Jump to content

Recommended Posts

  • Replies 77
  • Created
  • Last Reply

Top Posters In This Topic

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 25-Jan-14 11:51:37 AM
System Uptime: 10-Feb-14 4:23:10 AM (2 hours ago)
.
Motherboard: Sony Corporation |  | VAIO
Processor: Intel® Core2 Duo CPU     P8700  @ 2.53GHz | N/A | 2534/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 48.087 GiB free.
D: is FIXED (NTFS) - 149 GiB total, 7.377 GiB free.
E: is CDROM ()
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Description: Generic Bluetooth Adapter
Device ID: USB\VID_044E&PID_3017\0024337554D2
Manufacturer: GenericAdapter
Name: Generic Bluetooth Adapter
PNP Device ID: USB\VID_044E&PID_3017\0024337554D2
Service: BTHUSB
.
==== System Restore Points ===================
.
RP54: 08-Feb-14 1:23:31 PM - Revo Uninstaller's restore point - Software Version Updater
RP56: 08-Feb-14 1:24:51 PM - Revo Uninstaller's restore point - Smart Leech version 1.0.0 Beta
RP58: 08-Feb-14 1:25:52 PM - Revo Uninstaller's restore point - SimilarProducts
RP60: 08-Feb-14 1:28:05 PM - Revo Uninstaller's restore point - FilesFrog Update Checker
RP62: 08-Feb-14 1:29:13 PM - Revo Uninstaller's restore point - ARHome
RP64: 08-Feb-14 1:30:08 PM - Revo Uninstaller's restore point - Hide My IP 5.4
RP66: 08-Feb-14 1:30:53 PM - Revo Uninstaller's restore point - Skype Click to Call
RP68: 08-Feb-14 1:34:00 PM - Revo Uninstaller's restore point - MyTube version 3.0.0.0
RP70: 10-Feb-14 1:46:11 AM - Revo Uninstaller's restore point - Paltalk Messenger  11.3
RP72: 10-Feb-14 2:26:22 AM - Revo Uninstaller Pro's restore point - avast! Antivirus
RP73: 10-Feb-14 2:53:17 AM - Removed Rasputin
RP74: 10-Feb-14 4:12:29 AM - Tweaking.com - Windows Repair
.
==== Installed Programs ======================
.
Active@ File Recovery 12
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader X (10.1.9)
Adobe Shockwave Player 12.0
Advanced SystemCare 7
Aomei Ntfs2Fat32 Pro Edition 2.0
Apple Application Support
BSR Screen Recorder 6
Camtasia Studio 8
CCleaner
Comodo Dragon
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Driver Booster
EaseUS Data Recovery Wizard 7.0
Everything 1.2.1.371
FastStone Capture 7.6
GLArab.com HTTP Proxy
Google Chrome
Hekasoft Backup & Restore 0.32
HitmanPro 3.7
iFunBox 2014 (v3.1.562.425), iFunbox DevTeam
Intel® Graphics Media Accelerator Driver
Internet Download Manager
IObit Uninstaller
iolo technologies' System Mechanic
Java 7 Update 51
Java Auto Updater
K-Lite Codec Pack 10.1.0 Full
KeyScrambler
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4.5.1
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
MozBackup 1.5.1
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
NirSoft BlueScreenView
Opera 12.16
Pale Moon 24.2.2 (x86 en-US)
Paltalk Messenger  11.3
Process Hacker 2.33 (r5590)
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Recover My Files
Revo Uninstaller 1.95
Revo Uninstaller Pro 3.0.8
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2863902) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype Click to Call
Skype™ 6.10
Surfing Protection
TeraCopy 2.3
Tweaking.com - Windows Repair (All in One)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
VLC media player 2.1.2
WinRAR 4.00 (32-bit)
Wondershare MobileTrans ( Version 3.5.1 )
.
==== Event Viewer Messages From Past Week ========
.
10-Feb-14 5:26:52 AM, Error: Service Control Manager [7023]  - The Function Discovery Resource Publication service terminated with the following error:  %%-2147014874
10-Feb-14 5:26:52 AM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:  %%-2147014874
10-Feb-14 4:24:18 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:  An instance of the service is already running.
10-Feb-14 4:23:48 AM, Error: Service Control Manager [7031]  - The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
10-Feb-14 4:23:48 AM, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
10-Feb-14 4:23:46 AM, Error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error %%-1073473535.
10-Feb-14 4:16:08 AM, Error: Service Control Manager [7031]  - The Update Surftastic service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
10-Feb-14 4:16:01 AM, Error: Service Control Manager [7031]  - The Util Surftastic service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
.
==== End Of File ===========================
 

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.51.2
Run by Owner at 6:01:14 on 2014-02-10
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.2911.313 [GMT -8:00]
.
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
C:\Program Files\HitmanPro\hmpsched.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\GLArab.com\Proxy\http_proxy.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files\Mobogenie\MgAssist.exe
C:\Program Files\HitmanPro\HitmanPro.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
C:\Program Files\iolo\System Mechanic\iologovernor.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Mobogenie\DaemonProcess.exe
C:\Program Files\KeyScrambler\KeyScrambler.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Pale Moon\palemoon.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Paltalk Messenger\paltalk.exe
C:\Program Files\Paltalk Messenger\paltalk.exe
C:\Program Files\Pale Moon\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_54.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_54.exe
C:\Windows\system32\conhost.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe
C:\Windows\explorer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.





BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - c:\program files\internet download manager\IDMIECC.dll
BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - c:\program files\iobit\iobit uninstaller\UninstallExplorer32.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: NoVooIT Class: {598AC71E-BE58-3981-B78A-5C138F423AD6} - c:\users\owner\appdata\roaming\volie\NoVooIT_32.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - c:\program files\iobit\surfing protection\browerprotect\ASCPlugin_Protection.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: BHOImpl Class: {E1499FE7-129D-4B6E-B681-DDF21E14172C} - c:\users\owner\documents\itools\plugin\iToolsBHO.dll
uRun: [Advanced SystemCare 7] "c:\program files\iobit\advanced systemcare 7\ASCTray.exe" /Auto
uRun: [iDMan] c:\program files\internet download manager\IDMan.exe /onboot
mRun: [KeyScrambler] c:\program files\keyscrambler\keyscrambler.exe /a
mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [mobilegeni daemon] c:\program files\mobogenie\DaemonProcess.exe
StartupFolder: c:\users\owner\appdata\roaming\micros~1\windows\startm~1\programs\startup\paltalk.lnk - c:\program files\paltalk messenger\paltalk.exe
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - c:\program files\paltalk messenger\Paltalk.exe
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{2775E7F5-4C15-4C52-AFC2-0AECC741DBEE} : NameServer = 4.2.2.1,4.2.2.2
TCP: Interfaces\{2775E7F5-4C15-4C52-AFC2-0AECC741DBEE} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: WSIEChrome - <Clsid value has no data>
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\owner\appdata\roaming\mozilla\firefox\profiles\1swvt7d3.default\
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\owner\documents\itools\plugin\npiTools.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1207148.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_54.dll
.
============= SERVICES / DRIVERS ===============
.
R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2014-2-8 26248]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\iobit\advanced systemcare 7\ASCService.exe [2014-1-30 881440]
R2 glarab_http_proxy;GLArab.com HTTP Proxy;c:\program files\glarab.com\proxy\http_proxy.exe [2012-12-20 2255984]
R2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\hitmanpro\hmpsched.exe [2014-2-4 106248]
R2 hmip;hmip;c:\windows\system32\drivers\hmip.sys [2014-1-29 25448]
R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2014-1-16 108000]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2014-2-2 1168960]
R2 MgAssistService;MgAssist Service;c:\program files\mobogenie\MgAssist.exe [2014-2-2 63168]
R2 PDFsFilter;PDFsFilter;c:\windows\system32\drivers\PDFsFilter.sys [2014-2-2 68464]
R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys [2014-2-10 30976]
R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [2014-1-25 209016]
R3 NETwNs32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETwNs32.sys [2014-1-30 7530736]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2014-1-25 10752]
R3 SmbDrvI;SmbDrvI;c:\windows\system32\drivers\Smb_driver_Intel.sys [2014-1-30 27888]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-1-26 108032]
S3 MDA_NTDRV;MDA_NTDRV;c:\windows\system32\MDA_NTDRV.sys [2013-2-25 18136]
S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2014-1-28 14848]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2014-2-10 27192]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-20 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2014-1-28 24064]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2014-1-28 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2014-1-28 27136]
S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2014-1-26 1343400]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296]
S4 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\codemeter\runtime\bin\CodeMeter.exe [2014-1-25 3105144]
S4 DragonUpdater;COMODO Dragon Update Service;c:\program files\comodo\dragon\dragon_updater.exe [2014-1-28 2135232]
S4 LiveUpdateSvc;LiveUpdate;c:\program files\iobit\liveupdate\LiveUpdate.exe [2014-1-30 2151200]
S4 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-10-9 3275136]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-9-5 171680]
.
=============== Created Last 30 ================
.
2014-02-10 12:37:13    --------    d-----w-    c:\users\owner\appdata\roaming\Paltalk
2014-02-10 12:37:07    --------    d-----w-    c:\program files\Paltalk Messenger
2014-02-10 12:25:04    30976    ----a-w-    c:\windows\system32\drivers\hitmanpro37.sys
2014-02-10 12:15:54    --------    d-----w-    c:\windows\system32\wbem\repository
2014-02-10 12:12:49    --------    d-----w-    C:\RegBackup
2014-02-10 12:02:09    --------    d-----w-    C:\AdwCleaner
2014-02-10 11:58:56    --------    d-----w-    C:\TDSSKiller_Quarantine
2014-02-10 11:05:33    --------    d-----w-    c:\users\owner\appdata\roaming\Malwarebytes
2014-02-10 11:05:24    22856    ----a-w-    c:\windows\system32\drivers\mbam.sys
2014-02-10 11:05:24    --------    d-----w-    c:\programdata\Malwarebytes
2014-02-10 11:05:24    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2014-02-10 11:04:05    --------    d-----w-    c:\program files\common files\Microsoft
2014-02-10 11:04:05    --------    d-----w-    c:\program files\AdwareRemovalToolv3.7
2014-02-10 11:03:16    --------    d-----w-    c:\windows\ERUNT
2014-02-10 10:23:55    --------    d-----w-    c:\users\owner\appdata\local\VS Revo Group
2014-02-10 10:23:49    27192    ----a-w-    c:\windows\system32\drivers\revoflt.sys
2014-02-10 10:23:49    --------    d-----w-    c:\programdata\VS Revo Group
2014-02-09 22:23:50    --------    d-----w-    c:\program files\MozBackup
2014-02-09 06:39:34    --------    d-----w-    c:\program files\Tweaking.com
2014-02-08 21:35:13    --------    d-----w-    c:\users\owner\appdata\roaming\VSRevoGroup
2014-02-08 08:40:36    26248    ----a-w-    c:\windows\system32\drivers\ElRawDsk.sys
2014-02-08 08:28:38    410784    ----a-w-    c:\windows\system32\drivers\gjfrjteg.sys
2014-02-07 22:52:09    --------    d-----w-    c:\users\owner\appdata\roaming\WindSolutions
2014-02-07 22:31:58    --------    d-----w-    c:\programdata\WindSolutions
2014-02-07 11:35:21    410784    ----a-w-    c:\windows\system32\drivers\avkjrmmr.sys
2014-02-07 11:32:11    410784    ----a-w-    c:\windows\system32\drivers\tqjmaywk.sys
2014-02-07 05:13:42    --------    d-----w-    c:\users\owner\appdata\roaming\Wondershare
2014-02-06 14:41:11    --------    d-----w-    c:\users\owner\appdata\local\Wondershare
2014-02-06 14:41:08    --------    d-----w-    c:\program files\common files\Wondershare
2014-02-06 14:37:18    --------    d-----w-    c:\programdata\Wondershare Player
2014-02-06 14:37:18    --------    d-----w-    c:\program files\Wondershare
2014-02-05 02:58:04    --------    d-----w-    C:\EEK
2014-02-05 02:38:54    --------    d-----w-    c:\program files\HitmanPro
2014-02-05 02:38:00    --------    d-----w-    c:\programdata\HitmanPro
2014-02-04 12:37:39    --------    d-----w-    c:\program files\SimilarProducts
2014-02-04 12:36:21    --------    d-----w-    c:\program files\Smart PC Soft
2014-02-03 04:28:44    --------    d-----w-    c:\windows\onhax-temp
2014-02-03 04:28:34    --------    d-----w-    c:\users\owner\appdata\roaming\VolIE
2014-02-03 04:28:32    --------    d-----w-    c:\users\owner\appdata\roaming\ARHome
2014-02-03 04:27:14    --------    d-----w-    c:\users\owner\.android
2014-02-03 04:27:12    --------    d-----w-    c:\users\owner\appdata\local\cache
2014-02-03 04:27:10    --------    d-----w-    c:\users\owner\appdata\roaming\newnext.me
2014-02-03 04:27:10    --------    d-----w-    c:\users\owner\appdata\local\Mobogenie
2014-02-03 04:26:32    --------    d-----w-    c:\program files\Mobogenie
2014-02-03 04:13:06    3955200    ----a-w-    C:\SystemGuardAlerter.exe
2014-02-03 04:13:06    266752    ----a-w-    C:\GvrMgr.dll
2014-02-03 04:11:49    2097984    ----a-w-    c:\windows\system32\Incinerator32.dll
2014-02-03 04:11:48    68464    ----a-w-    c:\windows\system32\drivers\PDFsFilter.sys
2014-02-03 04:11:48    41616    ----a-w-    c:\windows\system32\iolobtdfg.exe
2014-02-03 04:11:48    23568    ----a-w-    c:\windows\system32\smrgdf.exe
2014-02-03 04:11:48    --------    d-----w-    c:\programdata\ioloGovernor
2014-02-03 04:11:45    56200    ----a-w-    c:\windows\system32\offreg.dll
2014-02-03 04:11:45    --------    d-----w-    c:\users\owner\appdata\roaming\ioloGovernor
2014-02-03 04:11:44    --------    d-----w-    c:\program files\iolo
2014-02-03 04:10:40    74703    ----a-w-    c:\windows\system32\mfc45.dat
2014-02-03 04:10:38    --------    d-----w-    c:\users\owner\appdata\roaming\iolo
2014-02-03 04:10:38    --------    d-----w-    c:\programdata\iolo
2014-02-02 09:55:05    --------    d-----w-    c:\programdata\TamoSoft
2014-02-02 09:23:19    --------    d-----w-    c:\program files\Acrylic DNS Proxy
2014-02-02 05:41:20    --------    d-----w-    c:\users\owner\appdata\local\Comodo
2014-02-02 05:41:16    48392    ----a-w-    c:\windows\system32\certsentry.dll
2014-02-02 05:41:07    --------    d-----w-    c:\program files\Comodo
2014-02-02 05:38:16    1700352    ----a-w-    c:\windows\system32\gdiplus.dll
2014-02-02 05:38:16    1060864    ----a-w-    c:\windows\system32\mfc71.dll
2014-01-31 17:36:38    --------    d-----w-    c:\users\owner\appdata\local\Opera
2014-01-30 22:41:42    7530736    ----a-w-    c:\windows\system32\drivers\NETwNs32.sys
2014-01-30 22:41:42    690928    ----a-w-    c:\windows\system32\NETwNc32.dll
2014-01-30 22:41:42    2767600    ----a-w-    c:\windows\system32\NETwNr32.dll
2014-01-30 22:41:27    --------    d-----w-    c:\program files\Synaptics
2014-01-30 22:41:20    1629040    ----a-w-    c:\windows\system32\WdfCoInstaller01011.dll
2014-01-30 22:41:14    27888    ----a-w-    c:\windows\system32\drivers\Smb_driver_Intel.sys
2014-01-30 22:34:19    --------    d-----w-    c:\windows\system32\RTCOM
2014-01-30 22:34:19    --------    d-----w-    c:\program files\Realtek
2014-01-30 22:32:59    926976    ----a-w-    c:\windows\system32\MaxxSpeechAPO.dll
2014-01-30 22:27:17    24384    ----a-w-    c:\windows\system32\RegistryDefragBootTime.exe
2014-01-30 22:06:11    --------    d-----w-    c:\programdata\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-30 22:05:45    --------    d-----w-    c:\programdata\ProductData
2014-01-30 22:03:10    --------    d-----w-    c:\users\owner\appdata\roaming\IObit
2014-01-30 22:02:38    --------    d-----w-    c:\programdata\IObit
2014-01-30 22:02:38    --------    d-----w-    c:\program files\IObit
2014-01-29 18:57:49    --------    d-----w-    c:\program files\ColorSoft
2014-01-29 17:13:58    25448    ----a-w-    c:\windows\system32\drivers\hmip.sys
2014-01-29 10:00:37    --------    d-----w-    c:\program files\VS Revo Group
2014-01-29 09:34:45    --------    d-----w-    c:\users\owner\appdata\local\ElevatedDiagnostics
2014-01-28 21:10:20    98304    ----a-w-    c:\windows\system32\bsreffs.dll
2014-01-28 21:10:20    90112    ----a-w-    c:\windows\system32\bsrlback.dll
2014-01-28 21:10:20    --------    d-----w-    c:\users\owner\appdata\local\Bulents
2014-01-28 21:10:19    81920    ----a-w-    c:\windows\system32\bsrgvas.dll
2014-01-28 21:10:19    692224    ----a-w-    c:\windows\system32\bsrmgcv.dll
2014-01-28 21:10:19    192512    ----a-w-    c:\windows\system32\bsrmgps.dll
2014-01-28 21:08:40    585728    ----a-w-    c:\windows\system32\bsratswf.dll
2014-01-28 21:08:40    147456    ----a-w-    c:\windows\system32\bsratwmv.dll
2014-01-28 21:08:39    --------    d-----w-    c:\program files\BSR Screen Recorder 6
2014-01-28 16:31:19    --------    d-----w-    c:\users\owner\appdata\roaming\iFunBox.NXGen
2014-01-28 16:29:19    --------    d-----w-    c:\users\owner\appdata\local\Apple Computer
2014-01-28 16:27:13    --------    d-----w-    c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-01-28 16:26:03    --------    d-----w-    c:\users\owner\appdata\local\Apple
2014-01-28 15:10:28    --------    d-----w-    c:\program files\iFunbox 2014
2014-01-28 12:35:53    --------    d-----w-    c:\windows\fr-FR
2014-01-28 12:35:50    --------    d-----w-    c:\windows\ar-SA
2014-01-28 12:35:46    --------    d-----w-    c:\windows\system32\XPSViewer
2014-01-28 12:35:46    --------    d-----w-    c:\windows\system32\fr
2014-01-28 12:35:46    --------    d-----w-    c:\windows\system32\drivers\umdf\fr-FR
2014-01-28 12:35:46    --------    d-----w-    c:\windows\system32\drivers\umdf\ar-SA
2014-01-28 12:35:46    --------    d-----w-    c:\windows\system32\drivers\fr-FR
2014-01-28 12:35:46    --------    d-----w-    c:\windows\system32\drivers\ar-SA
2014-01-28 12:35:46    --------    d-----w-    c:\windows\system32\ar
2014-01-28 12:35:46    --------    d-----w-    c:\windows\system32\040C
2014-01-28 12:35:28    --------    d-----w-    c:\windows\system32\wbem\fr-FR
2014-01-28 12:35:26    --------    d-----w-    c:\windows\system32\wbem\ar-SA
2014-01-28 12:29:47    3584    ----a-w-    c:\windows\system32\spool\prtprocs\w32x86\ar-sa\LXKPTPRC.DLL.mui
2014-01-28 12:26:27    --------    d-----w-    C:\Intel
2014-01-28 12:22:15    514560    ----a-w-    c:\windows\system32\qdvd.dll
2014-01-28 12:06:58    --------    d-----w-    c:\windows\Migration
2014-01-28 10:53:23    --------    d-----w-    c:\users\owner\appdata\roaming\Runscanner.net
2014-01-28 10:23:53    --------    d-----w-    c:\program files\NirSoft
2014-01-27 15:28:34    --------    d-----w-    c:\windows\pss
2014-01-27 00:46:40    --------    d-----w-    C:\wifidata
2014-01-26 23:46:03    --------    d-----w-    c:\programdata\Oracle
2014-01-26 23:45:38    94632    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2014-01-26 23:36:49    --------    d-----w-    c:\program files\VideoLAN
2014-01-26 23:35:21    --------    d-----w-    c:\windows\system32\Adobe
2014-01-26 19:53:57    317440    ----a-w-    c:\windows\system32\spoolsv.exe
2014-01-26 19:53:56    2616320    ----a-w-    c:\windows\explorer.exe
2014-01-26 15:57:11    --------    d-----w-    c:\users\owner\appdata\roaming\QFX Software
2014-01-26 15:57:11    --------    d-----w-    c:\programdata\QFX Software
2014-01-26 15:52:26    --------    d-----w-    c:\windows\system32\Wat
2014-01-26 12:16:09    --------    d-----w-    c:\users\owner\appdata\roaming\Process Hacker 2
2014-01-26 12:14:27    --------    d-----w-    c:\program files\Process Hacker 2
2014-01-26 11:19:29    66560    ----a-w-    c:\windows\system32\drivers\WUDFPf.sys
2014-01-26 11:19:29    155136    ----a-w-    c:\windows\system32\drivers\WUDFRd.sys
2014-01-26 11:19:28    73216    ----a-w-    c:\windows\system32\WUDFSvc.dll
2014-01-26 11:19:27    172032    ----a-w-    c:\windows\system32\WUDFPlatform.dll
2014-01-26 11:19:24    38912    ----a-w-    c:\windows\system32\WUDFCoinstaller.dll
2014-01-26 11:19:24    196608    ----a-w-    c:\windows\system32\WUDFHost.exe
2014-01-26 11:19:23    613888    ----a-w-    c:\windows\system32\WUDFx.dll
2014-01-26 11:12:33    12625408    ----a-w-    c:\windows\system32\wmploc.DLL
2014-01-26 11:12:32    164864    ----a-w-    c:\program files\windows media player\wmplayer.exe
2014-01-26 11:09:18    640512    ----a-w-    c:\windows\system32\advapi32.dll
2014-01-26 11:09:18    619520    ----a-w-    c:\windows\system32\tdh.dll
2014-01-26 11:09:18    3969472    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2014-01-26 11:09:18    3914176    ----a-w-    c:\windows\system32\ntoskrnl.exe
2014-01-26 11:09:18    1289096    ----a-w-    c:\windows\system32\ntdll.dll
2014-01-26 11:09:08    338944    ----a-w-    c:\windows\system32\drivers\afd.sys
2014-01-26 11:09:08    231424    ----a-w-    c:\windows\system32\mswsock.dll
2014-01-26 11:09:08    1294272    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2014-01-26 11:07:55    --------    d-----w-    c:\program files\CCleaner
2014-01-26 09:18:11    --------    d-----w-    c:\programdata\FastStone
2014-01-26 09:07:45    427520    ----a-w-    c:\windows\system32\SearchIndexer.exe
2014-01-26 09:02:06    --------    d-----w-    c:\program files\Macrorit
2014-01-26 08:59:24    --------    d-----w-    c:\programdata\CodeMeter
2014-01-25 23:46:55    --------    d-----w-    c:\users\owner\appdata\local\Macromedia
2014-01-25 23:45:38    2422272    ----a-w-    c:\windows\system32\wucltux.dll
2014-01-25 23:45:30    88576    ----a-w-    c:\windows\system32\wudriver.dll
2014-01-25 23:45:21    33792    ----a-w-    c:\windows\system32\wuapp.exe
2014-01-25 23:45:21    171904    ----a-w-    c:\windows\system32\wuwebv.dll
2014-01-25 23:44:05    --------    d-----w-    c:\users\owner\appdata\local\Mozilla
2014-01-25 23:06:56    --------    d-----w-    c:\users\owner\appdata\local\TechSmith
2014-01-25 23:01:42    --------    d-----w-    c:\users\owner\appdata\roaming\TechSmith
2014-01-25 22:17:38    --------    d-----w-    c:\program files\GLArab.com
2014-01-25 21:22:06    60416    ----a-w-    c:\windows\system32\drivers\BTHUSB.SYS
2014-01-25 21:15:43    --------    d-----w-    c:\users\owner\appdata\local\Adobe
2014-01-25 21:15:17    --------    d-----w-    c:\users\owner\appdata\local\CrashDumps
2014-01-25 21:12:10    --------    d-----w-    c:\programdata\regid.1995-08.com.techsmith
2014-01-25 21:11:13    --------    d-----w-    c:\program files\common files\TechSmith Shared
2014-01-25 20:17:30    --------    d-----w-    c:\users\owner\appdata\roaming\FastStone
2014-01-25 20:17:30    --------    d-----w-    c:\users\owner\appdata\local\FastStone
2014-01-25 20:08:08    10752    ----a-w-    c:\windows\system32\drivers\SFEP.sys
2014-01-25 20:07:36    69120    ----a-w-    c:\windows\system32\drivers\rimsptsk.sys
2014-01-25 20:07:34    626688    ----a-w-    c:\windows\snymsico.dll
2014-01-25 20:06:46    --------    d-----w-    c:\program files\Microsoft Synchronization Services
2014-01-25 20:05:58    --------    d-----w-    c:\windows\PCHEALTH
2014-01-25 20:05:58    --------    d-----w-    c:\program files\Microsoft SQL Server Compact Edition
2014-01-25 20:05:20    --------    d-----w-    c:\programdata\AVAST Software
2014-01-25 20:04:54    --------    d-----w-    c:\program files\Microsoft Visual Studio 8
2014-01-25 20:04:12    --------    d-----w-    c:\program files\Microsoft Analysis Services
2014-01-25 20:03:29    --------    d-----w-    c:\users\owner\appdata\local\Microsoft Help
2014-01-25 19:58:32    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-25 19:58:32    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2014-01-25 19:58:28    --------    d-----w-    c:\users\owner\appdata\local\Google
2014-01-25 19:58:03    217176    ----a-w-    c:\windows\system32\unrar.dll
2014-01-25 19:57:58    --------    d-----w-    c:\program files\K-Lite Codec Pack
2014-01-25 19:57:53    --------    d-----w-    c:\users\owner\appdata\local\Programs
2014-01-25 19:57:29    --------    d-----r-    c:\program files\Skype
2014-01-25 19:57:25    --------    d-sh--w-    c:\windows\Installer
2014-01-25 19:44:57    --------    d-----w-    c:\windows\Panther
2014-01-25 18:00:52    719720    ----a-w-    c:\windows\system32\WibuCm32.dll
2014-01-25 18:00:50    --------    d-----w-    c:\program files\CodeMeter
2014-01-25 16:32:18    --------    d-----w-    c:\users\owner\appdata\local\Diagnostics
2014-01-25 16:03:49    --------    d-----w-    c:\users\owner\appdata\roaming\TeraCopy
2014-01-25 16:03:32    --------    d-----w-    c:\program files\TeraCopy
2014-01-25 15:43:19    --------    d-----w-    c:\users\owner\appdata\roaming\R-TT
2014-01-25 15:23:13    209016    ----a-w-    c:\windows\system32\drivers\keyscrambler.sys
2014-01-25 15:23:08    --------    d-----w-    c:\program files\KeyScrambler
2014-01-25 14:15:18    --------    d-----w-    c:\users\owner\appdata\roaming\Hekasoft
2014-01-25 14:15:18    --------    d-----w-    c:\program files\Hekasoft Backup & Restore
2014-01-25 14:13:25    --------    d-----w-    c:\users\owner\appdata\roaming\MPC-HC
2014-01-25 13:38:13    5120    ----a-w-    c:\windows\system32\wmi.dll
2014-01-25 13:38:13    19824    ----a-w-    c:\windows\system32\drivers\fs_rec.sys
2014-01-25 13:35:48    --------    d-----w-    C:\Komku
2014-01-25 13:30:41    --------    d-----w-    c:\users\owner\appdata\roaming\Moonchild Productions
2014-01-25 13:30:41    --------    d-----w-    c:\users\owner\appdata\local\Moonchild Productions
2014-01-25 13:24:20    --------    d-----w-    c:\windows\system32\MRT
2014-01-25 13:20:21    49152    ----a-w-    c:\windows\system32\taskhost.exe
2014-01-25 13:15:49    --------    d-----w-    c:\program files\Everything
2014-01-25 13:15:43    1505280    ----a-w-    c:\windows\system32\d3d11.dll
2014-01-25 13:13:29    140288    ----a-w-    c:\windows\system32\cryptsvc.dll
2014-01-25 13:13:29    1168384    ----a-w-    c:\windows\system32\crypt32.dll
2014-01-25 13:13:29    103936    ----a-w-    c:\windows\system32\cryptnet.dll
2014-01-25 13:13:06    1620992    ----a-w-    c:\windows\system32\WMVDECOD.DLL
2014-01-25 13:13:04    175104    ----a-w-    c:\windows\system32\wintrust.dll
2014-01-25 13:12:32    47720    ----a-w-    c:\windows\system32\drivers\WdfLdr.sys
2014-01-25 13:12:31    9728    ----a-w-    c:\windows\system32\Wdfres.dll
2014-01-25 13:12:31    527064    ----a-w-    c:\windows\system32\drivers\Wdf01000.sys
2014-01-25 13:10:59    15872    ----a-w-    c:\windows\system32\sspisrv.dll
2014-01-25 13:09:58    163840    ----a-w-    c:\windows\system32\scrrun.dll
2014-01-25 13:08:57    31232    ----a-w-    c:\windows\system32\drivers\tssecsrv.sys
2014-01-25 13:08:55    78336    ----a-w-    c:\windows\system32\synceng.dll
2014-01-25 13:08:53    293376    ----a-w-    c:\windows\system32\umpnpmgr.dll
2014-01-25 13:08:51    690688    ----a-w-    c:\windows\system32\msvcrt.dll
2014-01-25 13:08:49    530432    ----a-w-    c:\windows\system32\comctl32.dll
2014-01-25 13:08:46    509440    ----a-w-    c:\windows\system32\qedit.dll
2014-01-25 13:08:43    81408    ----a-w-    c:\windows\system32\drivers\drmk.sys
2014-01-25 13:08:43    177152    ----a-w-    c:\windows\system32\drivers\portcls.sys
2014-01-25 13:08:41    159232    ----a-w-    c:\windows\system32\imagehlp.dll
2014-01-25 13:08:39    67072    ----a-w-    c:\windows\system32\packager.dll
2014-01-25 13:08:36    69632    ----a-w-    c:\windows\system32\drivers\bowser.sys
2014-01-25 13:08:33    102608    ----a-w-    c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-01-25 13:08:29    305152    ----a-w-    c:\windows\system32\gdi32.dll
2014-01-25 13:07:36    231584    ----a-w-    c:\windows\system32\MpSigStub.exe
2014-01-25 13:05:54    --------    d-----w-    c:\program files\Pale Moon
2014-01-25 12:59:07    --------    d-----w-    c:\program files\FastStone Capture
2014-01-25 12:57:37    47104    ----a-w-    c:\windows\system32\appinfo.dll
2014-01-25 12:57:37    101720    ----a-w-    c:\windows\system32\consent.exe
2014-01-25 12:52:03    --------    d-----w-    c:\users\owner\appdata\roaming\IDM
2014-01-25 12:52:03    --------    d-----w-    c:\programdata\IDM
2014-01-25 12:52:02    --------    d-----w-    c:\users\owner\appdata\roaming\DMCache
2014-01-25 12:51:40    --------    d-----w-    c:\program files\Internet Download Manager
2014-01-23 20:12:23    5044479    ----a-w-    c:\users\owner\appdata\local\Temp1.exe
2014-01-20 16:25:02    --------    d-----w-    c:\users\owner\appdata\local\IDM
2014-01-16 23:37:52    108000    ----a-w-    c:\windows\system32\drivers\idmwfp.sys
.
==================== Find3M  ====================
.
2014-01-30 22:33:03    1783056    ----a-w-    c:\windows\system32\WavesLib.dll
2014-01-30 22:32:59    91920    ----a-w-    c:\windows\system32\R4EEA32A.dll
2014-01-26 11:10:36    86016    ----a-w-    c:\windows\system32\iesysprep.dll
2014-01-25 19:59:33    499712    ----a-w-    c:\windows\system32\msvcp71.dll
2014-01-25 19:59:33    348160    ----a-w-    c:\windows\system32\msvcr71.dll
2013-11-27 01:14:25    258560    ----a-w-    c:\windows\system32\drivers\usbhub.sys
2013-11-27 01:13:46    284672    ----a-w-    c:\windows\system32\drivers\usbport.sys
2013-11-27 01:13:44    76288    ----a-w-    c:\windows\system32\drivers\usbccgp.sys
2013-11-27 01:13:41    43520    ----a-w-    c:\windows\system32\drivers\usbehci.sys
2013-11-27 01:13:36    24064    ----a-w-    c:\windows\system32\drivers\usbuhci.sys
2013-11-27 01:13:33    6016    ----a-w-    c:\windows\system32\drivers\usbd.sys
2013-11-26 11:11:29    240576    ----a-w-    c:\windows\system32\drivers\netio.sys
2013-11-26 10:10:21    2349056    ----a-w-    c:\windows\system32\win32k.sys
2013-11-26 09:23:02    2724864    ----a-w-    c:\windows\system32\mshtml.tlb
2013-11-26 09:22:11    4096    ----a-w-    c:\windows\system32\ieetwcollectorres.dll
2013-11-26 08:53:56    61952    ----a-w-    c:\windows\system32\iesetup.dll
2013-11-26 08:52:26    51200    ----a-w-    c:\windows\system32\ieetwproxystub.dll
2013-11-26 08:29:55    112128    ----a-w-    c:\windows\system32\ieUnatt.exe
2013-11-26 08:29:52    108032    ----a-w-    c:\windows\system32\ieetwcollector.exe
2013-11-26 08:28:16    553472    ----a-w-    c:\windows\system32\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    c:\windows\system32\jscript9.dll
2013-11-26 07:32:06    1928192    ----a-w-    c:\windows\system32\inetcpl.cpl
2013-11-26 06:33:33    1820160    ----a-w-    c:\windows\system32\wininet.dll
2013-11-23 18:26:20    417792    ----a-w-    c:\windows\system32\WMPhoto.dll
.
============= FINISH:  6:02:13.55 ===============
 

