012-07-10 17:42 - 00000000 ____D C:\FRST
2012-07-10 13:35 - 2012-07-10 17:00 - 00206442 ____A C:\Users\OMAR IZ\Desktop\FRST.txt
2012-07-10 13:04 - 2012-07-10 13:04 - 00000056 ____A C:\Windows\setupact.log
2012-07-10 13:04 - 2012-07-10 13:04 - 00000000 ____A C:\Windows\setuperr.log
2012-07-10 13:03 - 2012-07-10 13:03 - 00001612 ____A C:\Windows\PFRO.log
2012-07-10 03:31 - 2012-07-10 03:31 - 01434401 ____A (Farbar) C:\Users\OMAR IZ\Downloads\FRST64.exe
2012-07-09 20:27 - 2012-07-09 20:27 - 00000259 ____A C:\Users\OMAR IZ\Desktop\Bleeping Forum Links.txt
2012-07-09 19:56 - 2012-07-09 19:56 - 00007950 ____A C:\Users\OMAR IZ\Desktop\Attach.txt
2012-07-09 19:54 - 2012-07-09 19:54 - 00026377 ____A C:\Users\OMAR IZ\Desktop\DDS.txt
2012-07-09 19:38 - 2012-07-09 19:38 - 00607260 ____R (Swearware) C:\Users\OMAR IZ\Desktop\dds.scr
2012-07-09 19:35 - 2012-07-09 19:35 - 00000476 ____A C:\Users\OMAR IZ\Desktop\defogger_disable.log
2012-07-09 19:35 - 2012-07-09 19:35 - 00000000 ____A C:\Users\OMAR IZ\defogger_reenable
2012-07-09 19:33 - 2012-07-09 19:33 - 00050477 ____A C:\Users\OMAR IZ\Desktop\Defogger.exe
2012-07-09 19:21 - 2012-07-09 19:21 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jul09-23-21-33.wbb
2012-07-09 16:38 - 2012-07-09 16:38 - 00001279 ____A C:\Users\OMAR IZ\Desktop\Revo Uninstaller.lnk
2012-07-09 16:38 - 2012-07-09 16:38 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2012-07-09 16:14 - 2012-07-09 16:14 - 00000000 ____D C:\Windows\System32\appmgmt
2012-07-09 15:14 - 2012-07-09 15:14 - 00000632 ____A C:\SystemLook2.txt
2012-07-09 15:12 - 2012-07-09 15:14 - 00000630 ____A C:\Users\OMAR IZ\Downloads\SystemLook.txt
2012-07-09 15:12 - 2012-07-09 15:12 - 00000434 ____A C:\SystemLook1.txt
2012-07-09 14:45 - 2012-07-09 14:45 - 00165376 ____A C:\Users\OMAR IZ\Downloads\SystemLook_x64(1).exe
2012-07-09 14:43 - 2012-07-09 14:43 - 00027080 ____A C:\Mini ToolBox Results.txt
2012-07-09 14:42 - 2012-07-09 14:42 - 00027080 ____A C:\Users\OMAR IZ\Downloads\Result.txt
2012-07-09 13:06 - 2012-07-09 13:06 - 00403231 ____A C:\Users\OMAR IZ\Downloads\MiniToolBox.exe
2012-07-09 13:06 - 2012-07-09 13:06 - 00165376 ____A C:\Users\OMAR IZ\Downloads\SystemLook_x64.exe
2012-07-09 13:05 - 2012-07-09 13:05 - 02322184 ____A (ESET) C:\Users\OMAR IZ\Downloads\esetsmartinstaller_enu.exe
2012-07-09 13:04 - 2012-07-09 13:04 - 00000609 ____A C:\RKreport[3].txt
2012-07-09 12:57 - 2012-07-09 13:02 - 00000000 ____D C:\Users\OMAR IZ\Desktop\RK_Quarantine
2012-07-09 04:30 - 2012-07-09 04:30 - 00002116 ____A C:\aswMBR.txt
2012-07-09 04:30 - 2012-07-09 04:30 - 00000512 ____A C:\MBR.dat
2012-07-09 03:51 - 2012-07-09 03:51 - 00000055 ____A C:\Users\OMAR IZ\Desktop\fix.txt
2012-07-08 22:53 - 2012-07-08 22:53 - 01558016 ____A C:\Users\OMAR IZ\Downloads\RogueKiller.exe
2012-07-08 22:46 - 2012-07-08 22:46 - 04731392 ____A (AVAST Software) C:\Users\OMAR IZ\Downloads\aswMBR.exe
2012-07-08 22:46 - 2012-07-08 22:46 - 02135640 ____A (Kaspersky Lab ZAO) C:\Users\OMAR IZ\Downloads\tdsskiller.exe
2012-07-08 20:44 - 2012-07-09 17:56 - 00000000 ____D C:\Users\OMAR IZ\Documents\Anti-Malware
2012-07-08 19:04 - 2012-07-08 19:04 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jul08-23-04-22.wbb
2012-07-08 12:30 - 2012-07-09 19:28 - 00000000 ____D C:\Program Files (x86)\Loaris
2012-07-08 11:26 - 2012-07-10 13:36 - 00094862 ____A C:\Windows\WindowsUpdate.log
2012-07-08 09:36 - 2012-07-08 09:36 - 00000000 ____D C:\Users\OMAR IZ\Documents\Psicraft
2012-07-08 09:36 - 2012-07-08 09:36 - 00000000 ____D C:\Users\All Users\Psicraft
2012-07-08 09:36 - 2012-07-08 09:36 - 00000000 ____D C:\Program Files (x86)\Psicraft
2012-07-07 18:48 - 2012-07-07 18:48 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jul07-22-48-22.wbb
2012-07-06 18:45 - 2012-07-06 18:45 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jul06-22-45-58.wbb
2012-07-06 16:35 - 2012-07-06 16:35 - 00001124 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-07-06 16:35 - 2012-07-06 16:35 - 00000000 ____D C:\Users\OMAR IZ\AppData\Roaming\Malwarebytes
2012-07-06 16:35 - 2012-07-06 16:35 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-07-06 16:35 - 2012-07-06 16:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-06 16:35 - 2012-04-04 11:56 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-07-06 15:40 - 2012-07-06 15:40 - 16859064 ____A (Microsoft Corporation) C:\Users\OMAR IZ\Desktop\Windows-KB890830-x64-V4.9.exe
2012-07-04 21:47 - 2012-07-04 21:53 - 00000000 ____D C:\Users\OMAR IZ\AppData\Roaming\ImgBurn
2012-07-04 21:32 - 2012-07-05 18:03 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2012-07-04 12:02 - 2012-07-04 12:02 - 00000000 ____D C:\Program Files\Alex Feinman
2012-07-04 06:03 - 2012-07-05 18:03 - 00000000 ____D C:\Users\OMAR IZ\AppData\Local\NeoSmart_Technologies
2012-07-04 05:45 - 2012-07-04 20:10 - 00000000 ____D C:\Program Files (x86)\NeoSmart Technologies
2012-07-03 21:08 - 2012-07-05 18:03 - 00000000 ____D C:\Users\OMAR IZ\AppData\Roaming\Azureus
2012-07-03 21:08 - 2012-07-03 21:08 - 00000000 ____D C:\Users\OMAR IZ\.swt
2012-07-03 21:07 - 2012-07-04 06:06 - 00000000 ____D C:\Users\OMAR IZ\AppData\Local\Conduit
2012-07-03 21:07 - 2012-07-03 21:07 - 00000000 ____D C:\Users\OMAR IZ\AppData\Local\CRE
2012-07-03 21:07 - 2012-07-03 21:07 - 00000000 ____D C:\Program Files (x86)\Conduit
2012-07-03 19:59 - 2012-07-03 20:00 - 30077282 ____A C:\Users\OMAR IZ\Downloads\MultiBeast-4.6.1.zip
2012-07-03 19:59 - 2012-07-03 20:00 - 09515317 ____A C:\Users\OMAR IZ\Downloads\iBoot-3.3.0.zip
2012-07-03 19:59 - 2012-07-03 19:59 - 00043037 ____A C:\Users\OMAR IZ\Downloads\xMove-1.2.0.zip
2012-07-03 19:38 - 2012-07-03 19:38 - 00000193 ____A C:\Windows\WORDPAD.INI
2012-07-03 16:36 - 2010-09-30 21:34 - 00188928 ____A C:\Windows\System32\usbitcmd.exe
2012-07-03 16:36 - 2010-09-30 21:34 - 00165376 ____A C:\Windows\System32\usbit32.dll
2012-07-03 16:36 - 2010-09-30 21:27 - 00003969 ____A C:\Windows\System32\usbit32.txt
2012-07-03 16:36 - 2010-09-30 21:27 - 00001406 ____A C:\Windows\System32\license.txt
2012-07-03 16:36 - 2010-09-30 21:25 - 00089088 ____A (www.alexpage.de) C:\Windows\System32\USB Image Tool.exe
2012-07-03 16:36 - 2010-09-30 21:25 - 00011776 ____A C:\Windows\System32\USB Image Tool Helper.dll
2012-07-03 16:17 - 2012-04-03 07:28 - 00006148 ____A C:\Windows\System32\.DS_Store
2012-07-03 16:17 - 2012-04-03 07:27 - 00000563 ____A C:\Windows\System32\makeusb.bat
2012-07-03 16:17 - 2011-08-19 10:11 - 00000512 ____A C:\Windows\System32\bs32.bin
2012-07-03 16:17 - 2011-08-15 12:56 - 00000512 ____A C:\Windows\System32\Mbr.bin
2012-07-03 16:17 - 2008-12-27 08:44 - 00155648 ____A C:\Windows\System32\BootSectImage.exe
2012-07-03 16:17 - 2008-12-27 08:44 - 00143360 ____A C:\Windows\System32\GenBootSector.exe
2012-07-03 16:08 - 2012-07-03 16:08 - 00000000 ____D C:\Users\OMAR IZ\Documents\Niresh12495.Lion.10.7.3.V2
2012-07-02 21:40 - 2011-12-22 19:09 - 00189576 ____A (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\EuFdDisk.sys
2012-07-02 21:40 - 2011-12-22 19:09 - 00057480 ____A (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\eubakup.sys
2012-07-02 21:40 - 2011-12-22 19:09 - 00051336 ____A C:\Windows\System32\Drivers\EUBKMON.sys
2012-07-02 21:40 - 2011-12-22 19:09 - 00019592 ____A (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\eudskacs.sys
2012-07-02 21:35 - 2012-07-02 21:40 - 00000000 ____D C:\Program Files (x86)\EASEUS
2012-07-02 21:35 - 2011-08-02 16:48 - 03320192 ____A C:\Windows\System32\BootMan.exe
2012-07-02 21:35 - 2011-08-02 16:48 - 02469248 ____A C:\Windows\SysWOW64\BootMan.exe
2012-07-02 21:35 - 2011-07-29 09:54 - 00100232 ____A C:\Windows\System32\setupempdrvx64.exe
2012-07-02 21:35 - 2011-07-29 09:54 - 00086408 ____A C:\Windows\SysWOW64\setupempdrv03.exe
2012-07-02 21:35 - 2011-07-29 09:54 - 00019840 ____A C:\Windows\SysWOW64\EuEpmGdi.dll
2012-07-02 21:35 - 2011-07-29 09:54 - 00016776 ____A C:\Windows\System32\epmntdrv.sys
2012-07-02 21:35 - 2011-07-29 09:54 - 00016256 ____A C:\Windows\System32\EuEpmGdi.dll
2012-07-02 21:35 - 2011-07-29 09:54 - 00014216 ____A C:\Windows\SysWOW64\epmntdrv.sys
2012-07-02 21:35 - 2011-07-29 09:54 - 00009096 ____A C:\Windows\System32\EuGdiDrv.sys
2012-07-02 21:35 - 2011-07-29 09:54 - 00008456 ____A C:\Windows\SysWOW64\EuGdiDrv.sys
2012-07-02 21:25 - 2012-07-02 21:25 - 00000442 ____A C:\Users\OMAR IZ\Desktop\Internet Links.txt
2012-07-02 16:22 - 2012-07-02 16:22 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jul02-20-22-42.wbb
2012-07-01 16:15 - 2012-07-01 16:15 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jul01-20-15-10.wbb
2012-06-30 16:15 - 2012-06-30 16:15 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jun30-20-15-00.wbb
2012-06-30 16:12 - 2011-02-17 20:52 - 00031744 ____A C:\Users\OMAR IZ\Documents\journal-list.xls
2012-06-30 16:07 - 2011-02-17 18:05 - 00036352 ____A C:\Users\OMAR IZ\Documents\SAMPLE_CD_MARKETING_BUDGET2010.xls
2012-06-30 16:07 - 2011-02-17 17:52 - 00046080 ____A C:\Users\OMAR IZ\Documents\Sample_Music_Conference_Budget.xls
2012-06-29 16:12 - 2012-06-29 16:12 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jun29-20-12-28.wbb
2012-06-28 12:47 - 2012-06-28 12:47 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jun28-16-47-13.wbb
2012-06-28 02:28 - 2012-05-04 03:00 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2012-06-28 02:28 - 2012-05-04 01:59 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2012-06-28 02:28 - 2011-02-19 04:05 - 01139200 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2012-06-28 02:28 - 2011-02-19 04:04 - 00902656 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2012-06-28 02:28 - 2011-02-18 22:30 - 00739840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2012-06-28 01:40 - 2012-06-28 01:40 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-06-27 23:34 - 2012-06-03 19:28 - 58957832 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-06-27 12:45 - 2012-06-27 12:45 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jun27-16-45-44.wbb
2012-06-26 12:09 - 2011-03-24 19:29 - 00343040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2012-06-26 12:09 - 2011-03-24 19:29 - 00325120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2012-06-26 12:09 - 2011-03-24 19:29 - 00098816 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2012-06-26 12:09 - 2011-03-24 19:29 - 00052736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2012-06-26 12:09 - 2011-03-24 19:29 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2012-06-26 12:09 - 2011-03-24 19:29 - 00025600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2012-06-26 12:09 - 2011-03-24 19:28 - 00007936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2012-06-26 12:09 - 2011-03-10 22:41 - 01659776 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-06-26 12:09 - 2011-03-10 22:41 - 00410496 ____A (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2012-06-26 12:09 - 2011-03-10 22:41 - 00189824 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2012-06-26 12:09 - 2011-03-10 22:41 - 00166272 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2012-06-26 12:09 - 2011-03-10 22:41 - 00148352 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2012-06-26 12:09 - 2011-03-10 22:41 - 00107904 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2012-06-26 12:09 - 2011-03-10 22:41 - 00027008 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2012-06-26 12:09 - 2011-03-10 22:33 - 02565632 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll
2012-06-26 12:09 - 2011-03-10 22:30 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\fsutil.exe
2012-06-26 12:09 - 2011-03-10 21:33 - 01699328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2012-06-26 12:09 - 2011-03-10 21:31 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2012-06-26 12:09 - 2011-03-10 20:37 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2012-06-25 21:31 - 2012-06-25 21:31 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jun26-01-31-44.wbb
2012-06-25 18:36 - 2012-06-25 18:36 - 00000000 ____D C:\Users\OMAR IZ\AppData\Roaming\Final Draft
2012-06-25 18:36 - 2012-06-25 18:36 - 00000000 ____D C:\Users\All Users\Final Draft
2012-06-25 13:54 - 2012-03-02 22:35 - 01544704 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-06-25 13:54 - 2012-03-02 21:31 - 01077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-06-25 13:54 - 2012-01-04 02:44 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-06-25 13:54 - 2012-01-04 02:44 - 00509952 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2012-06-25 13:54 - 2012-01-04 00:59 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-06-25 13:54 - 2012-01-04 00:58 - 00442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2012-06-25 13:54 - 2011-12-29 22:26 - 00515584 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2012-06-25 13:54 - 2011-12-29 21:27 - 00478720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2012-06-25 13:54 - 2011-11-16 22:49 - 00152432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-06-25 13:54 - 2011-11-16 22:49 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-06-25 13:54 - 2011-11-16 22:44 - 00459232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-06-25 13:54 - 2011-11-16 22:35 - 01447936 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2012-06-25 13:54 - 2011-11-16 22:35 - 00395776 ____A (Microsoft Corporation) C:\Windows\System32\webio.dll
2012-06-25 13:54 - 2011-11-16 22:35 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-06-25 13:54 - 2011-11-16 22:35 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2012-06-25 13:54 - 2011-11-16 22:35 - 00029184 ____A (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2012-06-25 13:54 - 2011-11-16 22:35 - 00028160 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll
2012-06-25 13:54 - 2011-11-16 22:33 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe
2012-06-25 13:54 - 2011-11-16 21:35 - 00314880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2012-06-25 13:54 - 2011-11-16 21:34 - 00224768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-06-25 13:54 - 2011-11-16 21:34 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-06-25 13:54 - 2011-11-16 21:28 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-06-25 13:54 - 2011-10-25 21:25 - 01572864 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll
2012-06-25 13:54 - 2011-10-25 21:21 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2012-06-25 13:54 - 2011-10-25 20:32 - 01328128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2012-06-25 13:54 - 2011-07-08 18:46 - 00288768 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2012-06-25 13:54 - 2011-06-15 21:49 - 00199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2012-06-25 13:54 - 2011-06-15 20:33 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2012-06-25 13:54 - 2011-06-15 02:02 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2012-06-25 13:54 - 2011-06-15 02:02 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2012-06-25 13:54 - 2011-06-15 02:02 - 00106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2012-06-25 13:54 - 2011-06-15 02:02 - 00106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2012-06-25 13:54 - 2011-06-15 00:55 - 00319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2012-06-25 13:54 - 2011-06-15 00:55 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2012-06-25 13:54 - 2011-06-15 00:55 - 00122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2012-06-25 13:54 - 2011-06-15 00:55 - 00086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2012-06-25 13:54 - 2011-06-15 00:55 - 00081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2012-06-25 13:54 - 2011-05-03 21:25 - 02315776 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2012-06-25 13:54 - 2011-05-03 21:22 - 02223616 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2012-06-25 13:54 - 2011-05-03 21:22 - 00778752 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2012-06-25 13:54 - 2011-05-03 21:22 - 00491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2012-06-25 13:54 - 2011-05-03 21:22 - 00288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2012-06-25 13:54 - 2011-05-03 21:22 - 00075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2012-06-25 13:54 - 2011-05-03 21:19 - 00591872 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2012-06-25 13:54 - 2011-05-03 21:19 - 00249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2012-06-25 13:54 - 2011-05-03 21:19 - 00113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2012-06-25 13:54 - 2011-05-03 20:34 - 01549312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2012-06-25 13:54 - 2011-05-03 20:32 - 01401344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2012-06-25 13:54 - 2011-05-03 20:32 - 00666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2012-06-25 13:54 - 2011-05-03 20:32 - 00337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2012-06-25 13:54 - 2011-05-03 20:32 - 00197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2012-06-25 13:54 - 2011-05-03 20:32 - 00059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2012-06-25 13:54 - 2011-05-03 20:28 - 00427520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2012-06-25 13:54 - 2011-05-03 20:28 - 00164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2012-06-25 13:54 - 2011-05-03 20:28 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2012-06-25 13:54 - 2011-04-26 18:40 - 00158208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2012-06-25 13:54 - 2011-04-26 18:39 - 00128000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2012-06-25 13:54 - 2011-04-08 22:58 - 00142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2012-06-25 13:54 - 2011-04-08 21:56 - 00123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2012-06-25 13:54 - 2011-02-24 22:19 - 02871808 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2012-06-25 13:54 - 2011-02-24 21:30 - 02616320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2012-06-25 13:54 - 2010-12-23 02:42 - 01118720 ____A (Microsoft Corporation) C:\Windows\System32\sbe.dll