Link to post
Share on other sites

  • Root Admin

Hello and :welcome:

If you've not already done so please start here and post back the 2 log files DDS.txt and Attach.txt
If you've already posted the DDS logs then please read the following information below and post back the requested logs when ready.

General P2P/Piracy Warning:
 

 
If you're using
Peer 2 Peer
software such as
uTorrent, BitTorrent
or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have
illegal/cracked software, cracks, keygens etc
. on the system, please remove or uninstall them now and read the policy on
Piracy
.




Before we proceed further, please read all of the following instructions carefully.
If there is anything that you do not understand kindly ask before proceeding.
If needed please print out these instructions.
  • Please do not post logs using CODE, QUOTE, or FONT tags. Just paste them as direct text.
  • If the log is too large then you can use attachments by clicking on the More Reply Options button.
  • Please enable your system to show hidden files: How to see hidden files in Windows
  • Make sure you're subscribed to this topic:
    • Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

    [*]Removing malware can be unpredictable...It is unlikely but things can go very wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen drive [*]Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you. [*]The removal of malware is not instantaneous, please be patient. Often we are also on a different Time Zone. [*]Perform everything in the correct order. Sometimes one step requires the previous one. [*]If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue. [*]You can check here if you're not sure if your computer is 32-bit or 64-bit [*]Please disable your antivirus while running any requested scanners so that they do not interfere with the scanners. [*]When we are done, I'll give you instructions on how to cleanup all the tools and logs [*]Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that. [*]Your topic will be closed if you haven't replied within 3 days [*](If I have not responded within 24 hours, please send me a Private Message as a reminder)




STEP 0
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
so that your normal security software can then run and clean your computer of infections.
When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies
that stop us from using certain tools. When finished it will display a log file that shows the processes that were
terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot
your computer as any malware processes that are configured to start automatically will just be started again.
Instead, after running RKill you should immediately scan your computer using the requested scans I've included.

Please download Rkill by Grinler from one of the links below and save it to your desktop.


Link 2

  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.



STEP 01
Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder. [*]Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


STEP 02
Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

  • RogueKiller 32-bit | RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.


 

Link to post
Share on other sites

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Owner [Admin rights]
Mode : Scan -- Date : 02/11/2014 04:42:33
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


ÿþ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS543232L9SA00 ATA Device +++++
--- User ---
[MBR] 51e9b161a46610b9a3325646a8611490
[bSP] c13b4037915add0b6a95b4378466d3e9 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 152500 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 312526848 | Size: 152643 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_02112014_044233.txt >>



 

Link to post
Share on other sites

  • Root Admin

Nothing bad really shown there.

 

Please go ahead and run through the following steps and post back the logs when ready.

STEP 03
Please download Malwarebytes Anti-Rootkit from here

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

STEP 04
Please download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus



STEP 05
Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.


Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.


STEP 06
button_eos.gif

Please go here to run the online antivirus scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology

    [*]Click Scan [*]Wait for the scan to finish [*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.



STEP 07
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.


 

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.51.2
Run by Owner at 4:53:13 on 2014-02-11
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.2911.508 [GMT -8:00]
.
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
C:\Program Files\GLArab.com\Proxy\http_proxy.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\iolo\System Mechanic\iologovernor.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\KeyScrambler\KeyScrambler.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\FastStone Capture\FSCapture.exe
C:\Program Files\FastStone Capture\FSRecorder.exe
C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe
C:\Program Files\Pale Moon\palemoon.exe
C:\Program Files\Pale Moon\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_54.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_54.exe
C:\Windows\explorer.exe
C:\Users\Owner\Downloads\Programs\RogueKiller_2.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve



BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - c:\program files\internet download manager\IDMIECC.dll
BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - c:\program files\iobit\iobit uninstaller\UninstallExplorer32.dll
BHO: NoVooIT Class: {598AC71E-BE58-3981-B78A-5C138F423AD6} - c:\users\owner\appdata\roaming\volie\NoVooIT_32.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: BHOImpl Class: {E1499FE7-129D-4B6E-B681-DDF21E14172C} - c:\users\owner\documents\itools\plugin\iToolsBHO.dll
uRun: [iDMan] c:\program files\internet download manager\IDMan.exe /onboot
mRun: [KeyScrambler] c:\program files\keyscrambler\keyscrambler.exe /a
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
StartupFolder: c:\users\owner\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\users\owner\appdata\roaming\micros~1\windows\startm~1\programs\startup\paltalk.lnk - c:\program files\paltalk messenger\paltalk.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - c:\program files\paltalk messenger\Paltalk.exe
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{2775E7F5-4C15-4C52-AFC2-0AECC741DBEE} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: WSIEChrome - <Clsid value has no data>
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\owner\appdata\roaming\mozilla\firefox\profiles\1swvt7d3.default\
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\owner\documents\itools\plugin\npiTools.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1207148.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_54.dll
.
============= SERVICES / DRIVERS ===============
.
R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2014-2-8 26248]
R1 nm3;Microsoft Network Monitor 3 Driver;c:\windows\system32\drivers\nm3.sys [2010-6-9 39736]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\iobit\advanced systemcare 7\ASCService.exe [2014-1-30 881440]
R2 glarab_http_proxy;GLArab.com HTTP Proxy;c:\program files\glarab.com\proxy\http_proxy.exe [2012-12-20 2255984]
R2 hmip;hmip;c:\windows\system32\drivers\hmip.sys [2014-1-29 25448]
R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2014-1-16 108000]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2014-2-2 1168960]
R2 PDFsFilter;PDFsFilter;c:\windows\system32\drivers\PDFsFilter.sys [2014-2-2 68464]
R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [2014-1-25 209016]
R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2014-1-25 10752]
R3 SmbDrvI;SmbDrvI;c:\windows\system32\drivers\Smb_driver_Intel.sys [2014-1-30 27888]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
R4 KProcessHacker2;KProcessHacker2;c:\program files\process hacker 2\kprocesshacker.sys [2014-1-26 35992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\codemeter\runtime\bin\CodeMeter.exe [2014-1-25 3105144]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files\comodo\dragon\dragon_updater.exe [2014-1-28 2135232]
S2 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-1-26 108032]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 MDA_NTDRV;MDA_NTDRV;c:\windows\system32\MDA_NTDRV.sys [2013-2-25 18136]
S3 NETwNs32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETwNs32.sys [2014-1-30 7530736]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2014-1-28 14848]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2014-2-10 27192]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-20 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2014-1-28 24064]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2014-1-28 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2014-1-28 27136]
S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2014-1-26 1343400]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296]
S4 LiveUpdateSvc;LiveUpdate;c:\program files\iobit\liveupdate\LiveUpdate.exe [2014-1-30 2151200]
S4 Skype C2C Service;Skype C2C Service;"c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe" --> c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [?]
SUnknown mbamchameleon;mbamchameleon; [x]
.
=============== Created Last 30 ================
.
2014-02-11 09:44:01    --------    d-----w-    c:\program files\Microsoft Network Monitor 3
2014-02-11 04:39:44    --------    d-----w-    c:\windows\system32\catroot2
2014-02-11 02:23:51    --------    d-----w-    c:\windows\CheckSur
2014-02-11 01:45:54    --------    d-----w-    C:\_OTL
2014-02-10 22:08:57    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-02-10 21:51:18    --------    d-----w-    C:\New folder
2014-02-10 21:49:14    --------    d-----w-    c:\windows\system32\CATROOT2OLD
2014-02-10 21:48:59    --------    d-----w-    c:\program files\Panda Security
2014-02-10 12:37:13    --------    d-----w-    c:\users\owner\appdata\roaming\Paltalk
2014-02-10 12:37:07    --------    d-----w-    c:\program files\Paltalk Messenger
2014-02-10 12:15:54    --------    d-----w-    c:\windows\system32\wbem\repository
2014-02-10 12:12:49    --------    d-----w-    C:\RegBackup
2014-02-10 12:02:09    --------    d-----w-    C:\AdwCleaner
2014-02-10 11:58:56    --------    d-----w-    C:\TDSSKiller_Quarantine
2014-02-10 11:04:05    --------    d-----w-    c:\program files\common files\Microsoft
2014-02-10 11:04:05    --------    d-----w-    c:\program files\AdwareRemovalToolv3.7
2014-02-10 11:03:16    --------    d-----w-    c:\windows\ERUNT
2014-02-10 10:23:55    --------    d-----w-    c:\users\owner\appdata\local\VS Revo Group
2014-02-10 10:23:49    27192    ----a-w-    c:\windows\system32\drivers\revoflt.sys
2014-02-10 10:23:49    --------    d-----w-    c:\programdata\VS Revo Group
2014-02-09 22:23:50    --------    d-----w-    c:\program files\MozBackup
2014-02-09 06:39:34    --------    d-----w-    c:\program files\Tweaking.com
2014-02-08 08:40:36    26248    ----a-w-    c:\windows\system32\drivers\ElRawDsk.sys
2014-02-08 08:28:38    410784    ----a-w-    c:\windows\system32\drivers\gjfrjteg.sys
2014-02-07 22:52:09    --------    d-----w-    c:\users\owner\appdata\roaming\WindSolutions
2014-02-07 22:31:58    --------    d-----w-    c:\programdata\WindSolutions
2014-02-07 11:35:21    410784    ----a-w-    c:\windows\system32\drivers\avkjrmmr.sys
2014-02-07 11:32:11    410784    ----a-w-    c:\windows\system32\drivers\tqjmaywk.sys
2014-02-07 05:13:42    --------    d-----w-    c:\users\owner\appdata\roaming\Wondershare
2014-02-06 14:41:11    --------    d-----w-    c:\users\owner\appdata\local\Wondershare
2014-02-06 14:41:08    --------    d-----w-    c:\program files\common files\Wondershare
2014-02-06 14:37:18    --------    d-----w-    c:\programdata\Wondershare Player
2014-02-06 14:37:18    --------    d-----w-    c:\program files\Wondershare
2014-02-05 02:58:04    --------    d-----w-    C:\EEK
2014-02-04 12:37:39    --------    d-----w-    c:\program files\SimilarProducts
2014-02-03 04:28:44    --------    d-----w-    c:\windows\onhax-temp
2014-02-03 04:28:34    --------    d-----w-    c:\users\owner\appdata\roaming\VolIE
2014-02-03 04:28:32    --------    d-----w-    c:\users\owner\appdata\roaming\ARHome
2014-02-03 04:27:14    --------    d-----w-    c:\users\owner\.android
2014-02-03 04:27:12    --------    d-----w-    c:\users\owner\appdata\local\cache
2014-02-03 04:27:10    --------    d-----w-    c:\users\owner\appdata\roaming\newnext.me
2014-02-03 04:13:06    3955200    ----a-w-    C:\SystemGuardAlerter.exe
2014-02-03 04:13:06    266752    ----a-w-    C:\GvrMgr.dll
2014-02-03 04:11:49    2097984    ----a-w-    c:\windows\system32\Incinerator32.dll
2014-02-03 04:11:48    68464    ----a-w-    c:\windows\system32\drivers\PDFsFilter.sys
2014-02-03 04:11:48    41616    ----a-w-    c:\windows\system32\iolobtdfg.exe
2014-02-03 04:11:48    23568    ----a-w-    c:\windows\system32\smrgdf.exe
2014-02-03 04:11:48    --------    d-----w-    c:\programdata\ioloGovernor
2014-02-03 04:11:45    56200    ----a-w-    c:\windows\system32\offreg.dll
2014-02-03 04:11:45    --------    d-----w-    c:\users\owner\appdata\roaming\ioloGovernor
2014-02-03 04:11:44    --------    d-----w-    c:\program files\iolo
2014-02-03 04:10:40    74703    ----a-w-    c:\windows\system32\mfc45.dat
2014-02-03 04:10:38    --------    d-----w-    c:\users\owner\appdata\roaming\iolo
2014-02-03 04:10:38    --------    d-----w-    c:\programdata\iolo
2014-02-02 09:55:05    --------    d-----w-    c:\programdata\TamoSoft
2014-02-02 05:41:20    --------    d-----w-    c:\users\owner\appdata\local\Comodo
2014-02-02 05:41:16    48392    ----a-w-    c:\windows\system32\certsentry.dll
2014-02-02 05:41:07    --------    d-----w-    c:\program files\Comodo
2014-02-02 05:38:16    1700352    ----a-w-    c:\windows\system32\gdiplus.dll
2014-02-02 05:38:16    1060864    ----a-w-    c:\windows\system32\mfc71.dll
2014-01-31 17:36:38    --------    d-----w-    c:\users\owner\appdata\local\Opera
2014-01-30 22:41:42    7530736    ----a-w-    c:\windows\system32\drivers\NETwNs32.sys
2014-01-30 22:41:42    690928    ----a-w-    c:\windows\system32\NETwNc32.dll
2014-01-30 22:41:42    2767600    ----a-w-    c:\windows\system32\NETwNr32.dll
2014-01-30 22:41:27    --------    d-----w-    c:\program files\Synaptics
2014-01-30 22:41:20    1629040    ----a-w-    c:\windows\system32\WdfCoInstaller01011.dll
2014-01-30 22:41:14    27888    ----a-w-    c:\windows\system32\drivers\Smb_driver_Intel.sys
2014-01-30 22:34:19    --------    d-----w-    c:\windows\system32\RTCOM
2014-01-30 22:34:19    --------    d-----w-    c:\program files\Realtek
2014-01-30 22:32:59    926976    ----a-w-    c:\windows\system32\MaxxSpeechAPO.dll
2014-01-30 22:27:17    24384    ----a-w-    c:\windows\system32\RegistryDefragBootTime.exe
2014-01-30 22:06:11    --------    d-----w-    c:\programdata\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-30 22:05:45    --------    d-----w-    c:\programdata\ProductData
2014-01-30 22:03:10    --------    d-----w-    c:\users\owner\appdata\roaming\IObit
2014-01-30 22:02:38    --------    d-----w-    c:\programdata\IObit
2014-01-30 22:02:38    --------    d-----w-    c:\program files\IObit
2014-01-29 18:57:49    --------    d-----w-    c:\program files\ColorSoft
2014-01-29 17:13:58    25448    ----a-w-    c:\windows\system32\drivers\hmip.sys
2014-01-29 10:00:37    --------    d-----w-    c:\program files\VS Revo Group
2014-01-29 09:34:45    --------    d-----w-    c:\users\owner\appdata\local\ElevatedDiagnostics
2014-01-28 21:10:20    98304    ----a-w-    c:\windows\system32\bsreffs.dll
2014-01-28 21:10:20    90112    ----a-w-    c:\windows\system32\bsrlback.dll
2014-01-28 21:10:20    --------    d-----w-    c:\users\owner\appdata\local\Bulents
2014-01-28 21:10:19    81920    ----a-w-    c:\windows\system32\bsrgvas.dll
2014-01-28 21:10:19    692224    ----a-w-    c:\windows\system32\bsrmgcv.dll
2014-01-28 21:10:19    192512    ----a-w-    c:\windows\system32\bsrmgps.dll
2014-01-28 21:08:40    585728    ----a-w-    c:\windows\system32\bsratswf.dll
2014-01-28 21:08:40    147456    ----a-w-    c:\windows\system32\bsratwmv.dll
2014-01-28 21:08:39    --------    d-----w-    c:\program files\BSR Screen Recorder 6
2014-01-28 16:31:19    --------    d-----w-    c:\users\owner\appdata\roaming\iFunBox.NXGen
2014-01-28 16:29:19    --------    d-----w-    c:\users\owner\appdata\local\Apple Computer
2014-01-28 16:27:13    --------    d-----w-    c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-01-28 16:26:03    --------    d-----w-    c:\users\owner\appdata\local\Apple
2014-01-28 15:10:28    --------    d-----w-    c:\program files\iFunbox 2014
2014-01-28 12:35:53    --------    d-----w-    c:\windows\fr-FR
2014-01-28 12:35:50    --------    d-----w-    c:\windows\ar-SA
2014-01-28 12:35:46    --------    d-----w-    c:\windows\system32\XPSViewer
2014-01-28 12:35:46    --------    d-----w-    c:\windows\system32\fr
2014-01-28 12:35:46    --------    d-----w-    c:\windows\system32\drivers\umdf\fr-FR
2014-01-28 12:35:46    --------    d-----w-    c:\windows\system32\drivers\umdf\ar-SA
2014-01-28 12:35:46    --------    d-----w-    c:\windows\system32\drivers\fr-FR
2014-01-28 12:35:46    --------    d-----w-    c:\windows\system32\drivers\ar-SA
2014-01-28 12:35:46    --------    d-----w-    c:\windows\system32\ar
2014-01-28 12:35:46    --------    d-----w-    c:\windows\system32\040C
2014-01-28 12:35:28    --------    d-----w-    c:\windows\system32\wbem\fr-FR
2014-01-28 12:35:26    --------    d-----w-    c:\windows\system32\wbem\ar-SA
2014-01-28 12:29:47    3584    ----a-w-    c:\windows\system32\spool\prtprocs\w32x86\ar-sa\LXKPTPRC.DLL.mui
2014-01-28 12:26:27    --------    d-----w-    C:\Intel
2014-01-28 12:22:15    514560    ----a-w-    c:\windows\system32\qdvd.dll
2014-01-28 12:06:58    --------    d-----w-    c:\windows\Migration
2014-01-28 10:53:23    --------    d-----w-    c:\users\owner\appdata\roaming\Runscanner.net
2014-01-28 10:23:53    --------    d-----w-    c:\program files\NirSoft
2014-01-27 15:28:34    --------    d-----w-    c:\windows\pss
2014-01-27 00:46:40    --------    d-----w-    C:\wifidata
2014-01-26 23:46:03    --------    d-----w-    c:\programdata\Oracle
2014-01-26 23:45:38    94632    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2014-01-26 23:36:49    --------    d-----w-    c:\program files\VideoLAN
2014-01-26 23:35:21    --------    d-----w-    c:\windows\system32\Adobe
2014-01-26 19:53:57    317440    ----a-w-    c:\windows\system32\spoolsv.exe
2014-01-26 19:53:56    2616320    ----a-w-    c:\windows\explorer.exe
2014-01-26 15:57:11    --------    d-----w-    c:\users\owner\appdata\roaming\QFX Software
2014-01-26 15:57:11    --------    d-----w-    c:\programdata\QFX Software
2014-01-26 15:52:26    --------    d-----w-    c:\windows\system32\Wat
2014-01-26 12:16:09    --------    d-----w-    c:\users\owner\appdata\roaming\Process Hacker 2
2014-01-26 12:14:27    --------    d-----w-    c:\program files\Process Hacker 2
2014-01-26 11:19:29    66560    ----a-w-    c:\windows\system32\drivers\WUDFPf.sys
2014-01-26 11:19:29    155136    ----a-w-    c:\windows\system32\drivers\WUDFRd.sys
2014-01-26 11:19:28    73216    ----a-w-    c:\windows\system32\WUDFSvc.dll
2014-01-26 11:19:27    172032    ----a-w-    c:\windows\system32\WUDFPlatform.dll
2014-01-26 11:19:24    38912    ----a-w-    c:\windows\system32\WUDFCoinstaller.dll
2014-01-26 11:19:24    196608    ----a-w-    c:\windows\system32\WUDFHost.exe
2014-01-26 11:19:23    613888    ----a-w-    c:\windows\system32\WUDFx.dll
2014-01-26 11:12:33    12625408    ----a-w-    c:\windows\system32\wmploc.DLL
2014-01-26 11:12:32    164864    ----a-w-    c:\program files\windows media player\wmplayer.exe
2014-01-26 11:09:18    640512    ----a-w-    c:\windows\system32\advapi32.dll
2014-01-26 11:09:18    619520    ----a-w-    c:\windows\system32\tdh.dll
2014-01-26 11:09:18    3969472    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2014-01-26 11:09:18    3914176    ----a-w-    c:\windows\system32\ntoskrnl.exe
2014-01-26 11:09:18    1289096    ----a-w-    c:\windows\system32\ntdll.dll
2014-01-26 11:09:08    338944    ----a-w-    c:\windows\system32\drivers\afd.sys
2014-01-26 11:09:08    231424    ----a-w-    c:\windows\system32\mswsock.dll
2014-01-26 11:09:08    1294272    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2014-01-26 11:07:55    --------    d-----w-    c:\program files\CCleaner
2014-01-26 09:18:11    --------    d-----w-    c:\programdata\FastStone
2014-01-26 09:07:45    427520    ----a-w-    c:\windows\system32\SearchIndexer.exe
2014-01-26 09:02:06    --------    d-----w-    c:\program files\Macrorit
2014-01-26 08:59:24    --------    d-----w-    c:\programdata\CodeMeter
2014-01-25 23:46:55    --------    d-----w-    c:\users\owner\appdata\local\Macromedia
2014-01-25 23:45:38    2422272    ----a-w-    c:\windows\system32\wucltux.dll
2014-01-25 23:45:30    88576    ----a-w-    c:\windows\system32\wudriver.dll
2014-01-25 23:45:21    33792    ----a-w-    c:\windows\system32\wuapp.exe
2014-01-25 23:45:21    171904    ----a-w-    c:\windows\system32\wuwebv.dll
2014-01-25 23:44:05    --------    d-----w-    c:\users\owner\appdata\local\Mozilla
2014-01-25 23:06:56    --------    d-----w-    c:\users\owner\appdata\local\TechSmith
2014-01-25 23:01:42    --------    d-----w-    c:\users\owner\appdata\roaming\TechSmith
2014-01-25 22:17:38    --------    d-----w-    c:\program files\GLArab.com
2014-01-25 21:22:06    60416    ----a-w-    c:\windows\system32\drivers\BTHUSB.SYS
2014-01-25 21:15:43    --------    d-----w-    c:\users\owner\appdata\local\Adobe
2014-01-25 21:15:17    --------    d-----w-    c:\users\owner\appdata\local\CrashDumps
2014-01-25 21:12:10    --------    d-----w-    c:\programdata\regid.1995-08.com.techsmith
2014-01-25 21:11:13    --------    d-----w-    c:\program files\common files\TechSmith Shared
2014-01-25 20:17:30    --------    d-----w-    c:\users\owner\appdata\roaming\FastStone
2014-01-25 20:17:30    --------    d-----w-    c:\users\owner\appdata\local\FastStone
2014-01-25 20:08:08    10752    ----a-w-    c:\windows\system32\drivers\SFEP.sys
2014-01-25 20:07:36    69120    ----a-w-    c:\windows\system32\drivers\rimsptsk.sys
2014-01-25 20:07:34    626688    ----a-w-    c:\windows\snymsico.dll
2014-01-25 20:06:46    --------    d-----w-    c:\program files\Microsoft Synchronization Services
2014-01-25 20:05:58    --------    d-----w-    c:\windows\PCHEALTH
2014-01-25 20:05:58    --------    d-----w-    c:\program files\Microsoft SQL Server Compact Edition
2014-01-25 20:05:20    --------    d-----w-    c:\programdata\AVAST Software
2014-01-25 20:04:54    --------    d-----w-    c:\program files\Microsoft Visual Studio 8
2014-01-25 20:04:12    --------    d-----w-    c:\program files\Microsoft Analysis Services
2014-01-25 20:03:29    --------    d-----w-    c:\users\owner\appdata\local\Microsoft Help
2014-01-25 19:59:41    --------    d-----w-    c:\program files\Mozilla Maintenance Service
2014-01-25 19:58:32    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-25 19:58:32    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2014-01-25 19:58:28    --------    d-----w-    c:\users\owner\appdata\local\Google
2014-01-25 19:58:03    217176    ----a-w-    c:\windows\system32\unrar.dll
2014-01-25 19:57:58    --------    d-----w-    c:\program files\K-Lite Codec Pack
2014-01-25 19:57:53    --------    d-----w-    c:\users\owner\appdata\local\Programs
2014-01-25 19:57:25    --------    d-sh--w-    c:\windows\Installer
2014-01-25 19:44:57    --------    d-----w-    c:\windows\Panther
2014-01-25 18:00:52    719720    ----a-w-    c:\windows\system32\WibuCm32.dll
2014-01-25 18:00:50    --------    d-----w-    c:\program files\CodeMeter
2014-01-25 16:32:18    --------    d-----w-    c:\users\owner\appdata\local\Diagnostics
2014-01-25 16:03:49    --------    d-----w-    c:\users\owner\appdata\roaming\TeraCopy
2014-01-25 16:03:32    --------    d-----w-    c:\program files\TeraCopy
2014-01-25 15:43:19    --------    d-----w-    c:\users\owner\appdata\roaming\R-TT
2014-01-25 15:23:13    209016    ----a-w-    c:\windows\system32\drivers\keyscrambler.sys
2014-01-25 15:23:08    --------    d-----w-    c:\program files\KeyScrambler
2014-01-25 14:15:18    --------    d-----w-    c:\users\owner\appdata\roaming\Hekasoft
2014-01-25 14:15:18    --------    d-----w-    c:\program files\Hekasoft Backup & Restore
2014-01-25 14:13:25    --------    d-----w-    c:\users\owner\appdata\roaming\MPC-HC
2014-01-25 13:38:13    5120    ----a-w-    c:\windows\system32\wmi.dll
2014-01-25 13:38:13    19824    ----a-w-    c:\windows\system32\drivers\fs_rec.sys
2014-01-25 13:35:48    --------    d-----w-    C:\Komku
2014-01-25 13:30:41    --------    d-----w-    c:\users\owner\appdata\roaming\Moonchild Productions
2014-01-25 13:30:41    --------    d-----w-    c:\users\owner\appdata\local\Moonchild Productions
2014-01-25 13:24:20    --------    d-----w-    c:\windows\system32\MRT
2014-01-25 13:20:21    49152    ----a-w-    c:\windows\system32\taskhost.exe
2014-01-25 13:15:49    --------    d-----w-    c:\program files\Everything
2014-01-25 13:15:43    1505280    ----a-w-    c:\windows\system32\d3d11.dll
2014-01-25 13:13:29    140288    ----a-w-    c:\windows\system32\cryptsvc.dll
2014-01-25 13:13:29    1168384    ----a-w-    c:\windows\system32\crypt32.dll
2014-01-25 13:13:29    103936    ----a-w-    c:\windows\system32\cryptnet.dll
2014-01-25 13:13:06    1620992    ----a-w-    c:\windows\system32\WMVDECOD.DLL
2014-01-25 13:13:04    175104    ----a-w-    c:\windows\system32\wintrust.dll
2014-01-25 13:12:32    47720    ----a-w-    c:\windows\system32\drivers\WdfLdr.sys
2014-01-25 13:12:31    9728    ----a-w-    c:\windows\system32\Wdfres.dll
2014-01-25 13:12:31    527064    ----a-w-    c:\windows\system32\drivers\Wdf01000.sys
2014-01-25 13:10:59    15872    ----a-w-    c:\windows\system32\sspisrv.dll
2014-01-25 13:09:58    163840    ----a-w-    c:\windows\system32\scrrun.dll
2014-01-25 13:08:57    31232    ----a-w-    c:\windows\system32\drivers\tssecsrv.sys
2014-01-25 13:08:55    78336    ----a-w-    c:\windows\system32\synceng.dll
2014-01-25 13:08:53    293376    ----a-w-    c:\windows\system32\umpnpmgr.dll
2014-01-25 13:08:51    690688    ----a-w-    c:\windows\system32\msvcrt.dll
2014-01-25 13:08:49    530432    ----a-w-    c:\windows\system32\comctl32.dll
2014-01-25 13:08:46    509440    ----a-w-    c:\windows\system32\qedit.dll
2014-01-25 13:08:43    81408    ----a-w-    c:\windows\system32\drivers\drmk.sys
2014-01-25 13:08:43    177152    ----a-w-    c:\windows\system32\drivers\portcls.sys
2014-01-25 13:08:41    159232    ----a-w-    c:\windows\system32\imagehlp.dll
2014-01-25 13:08:39    67072    ----a-w-    c:\windows\system32\packager.dll
2014-01-25 13:08:36    69632    ----a-w-    c:\windows\system32\drivers\bowser.sys
2014-01-25 13:08:33    102608    ----a-w-    c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-01-25 13:08:29    305152    ----a-w-    c:\windows\system32\gdi32.dll
2014-01-25 13:07:36    231584    ----a-w-    c:\windows\system32\MpSigStub.exe
2014-01-25 13:05:54    --------    d-----w-    c:\program files\Pale Moon
2014-01-25 12:59:07    --------    d-----w-    c:\program files\FastStone Capture
2014-01-25 12:57:37    47104    ----a-w-    c:\windows\system32\appinfo.dll
2014-01-25 12:57:37    101720    ----a-w-    c:\windows\system32\consent.exe
2014-01-25 12:52:03    --------    d-----w-    c:\users\owner\appdata\roaming\IDM
2014-01-25 12:52:03    --------    d-----w-    c:\programdata\IDM
2014-01-25 12:52:02    --------    d-----w-    c:\users\owner\appdata\roaming\DMCache
2014-01-25 12:51:40    --------    d-----w-    c:\program files\Internet Download Manager
2014-01-23 20:12:23    5044479    ----a-w-    c:\users\owner\appdata\local\Temp1.exe
2014-01-20 16:25:02    --------    d-----w-    c:\users\owner\appdata\local\IDM
2014-01-16 23:37:52    108000    ----a-w-    c:\windows\system32\drivers\idmwfp.sys
.
==================== Find3M  ====================
.
2014-01-30 22:33:03    1783056    ----a-w-    c:\windows\system32\WavesLib.dll
2014-01-30 22:32:59    91920    ----a-w-    c:\windows\system32\R4EEA32A.dll
2014-01-26 11:10:36    86016    ----a-w-    c:\windows\system32\iesysprep.dll
2014-01-25 13:17:55    9728    ---ha-w-    c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-27 01:14:25    258560    ----a-w-    c:\windows\system32\drivers\usbhub.sys
2013-11-27 01:13:46    284672    ----a-w-    c:\windows\system32\drivers\usbport.sys
2013-11-27 01:13:44    76288    ----a-w-    c:\windows\system32\drivers\usbccgp.sys
2013-11-27 01:13:41    43520    ----a-w-    c:\windows\system32\drivers\usbehci.sys
2013-11-27 01:13:36    24064    ----a-w-    c:\windows\system32\drivers\usbuhci.sys
2013-11-27 01:13:33    6016    ----a-w-    c:\windows\system32\drivers\usbd.sys
2013-11-26 11:11:29    240576    ----a-w-    c:\windows\system32\drivers\netio.sys
2013-11-26 10:10:21    2349056    ----a-w-    c:\windows\system32\win32k.sys
2013-11-26 09:23:02    2724864    ----a-w-    c:\windows\system32\mshtml.tlb
2013-11-26 09:22:11    4096    ----a-w-    c:\windows\system32\ieetwcollectorres.dll
2013-11-26 08:53:56    61952    ----a-w-    c:\windows\system32\iesetup.dll
2013-11-26 08:52:26    51200    ----a-w-    c:\windows\system32\ieetwproxystub.dll
2013-11-26 08:29:55    112128    ----a-w-    c:\windows\system32\ieUnatt.exe
2013-11-26 08:29:52    108032    ----a-w-    c:\windows\system32\ieetwcollector.exe
2013-11-26 08:28:16    553472    ----a-w-    c:\windows\system32\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    c:\windows\system32\jscript9.dll
2013-11-26 07:32:06    1928192    ----a-w-    c:\windows\system32\inetcpl.cpl
2013-11-26 06:33:33    1820160    ----a-w-    c:\windows\system32\wininet.dll
2013-11-23 18:26:20    417792    ----a-w-    c:\windows\system32\WMPhoto.dll
.
============= FINISH:  4:54:01.84 ===============
 

Link to post
Share on other sites

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 25-Jan-14 11:51:37 AM
System Uptime: 10-Feb-14 10:27:05 PM (6 hours ago)
.
Motherboard: Sony Corporation |  | VAIO
Processor: Intel® Core2 Duo CPU     P8700  @ 2.53GHz | N/A | 2508/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 40.74 GiB free.
D: is FIXED (NTFS) - 149 GiB total, 5.039 GiB free.
E: is CDROM ()
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: R5C592
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_RIMSPTSK#DISK&VEN_RICOH&PROD_MEMORYSTICKSTORAGE&REV_1.00#MS0001#
Manufacturer: Microsoft
Name: G:\
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_RIMSPTSK#DISK&VEN_RICOH&PROD_MEMORYSTICKSTORAGE&REV_1.00#MS0001#
Service: WUDFRd
.
==== System Restore Points ===================
.
RP54: 08-Feb-14 1:23:31 PM - Revo Uninstaller's restore point - Software Version Updater
RP56: 08-Feb-14 1:24:51 PM - Revo Uninstaller's restore point - Smart Leech version 1.0.0 Beta
RP58: 08-Feb-14 1:25:52 PM - Revo Uninstaller's restore point - SimilarProducts
RP60: 08-Feb-14 1:28:05 PM - Revo Uninstaller's restore point - FilesFrog Update Checker
RP62: 08-Feb-14 1:29:13 PM - Revo Uninstaller's restore point - ARHome
RP64: 08-Feb-14 1:30:08 PM - Revo Uninstaller's restore point - Hide My IP 5.4
RP66: 08-Feb-14 1:30:53 PM - Revo Uninstaller's restore point - Skype Click to Call
RP68: 08-Feb-14 1:34:00 PM - Revo Uninstaller's restore point - MyTube version 3.0.0.0
RP70: 10-Feb-14 1:46:11 AM - Revo Uninstaller's restore point - Paltalk Messenger  11.3
RP72: 10-Feb-14 2:26:22 AM - Revo Uninstaller Pro's restore point - avast! Antivirus
RP73: 10-Feb-14 2:53:17 AM - Removed Rasputin
RP74: 10-Feb-14 4:12:29 AM - Tweaking.com - Windows Repair
RP75: 10-Feb-14 6:23:22 PM - Windows Update
RP76: 11-Feb-14 12:58:21 AM - Removed Skype™ 6.10
RP77: 11-Feb-14 1:43:25 AM - Installed Microsoft Network Monitor 3.4
RP78: 11-Feb-14 1:44:30 AM - Installed Microsoft Network Monitor: NetworkMonitor Parsers 3.4
.
==== Installed Programs ======================
.
Active@ File Recovery 12
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader X (10.1.9)
Adobe Shockwave Player 12.0
Advanced SystemCare 7
Aomei Ntfs2Fat32 Pro Edition 2.0
BSR Screen Recorder 6
Camtasia Studio 8
CCleaner
Comodo Dragon
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Driver Booster
EaseUS Data Recovery Wizard 7.0
ERUNT 1.1j
Everything 1.2.1.371
FastStone Capture 7.6
GLArab.com HTTP Proxy
Google Chrome
Hekasoft Backup & Restore 0.32
iFunBox 2014 (v3.1.562.425), iFunbox DevTeam
Intel® Graphics Media Accelerator Driver
Internet Download Manager
IObit Uninstaller
iolo technologies' System Mechanic
Java 7 Update 51
Java Auto Updater
K-Lite Codec Pack 10.1.0 Full
KeyScrambler
Microsoft .NET Framework 4.5.1
Microsoft Network Monitor 3.4
Microsoft Network Monitor: NetworkMonitor Parsers 3.4
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
MozBackup 1.5.1
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
NirSoft BlueScreenView
Opera 12.16
Pale Moon 24.2.2 (x86 en-US)
Paltalk Messenger  11.3
Panda Cloud Cleaner
Process Hacker 2.33 (r5590)
Realtek High Definition Audio Driver
Recover My Files
Revo Uninstaller Pro 3.0.8
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2863902) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
TeraCopy 2.3
Tweaking.com - Windows Repair (All in One)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
VLC media player 2.1.2
WinRAR 4.00 (32-bit)
Wondershare MobileTrans ( Version 3.5.1 )
.
==== Event Viewer Messages From Past Week ========
.
11-Feb-14 3:19:21 AM, Error: Service Control Manager [7023]  - The Function Discovery Resource Publication service terminated with the following error:  %%-2147014874
11-Feb-14 3:19:21 AM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:  %%-2147014874
11-Feb-14 1:00:48 AM, Error: Service Control Manager [7034]  - The Skype C2C Service service terminated unexpectedly.  It has done this 1 time(s).
10-Feb-14 4:24:18 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:  An instance of the service is already running.
10-Feb-14 4:23:48 AM, Error: Service Control Manager [7031]  - The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
10-Feb-14 4:23:48 AM, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
10-Feb-14 4:23:46 AM, Error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error %%-1073473535.
10-Feb-14 4:16:08 AM, Error: Service Control Manager [7031]  - The Update Surftastic service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
10-Feb-14 4:16:01 AM, Error: Service Control Manager [7031]  - The Util Surftastic service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
10-Feb-14 10:27:10 PM, Error: volmgr [46]  - Crash dump initialization failed!
.
==== End Of File ===========================
 

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-02-2014 01
Ran by Owner at 2014-02-11 05:03:25
Running from C:\Users\Owner\Downloads\Programs
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

Active@ File Recovery 12 (Version: 12 - LSoft Technologies Inc)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.54 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (Version: 12.0.0.54 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (Version: 12.0.7.148 - Adobe Systems, Inc.)
Advanced SystemCare 7 (Version: 7.1.0 - IObit)
Aomei Ntfs2Fat32 Pro Edition 2.0 (Version:  - Aomei Technology Co., Ltd)
BSR Screen Recorder 6 (Version:  - )
Camtasia Studio 8 (Version: 8.2.1.1423 - TechSmith Corporation)
CCleaner (Version: 4.10 - Piriform)
Comodo Dragon (Version: 31.1.0.0 - COMODO)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (Version:  - Microsoft)
Driver Booster (Version: 1.2 - IObit)
EaseUS Data Recovery Wizard 7.0 (Version:  - EaseUS)
ERUNT 1.1j (Version:  - Lars Hederer)
Everything 1.2.1.371 (Version:  - )
FastStone Capture 7.6 (Version: 7.6 - FastStone Soft)
GLArab.com HTTP Proxy (Version: 1.6.0.10628 - GLArab.com)
Google Chrome (HKCU Version: 30.0.1599.101 - Google Inc.)
Hekasoft Backup & Restore 0.32 (Version: 0.32 - Hekasoft)
iFunBox 2014 (v3.1.562.425), iFunbox DevTeam (Version: v3.1.562.425 - )
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2869 - Intel Corporation)
Internet Download Manager (Version:  - Tonec Inc.)
IObit Uninstaller (Version: 3.0.5.1228 - IObit)
iolo technologies' System Mechanic (Version: 12.5.0 - iolo technologies, LLC)
Java 7 Update 51 (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
KeyScrambler (Version: 3.3.0.0 - QFX Software Corporation)
K-Lite Codec Pack 10.1.0 Full (Version: 10.1.0 - )
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Network Monitor 3.4 (Version: 3.4.2350.0 - Microsoft Corporation)
Microsoft Network Monitor: NetworkMonitor Parsers 3.4 (Version: 3.4.2350.0 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
MozBackup 1.5.1 (Version:  - Pavel Cvrcek)
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
NirSoft BlueScreenView (Version:  - )
Opera 12.16 (Version: 12.16.1860 - Opera Software ASA)
Pale Moon 24.2.2 (x86 en-US) (Version: 24.2.2 - Mozilla)
Paltalk Messenger  11.3 (Version: 11.3.0 - AVM Software Inc.)
Panda Cloud Cleaner (Version: 1.0.96 - Panda Security)
Process Hacker 2.33 (r5590) (Version: 2.33.0.5590 - wj32)
Realtek High Definition Audio Driver (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
Recover My Files (Version: 5.2.1.1964 - GetData Pty Ltd)
Revo Uninstaller Pro 3.0.8 (Version: 3.0.8 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
TeraCopy 2.3 (Version:  - Code Sector)
Tweaking.com - Windows Repair (All in One) (Version: 2.2.1 - Tweaking.com)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (Version:  - Microsoft)
VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN)
WinRAR 4.00 (32-bit) (Version: 4.00.0 - win.rar GmbH)
Wondershare MobileTrans ( Version 3.5.1 ) (Version: 3.5.1 - Wondershare)

==================== Restore Points  =========================

08-02-2014 21:23:31 Revo Uninstaller's restore point - Software Version Updater
08-02-2014 21:24:51 Revo Uninstaller's restore point - Smart Leech version 1.0.0 Beta
08-02-2014 21:25:52 Revo Uninstaller's restore point - SimilarProducts
08-02-2014 21:28:05 Revo Uninstaller's restore point - FilesFrog Update Checker
08-02-2014 21:29:13 Revo Uninstaller's restore point - ARHome
08-02-2014 21:30:08 Revo Uninstaller's restore point - Hide My IP 5.4
08-02-2014 21:30:53 Revo Uninstaller's restore point - Skype Click to Call
08-02-2014 21:34:00 Revo Uninstaller's restore point - MyTube version 3.0.0.0
10-02-2014 09:46:11 Revo Uninstaller's restore point - Paltalk Messenger  11.3
10-02-2014 10:26:22 Revo Uninstaller Pro's restore point - avast! Antivirus
10-02-2014 10:53:17 Removed Rasputin
10-02-2014 12:12:29 Tweaking.com - Windows Repair
11-02-2014 02:23:22 Windows Update
11-02-2014 08:58:21 Removed Skype™ 6.10
11-02-2014 09:43:25 Installed Microsoft Network Monitor 3.4
11-02-2014 09:44:30 Installed Microsoft Network Monitor: NetworkMonitor Parsers 3.4