2012-06-25 13:54 - 2010-12-23 02:42 - 00961024 ____A (Microsoft Corporation) C:\Windows\System32\CPFilters.dll
2012-06-25 13:54 - 2010-12-23 02:36 - 00259072 ____A (Microsoft Corporation) C:\Windows\System32\mpg2splt.ax
2012-06-25 13:54 - 2010-12-22 21:54 - 00850944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2012-06-25 13:54 - 2010-12-22 21:54 - 00642048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2012-06-25 13:54 - 2010-12-22 21:50 - 00199680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2012-06-25 13:54 - 2010-12-17 03:40 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-06-25 13:54 - 2010-12-16 23:07 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-06-25 13:53 - 2012-04-25 21:41 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-06-25 13:53 - 2012-04-25 21:41 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-06-25 13:53 - 2012-04-25 21:34 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-06-25 13:53 - 2012-04-16 21:31 - 00918016 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-25 13:53 - 2012-04-16 20:34 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-25 13:53 - 2011-05-27 21:32 - 09001984 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-25 13:53 - 2011-05-27 20:33 - 05984768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-25 13:53 - 2011-05-27 19:30 - 01638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-25 13:53 - 2011-05-27 18:53 - 01638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-25 13:53 - 2011-04-28 21:52 - 00702464 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-06-25 13:53 - 2011-04-28 21:51 - 02443776 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-25 13:53 - 2011-04-28 20:54 - 02064384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-25 13:53 - 2011-04-28 20:54 - 00599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-06-25 13:53 - 2011-04-22 14:08 - 01492992 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-25 13:53 - 2011-04-22 14:08 - 01188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-25 13:53 - 2011-04-22 14:04 - 12262400 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-25 13:53 - 2011-04-22 14:04 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-25 13:53 - 2011-04-22 14:04 - 00064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-25 13:53 - 2011-04-22 11:10 - 00981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-25 13:53 - 2011-04-22 11:09 - 10990592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-25 13:53 - 2011-04-22 11:09 - 01230848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-25 13:53 - 2011-04-22 11:09 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-25 13:53 - 2011-04-22 11:09 - 00048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-25 13:53 - 2011-03-12 04:08 - 01465344 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2012-06-25 13:53 - 2011-03-12 03:23 - 00870912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2012-06-25 13:53 - 2011-03-10 22:34 - 01395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2012-06-25 13:53 - 2011-03-10 22:34 - 01359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2012-06-25 13:53 - 2011-03-10 21:33 - 01164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2012-06-25 13:53 - 2011-03-10 21:33 - 01137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2012-06-25 13:53 - 2011-02-23 22:15 - 00476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2012-06-25 13:53 - 2011-02-23 21:38 - 00288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2012-06-25 13:53 - 2011-02-18 02:56 - 00613376 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-06-25 13:53 - 2011-02-17 21:43 - 00428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-06-25 13:52 - 2012-02-29 22:46 - 00023408 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2012-06-25 13:52 - 2012-02-29 22:38 - 00220672 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-06-25 13:52 - 2012-02-29 22:33 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-06-25 13:52 - 2012-02-29 22:28 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2012-06-25 13:52 - 2012-02-29 21:37 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-06-25 13:52 - 2012-02-29 21:33 - 00159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2012-06-25 13:52 - 2012-02-29 21:29 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2012-06-25 13:48 - 2012-05-14 17:32 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-25 13:48 - 2012-05-04 03:06 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-06-25 13:48 - 2012-05-04 02:03 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-06-25 13:48 - 2012-05-04 02:03 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-06-25 13:48 - 2012-04-30 21:40 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-06-25 13:48 - 2011-04-22 14:15 - 00027520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2012-06-25 13:48 - 2011-03-02 22:24 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2012-06-25 13:48 - 2011-03-02 22:24 - 00183296 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2012-06-25 13:48 - 2011-03-02 22:21 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2012-06-25 13:48 - 2011-03-02 21:38 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2012-06-25 13:48 - 2011-03-02 21:36 - 00028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2012-06-25 13:48 - 2011-02-19 04:03 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-06-25 13:48 - 2011-02-19 01:00 - 00367616 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-06-25 13:48 - 2011-02-18 22:30 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2012-06-25 13:48 - 2011-02-18 20:34 - 00294912 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2012-06-25 13:48 - 2010-09-30 02:41 - 00100864 ____A (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2012-06-25 13:48 - 2010-09-29 22:47 - 00070656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2012-06-25 13:42 - 2011-04-28 19:06 - 00467456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2012-06-25 13:42 - 2011-04-28 19:05 - 00410112 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2012-06-25 13:42 - 2011-04-28 19:05 - 00168448 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2012-06-25 13:42 - 2011-01-17 03:09 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2012-06-25 13:42 - 2011-01-16 21:47 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2012-06-25 13:41 - 2012-04-27 19:55 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-25 13:41 - 2012-03-16 23:58 - 00075120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2012-06-25 13:41 - 2011-12-27 19:59 - 00498688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2012-06-25 13:41 - 2011-08-16 21:26 - 00613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2012-06-25 13:41 - 2011-08-16 21:25 - 00108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2012-06-25 13:41 - 2011-08-16 20:24 - 00465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2012-06-25 13:41 - 2011-08-16 20:19 - 00075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2012-06-25 13:40 - 2012-04-23 21:37 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-06-25 13:40 - 2012-04-23 21:37 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-06-25 13:40 - 2012-04-23 21:37 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-06-25 13:40 - 2012-04-23 20:36 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-06-25 13:40 - 2012-04-23 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-06-25 13:40 - 2012-04-23 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-06-25 13:40 - 2012-04-07 04:31 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-06-25 13:40 - 2012-04-07 03:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-06-25 13:40 - 2011-07-15 21:41 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-06-25 13:40 - 2011-07-15 21:41 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-06-25 13:40 - 2011-07-15 21:41 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-06-25 13:40 - 2011-07-15 21:39 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-06-25 13:40 - 2011-07-15 21:37 - 01162752 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-06-25 13:40 - 2011-07-15 21:37 - 00421888 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 21:21 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:29 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-06-25 13:40 - 2011-07-15 20:25 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-06-25 13:40 - 2011-07-15 20:24 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-06-25 13:40 - 2011-07-15 20:24 - 00272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-06-25 13:40 - 2011-07-15 20:24 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 20:15 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 18:21 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-06-25 13:40 - 2011-07-15 18:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-06-25 13:40 - 2011-07-15 18:17 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 18:17 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 18:17 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-06-25 13:40 - 2011-07-15 18:17 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-06-25 13:40 - 2011-06-23 21:34 - 00214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-06-25 13:40 - 2011-06-23 21:25 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-06-25 13:40 - 2011-05-24 03:42 - 00404480 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2012-06-25 13:40 - 2011-05-24 02:40 - 00064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2012-06-25 13:40 - 2011-05-24 02:40 - 00044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2012-06-25 13:40 - 2011-05-24 02:39 - 00145920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2012-06-25 13:40 - 2011-05-24 02:37 - 00252928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2012-06-25 13:40 - 2011-02-18 02:51 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\prevhost.exe
2012-06-25 13:40 - 2011-02-17 21:39 - 00031232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2012-06-25 13:40 - 2011-02-05 09:10 - 00642944 ____A (Microsoft Corporation) C:\Windows\System32\winload.efi
2012-06-25 13:40 - 2011-02-05 09:10 - 00020352 ____A (Microsoft Corporation) C:\Windows\System32\kdusb.dll
2012-06-25 13:40 - 2011-02-05 09:10 - 00019328 ____A (Microsoft Corporation) C:\Windows\System32\kd1394.dll
2012-06-25 13:40 - 2011-02-05 09:10 - 00017792 ____A (Microsoft Corporation) C:\Windows\System32\kdcom.dll
2012-06-25 13:40 - 2011-02-05 09:06 - 00605552 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2012-06-25 13:40 - 2011-02-05 09:06 - 00566208 ____A (Microsoft Corporation) C:\Windows\System32\winresume.efi
2012-06-25 13:40 - 2011-02-05 09:06 - 00518672 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2012-06-25 13:39 - 2012-03-30 03:35 - 01918320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-06-25 13:39 - 2011-12-16 00:46 - 00634880 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2012-06-25 13:39 - 2011-12-15 23:52 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2012-06-25 13:39 - 2011-11-04 21:32 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-06-25 13:39 - 2011-11-04 20:26 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-06-25 13:39 - 2011-10-14 22:31 - 00723456 ____A (Microsoft Corporation) C:\Windows\System32\EncDec.dll
2012-06-25 13:39 - 2011-10-14 21:38 - 00534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2012-06-25 13:39 - 2011-08-26 21:37 - 00861696 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2012-06-25 13:39 - 2011-08-26 21:37 - 00331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2012-06-25 13:39 - 2011-08-26 20:26 - 00571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2012-06-25 13:39 - 2011-08-26 20:26 - 00233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2012-06-25 13:39 - 2011-05-02 21:29 - 00976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2012-06-25 13:39 - 2011-05-02 20:30 - 00741376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2012-06-25 13:39 - 2011-02-22 20:55 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2012-06-25 13:39 - 2011-02-12 03:34 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\FXSCOVER.exe
2012-06-25 13:38 - 2011-11-19 06:58 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll
2012-06-25 13:38 - 2011-11-19 06:01 - 00067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2012-06-25 13:38 - 2011-11-16 22:41 - 01731920 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2012-06-25 13:38 - 2011-11-16 21:38 - 01292080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2012-06-24 22:10 - 2012-06-25 19:44 - 01835060 ____A C:\Users\OMAR IZ\Documents\Audio and MIDI Production.reason
2012-06-24 21:30 - 2012-07-06 21:06 - 00000000 ____D C:\Users\OMAR IZ\Documents\BKD.PT001
2012-06-24 21:28 - 2012-06-24 21:28 - 00000000 ____D C:\Users\OMAR IZ\AppData\Roaming\Leadertech
2012-06-24 21:27 - 2012-07-06 21:06 - 00000000 ____D C:\Users\OMAR IZ\AppData\Roaming\Digidesign
2012-06-24 21:22 - 2012-06-24 21:22 - 00000000 ____D C:\Users\All Users\Digidesign
2012-06-24 21:21 - 2012-06-24 21:21 - 00000000 ____D C:\Users\All Users\DigiDriver
2012-06-24 21:20 - 2012-06-24 21:20 - 00000000 ____D C:\Program Files\Common Files\Digidesign
2012-06-24 21:17 - 2012-06-24 21:18 - 00000000 ____D C:\Program Files\Avid
2012-06-24 21:17 - 2012-06-24 21:18 - 00000000 ____D C:\Program Files (x86)\Avid
2012-06-24 21:15 - 2012-06-24 21:15 - 00000000 ____D C:\Program Files\Digidesign
2012-06-24 21:09 - 2012-06-24 21:09 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jun25-01-09-25.wbb
2012-06-24 20:35 - 2012-06-24 20:42 - 00000000 ____D C:\Users\OMAR IZ\AppData\Roaming\Line 6
2012-06-24 20:34 - 2012-06-24 20:34 - 00000000 ____D C:\Users\All Users\Line 6
2012-06-24 20:34 - 2012-06-24 20:34 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2012-06-24 20:34 - 2012-06-24 20:34 - 00000000 ____D C:\Program Files\CodeMeter
2012-06-24 20:34 - 2012-06-24 20:34 - 00000000 ____D C:\Program Files (x86)\CodeMeter
2012-06-24 20:33 - 2012-06-24 20:33 - 00000874 ____A C:\Users\Public\Desktop\Reason.lnk
2012-06-24 20:32 - 2012-06-24 20:34 - 00000000 ____D C:\Program Files\Propellerhead
2012-06-24 18:44 - 2012-06-24 18:44 - 00000000 ____D C:\Program Files (x86)\Propellerhead
2012-06-24 18:37 - 2012-06-24 18:37 - 00000000 ____D C:\Program Files\WinRAR
2012-06-24 18:35 - 2012-06-24 18:43 - 00000000 ____D C:\Users\OMAR IZ\AppData\Roaming\WinRAR
2012-06-24 18:16 - 2012-06-24 18:16 - 00406528 ____A (Propellerhead Software AB) C:\Windows\SysWOW64\ReWire.dll
2012-06-24 18:16 - 2012-06-24 18:16 - 00338432 ____A (Propellerhead Software AB) C:\Windows\SysWOW64\REX Shared Library.dll
2012-06-24 18:08 - 2012-06-24 21:42 - 00000000 ____D C:\Users\OMAR IZ\AppData\Roaming\Propellerhead Software
2012-06-24 18:08 - 2012-06-24 18:16 - 00000000 ____D C:\Users\All Users\Propellerhead Software
2012-06-24 17:45 - 2012-06-24 17:45 - 00000000 ____D C:\Digidesign Databases
2012-06-24 17:34 - 2012-06-24 17:34 - 00000000 ____D C:\Users\OMAR IZ\AppData\Roaming\Structure
2012-06-24 17:22 - 2012-06-24 21:21 - 00001991 ____A C:\Users\Public\Desktop\Pro Tools LE.lnk
2012-06-24 17:16 - 2008-12-03 23:03 - 00021520 ____A (Digidesign, A Division of Avid Technology, Inc.) C:\Windows\System32\Drivers\diginet.sys
2012-06-24 16:49 - 2012-06-24 16:49 - 00000000 ____D C:\Users\OMAR IZ\AppData\Roaming\Mozilla
2012-06-24 16:49 - 2012-06-24 16:49 - 00000000 ____D C:\Users\OMAR IZ\AppData\Local\Mozilla
2012-06-24 16:48 - 2012-06-24 16:48 - 00001134 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-06-24 16:48 - 2012-06-24 16:48 - 00000000 ____D C:\Users\All Users\Mozilla
2012-06-24 16:48 - 2012-06-24 16:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2012-06-24 16:48 - 2012-06-24 16:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-06-24 16:46 - 2012-07-02 18:51 - 00002413 ____A C:\Users\OMAR IZ\Desktop\Google Chrome.lnk
2012-06-24 16:45 - 2012-07-10 11:50 - 00000916 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2163538463-1858056545-1914547564-1000UA.job
2012-06-24 16:45 - 2012-07-09 16:50 - 00000864 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2163538463-1858056545-1914547564-1000Core.job
2012-06-24 16:45 - 2012-06-24 16:46 - 00000000 ____D C:\Users\OMAR IZ\AppData\Local\Google
2012-06-24 16:43 - 2012-06-24 18:20 - 00064224 ____A C:\Users\OMAR IZ\AppData\Local\GDIPFONTCACHEV1.DAT
2012-06-24 16:43 - 2012-06-24 16:45 - 00000000 ____D C:\Users\OMAR IZ\AppData\Local\Deployment
2012-06-24 16:43 - 2012-06-24 16:43 - 00000000 ____D C:\Users\OMAR IZ\AppData\Local\Apps\2.0