==================== Hosts content: ==========================

2009-07-13 18:04 - 2014-02-10 17:45 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {148D46B1-43DF-4779-9481-F11D46CE9FE3} - System32\Tasks\Driver Booster Update => C:\Program Files\IObit\Driver Booster\AutoUpdate.exe [2014-01-07] (IObit)
Task: {6252C97E-E730-48C9-8AC5-4AB237F45617} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-25] (Adobe Systems Incorporated)
Task: {7B56CA88-66C9-4502-B267-5D52FB27E427} - System32\Tasks\ASC7_SkipUac_Owner => C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe [2014-01-08] (IObit)
Task: {7E7C0F9F-918B-4F91-8E0D-26516BE40FB8} - System32\Tasks\Driver Booster Scan => C:\Program Files\IObit\Driver Booster\Scheduler.exe [2014-01-10] (IObit)
Task: {93224837-DE8F-4955-BCE0-8CEB25532934} - System32\Tasks\iolo Process Governor => C:\Program Files\iolo\System Mechanic\iologovernor.exe [2013-12-03] (iolo technologies, LLC)
Task: {F0F52F69-0F0A-4DD3-A2E0-1C2044EEA809} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {FB773F72-9E26-4BC1-B3A8-44FA80E52AF9} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe [2013-12-03] (IObit)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Driver Booster Update.job => C:\Program Files\IObit\Driver Booster\AutoUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-01-25 12:00 - 2011-03-02 12:40 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2014-01-25 08:03 - 2012-01-29 16:54 - 00408576 _____ () C:\Program Files\TeraCopy\TeraCopy.dll
2014-01-25 08:03 - 2012-01-20 14:55 - 00427520 _____ () C:\Program Files\TeraCopy\TeraCopyExt.dll
2014-01-30 14:05 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files\IObit\Advanced SystemCare 7\webres.dll
2013-07-26 12:51 - 2013-07-26 12:51 - 01274880 _____ () C:\Program Files\FastStone Capture\FSRecorder.exe
2014-01-30 14:05 - 2013-12-02 19:06 - 01281312 _____ () C:\Program Files\IObit\Advanced SystemCare 7\Scan.dll
2014-01-30 14:05 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files\IObit\Advanced SystemCare 7\sqlite3.dll
2014-01-25 05:05 - 2013-12-08 02:08 - 03038208 _____ () C:\Program Files\Pale Moon\mozjs.dll
2014-01-25 06:27 - 2014-01-25 06:27 - 16264072 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_54.dll
2014-02-11 04:56 - 2005-02-27 16:40 - 00045056 _____ () C:\Users\Owner\AppData\Local\Temp\jrt\CHOICE.DAT

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Owner\Documents:{2C848322-7882-41E2-AFF6-B060B946FEE9}3
AlternateDataStreams: C:\Users\Owner\My Documents:{2C848322-7882-41E2-AFF6-B060B946FEE9}3

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\45821626.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\45821626.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HideMyIpSRV => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Who Is On My Wifi.lnk => C:\Windows\pss\Who Is On My Wifi.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rasputin.lnk => C:\Windows\pss\Rasputin.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Advanced SystemCare 7 => "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Everything => "C:\Program Files\Everything\Everything.exe" -startup
MSCONFIG\startupreg: iFunBox Price Watch => C:\Program Files\iFunbox 2014\iFunBox2014.exe /tray
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== Faulty Device Manager Devices =============

Name: G:\
Description: R5C592
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Microsoft
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/11/2014 04:00:37 AM) (Source: Application Error) (User: )
Description: Faulting application name: palemoon.exe, version: 24.2.0.5090, time stamp: 0x52a44f9b
Faulting module name: mozalloc.dll, version: 24.2.0.5090, time stamp: 0x52a44399
Exception code: 0x80000003
Fault offset: 0x000011fc
Faulting process id: 0x1708
Faulting application start time: 0xpalemoon.exe0
Faulting application path: palemoon.exe1
Faulting module path: palemoon.exe2
Report Id: palemoon.exe3

Error: (02/11/2014 01:27:27 AM) (Source: Application Error) (User: )
Description: Faulting application name: palemoon.exe, version: 24.2.0.5090, time stamp: 0x52a44f9b
Faulting module name: mozalloc.dll, version: 24.2.0.5090, time stamp: 0x52a44399
Exception code: 0x80000003
Fault offset: 0x000011fc
Faulting process id: 0x518
Faulting application start time: 0xpalemoon.exe0
Faulting application path: palemoon.exe1
Faulting module path: palemoon.exe2
Report Id: palemoon.exe3

Error: (02/10/2014 03:50:09 PM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 24.2.0.5090, time stamp: 0x52a44f61
Faulting module name: mozalloc.dll, version: 24.2.0.5090, time stamp: 0x52a44399
Exception code: 0x80000003
Fault offset: 0x000011fc
Faulting process id: 0x16e4
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (02/10/2014 03:50:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: palemoon.exe, version: 24.2.0.5090, time stamp: 0x52a44f9b
Faulting module name: mozjs.dll, version: 0.0.0.0, time stamp: 0x52a444ff
Exception code: 0xc0000005
Fault offset: 0x0009b404
Faulting process id: 0x6c8
Faulting application start time: 0xpalemoon.exe0
Faulting application path: palemoon.exe1
Faulting module path: palemoon.exe2
Report Id: palemoon.exe3

Error: (02/10/2014 03:15:29 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/10/2014 03:15:22 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/10/2014 02:08:22 PM) (Source: Application Hang) (User: )
Description: The program mbar.exe version 1.7.0.1009 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1254

Start Time: 01cf26ac4ce220da

Termination Time: 39704

Application Path: C:\Users\Owner\Desktop\mbar\mbar.exe

Report Id: c18e844e-929f-11e3-a005-f1f0bdb13cf4

Error: (02/10/2014 08:13:09 AM) (Source: Application Error) (User: )
Description: Faulting application name: palemoon.exe, version: 24.2.0.5090, time stamp: 0x52a44f9b
Faulting module name: xul.dll, version: 24.2.0.5090, time stamp: 0x52a44f52
Exception code: 0xc0000005
Fault offset: 0x0014fd1d
Faulting process id: 0x160c
Faulting application start time: 0xpalemoon.exe0
Faulting application path: palemoon.exe1
Faulting module path: palemoon.exe2
Report Id: palemoon.exe3

Error: (02/10/2014 06:32:49 AM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 24.2.0.5090, time stamp: 0x52a44f61
Faulting module name: NPSWF32_12_0_0_54.dll, version: 12.0.0.54, time stamp: 0x52db2f16
Exception code: 0x80000003
Fault offset: 0x00348c6d
Faulting process id: 0xdc8
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (02/10/2014 04:23:46 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (02/11/2014 03:19:21 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147014874

Error: (02/11/2014 03:19:21 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147014874

Error: (02/11/2014 02:53:47 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147014874

Error: (02/11/2014 02:53:47 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147014874

Error: (02/11/2014 02:41:59 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147014874

Error: (02/11/2014 02:41:59 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147014874

Error: (02/11/2014 02:41:44 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147014874

Error: (02/11/2014 02:41:44 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147014874

Error: (02/11/2014 02:41:16 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147014874

Error: (02/11/2014 02:41:16 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147014874


Microsoft Office Sessions:
=========================
Error: (02/11/2014 04:00:37 AM) (Source: Application Error)(User: )
Description: palemoon.exe24.2.0.509052a44f9bmozalloc.dll24.2.0.509052a4439980000003000011fc170801cf270c55e89fc6C:\Program Files\Pale Moon\palemoon.exeC:\Program Files\Pale Moon\mozalloc.dll1e224933-9314-11e3-9ea7-0024337554d2

Error: (02/11/2014 01:27:27 AM) (Source: Application Error)(User: )
Description: palemoon.exe24.2.0.509052a44f9bmozalloc.dll24.2.0.509052a4439980000003000011fc51801cf26f2a4638ab9C:\Program Files\Pale Moon\palemoon.exeC:\Program Files\Pale Moon\mozalloc.dllb8884266-92fe-11e3-9ea7-0024337554d2

Error: (02/10/2014 03:50:09 PM) (Source: Application Error)(User: )
Description: plugin-container.exe24.2.0.509052a44f61mozalloc.dll24.2.0.509052a4439980000003000011fc16e401cf26a9bf608108D:\plugin-container.exeD:\mozalloc.dll125a7c58-92ae-11e3-a005-f1f0bdb13cf4

Error: (02/10/2014 03:50:05 PM) (Source: Application Error)(User: )
Description: palemoon.exe24.2.0.509052a44f9bmozjs.dll0.0.0.052a444ffc00000050009b4046c801cf26a6240a0ab1D:\palemoon.exeD:\mozjs.dll0fff6c92-92ae-11e3-a005-f1f0bdb13cf4

Error: (02/10/2014 03:15:29 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\keyscrambler\x64\KeyScrambler.exe

Error: (02/10/2014 03:15:22 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\IObit\driver booster\DpInst\x64\dpinst.exe

Error: (02/10/2014 02:08:22 PM) (Source: Application Hang)(User: )
Description: mbar.exe1.7.0.1009125401cf26ac4ce220da39704C:\Users\Owner\Desktop\mbar\mbar.exec18e844e-929f-11e3-a005-f1f0bdb13cf4

Error: (02/10/2014 08:13:09 AM) (Source: Application Error)(User: )
Description: palemoon.exe24.2.0.509052a44f9bxul.dll24.2.0.509052a44f52c00000050014fd1d160c01cf266d20590beeC:\Program Files\Pale Moon\palemoon.exeC:\Program Files\Pale Moon\xul.dll3afae96b-926e-11e3-a005-c30d2d05d1f5

Error: (02/10/2014 06:32:49 AM) (Source: Application Error)(User: )
Description: plugin-container.exe24.2.0.509052a44f61NPSWF32_12_0_0_54.dll12.0.0.5452db2f168000000300348c6ddc801cf265e72ee07efC:\Program Files\Pale Moon\plugin-container.exeC:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_54.dll36d3b33e-9260-11e3-a005-c30d2d05d1f5

Error: (02/10/2014 04:23:46 AM) (Source: Windows Search Service)(User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt


==================== Memory info ===========================

Percentage of memory in use: 85%
Total physical RAM: 2911.04 MB
Available physical RAM: 424.69 MB
Total Pagefile: 5820.37 MB
Available Pagefile: 2945.09 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.93 GB) (Free:40.92 GB) NTFS
Drive d: () (Fixed) (Total:149.07 GB) (Free:4.76 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 9B5349AB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {2386360a-85f9-11e3-a92a-fa1ecd9daf48}
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\23863609-85f9-11e3-a92a-fa1ecd9daf48\boot.sdi



LastRegBack: 2014-02-10 15:14

==================== End Of Log ==============

Link to post
Share on other sites

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 11.0.9600.16476

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.525000 GHz
Memory total: 3052445696, free: 1307643904

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 11.0.9600.16476

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.525000 GHz
Memory total: 3052445696, free: 1415712768

=======================================
------------ Kernel report ------------
     02/10/2014 14:08:57
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\??\C:\Windows\system32\drivers\ElRawDsk.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\NETwNs32.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\1394ohci.sys
\SystemRoot\system32\DRIVERS\sdbus.sys
\SystemRoot\system32\DRIVERS\rimsptsk.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\System32\drivers\keyscrambler.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\SFEP.sys
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\VSTAZL3.SYS
\SystemRoot\system32\DRIVERS\VSTDPV3.SYS
\SystemRoot\system32\DRIVERS\VSTCNXT3.SYS
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\PDFsFilter.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\??\C:\Windows\system32\Drivers\hmip.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\idmwfp.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\??\C:\Users\Owner\AppData\Local\Temp\mbr.sys
\SystemRoot\system32\drivers\DasPtct.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Program Files\Process Hacker 2\kprocesshacker.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff87dab938
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000006a\
Lower Device Object: 0xffffffff87fb3028
Lower Device Driver Name: \Driver\rimsptsk\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8649c030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xffffffff85ff3908
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8649c030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8649cd10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8649c030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff85ff3908, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9B5349AB

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 312320000

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 312526848  Numsec = 312612864

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 320072933376 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xffffffff87dab938, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff87dab618, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff87dab938, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff87fb3028, DeviceName: \Device\0000006a\, DriverName: \Driver\rimsptsk\
------------ End ----------
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 11.0.9600.16476

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.525000 GHz
Memory total: 3052445696, free: 483332096

Initializing...
======================
------------ Kernel report ------------
     02/11/2014 04:55:53
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\??\C:\Windows\system32\drivers\ElRawDsk.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\1394ohci.sys
\SystemRoot\system32\DRIVERS\sdbus.sys
\SystemRoot\system32\DRIVERS\rimsptsk.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\System32\drivers\keyscrambler.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\SFEP.sys
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\VSTAZL3.SYS
\SystemRoot\system32\DRIVERS\VSTDPV3.SYS
\SystemRoot\system32\DRIVERS\VSTCNXT3.SYS
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\PDFsFilter.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\??\C:\Windows\system32\Drivers\hmip.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\idmwfp.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\netw5v32.sys
\??\C:\Program Files\Process Hacker 2\kprocesshacker.sys
\SystemRoot\system32\DRIVERS\nm3.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\??\C:\Windows\system32\TrueSight.sys
\??\C:\Users\Owner\AppData\Local\Temp\mbr.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff87bdeac8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000006b\
Lower Device Object: 0xffffffff87f02028
Lower Device Driver Name: \Driver\rimsptsk\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8649c030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xffffffff86399908
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8649c030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8649cd10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8649c030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86399908, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9B5349AB

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 312320000

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 312526848  Numsec = 312612864

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 320072933376 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xffffffff87bdeac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff87bfa290, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff87bdeac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff87f02028, DeviceName: \Device\0000006b\, DriverName: \Driver\rimsptsk\
------------ End ----------
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
 

Link to post
Share on other sites

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16476
Owner :: OWNER-PC [administrator]