2012-06-24 15:29 - 2012-06-24 15:39 - 00000000 ____D C:\Users\BEATKUNEDO\AppData\Roaming\Digidesign
2012-06-24 15:28 - 2012-06-24 15:28 - 00000000 ____D C:\Users\BEATKUNEDO\AppData\Roaming\PACE Anti-Piracy
2012-06-24 15:28 - 2012-06-24 15:28 - 00000000 ____D C:\Users\BEATKUNEDO\AppData\Local\PACE Anti-Piracy
2012-06-24 15:26 - 2012-07-05 18:04 - 00000000 ____D C:\users\BEATKUNEDO
2012-06-24 15:26 - 2012-06-24 15:26 - 00000020 ___SH C:\Users\BEATKUNEDO\ntuser.ini
2012-06-24 14:57 - 2012-06-24 14:57 - 00025752 ____A C:\Windows\System32\Drivers\iLokDrvr.sys
2012-06-24 14:57 - 2012-06-24 14:57 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_iLokDrvr_01007.Wdf
2012-06-24 14:57 - 2012-06-24 14:57 - 00000000 ____D C:\Users\All Users\PACE
2012-06-24 14:41 - 2012-06-24 14:41 - 00000000 ____D C:\Windows\pss
2012-06-24 13:51 - 2012-06-24 13:51 - 00000000 ____D C:\Users\OMAR IZ\AppData\Roaming\Trillium Lane
2012-06-24 13:48 - 2012-07-09 03:26 - 00000000 ____D C:\Windows\Minidump
2012-06-24 13:48 - 2012-06-24 13:50 - 00000000 ____D C:\Users\OMAR IZ\AppData\Roaming\PACE Anti-Piracy
2012-06-24 13:48 - 2012-06-24 13:50 - 00000000 ____D C:\Users\All Users\PACE Anti-Piracy
2012-06-24 13:48 - 2012-06-24 13:49 - 00000000 ____D C:\Users\OMAR IZ\AppData\Local\PACE Anti-Piracy
2012-06-24 13:48 - 2012-06-24 13:48 - 00000000 ____D C:\Users\OMAR IZ\AppData\Roaming\Apple Computer
2012-06-24 13:43 - 2012-06-24 13:44 - 00000000 ____D C:\Program Files (x86)\QuickTime
2012-06-24 13:43 - 2012-06-24 13:43 - 00000000 ____D C:\Users\OMAR IZ\AppData\Local\Apple
2012-06-24 13:43 - 2012-06-24 13:43 - 00000000 ____D C:\Users\All Users\Apple Computer
2012-06-24 13:43 - 2012-06-24 13:43 - 00000000 ____D C:\Users\All Users\Apple
2012-06-24 13:43 - 2012-06-24 13:43 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2012-06-24 13:41 - 2012-06-24 13:41 - 00000000 ____D C:\Program Files (x86)\Mediafour
2012-06-24 13:28 - 2012-06-24 13:28 - 00000000 ____D C:\Program Files (x86)\InterLok
2012-06-24 13:26 - 2010-07-12 05:50 - 00836096 ____A (PACE Anti-Piracy) C:\Windows\SysWOW64\ilinet.dll
2012-06-24 13:26 - 2008-12-03 23:03 - 00162832 ____A (Digidesign, A Division of Avid Technology, Inc.) C:\Windows\System32\Drivers\Dalwdm.sys
2012-06-24 13:26 - 2003-02-21 00:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2012-06-24 13:26 - 2001-06-27 05:13 - 00217088 _____ C:\Windows\SysWOW64\qtmlClient.dll
2012-06-24 13:25 - 2012-06-24 21:19 - 00000000 ____D C:\Program Files (x86)\Digidesign
2012-06-24 13:19 - 2012-06-24 13:19 - 00000000 ____D C:\Users\OMAR IZ\AppData\Roaming\Auslogics
2012-06-24 13:19 - 2012-06-24 13:19 - 00000000 ____D C:\Program Files (x86)\Auslogics
2012-06-24 13:14 - 2012-06-27 13:52 - 00000000 ____D C:\Program Files\CCleaner
2012-06-24 13:13 - 2012-06-24 13:13 - 00000000 ____D C:\Program Files\CPUID
2012-06-24 13:13 - 2012-03-09 06:57 - 00023816 ____A (CPUID) C:\Windows\System32\Drivers\cpuz135_x64.sys
2012-06-24 13:08 - 2012-06-24 13:08 - 00000020 __ASH C:\Users\UpdatusUser\ntuser.ini
2012-06-24 13:08 - 2012-05-15 01:29 - 02621723 ____A C:\Windows\System32\nvcoproc.bin
2012-06-24 13:07 - 2012-05-15 02:48 - 25743168 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 25248064 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 19607872 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 18044224 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 17551680 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 14298944 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2012-06-24 13:07 - 2012-05-15 02:48 - 10194752 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 08139072 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 08105280 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 05982528 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 02881856 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 02681664 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 02524992 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 02445120 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 02368832 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 01738048 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco64.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 01468224 ____A (NVIDIA Corporation) C:\Windows\System32\nvgenco64.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 00818496 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 00364352 ____A (NVIDIA Corporation) C:\Windows\System32\nvdecodemft.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 00301376 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvdecodemft.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 00246592 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2012-06-24 13:07 - 2012-05-15 02:48 - 00202048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2012-06-24 13:07 - 2012-04-18 09:08 - 01451840 ____A (NVIDIA Corporation) C:\Windows\System32\nvhdagenco6420103.dll
2012-06-24 13:07 - 2012-04-18 09:08 - 00188736 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2012-06-24 13:07 - 2012-04-18 09:08 - 00031040 ____A (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2012-06-24 13:06 - 2012-06-24 13:06 - 00000000 ____D C:\NVIDIA
2012-06-24 12:40 - 2012-06-24 12:40 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-06-24 12:40 - 2012-06-24 12:40 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-06-24 12:40 - 2012-06-24 12:40 - 00000000 ____D C:\Users\All Users\Sun
2012-06-24 12:40 - 2012-06-24 12:40 - 00000000 ____D C:\Program Files (x86)\Oracle
2012-06-24 12:40 - 2012-05-04 15:29 - 00772504 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-06-24 12:40 - 2012-05-04 15:29 - 00687504 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-06-24 12:40 - 2012-05-04 15:29 - 00227720 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-06-24 12:39 - 2012-06-24 12:39 - 00000000 ____D C:\Program Files (x86)\Java
2012-06-24 12:24 - 2010-06-02 00:55 - 00527192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2012-06-24 12:24 - 2010-06-02 00:55 - 00518488 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_7.dll
2012-06-24 12:24 - 2010-06-02 00:55 - 00239960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2012-06-24 12:24 - 2010-06-02 00:55 - 00176984 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_7.dll
2012-06-24 12:24 - 2010-06-02 00:55 - 00077656 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_5.dll
2012-06-24 12:24 - 2010-06-02 00:55 - 00074072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2012-06-24 12:24 - 2010-05-26 07:41 - 02526056 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_43.dll
2012-06-24 12:24 - 2010-05-26 07:41 - 02401112 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_43.dll
2012-06-24 12:24 - 2010-05-26 07:41 - 02106216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2012-06-24 12:24 - 2010-05-26 07:41 - 01998168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2012-06-24 12:24 - 2010-05-26 07:41 - 01907552 ____A (Microsoft Corporation) C:\Windows\System32\d3dcsx_43.dll
2012-06-24 12:24 - 2010-05-26 07:41 - 01868128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2012-06-24 12:24 - 2010-05-26 07:41 - 00511328 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_43.dll
2012-06-24 12:24 - 2010-05-26 07:41 - 00470880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2012-06-24 12:24 - 2010-05-26 07:41 - 00276832 ____A (Microsoft Corporation) C:\Windows\System32\d3dx11_43.dll
2012-06-24 12:24 - 2010-05-26 07:41 - 00248672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2012-06-24 12:24 - 2010-02-04 06:01 - 00530776 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_6.dll
2012-06-24 12:24 - 2010-02-04 06:01 - 00528216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2012-06-24 12:24 - 2010-02-04 06:01 - 00238936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2012-06-24 12:24 - 2010-02-04 06:01 - 00176984 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_6.dll
2012-06-24 12:24 - 2010-02-04 06:01 - 00078680 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_4.dll
2012-06-24 12:24 - 2010-02-04 06:01 - 00074072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2012-06-24 12:24 - 2010-02-04 06:01 - 00024920 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_7.dll
2012-06-24 12:24 - 2010-02-04 06:01 - 00022360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2012-06-24 12:24 - 2009-09-04 13:44 - 00517960 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_5.dll
2012-06-24 12:24 - 2009-09-04 13:44 - 00515416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2012-06-24 12:24 - 2009-09-04 13:44 - 00238936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2012-06-24 12:24 - 2009-09-04 13:44 - 00176968 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_5.dll
2012-06-24 12:24 - 2009-09-04 13:44 - 00073544 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_3.dll
2012-06-24 12:24 - 2009-09-04 13:44 - 00069464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2012-06-24 12:24 - 2009-09-04 13:29 - 05554512 ____A (Microsoft Corporation) C:\Windows\System32\d3dcsx_42.dll
2012-06-24 12:24 - 2009-09-04 13:29 - 05501792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2012-06-24 12:24 - 2009-09-04 13:29 - 02582888 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_42.dll
2012-06-24 12:24 - 2009-09-04 13:29 - 02475352 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_42.dll
2012-06-24 12:24 - 2009-09-04 13:29 - 01974616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2012-06-24 12:24 - 2009-09-04 13:29 - 01892184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2012-06-24 12:24 - 2009-09-04 13:29 - 00523088 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_42.dll
2012-06-24 12:24 - 2009-09-04 13:29 - 00453456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2012-06-24 12:24 - 2009-09-04 13:29 - 00285024 ____A (Microsoft Corporation) C:\Windows\System32\d3dx11_42.dll
2012-06-24 12:24 - 2009-09-04 13:29 - 00235344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2012-06-24 12:24 - 2009-03-16 10:18 - 00521560 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_4.dll
2012-06-24 12:24 - 2009-03-16 10:18 - 00517448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2012-06-24 12:24 - 2009-03-16 10:18 - 00235352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2012-06-24 12:24 - 2009-03-16 10:18 - 00174936 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_4.dll
2012-06-24 12:24 - 2009-03-16 10:18 - 00024920 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_6.dll
2012-06-24 12:24 - 2009-03-16 10:18 - 00022360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2012-06-24 12:24 - 2009-03-09 11:27 - 05425496 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll
2012-06-24 12:24 - 2009-03-09 11:27 - 04178264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2012-06-24 12:24 - 2009-03-09 11:27 - 02430312 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_41.dll
2012-06-24 12:24 - 2009-03-09 11:27 - 01846632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2012-06-24 12:24 - 2009-03-09 11:27 - 00520544 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_41.dll
2012-06-24 12:24 - 2009-03-09 11:27 - 00453456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2012-06-24 12:24 - 2008-10-27 06:04 - 00518480 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_3.dll
2012-06-24 12:24 - 2008-10-27 06:04 - 00514384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2012-06-24 12:24 - 2008-10-27 06:04 - 00235856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2012-06-24 12:24 - 2008-10-27 06:04 - 00175440 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_3.dll
2012-06-24 12:24 - 2008-10-27 06:04 - 00074576 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_2.dll
2012-06-24 12:24 - 2008-10-27 06:04 - 00070992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2012-06-24 12:24 - 2008-10-27 06:04 - 00025936 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_5.dll
2012-06-24 12:24 - 2008-10-27 06:04 - 00023376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2012-06-24 12:24 - 2008-10-15 02:22 - 05631312 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_40.dll
2012-06-24 12:24 - 2008-10-15 02:22 - 04379984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2012-06-24 12:24 - 2008-10-15 02:22 - 02605920 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_40.dll
2012-06-24 12:24 - 2008-10-15 02:22 - 02036576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2012-06-24 12:24 - 2008-10-15 02:22 - 00519000 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll
2012-06-24 12:24 - 2008-10-15 02:22 - 00452440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2012-06-24 12:24 - 2008-07-31 06:41 - 00238088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2012-06-24 12:24 - 2008-07-31 06:41 - 00177672 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_2.dll
2012-06-24 12:24 - 2008-07-31 06:41 - 00072200 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_1.dll
2012-06-24 12:24 - 2008-07-31 06:41 - 00068616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2012-06-24 12:24 - 2008-07-31 06:40 - 00513544 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_2.dll
2012-06-24 12:24 - 2008-07-31 06:40 - 00509448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2012-06-24 12:24 - 2008-07-10 07:01 - 00467984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2012-06-24 12:24 - 2008-07-10 07:00 - 04992520 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_39.dll
2012-06-24 12:24 - 2008-07-10 07:00 - 03851784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2012-06-24 12:24 - 2008-07-10 07:00 - 01942552 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_39.dll
2012-06-24 12:24 - 2008-07-10 07:00 - 01493528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2012-06-24 12:24 - 2008-07-10 07:00 - 00540688 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_39.dll
2012-06-24 12:24 - 2008-05-30 10:19 - 00511496 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_1.dll
2012-06-24 12:24 - 2008-05-30 10:19 - 00507400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2012-06-24 12:24 - 2008-05-30 10:18 - 00238088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2012-06-24 12:24 - 2008-05-30 10:18 - 00177672 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_1.dll
2012-06-24 12:24 - 2008-05-30 10:17 - 00068104 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_0.dll
2012-06-24 12:24 - 2008-05-30 10:17 - 00065032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2012-06-24 12:24 - 2008-05-30 10:17 - 00025608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2012-06-24 12:24 - 2008-05-30 10:16 - 00028168 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_4.dll
2012-06-24 12:24 - 2008-05-30 10:11 - 04991496 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_38.dll
2012-06-24 12:24 - 2008-05-30 10:11 - 03850760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2012-06-24 12:24 - 2008-05-30 10:11 - 01941528 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_38.dll
2012-06-24 12:24 - 2008-05-30 10:11 - 01491992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2012-06-24 12:24 - 2008-05-30 10:11 - 00540688 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_38.dll
2012-06-24 12:24 - 2008-05-30 10:11 - 00467984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2012-06-24 12:24 - 2008-03-05 12:04 - 00489480 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_0.dll
2012-06-24 12:24 - 2008-03-05 12:03 - 00479752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2012-06-24 12:24 - 2008-03-05 12:03 - 00238088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2012-06-24 12:24 - 2008-03-05 12:03 - 00177672 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_0.dll
2012-06-24 12:24 - 2008-03-05 12:00 - 00028168 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_3.dll
2012-06-24 12:24 - 2008-03-05 12:00 - 00025608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2012-06-24 12:24 - 2008-03-05 11:56 - 04910088 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_37.dll
2012-06-24 12:24 - 2008-03-05 11:56 - 03786760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2012-06-24 12:24 - 2008-03-05 11:56 - 01860120 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_37.dll
2012-06-24 12:24 - 2008-03-05 11:56 - 01420824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2012-06-24 12:24 - 2008-02-05 19:07 - 00529424 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_37.dll
2012-06-24 12:24 - 2008-02-05 19:07 - 00462864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2012-06-24 12:24 - 2007-10-21 23:40 - 00411656 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_10.dll
2012-06-24 12:24 - 2007-10-21 23:39 - 00267272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2012-06-24 12:24 - 2007-10-21 23:37 - 00021000 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_2.dll
2012-06-24 12:24 - 2007-10-21 23:37 - 00017928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2012-06-24 12:24 - 2007-10-12 11:14 - 05081608 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_36.dll
2012-06-24 12:24 - 2007-10-12 11:14 - 03734536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2012-06-24 12:24 - 2007-10-12 11:14 - 02006552 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_36.dll
2012-06-24 12:24 - 2007-10-12 11:14 - 01374232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2012-06-24 12:24 - 2007-10-02 05:56 - 00508264 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_36.dll
2012-06-24 12:24 - 2007-10-02 05:56 - 00444776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2012-06-24 12:24 - 2007-07-19 20:57 - 00411496 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_9.dll
2012-06-24 12:24 - 2007-07-19 20:57 - 00267112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2012-06-24 12:24 - 2007-07-19 14:14 - 05073256 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_35.dll
2012-06-24 12:24 - 2007-07-19 14:14 - 03727720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2012-06-24 12:24 - 2007-07-19 14:14 - 01985904 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_35.dll
2012-06-24 12:24 - 2007-07-19 14:14 - 01358192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2012-06-24 12:24 - 2007-07-19 14:14 - 00508264 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_35.dll
2012-06-24 12:24 - 2007-07-19 14:14 - 00444776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2012-06-24 12:24 - 2007-06-20 16:49 - 00409960 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_8.dll
2012-06-24 12:24 - 2007-06-20 16:46 - 00266088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2012-06-24 12:24 - 2007-05-16 12:45 - 04496232 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_34.dll
2012-06-24 12:24 - 2007-05-16 12:45 - 03497832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2012-06-24 12:24 - 2007-05-16 12:45 - 01401200 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_34.dll
2012-06-24 12:24 - 2007-05-16 12:45 - 01124720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2012-06-24 12:24 - 2007-05-16 12:45 - 00506728 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_34.dll
2012-06-24 12:24 - 2007-05-16 12:45 - 00443752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2012-06-24 12:24 - 2007-04-04 14:55 - 00403304 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_7.dll
2012-06-24 12:24 - 2007-04-04 14:55 - 00261480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2012-06-24 12:24 - 2007-04-04 14:54 - 00107368 ____A (Microsoft Corporation) C:\Windows\System32\xinput1_3.dll
2012-06-24 12:24 - 2007-04-04 14:53 - 00081768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2012-06-24 12:24 - 2007-03-15 12:57 - 00506728 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_33.dll
2012-06-24 12:24 - 2007-03-15 12:57 - 00443752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2012-06-24 12:24 - 2007-03-12 12:42 - 04494184 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_33.dll
2012-06-24 12:24 - 2007-03-12 12:42 - 03495784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2012-06-24 12:24 - 2007-03-12 12:42 - 01400176 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_33.dll
2012-06-24 12:24 - 2007-03-12 12:42 - 01123696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2012-06-24 12:24 - 2007-03-05 08:42 - 00017688 ____A (Microsoft Corporation) C:\Windows\System32\x3daudio1_1.dll
2012-06-24 12:24 - 2007-03-05 08:42 - 00015128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2012-06-24 12:24 - 2007-01-24 11:27 - 00393576 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_6.dll
2012-06-24 12:24 - 2007-01-24 11:27 - 00255848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2012-06-24 12:24 - 2006-12-08 08:02 - 00251672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2012-06-24 12:24 - 2006-12-08 08:00 - 00390424 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_5.dll
2012-06-24 12:24 - 2006-11-29 09:06 - 04398360 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_32.dll
2012-06-24 12:24 - 2006-11-29 09:06 - 03426072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2012-06-24 12:24 - 2006-11-29 09:06 - 00469264 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10.dll
2012-06-24 12:24 - 2006-11-29 09:06 - 00440080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2012-06-24 12:24 - 2006-09-28 12:05 - 03977496 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_31.dll
2012-06-24 12:24 - 2006-09-28 12:05 - 02414360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2012-06-24 12:24 - 2006-09-28 12:05 - 00237848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2012-06-24 12:24 - 2006-09-28 12:04 - 00364824 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_4.dll
2012-06-24 12:24 - 2006-07-28 05:31 - 00083736 ____A (Microsoft Corporation) C:\Windows\System32\xinput1_2.dll
2012-06-24 12:24 - 2006-07-28 05:30 - 00363288 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_3.dll
2012-06-24 12:24 - 2006-07-28 05:30 - 00236824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2012-06-24 12:24 - 2006-07-28 05:30 - 00062744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2012-06-24 12:24 - 2006-05-31 03:24 - 00230168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2012-06-24 12:24 - 2006-05-31 03:22 - 00354072 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_2.dll
2012-06-24 12:24 - 2006-03-31 08:41 - 03927248 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_30.dll
2012-06-24 12:24 - 2006-03-31 08:40 - 02388176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2012-06-24 12:24 - 2006-03-31 08:40 - 00352464 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_1.dll
2012-06-24 12:24 - 2006-03-31 08:39 - 00229584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2012-06-24 12:24 - 2006-03-31 08:39 - 00083664 ____A (Microsoft Corporation) C:\Windows\System32\xinput1_1.dll
2012-06-24 12:24 - 2006-03-31 08:39 - 00062672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2012-06-24 12:24 - 2006-02-03 04:43 - 03830992 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_29.dll
2012-06-24 12:24 - 2006-02-03 04:43 - 02332368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2012-06-24 12:24 - 2006-02-03 04:42 - 00355536 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_0.dll
2012-06-24 12:24 - 2006-02-03 04:42 - 00230096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2012-06-24 12:24 - 2006-02-03 04:41 - 00016592 ____A (Microsoft Corporation) C:\Windows\System32\x3daudio1_0.dll
2012-06-24 12:24 - 2006-02-03 04:41 - 00014032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2012-06-24 12:24 - 2005-12-05 14:09 - 03815120 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_28.dll
2012-06-24 12:24 - 2005-12-05 14:09 - 02323664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2012-06-24 12:24 - 2005-07-22 15:59 - 03807440 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll
2012-06-24 12:24 - 2005-07-22 15:59 - 02319568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2012-06-24 12:24 - 2005-05-26 11:34 - 03767504 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_26.dll
2012-06-24 12:24 - 2005-05-26 11:34 - 02297552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2012-06-24 12:24 - 2005-03-18 13:19 - 03823312 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_25.dll
2012-06-24 12:24 - 2005-03-18 13:19 - 02337488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2012-06-24 12:24 - 2005-02-05 15:45 - 03544272 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_24.dll
2012-06-24 12:24 - 2005-02-05 15:45 - 02222800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2012-06-24 12:22 - 2012-06-24 18:53 - 00000000 ____D C:\Users\OMAR IZ\AppData\Local\Adobe
2012-06-24 12:21 - 2011-01-25 07:28 - 01359976 ____A (NVIDIA Corporation) C:\Windows\System32\nvhdagenco642040.dll
2012-06-24 12:20 - 2012-06-24 14:08 - 00000000 ____D C:\Users\All Users\NVIDIA
2012-06-24 12:19 - 2012-05-15 02:48 - 15322432 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2012-06-24 12:19 - 2012-05-15 02:48 - 02741568 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2012-06-24 12:19 - 2012-05-15 02:48 - 00068928 ____A (Khronos Group) C:\Windows\System32\OpenCL.dll
2012-06-24 12:19 - 2012-05-15 02:48 - 00061248 ____A (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2012-06-24 12:19 - 2011-02-28 20:37 - 01614440 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco642090.dll
2012-06-24 12:19 - 2011-02-28 20:37 - 01359976 ____A (NVIDIA Corporation) C:\Windows\System32\nvgenco642040.dll
2012-06-24 12:19 - 2011-02-28 20:37 - 00011240 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvBridge.kmd
2012-06-24 12:10 - 2012-06-24 13:09 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2012-06-24 12:10 - 2012-06-24 13:08 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2012-06-24 12:10 - 2012-06-24 12:10 - 00000000 ____D C:\Users\All Users\NVIDIA Corporation
2012-06-24 12:07 - 2012-06-24 12:07 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-06-24 12:07 - 2012-06-24 12:07 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-06-24 12:07 - 2012-06-24 12:07 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2012-06-24 12:06 - 2012-06-24 12:06 - 00000000 ____D C:\Windows\System32\Macromed
2012-06-24 12:05 - 2012-02-16 22:38 - 01031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-06-24 12:05 - 2012-02-16 21:34 - 00826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-06-24 12:05 - 2012-02-16 20:57 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-06-24 12:02 - 2012-06-02 14:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-24 12:02 - 2012-06-02 14:19 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-24 12:02 - 2012-06-02 14:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-24 12:02 - 2012-06-02 14:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-24 12:02 - 2012-06-02 14:19 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-24 12:02 - 2012-06-02 14:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-24 12:02 - 2012-06-02 14:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-24 12:02 - 2012-06-02 11:19 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-24 12:02 - 2012-06-02 11:15 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-24 11:38 - 2012-06-24 11:38 - 00000000 ____D C:\Users\OMAR IZ\Downloads\Linksys Wireless G (RT2500)
2012-06-24 11:38 - 2005-10-20 11:01 - 00222720 ____A (Ralink Technology Inc.) C:\Windows\System32\Drivers\RT2500.sys
2012-06-24 11:08 - 2012-06-24 11:08 - 00000000 ____D C:\Program Files (x86)\Linksys Wireless-G PCI Wireless Network Monitor
2012-06-24 10:34 - 2012-06-24 17:10 - 00000000 ____D C:\Windows\Panther
2012-06-24 10:28 - 2012-06-24 10:28 - 00000000 ____D C:\Users\All Users\Ralink Driver
2012-06-24 10:28 - 2009-06-02 13:31 - 00303616 ____A (Ralink Technology, Inc.) C:\Windows\System32\RaCoInstx.dll
2012-06-24 10:27 - 2012-06-24 10:28 - 00000000 ____D C:\Program Files (x86)\Cisco
2012-06-24 10:27 - 2012-06-24 10:27 - 00000000 ____D C:\Program Files (x86)\Ralink
2012-06-24 10:27 - 2009-01-09 10:45 - 01050624 ____A (Ralink Technology, Corp.) C:\Windows\SysWOW64\RAIHV.dll
2012-06-24 10:27 - 2009-01-09 10:45 - 01050624 ____A (Ralink Technology, Corp.) C:\Windows\System32\RAIHV.dll
2012-06-24 10:27 - 2008-12-03 12:04 - 00104448 ____A (Ralink Technology, Corp.) C:\Windows\SysWOW64\RAEXTUI.dll
2012-06-24 10:27 - 2008-12-03 12:04 - 00104448 ____A (Ralink Technology, Corp.) C:\Windows\System32\RAEXTUI.dll
2012-06-24 10:27 - 2008-09-09 07:14 - 02056192 ____A (Ralink Technology, Corp.) C:\Windows\System32\RaCertMgr.dll
2012-06-24 10:27 - 2008-09-09 07:12 - 01597440 ____A (Ralink Technology, Corp.) C:\Windows\SysWOW64\RaCertMgr.dll
2012-06-24 09:50 - 2012-06-24 09:50 - 00000000 ____D C:\Users\All Users\InstallShield
2012-06-24 09:50 - 2009-06-02 13:35 - 00438784 ____A (Ralink Technology, Corp.) C:\Windows\System32\Drivers\netr6164.sys
2012-06-24 09:37 - 2012-06-24 09:37 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2012-06-24 07:58 - 2007-06-25 04:53 - 00052864 ___RA C:\Windows\SysWOW64\SetupWizard.exe
2012-06-24 07:57 - 2012-06-24 07:57 - 00000000 ____D C:\Users\OMAR IZ\AppData\Roaming\InstallShield
2012-06-24 07:54 - 2012-06-24 18:55 - 00000000 ____D C:\Users\OMAR IZ\AppData\Roaming\Adobe
2012-06-24 07:54 - 2012-06-24 18:54 - 00000000 ____D C:\Users\All Users\Adobe
2012-06-24 07:54 - 2012-06-24 18:54 - 00000000 ____D C:\Program Files (x86)\Adobe
2012-06-24 07:54 - 2012-06-24 07:54 - 00000000 ____D C:\Users\OMAR IZ\AppData\Roaming\Macromedia
2012-06-24 07:53 - 2012-06-24 07:53 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_FLxHCIc_01009.Wdf
2012-06-24 07:52 - 2012-06-24 07:52 - 00000000 ____D C:\Windows\RaidTool
2012-06-24 07:52 - 2012-06-24 07:52 - 00000000 ____D C:\RaidTool
2012-06-24 07:52 - 2009-10-29 00:14 - 00115824 ____A (JMicron Technology Corp.) C:\Windows\System32\Drivers\jraid.sys
2012-06-24 07:52 - 2009-07-13 17:15 - 00315904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Difx74b5.rra
2012-06-24 07:51 - 2010-03-04 05:43 - 00346144 ____A (Realtek ) C:\Windows\System32\Drivers\Rt64win7.sys
2012-06-24 07:51 - 2010-01-05 08:39 - 00107552 ____A (Realtek Semiconductor Corporation) C:\Windows\System32\RTNUninst64.dll
2012-06-24 07:51 - 2009-12-03 01:27 - 00074272 ____A C:\Windows\System32\RtNicProp64.dll
2012-06-24 07:50 - 2012-06-24 22:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-06-24 07:50 - 2012-06-24 07:51 - 00000000 ____D C:\Program Files (x86)\Realtek
2012-06-24 07:50 - 2012-06-24 07:50 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2012-06-24 07:50 - 2012-06-24 07:50 - 00000000 ____D C:\Program Files\Realtek
2012-06-24 07:50 - 2010-03-17 00:54 - 01929760 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtPgEx64.dll
2012-06-24 07:50 - 2010-03-17 00:54 - 01660448 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO64.dll
2012-06-24 07:50 - 2010-03-17 00:54 - 01210912 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTCOM64.dll
2012-06-24 07:50 - 2010-03-17 00:54 - 00612384 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTSnMg64.cpl
2012-06-24 07:50 - 2010-03-17 00:54 - 00477216 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkApi64.dll
2012-06-24 07:50 - 2010-03-17 00:54 - 00332320 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtlCPAPI64.dll
2012-06-24 07:50 - 2010-03-17 00:54 - 00149536 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCfg64.dll
2012-06-24 07:50 - 2010-03-17 00:54 - 00069664 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoInst64.dll
2012-06-24 07:50 - 2010-03-17 00:49 - 02298400 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHD64.sys
2012-06-24 07:50 - 2010-03-16 20:09 - 00338848 ____A (Fortemedia Corporation) C:\Windows\System32\FMAPO64.dll
2012-06-24 07:50 - 2010-02-25 19:20 - 01247776 ___RA (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2012-06-24 07:50 - 2010-01-27 20:23 - 00325904 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO20.dll
2012-06-24 07:50 - 2010-01-25 19:38 - 00168288 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTAC64.dll
2012-06-24 07:50 - 2009-12-15 02:26 - 00372936 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEP64A.dll
2012-06-24 07:50 - 2009-12-15 02:26 - 00201928 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEED64A.dll
2012-06-24 07:50 - 2009-12-15 02:26 - 00099016 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEL64A.dll
2012-06-24 07:50 - 2009-12-15 02:26 - 00076488 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEG64A.dll
2012-06-24 07:50 - 2009-12-10 17:55 - 00307920 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DHT64.dll
2012-06-24 07:50 - 2009-12-10 17:55 - 00307920 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DAA64.dll
2012-06-24 07:50 - 2009-11-23 17:55 - 00518896 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSTSX64.dll
2012-06-24 07:50 - 2009-11-23 17:55 - 00211184 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSTSH64.dll
2012-06-24 07:50 - 2009-11-23 17:55 - 00198896 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSHP64.dll
2012-06-24 07:50 - 2009-11-23 17:55 - 00155888 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSWOW64.dll
2012-06-24 07:50 - 2009-11-18 02:42 - 02719504 ____A (Waves Audio Ltd.) C:\Windows\System32\WavesGUILib.dll
2012-06-24 07:50 - 2009-11-18 02:42 - 02197264 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioEQ.dll
2012-06-24 07:50 - 2009-11-17 15:16 - 00078936 ____A (Creative Technology Ltd.) C:\Windows\System32\MBWrp64.dll
2012-06-24 07:50 - 2009-11-17 15:13 - 00607832 ____A (Creative Technology Ltd.) C:\Windows\System32\MBAPO64.dll
2012-06-24 07:50 - 2009-11-17 15:13 - 00531032 ____A (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
2012-06-24 07:50 - 2009-11-17 15:13 - 00064600 ____A (Creative Technology Ltd.) C:\Windows\System32\MBppld64.dll
2012-06-24 07:50 - 2009-11-17 15:13 - 00060504 ____A (Creative Technology Ltd.) C:\Windows\System32\MBPPCn64.dll
2012-06-24 07:50 - 2009-11-17 02:12 - 00108960 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTAR64.dll
2012-06-24 07:49 - 2012-06-24 07:49 - 00000000 ____D C:\Program Files (x86)\Intel
2012-06-24 07:49 - 2012-06-24 07:49 - 00000000 ____D C:\Intel
2012-06-24 07:49 - 2009-08-26 11:04 - 00053248 ____A (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2012-06-24 07:10 - 2012-06-24 07:10 - 00000000 ____D C:\Users\OMAR IZ\AppData\Local\VirtualStore
2012-06-24 06:49 - 2012-07-09 19:35 - 00000000 ____D C:\users\OMAR IZ
2012-06-24 06:49 - 2012-06-24 06:49 - 00000020 ___SH C:\Users\OMAR IZ\ntuser.ini
2012-06-24 06:48 - 2012-06-24 06:48 - 00000000 __SHD C:\Recovery