11-Feb-14 4:55:59 AM
mbar-log-2014-02-11 (04-55-59).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 216665
Time elapsed: 24 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-02-2014 01
Ran by Owner (administrator) on OWNER-PC on 11-02-2014 14:28:56
Running from C:\Users\Owner\Downloads\Programs
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
() C:\Program Files\Comodo\Dragon\dragon_updater.exe
( ) C:\Program Files\GLArab.com\Proxy\http_proxy.exe
(iolo technologies, LLC) C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
(iolo technologies, LLC) C:\Program Files\iolo\System Mechanic\iologovernor.exe
(QFX Software Corporation) C:\Program Files\KeyScrambler\KeyScrambler.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Everything\Everything.exe
(i-Funbox.com) C:\Program Files\iFunbox 2014\iFunBox2014.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
(Moonchild Productions) C:\Program Files\Pale Moon\palemoon.exe
(AVM Software Inc.) C:\Program Files\Paltalk Messenger\paltalk.exe
(AVM Software Inc.) C:\Program Files\Paltalk Messenger\paltalk.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [KeyScrambler] - C:\Program Files\KeyScrambler\keyscrambler.exe [508144 2013-11-14] (QFX Software Corporation)
HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Everything] - C:\Program Files\Everything\Everything.exe [602624 2009-03-12] ()
HKLM\...\Run: [bCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-2794498854-3293745280-3007496263-1000\...\Run: [iDMan] - C:\Program Files\Internet Download Manager\IDMan.exe [3825232 2014-01-16] (Tonec Inc.)
HKU\S-1-5-21-2794498854-3293745280-3007496263-1000\...\Run: [iFunBox Price Watch] - C:\Program Files\iFunbox 2014\iFunBox2014.exe [7748096 2013-11-26] (i-Funbox.com)
HKU\S-1-5-21-2794498854-3293745280-3007496263-1000\...\Run: [Advanced SystemCare 7] - C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2285344 2013-12-18] (IObit)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE ()
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
ShortcutTarget: PalTalk.lnk -> C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM - DefaultScope value is missing.
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: NoVooIT Class - {598AC71E-BE58-3981-B78A-5C138F423AD6} - C:\Users\Owner\AppData\Roaming\VolIE\NoVooIT_32.dll (NoVooIT)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: BHOImpl Class - {E1499FE7-129D-4B6E-B681-DDF21E14172C} - C:\Users\Owner\Documents\iTools\Plugin\iToolsBHO.dll (iTools.hk)
Handler: WSIEChrome - No CLSID Value -
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1swvt7d3.default
FF NetworkProxy: "ftp", "186.93.19.87"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "gopher", "186.93.19.87"
FF NetworkProxy: "gopher_port", 8080
FF NetworkProxy: "http", "186.93.19.87"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "socks", "186.93.19.87"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "186.93.19.87"
FF NetworkProxy: "ssl_port", 8080
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_54.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @itools.hk/npiTools, version=1.0.0 - C:\Users\Owner\Documents\iTools\Plugin\npiTools.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1swvt7d3.default\searchplugins\VenteeRo.xml
FF Extension: Vonteera Safe ads - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1swvt7d3.default\Extensions\addon@Vonteera.com [2014-02-04]
FF Extension: Flagfox - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1swvt7d3.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2014-01-25]
FF Extension: FT DeepDark - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1swvt7d3.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2014-01-28]
FF Extension: WOT - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1swvt7d3.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-25]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1swvt7d3.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-01-25]
FF Extension: Best Proxy Switcher - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1swvt7d3.default\Extensions\bestproxyswitcher@bestproxyswitcher.com.xpi [2014-01-25]
FF Extension: Ghostery - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1swvt7d3.default\Extensions\firefox@ghostery.com.xpi [2014-01-25]
FF Extension: SeenBlock - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1swvt7d3.default\Extensions\jid0-8C9kZOXgcsBN95BaPPbaKdSHEpU@jetpack.xpi [2014-01-26]
FF Extension: Noia 4 Theme Manager - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1swvt7d3.default\Extensions\Noia4Options@ArisT2.xpi [2014-01-28]
FF Extension: Session Manager - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1swvt7d3.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2014-01-28]
FF Extension: NoScript - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1swvt7d3.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-01-25]
FF Extension: YouTube High Definition - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1swvt7d3.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-01-25]
FF Extension: FXChrome - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1swvt7d3.default\Extensions\{c0c588b6-b11d-4898-af00-079fed05aa32}.xpi [2014-01-28]
FF Extension: Adblock Plus - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1swvt7d3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-25]
FF Extension: BetterPrivacy - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1swvt7d3.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-01-25]
FF Extension: Noia 4 - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1swvt7d3.default\Extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi [2014-01-28]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Owner\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Owner\AppData\Roaming\IDM\idmmzcc5 [2014-01-25]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Owner\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Owner\AppData\Roaming\IDM\idmmzcc5 [2014-01-25]

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-25]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-25]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-25]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-25]
CHR Extension: (IDM Integration Module) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-01-25]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-01-25]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-30]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-25]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-25]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2014-01-16]

========================== Services (Whitelisted) =================

R2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [881440 2013-12-09] (IObit)
R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [3105144 2013-11-27] (WIBU-SYSTEMS AG)
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2135232 2014-01-28] ()
R2 glarab_http_proxy; C:\Program Files\GLArab.com\Proxy\http_proxy.exe [2255984 2012-12-20] ( )
R2 ioloSystemService; C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe [1168960 2013-12-03] (iolo technologies, LLC)
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S4 Skype C2C Service; "C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe" [X]

==================== Drivers (Whitelisted) ====================

R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [26248 2013-12-03] (EldoS Corporation)
R2 hmip; C:\Windows\system32\Drivers\hmip.sys [25448 2013-06-19] (Hide My IP)
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [209016 2013-05-31] (QFX Software Corporation)
S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [18136 2013-02-25] ()
S3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7530736 2014-01-30] (Intel Corporation)
R1 nm3; C:\Windows\System32\DRIVERS\nm3.sys [39736 2010-06-09] (Microsoft Corporation)
R2 PDFsFilter; C:\Windows\System32\DRIVERS\PDFsFilter.sys [68464 2013-12-03] (Raxco Software, Inc.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [27888 2014-01-30] (Synaptics Incorporated)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xAntiArp; system32\DRIVERS\xAntiArp.sys [X]

========================== Drivers MD5 =======================

C:\Windows\System32\DRIVERS\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys F81BB7E487EDCEAB630A7EE66CF23913
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D320BF87125326F996D4904FE24300FC
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 46387FB17B086D16DEA267D5BE23A2F2
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\drivers\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BTHport.sys 1153DE2E4F5941E10C399CB5592F78A1
C:\Windows\System32\Drivers\BTHUSB.sys C81E9413A25A439F436B1D4B6A0CF9E9
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 85449EEBE8F8EBD6481EFBF0F352B4EB
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 2A958EF85DB1B61FFCA65044FA4BCE9E
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 71BC35067CABC02C9453AEAA42B2E43E
C:\Windows\system32\drivers\evbdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\ElRawDsk.sys DA8B28199B46B72502D5A3F75D446254
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\system32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\system32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Fs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05
C:\Windows\System32\DRIVERS\fvevol.sys E306A24D9694C724FA2491278BF50FDB
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\Drivers\hmip.sys EA8FD4A29C542C0214682967021E703D
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys 5CD5F9A5444E6CDCB0AC89BD62D8B76E
C:\Windows\System32\DRIVERS\idmwfp.sys 203BB2691E7D0088A2C1F9C39C15A9B7
C:\Windows\System32\DRIVERS\igdkmd32.sys 1EC36A3CA56B0A31B4920399EE6D77EB
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHDA.sys BC9B2C44139B4E103105F024D00B46D5
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\keyscrambler.sys D9CA77A69473A93E40B7551A7DE425A9
C:\Windows\System32\Drivers\ksecdd.sys F286830298323272260332D6ABC905C1
C:\Windows\System32\Drivers\ksecpkg.sys D7C760D57B1656DD748B9E4AB6CB5A51
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\MDA_NTDRV.sys A535C585D67AD894F01E03D013F0339E
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 21F4B24ACFC79A483515BD986DD9043F
C:\Windows\System32\DRIVERS\mrxsmb.sys 5D16C921E3671636C0EBA3BBAAC5FD25
C:\Windows\System32\DRIVERS\mrxsmb10.sys 6D17A4791ACA19328C685D256349FEFC
C:\Windows\System32\DRIVERS\mrxsmb20.sys B81F204D146000BE76651A50670A5E9E
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\system32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 8C9C922D71F1CD4DEF73F186416B7896
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\system32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netw5v32.sys 58218EC6B61B1169CF54AAB0D00F5FE2
C:\Windows\System32\DRIVERS\NETwNs32.sys 3373475AC6FE90FA6E88F5C20DAC25F4
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nm3.sys D8F75DC28A480E1BA288F217CC7144D2
C:\Windows\system32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Ntfs.sys 5E43D2B0EE64123D4880DFA6626DEFDE
C:\Windows\system32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys B3E25EE28883877076E0E1FF877D02E0
C:\Windows\system32\drivers\nvstor.sys 4380E59A170D88C4F1022EFF6719A8A4
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9B
C:\Windows\system32\drivers\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\PDFsFilter.sys 40C611622882C3FCAFEB845C1E12A10F
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 65375DF758CA1872AB7EBBBA457FD5E6
C:\Windows\system32\Drivers\RDPWD.sys F031683E6D1FEA157ABB2FF260B51E61
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\revoflt.sys B9BB8E2093C1615AD6EA55AD96214354
C:\Windows\System32\DRIVERS\rfcomm.sys CB928D9E6DAF51879DD6BA8D02F01321
C:\Windows\System32\DRIVERS\rimsptsk.sys 942264F8248B6E0995648AE99740BC14
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 0328BE1C7F1CBA23848179F8762E391C
C:\Windows\system32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SFEP.sys 750E9A1CEB78C35E42A7AEB62FE2CD10
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys E3CBFCF2499376A29CB1D92CBCE82696
C:\Windows\system32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys E4C2764065D66EA1D2D3EBC28FE99C46
C:\Windows\System32\DRIVERS\srv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71AB
C:\Windows\System32\DRIVERS\VSTAZL3.SYS E00FDFAFF025E94F9821153750C35A6D
C:\Windows\System32\DRIVERS\VSTDPV3.SYS CEB4E3B6890E1E42DCA6694D9E59E1A0
C:\Windows\System32\DRIVERS\VSTCNXT3.SYS BC0C7EA89194C299F051C24119000E17
C:\Windows\System32\DRIVERS\srvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABC
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\synth3dvsc.sys F2AD8960812FD111E20E84659EF19D43
C:\Windows\System32\drivers\tcpip.sys CA59F7C570AF70BC174F477CFE2D9EE3
C:\Windows\System32\DRIVERS\tcpip.sys CA59F7C570AF70BC174F477CFE2D9EE3
C:\Windows\System32\drivers\tcpipreg.sys 3EEBD3BD93DA46A26E89893C7AB2FF3B
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\system32\drivers\terminpt.sys E951866BAC5A23403F62A349EDBB6EEB
C:\Windows\System32\DRIVERS\tssecsrv.sys B37B08F2E5EEB1A37E448E09BACE1101
C:\Windows\System32\drivers\tsusbflt.sys 9CE253214ACAA5A7D323327D2055EFAA
C:\Windows\system32\drivers\TsUsbGD.sys 57C527AF84748B5C2F5178C499C0B81F
C:\Windows\System32\drivers\tsusbhub.sys 045ACB987C650D8186C6B4A692223860
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys 0803FBA9FE829D61AE26EC0BCC910C46
C:\Windows\system32\drivers\usbcir.sys 2352AB5F9F8F097BF9D41D5A4718A041
C:\Windows\System32\DRIVERS\usbehci.sys D40855F89B69305140BBD7E9A3BA2DA6
C:\Windows\System32\DRIVERS\usbhub.sys EDF2DF71C4F1E13A6AC75F5224DE655A
C:\Windows\system32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS F991AB9CC6B908DB552166768176896A
C:\Windows\System32\DRIVERS\usbuhci.sys 800AABFD625EEFF899F7E5496BDE37AB
C:\Windows\System32\Drivers\usbvideo.sys DE014425522610BEDCA3821BB8C0F1D5
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys 7090D3436EEB4E7DA3373090A23448F7
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 25944D2CC49E0A6C581D02A74B7D6645
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF
C:\Windows\System32\DRIVERS\yk62x86.sys B07C5B7EFDF936FF93D4F540938725BE