============ 3 Months Modified Files ========================

2012-07-10 17:00 - 2012-07-10 13:35 - 00206442 ____A C:\Users\OMAR IZ\Desktop\FRST.txt
2012-07-10 13:36 - 2012-07-08 11:26 - 00094862 ____A C:\Windows\WindowsUpdate.log
2012-07-10 13:04 - 2012-07-10 13:04 - 00000056 ____A C:\Windows\setupact.log
2012-07-10 13:04 - 2012-07-10 13:04 - 00000000 ____A C:\Windows\setuperr.log
2012-07-10 13:04 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-07-10 13:03 - 2012-07-10 13:03 - 00001612 ____A C:\Windows\PFRO.log
2012-07-10 12:47 - 2009-07-13 20:45 - 00020848 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-07-10 12:47 - 2009-07-13 20:45 - 00020848 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-07-10 12:02 - 2009-07-13 21:13 - 00726316 ____A C:\Windows\System32\PerfStringBackup.INI
2012-07-10 11:50 - 2012-06-24 16:45 - 00000916 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2163538463-1858056545-1914547564-1000UA.job
2012-07-10 03:31 - 2012-07-10 03:31 - 01434401 ____A (Farbar) C:\Users\OMAR IZ\Downloads\FRST64.exe
2012-07-09 20:27 - 2012-07-09 20:27 - 00000259 ____A C:\Users\OMAR IZ\Desktop\Bleeping Forum Links.txt
2012-07-09 19:56 - 2012-07-09 19:56 - 00007950 ____A C:\Users\OMAR IZ\Desktop\Attach.txt
2012-07-09 19:54 - 2012-07-09 19:54 - 00026377 ____A C:\Users\OMAR IZ\Desktop\DDS.txt
2012-07-09 19:38 - 2012-07-09 19:38 - 00607260 ____R (Swearware) C:\Users\OMAR IZ\Desktop\dds.scr
2012-07-09 19:35 - 2012-07-09 19:35 - 00000476 ____A C:\Users\OMAR IZ\Desktop\defogger_disable.log
2012-07-09 19:35 - 2012-07-09 19:35 - 00000000 ____A C:\Users\OMAR IZ\defogger_reenable
2012-07-09 19:33 - 2012-07-09 19:33 - 00050477 ____A C:\Users\OMAR IZ\Desktop\Defogger.exe
2012-07-09 19:21 - 2012-07-09 19:21 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jul09-23-21-33.wbb
2012-07-09 16:50 - 2012-06-24 16:45 - 00000864 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2163538463-1858056545-1914547564-1000Core.job
2012-07-09 16:38 - 2012-07-09 16:38 - 00001279 ____A C:\Users\OMAR IZ\Desktop\Revo Uninstaller.lnk
2012-07-09 15:14 - 2012-07-09 15:14 - 00000632 ____A C:\SystemLook2.txt
2012-07-09 15:14 - 2012-07-09 15:12 - 00000630 ____A C:\Users\OMAR IZ\Downloads\SystemLook.txt
2012-07-09 15:12 - 2012-07-09 15:12 - 00000434 ____A C:\SystemLook1.txt
2012-07-09 14:45 - 2012-07-09 14:45 - 00165376 ____A C:\Users\OMAR IZ\Downloads\SystemLook_x64(1).exe
2012-07-09 14:43 - 2012-07-09 14:43 - 00027080 ____A C:\Mini ToolBox Results.txt
2012-07-09 14:42 - 2012-07-09 14:42 - 00027080 ____A C:\Users\OMAR IZ\Downloads\Result.txt
2012-07-09 13:06 - 2012-07-09 13:06 - 00403231 ____A C:\Users\OMAR IZ\Downloads\MiniToolBox.exe
2012-07-09 13:06 - 2012-07-09 13:06 - 00165376 ____A C:\Users\OMAR IZ\Downloads\SystemLook_x64.exe
2012-07-09 13:05 - 2012-07-09 13:05 - 02322184 ____A (ESET) C:\Users\OMAR IZ\Downloads\esetsmartinstaller_enu.exe
2012-07-09 13:04 - 2012-07-09 13:04 - 00000609 ____A C:\RKreport[3].txt
2012-07-09 04:30 - 2012-07-09 04:30 - 00002116 ____A C:\aswMBR.txt
2012-07-09 04:30 - 2012-07-09 04:30 - 00000512 ____A C:\MBR.dat
2012-07-09 03:51 - 2012-07-09 03:51 - 00000055 ____A C:\Users\OMAR IZ\Desktop\fix.txt
2012-07-08 22:53 - 2012-07-08 22:53 - 01558016 ____A C:\Users\OMAR IZ\Downloads\RogueKiller.exe
2012-07-08 22:46 - 2012-07-08 22:46 - 04731392 ____A (AVAST Software) C:\Users\OMAR IZ\Downloads\aswMBR.exe
2012-07-08 22:46 - 2012-07-08 22:46 - 02135640 ____A (Kaspersky Lab ZAO) C:\Users\OMAR IZ\Downloads\tdsskiller.exe
2012-07-08 19:04 - 2012-07-08 19:04 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jul08-23-04-22.wbb
2012-07-07 18:48 - 2012-07-07 18:48 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jul07-22-48-22.wbb
2012-07-06 18:45 - 2012-07-06 18:45 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jul06-22-45-58.wbb
2012-07-06 16:35 - 2012-07-06 16:35 - 00001124 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-07-06 15:40 - 2012-07-06 15:40 - 16859064 ____A (Microsoft Corporation) C:\Users\OMAR IZ\Desktop\Windows-KB890830-x64-V4.9.exe
2012-07-03 20:00 - 2012-07-03 19:59 - 30077282 ____A C:\Users\OMAR IZ\Downloads\MultiBeast-4.6.1.zip
2012-07-03 20:00 - 2012-07-03 19:59 - 09515317 ____A C:\Users\OMAR IZ\Downloads\iBoot-3.3.0.zip
2012-07-03 19:59 - 2012-07-03 19:59 - 00043037 ____A C:\Users\OMAR IZ\Downloads\xMove-1.2.0.zip
2012-07-03 19:38 - 2012-07-03 19:38 - 00000193 ____A C:\Windows\WORDPAD.INI
2012-07-02 21:25 - 2012-07-02 21:25 - 00000442 ____A C:\Users\OMAR IZ\Desktop\Internet Links.txt
2012-07-02 18:51 - 2012-06-24 16:46 - 00002413 ____A C:\Users\OMAR IZ\Desktop\Google Chrome.lnk
2012-07-02 16:22 - 2012-07-02 16:22 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jul02-20-22-42.wbb
2012-07-01 16:15 - 2012-07-01 16:15 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jul01-20-15-10.wbb
2012-06-30 16:15 - 2012-06-30 16:15 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jun30-20-15-00.wbb
2012-06-29 16:12 - 2012-06-29 16:12 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jun29-20-12-28.wbb
2012-06-28 12:47 - 2012-06-28 12:47 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jun28-16-47-13.wbb
2012-06-27 12:45 - 2012-06-27 12:45 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jun27-16-45-44.wbb
2012-06-26 03:40 - 2009-07-13 20:45 - 00279848 ____A C:\Windows\System32\FNTCACHE.DAT
2012-06-25 21:31 - 2012-06-25 21:31 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jun26-01-31-44.wbb
2012-06-25 19:44 - 2012-06-24 22:10 - 01835060 ____A C:\Users\OMAR IZ\Documents\Audio and MIDI Production.reason
2012-06-24 21:21 - 2012-06-24 17:22 - 00001991 ____A C:\Users\Public\Desktop\Pro Tools LE.lnk
2012-06-24 21:09 - 2012-06-24 21:09 - 00001250 ____A C:\Windows\SysWOW64\CM-Backup2-1455329-12Jun25-01-09-25.wbb
2012-06-24 20:33 - 2012-06-24 20:33 - 00000874 ____A C:\Users\Public\Desktop\Reason.lnk
2012-06-24 18:20 - 2012-06-24 16:43 - 00064224 ____A C:\Users\OMAR IZ\AppData\Local\GDIPFONTCACHEV1.DAT
2012-06-24 18:16 - 2012-06-24 18:16 - 00406528 ____A (Propellerhead Software AB) C:\Windows\SysWOW64\ReWire.dll
2012-06-24 18:16 - 2012-06-24 18:16 - 00338432 ____A (Propellerhead Software AB) C:\Windows\SysWOW64\REX Shared Library.dll
2012-06-24 16:48 - 2012-06-24 16:48 - 00001134 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-06-24 15:26 - 2012-06-24 15:26 - 00000020 ___SH C:\Users\BEATKUNEDO\ntuser.ini
2012-06-24 14:57 - 2012-06-24 14:57 - 00025752 ____A C:\Windows\System32\Drivers\iLokDrvr.sys
2012-06-24 14:57 - 2012-06-24 14:57 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_iLokDrvr_01007.Wdf
2012-06-24 13:08 - 2012-06-24 13:08 - 00000020 __ASH C:\Users\UpdatusUser\ntuser.ini
2012-06-24 12:40 - 2012-06-24 12:40 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-06-24 12:40 - 2012-06-24 12:40 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-06-24 12:07 - 2012-06-24 12:07 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-06-24 12:07 - 2012-06-24 12:07 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-06-24 11:08 - 2005-11-10 03:42 - 00000732 ____A C:\Windows\SysWOW64\WLAN.INI
2012-06-24 10:34 - 2009-07-13 21:38 - 00025600 __ASH C:\Windows\System32\config\BCD-Template.LOG
2012-06-24 10:34 - 2009-07-13 21:32 - 00028672 ____A C:\Windows\System32\config\BCD-Template
2012-06-24 09:39 - 2009-07-13 21:01 - 00122093 ____A C:\Windows\SysWOW64\license.rtf
2012-06-24 09:39 - 2009-07-13 21:01 - 00122093 ____A C:\Windows\System32\license.rtf
2012-06-24 09:37 - 2012-06-24 09:37 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2012-06-24 07:53 - 2012-06-24 07:53 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_FLxHCIc_01009.Wdf
2012-06-24 06:49 - 2012-06-24 06:49 - 00000020 ___SH C:\Users\OMAR IZ\ntuser.ini
2012-06-24 06:49 - 2010-11-20 19:24 - 01008640 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
2012-06-24 06:49 - 2010-11-20 19:24 - 00833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2012-06-24 06:49 - 2010-11-20 19:24 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\systemcpl.dll
2012-06-24 06:49 - 2010-11-20 19:24 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\slwga.dll
2012-06-24 06:49 - 2010-11-20 19:23 - 00013824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2012-06-03 19:28 - 2012-06-27 23:34 - 58957832 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-06-02 14:19 - 2012-06-24 12:02 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-06-24 12:02 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 14:19 - 2012-06-24 12:02 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-06-24 12:02 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:19 - 2012-06-24 12:02 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 14:15 - 2012-06-24 12:02 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 14:15 - 2012-06-24 12:02 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 11:19 - 2012-06-24 12:02 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 11:15 - 2012-06-24 12:02 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-05-15 02:48 - 2012-06-24 13:07 - 25743168 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 25248064 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 19607872 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 18044224 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 17551680 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 14298944 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2012-05-15 02:48 - 2012-06-24 13:07 - 10194752 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 08139072 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 08105280 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 05982528 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 02881856 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 02681664 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 02524992 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 02445120 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 02368832 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 01738048 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco64.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 01468224 ____A (NVIDIA Corporation) C:\Windows\System32\nvgenco64.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 00818496 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 00364352 ____A (NVIDIA Corporation) C:\Windows\System32\nvdecodemft.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 00301376 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvdecodemft.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 00246592 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2012-05-15 02:48 - 2012-06-24 13:07 - 00202048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2012-05-15 02:48 - 2012-06-24 12:19 - 15322432 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2012-05-15 02:48 - 2012-06-24 12:19 - 02741568 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2012-05-15 02:48 - 2012-06-24 12:19 - 00068928 ____A (Khronos Group) C:\Windows\System32\OpenCL.dll
2012-05-15 02:48 - 2012-06-24 12:19 - 00061248 ____A (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2012-05-15 02:48 - 2012-02-09 18:43 - 00949056 ____A (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2012-05-15 02:48 - 2012-02-09 18:43 - 00014324 ____A C:\Windows\System32\nvinfo.pb
2012-05-15 01:29 - 2012-06-24 13:08 - 02621723 ____A C:\Windows\System32\nvcoproc.bin
2012-05-15 01:29 - 2011-02-28 17:47 - 00889664 ____A (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2012-05-15 01:29 - 2011-02-28 17:47 - 00118080 ____A (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2012-05-15 01:29 - 2011-02-28 17:47 - 00063296 ____A (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2012-05-15 01:29 - 2011-02-28 17:46 - 03149632 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2012-05-15 01:28 - 2011-02-28 17:46 - 06151488 ____A (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2012-05-14 22:21 - 2012-05-14 22:21 - 00423744 ____A C:\Windows\SysWOW64\nvStreaming.exe
2012-05-14 17:32 - 2012-06-25 13:48 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-05-04 15:29 - 2012-06-24 12:40 - 00772504 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-05-04 15:29 - 2012-06-24 12:40 - 00687504 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-05-04 15:29 - 2012-06-24 12:40 - 00227720 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-05-04 03:06 - 2012-06-25 13:48 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-05-04 03:00 - 2012-06-28 02:28 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2012-05-04 02:03 - 2012-06-25 13:48 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-05-04 02:03 - 2012-06-25 13:48 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-05-04 01:59 - 2012-06-28 02:28 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2012-04-30 21:40 - 2012-06-25 13:48 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-04-27 19:55 - 2012-06-25 13:41 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-04-25 21:41 - 2012-06-25 13:53 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-04-25 21:41 - 2012-06-25 13:53 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-04-25 21:34 - 2012-06-25 13:53 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-04-23 21:37 - 2012-06-25 13:40 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-04-23 21:37 - 2012-06-25 13:40 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-04-23 21:37 - 2012-06-25 13:40 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-04-23 20:36 - 2012-06-25 13:40 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-04-23 20:36 - 2012-06-25 13:40 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-04-23 20:36 - 2012-06-25 13:40 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-04-18 16:56 - 2012-04-18 16:56 - 00094208 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx
2012-04-18 16:56 - 2012-04-18 16:56 - 00069632 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts
2012-04-18 09:08 - 2012-06-24 13:07 - 01451840 ____A (NVIDIA Corporation) C:\Windows\System32\nvhdagenco6420103.dll
2012-04-18 09:08 - 2012-06-24 13:07 - 00188736 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2012-04-18 09:08 - 2012-06-24 13:07 - 00031040 ____A (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2012-04-16 21:31 - 2012-06-25 13:53 - 00918016 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-04-16 20:34 - 2012-06-25 13:53 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

ZeroAccess:
C:\Windows\Installer\{5cd57558-445f-6953-0229-8b65fac522bb}
C:\Windows\Installer\{5cd57558-445f-6953-0229-8b65fac522bb}\@
C:\Windows\Installer\{5cd57558-445f-6953-0229-8b65fac522bb}\desktop.ini
C:\Windows\Installer\{5cd57558-445f-6953-0229-8b65fac522bb}\L
C:\Windows\Installer\{5cd57558-445f-6953-0229-8b65fac522bb}\U
C:\Windows\Installer\{5cd57558-445f-6953-0229-8b65fac522bb}\L\00000004.@
C:\Windows\Installer\{5cd57558-445f-6953-0229-8b65fac522bb}\L\1afb2d56
C:\Windows\Installer\{5cd57558-445f-6953-0229-8b65fac522bb}\L\201d3dde
C:\Windows\Installer\{5cd57558-445f-6953-0229-8b65fac522bb}\L\55490ac4
C:\Windows\Installer\{5cd57558-445f-6953-0229-8b65fac522bb}\U\00000004.@
C:\Windows\Installer\{5cd57558-445f-6953-0229-8b65fac522bb}\U\00000008.@
C:\Windows\Installer\{5cd57558-445f-6953-0229-8b65fac522bb}\U\000000cb.@
C:\Windows\Installer\{5cd57558-445f-6953-0229-8b65fac522bb}\U\80000000.@
C:\Windows\Installer\{5cd57558-445f-6953-0229-8b65fac522bb}\U\80000032.@
C:\Windows\Installer\{5cd57558-445f-6953-0229-8b65fac522bb}\U\80000064.@

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 50BEA589F7D7958BDD2528A8F69D05CC ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 7%
Total physical RAM: 16375.05 MB
Available physical RAM: 15223.4 MB
Total Pagefile: 16373.25 MB
Available Pagefile: 15221.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (Win7-Pro.64) (Fixed) (Total:74.43 GB) (Free:20.65 GB) NTFS
2 Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive e: (Audio A) (Fixed) (Total:931.51 GB) (Free:640.68 GB) NTFS
4 Drive g: (MPD26 INSTALLER) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS
5 Drive h: (CSX USB) (Removable) (Total:3.76 GB) (Free:3.71 GB) NTFS
7 Drive j: (CODEMETER) (Fixed) (Total:0.04 GB) (Free:0 GB) FAT32
11 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
12 Drive y: () (Fixed) (Total:931.5 GB) (Free:829.17 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 8 MB
Disk 1 Online 74 GB 0 B
Disk 2 Online 931 GB 0 B
Disk 3 Online 3850 MB 0 B
Disk 4 No Media 0 B 0 B
Disk 5 Online 39 MB 0 B
Disk 6 No Media 0 B 0 B
Disk 7 No Media 0 B 0 B
Disk 8 No Media 0 B 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 931 GB 31 KB

==================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y NTFS Partition 931 GB Healthy

==================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 74 GB 101 MB

==================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D System Rese NTFS Partition 100 MB Healthy

==================================================================================

Disk: 1
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C Win7-Pro.64 NTFS Partition 74 GB Healthy

==================================================================================

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 931 GB 31 KB

==================================================================================

Disk: 2
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 E Audio A NTFS Partition 931 GB Healthy

==================================================================================

Partitions of Disk 3:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3849 MB 64 KB

==================================================================================

Disk: 3
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H CSX USB NTFS Removable 3849 MB Healthy

==================================================================================

Partitions of Disk 5:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 39 MB 31 KB

==================================================================================

Disk: 5
Partition 1
Type : 0B
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 7 J CODEMETER FAT32 Partition 39 MB Healthy

==================================================================================

==========================================================

Last Boot: 2012-07-07 20:53

======================= End Of Log ==========================

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:25 AM

Posted 10 July 2012 - 08:45 PM

Greetings

Ok lets see if we can find a replacement for the infected file

In Vista or Windows 7: Boot to System Recovery Options and run FRST.

Type the following in the edit box after "Search:".

services.exe

It then should look like:

Search: services.exe

Click Search button and post the log (Search.txt) it makes to your reply.


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 OMAR IZ

OMAR IZ
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:25 AM

Posted 10 July 2012 - 10:05 PM

Hi Gringo,

Here is the Search log:



Farbar Recovery Scan Tool Version: 09-07-2012
Ran by SYSTEM at 2012-07-10 22:49:10
Running from H:\

================== Search: "services.exe" ===================

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0329216 ____A (Microsoft Corporation) 50BEA589F7D7958BDD2528A8F69D05CC

====== End Of Search ======

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:25 AM

Posted 10 July 2012 - 10:18 PM

Hello

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flash drive as fixlist.txt

Replace: C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\Windows\System32\services.exe
C:\Windows\Installer\{5cd57558-445f-6953-0229-8b65fac522bb}
C:\Windows\assembly\GAC_32\Desktop.ini
C:\Windows\assembly\GAC_64\Desktop.ini


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.

Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flash drive (Fixlog.txt) please post it to your reply.

Gringo[/b]
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 OMAR IZ

OMAR IZ
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:25 AM

Posted 10 July 2012 - 10:57 PM

Hi Gringo,

No problems getting the logs so far. Here's the Fix log:


Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 09-07-2012
Ran by SYSTEM at 2012-07-10 23:52:14 Run:1
Running from H:\

==============================================

C:\Windows\System32\services.exe moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe copied successfully to C:\Windows\System32\services.exe
C:\Windows\Installer\{5cd57558-445f-6953-0229-8b65fac522bb} moved successfully.
C:\Windows\assembly\GAC_32\Desktop.ini moved successfully.
C:\Windows\assembly\GAC_64\Desktop.ini moved successfully.

==== End of Fixlog ====

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:25 AM

Posted 10 July 2012 - 11:17 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 OMAR IZ

OMAR IZ
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:25 AM

Posted 11 July 2012 - 12:24 AM

Hi Gringo,
I ran the Combofix program as instructed. I got no error messages during the process. The computer restarted by itself after the scan was completed and once it restarted it ran the report. I did have to reboot once more afterwards because my internet browsers were disabled for some reason and would not work. Once rebooted they worked. So far the computer seems fine.
Here's the Combofix log:



ComboFix 12-07-10.01 - OMAR IZ 07/11/2012 0:57.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16375.14554 [GMT -4:00]
Running from: c:\users\OMAR IZ\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-06-11 to 2012-07-11 )))))))))))))))))))))))))))))))
.
.
2012-07-11 01:42 . 2012-07-11 01:42 -------- d-----w- C:\FRST
2012-07-10 00:38 . 2012-07-10 00:38 -------- d-----w- c:\program files (x86)\VS Revo Group
2012-07-10 00:14 . 2012-07-10 00:14 -------- d-----w- c:\windows\system32\appmgmt
2012-07-10 00:13 . 2012-07-10 00:13 -------- d-----w- C:\BOOT
2012-07-08 20:30 . 2012-07-10 03:28 -------- d-----w- c:\program files (x86)\Loaris
2012-07-08 17:36 . 2012-07-08 17:36 -------- d-----w- c:\programdata\Psicraft
2012-07-08 17:36 . 2012-07-08 17:36 -------- d-----w- c:\program files (x86)\Psicraft
2012-07-07 00:35 . 2012-07-07 00:35 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-07 00:35 . 2012-07-07 00:35 -------- d-----w- c:\programdata\Malwarebytes
2012-07-07 00:35 . 2012-04-04 19:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-05 05:32 . 2012-07-06 02:03 -------- d-----w- c:\program files (x86)\ImgBurn
2012-07-04 20:02 . 2012-07-04 20:02 -------- d-----w- c:\program files\Alex Feinman
2012-07-04 13:45 . 2012-07-05 04:10 -------- d-----w- c:\program files (x86)\NeoSmart Technologies
2012-07-04 05:08 . 2012-07-04 05:08 -------- d-----w- c:\programdata\Tarma Installer
2012-07-04 05:07 . 2012-07-04 05:07 -------- d-----w- c:\program files (x86)\Conduit
2012-07-04 00:36 . 2010-10-01 05:34 188928 ----a-w- c:\windows\system32\usbitcmd.exe
2012-07-04 00:36 . 2010-10-01 05:34 165376 ----a-w- c:\windows\system32\usbit32.dll
2012-07-04 00:36 . 2010-10-01 05:25 89088 ----a-w- c:\windows\system32\USB Image Tool.exe
2012-07-04 00:36 . 2010-10-01 05:25 11776 ----a-w- c:\windows\system32\USB Image Tool Helper.dll
2012-07-04 00:17 . 2012-04-03 15:27 563 ----a-w- c:\windows\system32\makeusb.bat
2012-07-04 00:17 . 2011-08-19 18:11 512 ----a-w- c:\windows\system32\bs32.bin
2012-07-04 00:17 . 2011-08-15 20:56 512 ----a-w- c:\windows\system32\Mbr.bin
2012-07-04 00:17 . 2008-12-27 16:44 155648 ----a-w- c:\windows\system32\BootSectImage.exe
2012-07-04 00:17 . 2008-12-27 16:44 143360 ----a-w- c:\windows\system32\GenBootSector.exe
2012-07-03 05:40 . 2011-12-23 03:09 189576 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys
2012-07-03 05:40 . 2011-12-23 03:09 19592 ----a-w- c:\windows\system32\drivers\eudskacs.sys
2012-06-28 10:28 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-06-28 10:28 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-06-28 10:28 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2012-06-28 10:28 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-06-28 10:28 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-06-28 09:40 . 2012-06-28 09:40 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-06-26 20:07 . 2012-06-26 20:07 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-06-26 02:36 . 2012-06-26 02:36 -------- d-----w- c:\programdata\Final Draft
2012-06-25 21:53 . 2011-02-24 06:15 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-06-25 21:52 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-06-25 21:52 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-06-25 21:52 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-06-25 21:52 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-06-25 21:52 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-06-25 21:52 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-06-25 21:52 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-06-25 21:42 . 2011-01-17 11:09 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2012-06-25 21:42 . 2011-01-17 05:47 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2012-06-25 21:42 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2012-06-25 21:42 . 2011-04-29 03:05 410112 ----a-w- c:\windows\system32\drivers\srv2.sys
2012-06-25 21:42 . 2011-04-29 03:05 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys
2012-06-25 21:41 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2012-06-25 21:41 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2012-06-25 21:41 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2012-06-25 21:41 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2012-06-25 21:41 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-25 21:41 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-06-25 21:41 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-06-25 21:39 . 2011-02-12 11:34 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2012-06-25 21:38 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-06-25 21:38 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-06-25 21:38 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-06-25 21:38 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-06-25 21:38 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-06-25 21:38 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-06-25 21:38 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-06-25 21:38 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-06-25 21:38 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-06-25 05:22 . 2012-06-25 05:22 -------- d-----w- c:\programdata\Digidesign
2012-06-25 05:21 . 2012-06-25 05:21 -------- d-----w- c:\programdata\DigiDriver
2012-06-25 05:20 . 2012-06-25 05:20 -------- d-----w- c:\program files\Common Files\Digidesign
2012-06-25 05:17 . 2012-06-25 05:18 -------- d-----w- c:\program files\Avid
2012-06-25 05:17 . 2012-06-25 05:18 -------- d-----w- c:\program files (x86)\Avid
2012-06-25 05:15 . 2012-06-25 05:15 -------- d-----w- c:\program files\Digidesign
2012-06-25 04:34 . 2012-06-25 04:34 -------- d-----w- c:\programdata\Line 6
2012-06-25 04:34 . 2012-06-25 04:34 -------- d-----w- c:\program files\Common Files\Propellerhead Software
2012-06-25 04:34 . 2012-06-25 04:34 -------- d-----w- c:\program files\CodeMeter
2012-06-25 04:34 . 2012-06-25 04:34 -------- d-----w- c:\program files (x86)\CodeMeter
2012-06-25 04:32 . 2012-06-25 04:34 -------- d-----w- c:\program files\Propellerhead
2012-06-25 04:27 . 2012-06-25 04:27 163048 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin
2012-06-25 02:54 . 2012-06-25 02:54 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-06-25 02:44 . 2012-06-25 02:44 -------- d-----w- c:\program files (x86)\Propellerhead
2012-06-25 02:16 . 2012-06-25 02:16 406528 ----a-w- c:\windows\SysWow64\ReWire.dll
2012-06-25 02:16 . 2012-06-25 02:16 338432 ----a-w- c:\windows\SysWow64\REX Shared Library.dll
2012-06-25 02:08 . 2012-06-25 02:16 -------- d-----w- c:\programdata\Propellerhead Software
2012-06-25 01:45 . 2012-06-25 01:45 -------- d-----w- C:\Digidesign Databases
2012-06-25 01:16 . 2008-12-04 07:03 21520 ----a-w- c:\windows\system32\drivers\diginet.sys
2012-06-25 01:16 . 2012-06-25 05:19 -------- d-----w- c:\program files (x86)\Common Files\Digidesign
2012-06-25 00:48 . 2012-06-25 00:48 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-06-24 23:26 . 2012-07-06 02:04 -------- d-----w- c:\users\BEATKUNEDO
2012-06-24 22:57 . 2012-06-24 22:57 25752 ----a-w- c:\windows\system32\drivers\iLokDrvr.sys
2012-06-24 22:57 . 2012-06-24 22:57 -------- d-----w- c:\programdata\PACE
2012-06-24 22:57 . 2012-06-24 22:57 -------- d-----w- c:\program files (x86)\Common Files\PACE
2012-06-24 21:48 . 2012-06-24 21:50 -------- d-----w- c:\programdata\PACE Anti-Piracy
2012-06-24 21:48 . 2012-06-24 21:48 -------- d-----w- c:\program files (x86)\Common Files\PACE Anti-Piracy
2012-06-24 21:44 . 2012-06-24 21:44 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-06-24 21:44 . 2012-06-24 21:44 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-06-24 21:44 . 2012-06-24 21:44 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-06-24 21:44 . 2012-06-24 21:44 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-06-24 21:44 . 2012-06-24 21:44 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-06-24 21:44 . 2012-06-24 21:44 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-06-24 21:44 . 2012-06-24 21:44 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-06-24 21:43 . 2012-06-24 21:44 -------- d-----w- c:\program files (x86)\QuickTime
2012-06-24 21:43 . 2012-06-24 21:43 -------- d-----w- c:\programdata\Apple Computer
2012-06-24 21:43 . 2012-06-24 21:43 -------- d-----w- c:\program files (x86)\Common Files\Apple
2012-06-24 21:43 . 2012-06-24 21:43 -------- d-----w- c:\programdata\Apple
2012-06-24 21:43 . 2012-06-24 21:43 -------- d-----w- c:\program files (x86)\Apple Software Update
2012-06-24 21:41 . 2012-06-24 21:41 -------- d-----w- c:\program files (x86)\Mediafour
2012-06-24 21:28 . 2012-06-24 21:28 -------- d-----w- c:\program files (x86)\InterLok
2012-06-24 21:26 . 2010-07-12 13:50 836096 ----a-w- c:\windows\SysWow64\ilinet.dll
2012-06-24 21:26 . 2003-02-21 08:42 348160 ------w- c:\windows\SysWow64\msvcr71.dll
2012-06-24 21:26 . 2008-12-04 07:03 162832 ----a-w- c:\windows\system32\drivers\Dalwdm.sys
2012-06-24 21:26 . 2001-06-27 13:13 217088 ------w- c:\windows\SysWow64\qtmlClient.dll
2012-06-24 21:25 . 2012-06-25 05:19 -------- d-----w- c:\program files (x86)\Digidesign
2012-06-24 21:19 . 2012-06-24 21:19 -------- d-----w- c:\program files (x86)\Auslogics
2012-06-24 21:14 . 2012-06-27 21:52 -------- d-----w- c:\program files\CCleaner
2012-06-24 21:13 . 2012-06-24 21:13 -------- d-----w- c:\program files\CPUID
2012-06-24 21:13 . 2012-03-09 14:57 23816 ----a-w- c:\windows\system32\drivers\cpuz135_x64.sys
2012-06-24 21:08 . 2012-07-06 02:03 -------- d-----w- c:\users\UpdatusUser
2012-06-24 21:08 . 2012-05-15 09:29 2621723 ----a-w- c:\windows\system32\nvcoproc.bin
2012-06-24 21:06 . 2012-06-24 21:06 -------- d-----w- C:\NVIDIA
2012-06-24 20:40 . 2012-06-24 20:40 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-06-24 20:40 . 2012-06-24 20:40 -------- d-----w- c:\program files (x86)\Oracle
2012-06-24 20:40 . 2012-05-04 23:29 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-06-24 20:40 . 2012-05-04 23:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-06-24 20:39 . 2012-06-24 20:39 -------- d-----w- c:\program files (x86)\Java
2012-06-24 20:21 . 2011-01-25 15:28 1359976 ----a-w- c:\windows\system32\nvhdagenco642040.dll
2012-06-24 20:20 . 2012-06-24 22:08 -------- d-----w- c:\programdata\NVIDIA
2012-06-24 20:19 . 2011-03-01 04:37 1614440 ----a-w- c:\windows\system32\nvdispco642090.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-24 14:49 . 2010-11-21 03:24 14848 ----a-w- c:\windows\system32\slwga.dll
2012-06-24 14:49 . 2010-11-21 03:24 419840 ----a-w- c:\windows\system32\systemcpl.dll
2012-06-24 14:49 . 2010-11-21 03:23 13824 ----a-w- c:\windows\SysWow64\slwga.dll
2012-06-24 14:49 . 2010-11-21 03:24 833024 ----a-w- c:\windows\SysWow64\user32.dll
2012-06-24 14:49 . 2010-11-21 03:24 1008640 ----a-w- c:\windows\system32\user32.dll
2012-05-15 10:48 . 2012-02-10 02:43 949056 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-05-15 09:29 . 2011-03-01 01:47 889664 ----a-w- c:\windows\system32\nvvsvc.exe
2012-05-15 09:29 . 2011-03-01 01:47 63296 ----a-w- c:\windows\system32\nvshext.dll
2012-05-15 09:29 . 2011-03-01 01:47 118080 ----a-w- c:\windows\system32\nvmctray.dll
2012-05-15 09:29 . 2011-03-01 01:46 3149632 ----a-w- c:\windows\system32\nvsvc64.dll
2012-05-15 09:28 . 2011-03-01 01:46 6151488 ----a-w- c:\windows\system32\nvcpl.dll
2012-05-15 06:21 . 2012-05-15 06:21 423744 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-04-19 00:56 . 2012-04-19 00:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-19 00:56 . 2012-04-19 00:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[-] 2012-06-24 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2012-06-24 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
"DigidesignMMERefresh"="c:\program files (x86)\Digidesign\Drivers\MMERefresh.exe" [2011-03-03 77824]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CodeMeter Control Center.lnk - c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe [2011-7-6 6904208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dalwdmservice;dal service;c:\windows\system32\drivers\dalwdm.sys [2008-12-04 162832]
R3 DG003;Service for Digidesign 003 Driver (WDM);c:\windows\system32\DRIVERS\dg003.sys [2011-02-13 191792]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 16776]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 9096]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]
R3 rt61x64;RT61 Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr6164.sys [2009-06-02 438784]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-24 1255736]
R4 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R4 RalinkRegistryWriter64;Ralink Registry Writer 64;c:\program files (x86)\Ralink\Common\RaRegistry64.exe [2009-07-15 211232]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2011-07-06 2304912]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2012-03-09 23816]
S2 DigiNet;Digidesign Ethernet Support;c:\windows\system32\DRIVERS\diginet.sys [2008-12-04 21520]
S2 MboxAudioDevMon;Mbox Audio Device Monitor;c:\program files (x86)\Avid\Mbox\AudioDevMon.exe [2010-10-07 1919504]
S2 MboxMiniAudioDevMon;Mbox Mini Audio Device Monitor;c:\program files (x86)\Avid\Mbox Mini\AudioDevMon.exe [2010-10-08 1919504]
S2 MboxProAudioDevMon;Mbox Pro Audio Device Monitor;c:\program files (x86)\Avid\Mbox Pro\AudioDevMon.exe [2010-10-08 1919504]
S2 PaceLicenseDServices;PACE License Services;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2012-05-18 2938880]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2010-04-17 108032]
S3 iLokDrvr;Usb Driver;c:\windows\system32\DRIVERS\iLokDrvr.sys [2012-06-24 25752]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2163538463-1858056545-1914547564-1000Core.job
- c:\users\OMAR IZ\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-25 00:45]
.
2012-07-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2163538463-1858056545-1914547564-1000UA.job
- c:\users\OMAR IZ\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-25 00:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = about:blank
TCP: DhcpNameServer = 192.168.1.254 192.168.33.1
FF - ProfilePath - c:\users\OMAR IZ\AppData\Roaming\Mozilla\Firefox\Profiles\e33xxdec.default-1341772191307\
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\07\03\04\05\07&ť"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-07-11 01:04:55 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-11 05:04
.
Pre-Run: 22,105,989,120 bytes free
Post-Run: 22,031,880,192 bytes free
.
- - End Of File - - 51D74B666E156BBF0AD0AACC44506A95

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:25 AM

Posted 11 July 2012 - 12:45 AM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Folder::
c:\program files (x86)\Conduit

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 OMAR IZ

OMAR IZ
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:25 AM

Posted 11 July 2012 - 04:06 PM

Hi Gringo,

I ran the Combofix program a second time last night as instructed. I got no error messages during the process. The computer restarted by itself after the scan was completed and once it restarted it ran the report. Once again, I had to reboot the computer afterwards because my internet browsers and desktop icons were disabled for some reason and would not work. Once rebooted they all worked. So far the computer seems to be working fine with no issues. I am able to go online ok and am not getting any of those annoying secondary browser windows opening up. So far so good, I think you got this thing off my computer finally :thumbsup: So what now, should I run any other scans or am I good for now? Also, what software do you recommend I install and use as antivirus/spyware programs?
Thanks again for all your help Gringo!


Here's the CFScript/Combofix Log:

ComboFix 12-07-10.01 - OMAR IZ 07/11/2012 2:22.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16375.14470 [GMT -4:00]
Running from: c:\users\OMAR IZ\Desktop\ComboFix.exe
Command switches used :: c:\users\OMAR IZ\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Conduit
c:\program files (x86)\Conduit\Community Alerts\Alert.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-06-11 to 2012-07-11 )))))))))))))))))))))))))))))))
.
.
2012-07-11 06:24 . 2012-07-11 06:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-11 01:42 . 2012-07-11 01:42 -------- d-----w- C:\FRST
2012-07-10 00:38 . 2012-07-10 00:38 -------- d-----w- c:\program files (x86)\VS Revo Group
2012-07-10 00:14 . 2012-07-10 00:14 -------- d-----w- c:\windows\system32\appmgmt
2012-07-10 00:13 . 2012-07-10 00:13 -------- d-----w- C:\BOOT
2012-07-08 20:30 . 2012-07-10 03:28 -------- d-----w- c:\program files (x86)\Loaris
2012-07-08 17:36 . 2012-07-08 17:36 -------- d-----w- c:\programdata\Psicraft
2012-07-08 17:36 . 2012-07-08 17:36 -------- d-----w- c:\program files (x86)\Psicraft
2012-07-07 00:35 . 2012-07-07 00:35 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-07 00:35 . 2012-07-07 00:35 -------- d-----w- c:\programdata\Malwarebytes
2012-07-07 00:35 . 2012-04-04 19:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-05 05:32 . 2012-07-06 02:03 -------- d-----w- c:\program files (x86)\ImgBurn
2012-07-04 20:02 . 2012-07-04 20:02 -------- d-----w- c:\program files\Alex Feinman
2012-07-04 13:45 . 2012-07-05 04:10 -------- d-----w- c:\program files (x86)\NeoSmart Technologies
2012-07-04 05:08 . 2012-07-04 05:08 -------- d-----w- c:\programdata\Tarma Installer
2012-07-04 00:36 . 2010-10-01 05:34 188928 ----a-w- c:\windows\system32\usbitcmd.exe
2012-07-04 00:36 . 2010-10-01 05:34 165376 ----a-w- c:\windows\system32\usbit32.dll
2012-07-04 00:36 . 2010-10-01 05:25 89088 ----a-w- c:\windows\system32\USB Image Tool.exe
2012-07-04 00:36 . 2010-10-01 05:25 11776 ----a-w- c:\windows\system32\USB Image Tool Helper.dll
2012-07-04 00:17 . 2012-04-03 15:27 563 ----a-w- c:\windows\system32\makeusb.bat
2012-07-04 00:17 . 2011-08-19 18:11 512 ----a-w- c:\windows\system32\bs32.bin
2012-07-04 00:17 . 2011-08-15 20:56 512 ----a-w- c:\windows\system32\Mbr.bin
2012-07-04 00:17 . 2008-12-27 16:44 155648 ----a-w- c:\windows\system32\BootSectImage.exe
2012-07-04 00:17 . 2008-12-27 16:44 143360 ----a-w- c:\windows\system32\GenBootSector.exe
2012-07-03 05:40 . 2011-12-23 03:09 189576 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys
2012-07-03 05:40 . 2011-12-23 03:09 19592 ----a-w- c:\windows\system32\drivers\eudskacs.sys
2012-06-28 10:28 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-06-28 10:28 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-06-28 10:28 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2012-06-28 10:28 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-06-28 10:28 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-06-28 09:40 . 2012-06-28 09:40 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-06-26 20:07 . 2012-06-26 20:07 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-06-26 02:36 . 2012-06-26 02:36 -------- d-----w- c:\programdata\Final Draft
2012-06-25 21:53 . 2011-02-24 06:15 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-06-25 21:52 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-06-25 21:52 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-06-25 21:52 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-06-25 21:52 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-06-25 21:52 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-06-25 21:52 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-06-25 21:52 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-06-25 21:42 . 2011-01-17 11:09 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2012-06-25 21:42 . 2011-01-17 05:47 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2012-06-25 21:42 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2012-06-25 21:42 . 2011-04-29 03:05 410112 ----a-w- c:\windows\system32\drivers\srv2.sys
2012-06-25 21:42 . 2011-04-29 03:05 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys
2012-06-25 21:41 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2012-06-25 21:41 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2012-06-25 21:41 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2012-06-25 21:41 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2012-06-25 21:41 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-25 21:41 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-06-25 21:41 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-06-25 21:39 . 2011-02-12 11:34 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2012-06-25 21:38 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-06-25 21:38 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-06-25 21:38 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-06-25 21:38 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-06-25 21:38 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-06-25 21:38 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-06-25 21:38 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-06-25 21:38 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-06-25 21:38 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-06-25 05:22 . 2012-06-25 05:22 -------- d-----w- c:\programdata\Digidesign
2012-06-25 05:21 . 2012-06-25 05:21 -------- d-----w- c:\programdata\DigiDriver
2012-06-25 05:20 . 2012-06-25 05:20 -------- d-----w- c:\program files\Common Files\Digidesign
2012-06-25 05:17 . 2012-06-25 05:18 -------- d-----w- c:\program files\Avid
2012-06-25 05:17 . 2012-06-25 05:18 -------- d-----w- c:\program files (x86)\Avid
2012-06-25 05:15 . 2012-06-25 05:15 -------- d-----w- c:\program files\Digidesign
2012-06-25 04:34 . 2012-06-25 04:34 -------- d-----w- c:\programdata\Line 6
2012-06-25 04:34 . 2012-06-25 04:34 -------- d-----w- c:\program files\Common Files\Propellerhead Software
2012-06-25 04:34 . 2012-06-25 04:34 -------- d-----w- c:\program files\CodeMeter
2012-06-25 04:34 . 2012-06-25 04:34 -------- d-----w- c:\program files (x86)\CodeMeter
2012-06-25 04:32 . 2012-06-25 04:34 -------- d-----w- c:\program files\Propellerhead
2012-06-25 04:27 . 2012-06-25 04:27 163048 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin
2012-06-25 02:54 . 2012-06-25 02:54 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-06-25 02:44 . 2012-06-25 02:44 -------- d-----w- c:\program files (x86)\Propellerhead
2012-06-25 02:16 . 2012-06-25 02:16 406528 ----a-w- c:\windows\SysWow64\ReWire.dll
2012-06-25 02:16 . 2012-06-25 02:16 338432 ----a-w- c:\windows\SysWow64\REX Shared Library.dll
2012-06-25 02:08 . 2012-06-25 02:16 -------- d-----w- c:\programdata\Propellerhead Software
2012-06-25 01:45 . 2012-06-25 01:45 -------- d-----w- C:\Digidesign Databases
2012-06-25 01:16 . 2008-12-04 07:03 21520 ----a-w- c:\windows\system32\drivers\diginet.sys
2012-06-25 01:16 . 2012-06-25 05:19 -------- d-----w- c:\program files (x86)\Common Files\Digidesign
2012-06-25 00:48 . 2012-06-25 00:48 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-06-24 23:26 . 2012-07-06 02:04 -------- d-----w- c:\users\BEATKUNEDO
2012-06-24 22:57 . 2012-06-24 22:57 25752 ----a-w- c:\windows\system32\drivers\iLokDrvr.sys
2012-06-24 22:57 . 2012-06-24 22:57 -------- d-----w- c:\programdata\PACE
2012-06-24 22:57 . 2012-06-24 22:57 -------- d-----w- c:\program files (x86)\Common Files\PACE
2012-06-24 21:48 . 2012-06-24 21:50 -------- d-----w- c:\programdata\PACE Anti-Piracy
2012-06-24 21:48 . 2012-06-24 21:48 -------- d-----w- c:\program files (x86)\Common Files\PACE Anti-Piracy
2012-06-24 21:44 . 2012-06-24 21:44 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-06-24 21:44 . 2012-06-24 21:44 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-06-24 21:44 . 2012-06-24 21:44 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-06-24 21:44 . 2012-06-24 21:44 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-06-24 21:44 . 2012-06-24 21:44 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-06-24 21:44 . 2012-06-24 21:44 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-06-24 21:44 . 2012-06-24 21:44 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-06-24 21:43 . 2012-06-24 21:44 -------- d-----w- c:\program files (x86)\QuickTime
2012-06-24 21:43 . 2012-06-24 21:43 -------- d-----w- c:\programdata\Apple Computer
2012-06-24 21:43 . 2012-06-24 21:43 -------- d-----w- c:\program files (x86)\Common Files\Apple
2012-06-24 21:43 . 2012-06-24 21:43 -------- d-----w- c:\programdata\Apple
2012-06-24 21:43 . 2012-06-24 21:43 -------- d-----w- c:\program files (x86)\Apple Software Update
2012-06-24 21:41 . 2012-06-24 21:41 -------- d-----w- c:\program files (x86)\Mediafour
2012-06-24 21:28 . 2012-06-24 21:28 -------- d-----w- c:\program files (x86)\InterLok
2012-06-24 21:26 . 2010-07-12 13:50 836096 ----a-w- c:\windows\SysWow64\ilinet.dll
2012-06-24 21:26 . 2003-02-21 08:42 348160 ------w- c:\windows\SysWow64\msvcr71.dll
2012-06-24 21:26 . 2008-12-04 07:03 162832 ----a-w- c:\windows\system32\drivers\Dalwdm.sys
2012-06-24 21:26 . 2001-06-27 13:13 217088 ------w- c:\windows\SysWow64\qtmlClient.dll
2012-06-24 21:25 . 2012-06-25 05:19 -------- d-----w- c:\program files (x86)\Digidesign
2012-06-24 21:19 . 2012-06-24 21:19 -------- d-----w- c:\program files (x86)\Auslogics
2012-06-24 21:14 . 2012-06-27 21:52 -------- d-----w- c:\program files\CCleaner
2012-06-24 21:13 . 2012-06-24 21:13 -------- d-----w- c:\program files\CPUID
2012-06-24 21:13 . 2012-03-09 14:57 23816 ----a-w- c:\windows\system32\drivers\cpuz135_x64.sys
2012-06-24 21:08 . 2012-07-06 02:03 -------- d-----w- c:\users\UpdatusUser
2012-06-24 21:08 . 2012-05-15 09:29 2621723 ----a-w- c:\windows\system32\nvcoproc.bin
2012-06-24 21:06 . 2012-06-24 21:06 -------- d-----w- C:\NVIDIA
2012-06-24 20:40 . 2012-06-24 20:40 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-06-24 20:40 . 2012-06-24 20:40 -------- d-----w- c:\program files (x86)\Oracle
2012-06-24 20:40 . 2012-05-04 23:29 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-06-24 20:40 . 2012-05-04 23:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-06-24 20:39 . 2012-06-24 20:39 -------- d-----w- c:\program files (x86)\Java
2012-06-24 20:21 . 2011-01-25 15:28 1359976 ----a-w- c:\windows\system32\nvhdagenco642040.dll
2012-06-24 20:20 . 2012-06-24 22:08 -------- d-----w- c:\programdata\NVIDIA
2012-06-24 20:19 . 2011-03-01 04:37 1614440 ----a-w- c:\windows\system32\nvdispco642090.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-24 14:49 . 2010-11-21 03:24 14848 ----a-w- c:\windows\system32\slwga.dll
2012-06-24 14:49 . 2010-11-21 03:24 419840 ----a-w- c:\windows\system32\systemcpl.dll
2012-06-24 14:49 . 2010-11-21 03:23 13824 ----a-w- c:\windows\SysWow64\slwga.dll
2012-06-24 14:49 . 2010-11-21 03:24 833024 ----a-w- c:\windows\SysWow64\user32.dll
2012-06-24 14:49 . 2010-11-21 03:24 1008640 ----a-w- c:\windows\system32\user32.dll
2012-05-15 10:48 . 2012-02-10 02:43 949056 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-05-15 09:29 . 2011-03-01 01:47 889664 ----a-w- c:\windows\system32\nvvsvc.exe
2012-05-15 09:29 . 2011-03-01 01:47 63296 ----a-w- c:\windows\system32\nvshext.dll
2012-05-15 09:29 . 2011-03-01 01:47 118080 ----a-w- c:\windows\system32\nvmctray.dll
2012-05-15 09:29 . 2011-03-01 01:46 3149632 ----a-w- c:\windows\system32\nvsvc64.dll
2012-05-15 09:28 . 2011-03-01 01:46 6151488 ----a-w- c:\windows\system32\nvcpl.dll
2012-05-15 06:21 . 2012-05-15 06:21 423744 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-04-19 00:56 . 2012-04-19 00:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-19 00:56 . 2012-04-19 00:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[-] 2012-06-24 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2012-06-24 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
.
((((((((((((((((((((((((((((( SnapShot@2012-07-11_05.01.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-21 03:09 . 2012-07-11 05:10 54134 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-11 05:10 39166 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-06-24 15:12 . 2012-07-11 05:10 16038 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2163538463-1858056545-1914547564-1000_UserData.bin
- 2012-06-24 20:12 . 2012-07-11 03:53 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-06-24 20:12 . 2012-07-11 05:08 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-06-24 20:12 . 2012-07-11 05:08 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2012-06-24 20:12 . 2012-07-11 03:53 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2012-06-24 20:12 . 2012-07-11 05:08 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-06-24 20:12 . 2012-07-11 03:53 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-06-24 20:12 . 2012-07-11 06:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-06-24 20:12 . 2012-07-11 04:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-06-24 20:12 . 2012-07-11 06:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-06-24 20:12 . 2012-07-11 04:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-07-11 06:25 . 2012-07-11 06:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-11 05:01 . 2012-07-11 05:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-11 05:01 . 2012-07-11 05:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-11 06:25 . 2012-07-11 06:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2012-07-11 05:00 236752 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-07-11 06:24 236752 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-07-09 04:40 . 2012-07-11 06:24 2696066 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2163538463-1858056545-1914547564-1000-8192.dat
- 2012-07-09 04:40 . 2012-07-11 05:00 2696066 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2163538463-1858056545-1914547564-1000-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
"DigidesignMMERefresh"="c:\program files (x86)\Digidesign\Drivers\MMERefresh.exe" [2011-03-03 77824]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CodeMeter Control Center.lnk - c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe [2011-7-6 6904208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dalwdmservice;dal service;c:\windows\system32\drivers\dalwdm.sys [2008-12-04 162832]
R3 DG003;Service for Digidesign 003 Driver (WDM);c:\windows\system32\DRIVERS\dg003.sys [2011-02-13 191792]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 16776]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 9096]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]
R3 rt61x64;RT61 Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr6164.sys [2009-06-02 438784]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-24 1255736]
R4 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R4 RalinkRegistryWriter64;Ralink Registry Writer 64;c:\program files (x86)\Ralink\Common\RaRegistry64.exe [2009-07-15 211232]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2011-07-06 2304912]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2012-03-09 23816]
S2 DigiNet;Digidesign Ethernet Support;c:\windows\system32\DRIVERS\diginet.sys [2008-12-04 21520]
S2 MboxAudioDevMon;Mbox Audio Device Monitor;c:\program files (x86)\Avid\Mbox\AudioDevMon.exe [2010-10-07 1919504]
S2 MboxMiniAudioDevMon;Mbox Mini Audio Device Monitor;c:\program files (x86)\Avid\Mbox Mini\AudioDevMon.exe [2010-10-08 1919504]
S2 MboxProAudioDevMon;Mbox Pro Audio Device Monitor;c:\program files (x86)\Avid\Mbox Pro\AudioDevMon.exe [2010-10-08 1919504]
S2 PaceLicenseDServices;PACE License Services;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2012-05-18 2938880]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2010-04-17 108032]
S3 iLokDrvr;Usb Driver;c:\windows\system32\DRIVERS\iLokDrvr.sys [2012-06-24 25752]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2163538463-1858056545-1914547564-1000Core.job
- c:\users\OMAR IZ\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-25 00:45]
.
2012-07-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2163538463-1858056545-1914547564-1000UA.job
- c:\users\OMAR IZ\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-25 00:45]
.
.
--------- X64 Entries -----------
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
TCP: DhcpNameServer = 192.168.1.254 192.168.33.1
FF - ProfilePath - c:\users\OMAR IZ\AppData\Roaming\Mozilla\Firefox\Profiles\e33xxdec.default-1341772191307\
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\07\03\04\05\07&ť"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-07-11 02:29:06 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-11 06:29
ComboFix2.txt 2012-07-11 05:04
.
Pre-Run: 21,629,865,984 bytes free
Post-Run: 21,558,235,136 bytes free
.
- - End Of File - - D763C955B0706DA6539283F73EA5572F

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:25 AM

Posted 11 July 2012 - 08:55 PM

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here http://www.ccleaner.com/

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
  • Click Run Cleaner.
  • Close CCleaner.

: Malwarebytes' Anti-Malware :

  • I would like you to rerun MBAM
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidentally close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Go Here to download HijackThis Installer
  • Save HijackThis Installer to your desktop.
  • Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed it will launch Hijackthis.
  • Click on the Do a system scan and save a log file button. It will scan and the log should open in notepad.
  • Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the Analyze This button its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 OMAR IZ

OMAR IZ
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:25 AM

Posted 11 July 2012 - 11:47 PM

Hi Gringo,
I installed and ran all the software you mentioned. I cleaned the system with CC Cleaner first. No problems there.
I updated Malwarebytes and ran the quick scan. When the scan completed, it did not give me the option to show results or click OK, it just automatically brought up the notepad with the scan results. Is it because I have the free version?
I installed the Hijackthis software. I ran the scan and got a few pop up windows that described .exe error codes. I was given a yes/no option for the program to do something, but I clicked no, the windows closed, and scan continued. Once the scan completed it generated the log. I did not click to fix any items.
The computer is operating with no problems. When going online, I am not getting any more pop up browser windows that I was experiencing before when going. So far, so good. :thumbsup: Thanks again!!

Here are the logs:


Malwarebytes Quick Scan Log

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.11.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
OMAR IZ :: BEATKUNEDO [administrator]

7/11/2012 8:04:47 AM
mbam-log-2012-07-11 (08-04-47).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 247561
Time elapsed: 1 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Hijackthis Log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:20:30 AM, on 7/12/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\OMAR IZ\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - Global Startup: CodeMeter Control Center.lnk = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Avid Technology, Inc. - C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
O23 - Service: digiSPTIService - Avid Technology, Inc. - C:\Program Files (x86)\Digidesign\Pro Tools\digiSPTIService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mbox Audio Device Monitor (MboxAudioDevMon) - Avid - C:\Program Files (x86)\Avid\Mbox\AudioDevMon.exe
O23 - Service: Mbox Mini Audio Device Monitor (MboxMiniAudioDevMon) - Avid - C:\Program Files (x86)\Avid\Mbox Mini\AudioDevMon.exe
O23 - Service: Mbox Pro Audio Device Monitor (MboxProAudioDevMon) - Avid - C:\Program Files (x86)\Avid\Mbox Pro\AudioDevMon.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PACE License Services (PaceLicenseDServices) - PACE Anti-Piracy, Inc. - C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6043 bytes




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users