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-11 06:50 - 2014-02-11 06:50 - 00000642 _____ () C:\Users\Owner\Desktop\JRT.txt
2014-02-11 06:47 - 2014-02-11 06:47 - 00000000 ____H () C:\ProgramData\cm-lock
2014-02-11 06:38 - 2014-02-11 06:38 - 30439667 _____ () C:\Users\Owner\Downloads\سرمد البياتي برنامج بالشمع الاحمر عنوان الحلقة الانترنت في غرف الزوجية 17-12-2013.3GP
2014-02-11 05:02 - 2014-02-11 05:02 - 00000000 ____D () C:\Program Files\ESET
2014-02-11 05:01 - 2014-02-11 14:28 - 00000000 ____D () C:\FRST
2014-02-11 04:55 - 2014-02-11 04:55 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-11 04:55 - 2014-02-11 04:55 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-11 04:55 - 2014-02-11 04:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-11 04:51 - 2014-02-11 04:51 - 00001600 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_02112014_045108.txt
2014-02-11 04:42 - 2014-02-11 04:42 - 00001567 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_02112014_044233.txt
2014-02-11 04:38 - 2014-02-11 04:53 - 00000000 ____D () C:\Users\Owner\Desktop\RK_Quarantine
2014-02-11 04:38 - 2014-02-11 04:38 - 03809792 _____ () C:\Users\Owner\Desktop\RogueKiller_2.exe
2014-02-11 04:37 - 2014-02-11 04:37 - 04403200 _____ () C:\Users\Owner\Desktop\RogueKillerX64.exe
2014-02-11 04:35 - 2014-02-11 06:48 - 00000000 ____D () C:\Windows\ERDNT
2014-02-11 04:35 - 2014-02-11 04:35 - 00000898 _____ () C:\Users\Owner\Desktop\NTREGOPT.lnk
2014-02-11 04:35 - 2014-02-11 04:35 - 00000898 _____ () C:\Users\d\Desktop\NTREGOPT.lnk
2014-02-11 04:35 - 2014-02-11 04:35 - 00000879 _____ () C:\Users\Owner\Desktop\ERUNT.lnk
2014-02-11 04:35 - 2014-02-11 04:35 - 00000879 _____ () C:\Users\d\Desktop\ERUNT.lnk
2014-02-11 04:35 - 2014-02-11 04:35 - 00000000 ____D () C:\Program Files\ERUNT
2014-02-11 04:30 - 2014-02-11 04:30 - 00904743 _____ () C:\Users\Owner\Downloads\A2B63469251036344862401769472_14729024e60.4.6.8894272438047653657_0EmL2hK7hj7rnQXtX3xCgK7DrdiNlNLPW6HSv0CPP55uQYDkfTVf1H_7d9UiyDgK.mp4
2014-02-11 04:12 - 2014-02-11 04:12 - 01238617 _____ () C:\Users\Owner\Downloads\FF19EC1CFA1024471840065777664_138722721092161f9fce532.mp4_pRCiGvUkIeDSojpqECK9pYhe4w9e1P6eu9AUzLxQOGMwhIKLr0bjX8rBSk4dDF00.mp4
2014-02-11 03:59 - 2014-02-11 03:59 - 00893439 _____ () C:\Users\Owner\Downloads\82BB09F6A21039395578498506752_12961615bf0.3.2_iO2NJTifYodhq39uf3ebcTntrEFhZq0m96TLlJXPptgFXqTXo7604R7YiopCTC4l.mp4
2014-02-11 03:58 - 2014-02-11 03:58 - 00893373 _____ () C:\Users\Owner\Downloads\A4565337131039675904663662592_167880401cd.4.7.1703182332979559069_.qgBb6jAmfol.mkkRsiEfAmpXEuyYN47amAF9SYEoVi9X2rWQ1vInwhQMIZHAASS.mp4
2014-02-11 03:57 - 2014-02-11 03:57 - 00875939 _____ () C:\Users\Owner\Downloads\019EC4DC171029108921266290688_1aa642d4d69.4.5.6871069217078471256__E.YchHfRkZl2KlotHxNcl1TQmBno0NmKr9iuiVIfC0ojEYloH7skSvgswP8lPNI.mp4
2014-02-11 01:44 - 2014-02-11 01:49 - 00000000 ____D () C:\Users\Owner\Documents\Network Monitor 3
2014-02-11 01:44 - 2014-02-11 01:44 - 00001016 _____ () C:\Users\Public\Desktop\Microsoft Network Monitor 3.4.lnk
2014-02-11 01:44 - 2014-02-11 01:44 - 00000000 ____D () C:\Program Files\Microsoft Network Monitor 3
2014-02-11 00:47 - 2014-02-11 00:48 - 00000079 _____ () C:\Windows\wininit.ini
2014-02-10 23:52 - 2014-02-10 23:52 - 00001201 _____ () C:\Windows\IE11_main.log
2014-02-10 22:27 - 2014-02-11 06:47 - 00009586 _____ () C:\Windows\PFRO.log
2014-02-10 22:27 - 2014-02-10 22:27 - 00409096 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-10 22:26 - 2014-02-10 22:26 - 49782784 _____ () C:\Windows\system32\config\software.iodefrag.bak
2014-02-10 22:26 - 2014-02-10 22:26 - 00167936 _____ () C:\Windows\system32\config\default.iodefrag.bak
2014-02-10 22:26 - 2014-02-10 22:26 - 00098304 _____ () C:\Windows\system32\config\sam.iodefrag.bak
2014-02-10 22:26 - 2014-02-10 22:26 - 00024576 _____ () C:\Windows\system32\config\security.iodefrag.bak
2014-02-10 22:26 - 2014-02-10 22:26 - 00000000 _____ () C:\asc_rdflag
2014-02-10 22:25 - 2014-02-10 22:25 - 00003304 ____N () C:\bootsqm.dat
2014-02-10 20:16 - 2014-02-10 20:15 - 00069183 _____ () C:\Users\Owner\Downloads\www_base_mod.js
2014-02-10 20:16 - 2014-02-10 20:15 - 00020065 _____ () C:\Users\Owner\Downloads\spf-vflY4jAlw.js
2014-02-10 18:23 - 2014-02-10 18:23 - 00000000 ____D () C:\Windows\CheckSur
2014-02-10 18:21 - 2014-02-10 18:21 - 183244764 _____ () C:\Users\Owner\Downloads\Windows6.1-KB947821-v31-x86.msu
2014-02-10 18:01 - 2014-02-10 18:03 - 00002592 _____ () C:\Users\Owner\Desktop\Rkill.txt
2014-02-10 18:01 - 2014-02-10 18:01 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Owner\Desktop\rkill.com
2014-02-10 17:45 - 2014-02-10 17:45 - 00000000 ____D () C:\_OTL
2014-02-10 16:17 - 2014-02-10 16:17 - 28823831 _____ () C:\Users\Owner\Downloads\عزت الشابندر _  ساعة حوار _  الاتجاه 04 02 2014.3GP
2014-02-10 14:08 - 2014-02-11 05:24 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-10 14:06 - 2014-02-11 05:24 - 00000000 ____D () C:\Users\Owner\Desktop\mbar
2014-02-10 13:51 - 2014-02-10 13:51 - 00000000 ____D () C:\New folder
2014-02-10 13:49 - 2014-02-10 13:56 - 00000000 ____D () C:\Windows\system32\CATROOT2OLD
2014-02-10 13:49 - 2014-02-10 13:49 - 00109280 _____ () C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-10 13:49 - 2014-02-10 13:49 - 00001244 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-02-10 13:48 - 2014-02-10 13:48 - 00000000 ____D () C:\Program Files\Panda Security
2014-02-10 13:09 - 2014-02-10 13:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-10 13:08 - 2014-02-11 06:47 - 00000224 _____ () C:\Windows\setupact.log
2014-02-10 06:02 - 2014-02-11 04:54 - 00029681 _____ () C:\Users\Owner\Desktop\dds.txt
2014-02-10 06:02 - 2014-02-11 04:54 - 00008305 _____ () C:\Users\Owner\Desktop\attach.txt
2014-02-10 06:01 - 2014-02-10 06:00 - 00688992 ____R (Swearware) C:\Users\Owner\Desktop\dds.scr
2014-02-10 04:37 - 2014-02-10 04:37 - 00001943 _____ () C:\Users\Owner\Desktop\Paltalk Messenger.lnk
2014-02-10 04:37 - 2014-02-10 04:37 - 00001214 _____ () C:\Users\Owner\Desktop\Upgrade to Paltalk Extreme.lnk
2014-02-10 04:37 - 2014-02-10 04:37 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Paltalk
2014-02-10 04:37 - 2014-02-10 04:37 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
2014-02-10 04:37 - 2014-02-10 04:37 - 00000000 ____D () C:\Program Files\Paltalk Messenger
2014-02-10 04:20 - 2014-02-10 04:21 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-02-10 04:13 - 2014-02-10 04:13 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-OWNER-PC-Microsoft-Windows-7-Ultimate-(32-bit).dat
2014-02-10 04:12 - 2014-02-10 04:12 - 00002121 _____ () C:\Users\Owner\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-02-10 04:12 - 2014-02-10 04:12 - 00000000 ____D () C:\RegBackup
2014-02-10 04:10 - 2014-02-10 04:12 - 00000000 ____D () C:\Users\d\AppData\Local\MoboGenie
2014-02-10 04:10 - 2014-02-10 04:10 - 00000000 ____D () C:\Users\d\AppData\Roaming\QFX Software
2014-02-10 04:10 - 2014-02-10 04:10 - 00000000 ____D () C:\Users\d\AppData\Roaming\Malwarebytes
2014-02-10 04:02 - 2014-02-11 06:46 - 00000000 ____D () C:\AdwCleaner
2014-02-10 03:58 - 2014-02-10 03:58 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-02-10 03:04 - 2014-02-10 03:04 - 00000000 ____D () C:\Program Files\AdwareRemovalToolv3.7
2014-02-10 03:03 - 2014-02-10 03:03 - 00000000 ____D () C:\Windows\ERUNT
2014-02-10 03:02 - 2014-02-10 03:02 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Owner\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-10 03:01 - 2014-02-10 03:01 - 00414944 _____ () C:\Users\Owner\Desktop\Adware-Removal-Tool-V3.7.exe
2014-02-10 02:59 - 2014-02-10 02:59 - 01166132 _____ () C:\Users\Owner\Desktop\AdwCleaner.exe
2014-02-10 02:59 - 2014-02-10 02:59 - 01037530 _____ (Thisisu) C:\Users\Owner\Desktop\JRT.exe
2014-02-10 02:57 - 2014-02-10 02:57 - 00921000 _____ (Oracle Corporation) C:\Users\Owner\Desktop\jxpiinstall_3.exe
2014-02-10 02:23 - 2014-02-10 02:23 - 00001234 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-02-10 02:23 - 2014-02-10 02:23 - 00000000 ____D () C:\Users\Owner\AppData\Local\VS Revo Group
2014-02-10 02:23 - 2014-02-10 02:23 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-02-10 02:23 - 2009-12-30 10:21 - 00027192 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-02-10 02:17 - 2014-02-10 02:17 - 00000067 _____ () C:\Windows\avast5.ini
2014-02-09 14:23 - 2014-02-09 14:23 - 00000989 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-02-09 14:23 - 2014-02-09 14:23 - 00000000 ____D () C:\Program Files\MozBackup
2014-02-08 22:39 - 2014-02-08 22:39 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-02-08 00:55 - 2014-02-08 00:55 - 00000000 ____D () C:\Users\d\AppData\Roaming\AVAST Software
2014-02-08 00:40 - 2013-12-03 09:54 - 00026248 _____ (EldoS Corporation) C:\Windows\system32\Drivers\ElRawDsk.sys
2014-02-08 00:28 - 2014-02-08 00:28 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\gjfrjteg.sys
2014-02-07 22:56 - 2014-02-07 22:56 - 00109280 _____ () C:\Users\d\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-07 22:55 - 2014-02-07 22:55 - 00000000 ____D () C:\Users\d\AppData\Local\Mozilla
2014-02-07 22:48 - 2014-02-08 00:53 - 00000000 ____D () C:\Users\d\AppData\Roaming\IObit
2014-02-07 22:48 - 2014-02-07 22:55 - 00000000 ____D () C:\Users\d\AppData\Roaming\Mozilla
2014-02-07 22:48 - 2014-02-07 22:48 - 00000000 ____D () C:\Users\d\AppData\Roaming\Moonchild Productions
2014-02-07 22:48 - 2014-02-07 22:48 - 00000000 ____D () C:\Users\d\AppData\Roaming\FastStone
2014-02-07 22:48 - 2014-02-07 22:48 - 00000000 ____D () C:\Users\d\AppData\Local\Moonchild Productions
2014-02-07 22:48 - 2014-02-07 22:48 - 00000000 ____D () C:\Users\d\AppData\Local\FastStone
2014-02-07 21:15 - 2014-02-07 21:15 - 00000000 _____ () C:\Users\d\daemonprocess.txt
2014-02-07 21:12 - 2014-02-07 21:12 - 00000000 ____D () C:\Users\d\AppData\Roaming\ioloGovernor
2014-02-07 21:10 - 2014-02-07 21:10 - 00001417 _____ () C:\Users\d\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-07 21:10 - 2014-02-07 21:10 - 00000000 ____D () C:\Users\d\AppData\Roaming\Adobe
2014-02-07 21:10 - 2014-02-07 21:10 - 00000000 ____D () C:\Users\d\AppData\Local\VirtualStore
2014-02-07 21:09 - 2014-02-07 21:09 - 00000020 ___SH () C:\Users\d\ntuser.ini
2014-02-07 21:08 - 2014-02-09 00:16 - 00000000 ____D () C:\Users\d
2014-02-07 21:08 - 2014-01-28 13:10 - 00000000 ____D () C:\Users\d\AppData\Local\Bulents
2014-02-07 21:08 - 2014-01-26 18:10 - 00000000 ____D () C:\Users\d\AppData\Local\Microsoft Help
2014-02-07 21:08 - 2009-07-13 20:42 - 00000000 ___RD () C:\Users\d\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-07 21:08 - 2009-07-13 20:37 - 00000000 ___RD () C:\Users\d\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-07 14:52 - 2014-02-07 14:52 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\WindSolutions
2014-02-07 14:31 - 2014-02-07 14:31 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-02-07 05:43 - 2014-02-07 05:45 - 20553737 _____ () C:\Users\Owner\Downloads\يا أمة محمد - الخطبة التي سجن بسببها الشيخ خالد الراشد - كاملة.3GP
2014-02-07 03:36 - 2014-02-07 03:36 - 00512784 _____ (AVAST Software) C:\Users\Owner\Desktop\avastclear.exe
2014-02-07 03:35 - 2014-02-07 03:35 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\avkjrmmr.sys
2014-02-07 03:32 - 2014-02-07 03:32 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\tqjmaywk.sys
2014-02-07 00:59 - 2014-02-07 00:59 - 1182018380 _____ () C:\Users\Owner\Documents\Video_2014-02-07_005939.wmv
2014-02-06 21:27 - 2014-02-06 21:27 - 2014447186 _____ () C:\Users\Owner\Documents\Video_2014-02-06_212734.wmv
2014-02-06 21:13 - 2014-02-06 21:13 - 00002107 _____ () C:\Users\Public\Desktop\Wondershare MobileTrans.lnk
2014-02-06 21:13 - 2014-02-06 21:13 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Wondershare
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 ____D () C:\Users\Owner\Documents\iTools
2014-02-06 18:10 - 2014-02-06 18:14 - 81246648 _____ () C:\Users\Owner\Downloads\Hearing- Al-Qaeda's Resurgence in Iraq- A Threat to U.S. Interests.3GP
2014-02-06 17:12 - 2014-02-06 17:12 - 00001684 _____ () C:\Users\Owner\Downloads\license(22).avastlic
2014-02-06 06:44 - 2014-02-06 06:44 - 145967924 _____ () C:\Users\Owner\Documents\Video_2014-02-06_064445.wmv
2014-02-06 06:41 - 2014-02-08 23:16 - 00000000 ____D () C:\Program Files\Common Files\Wondershare
2014-02-06 06:41 - 2014-02-06 06:41 - 00000000 ____D () C:\Users\Owner\AppData\Local\Wondershare
2014-02-06 06:37 - 2014-02-10 04:17 - 00000000 ____D () C:\ProgramData\Wondershare Player
2014-02-06 06:37 - 2014-02-08 23:21 - 00000000 ____D () C:\Program Files\Wondershare
2014-02-06 06:36 - 2014-02-06 06:37 - 00000000 ____D () C:\Users\Public\Documents\Wondershare
2014-02-06 06:23 - 2014-02-06 06:23 - 00000134 _____ () C:\Users\Owner\Desktop\Microsoft Fix it.url
2014-02-06 05:45 - 2014-02-06 05:45 - 1483773358 _____ () C:\Users\Owner\Documents\Video_2014-02-06_054517.wmv
2014-02-06 02:22 - 2014-02-06 02:22 - 00000194 _____ () C:\console.log
2014-02-06 00:44 - 2013-06-06 12:41 - 00489392 _____ (Ask Partner Network) C:\Users\Owner\Documents\ApnStub1.exe
2014-02-05 22:53 - 2014-02-05 22:53 - 1297253700 _____ () C:\Users\Owner\Documents\Video_2014-02-05_225344.wmv
2014-02-05 04:27 - 2014-02-05 04:26 - 532364488 _____ () C:\Users\Owner\Documents\Video_2014-02-05_042705.wmv
2014-02-05 02:25 - 2014-02-05 02:25 - 00000000 ____D () C:\Windows\system32\config\SM Registry Backup
2014-02-05 02:17 - 2014-02-05 02:19 - 28646487 _____ () C:\Users\Owner\Downloads\مع الحدث _  العراق واسباب تاجيل السيطرة على الفلوجة _  wnn 04 02 2014.3GP
2014-02-05 01:46 - 2014-02-05 01:46 - 825282056 _____ () C:\Users\Owner\Documents\Video_2014-02-05_014653.wmv
2014-02-05 00:52 - 2014-02-05 00:52 - 00162349 _____ () C:\Users\Owner\Downloads\J1Lb9UKW.jpeg
2014-02-04 22:04 - 2014-02-04 22:04 - 361895916 _____ () C:\Users\Owner\Documents\Video_2014-02-04_220411.wmv
2014-02-04 21:32 - 2014-02-04 21:32 - 01946971 _____ () C:\Users\Owner\Downloads\فكرة البيرقدار‬ - YouTube.3gp
2014-02-04 20:31 - 2014-02-04 20:31 - 260253652 _____ () C:\Users\Owner\Documents\Video_2014-02-04_203145.wmv
2014-02-04 19:14 - 2014-02-04 19:14 - 00004464 _____ () C:\Windows\system32\.crusader
2014-02-04 19:11 - 2014-02-04 19:10 - 717104010 _____ () C:\Users\Owner\Documents\Video_2014-02-04_191100.wmv
2014-02-04 18:59 - 2014-02-04 18:59 - 00000546 _____ () C:\Users\Owner\Desktop\Emsisoft Emergency Kit.lnk
2014-02-04 18:58 - 2014-02-09 00:08 - 00000000 ____D () C:\EEK
2014-02-04 16:01 - 2014-02-04 16:01 - 1568183458 _____ () C:\Users\Owner\Documents\Video_2014-02-04_160150.wmv
2014-02-04 04:50 - 2014-02-04 05:10 - 571322368 _____ () C:\Users\Owner\Downloads\xpsp3_5512.080413-2113_usa_x86fre_spcd.iso
2014-02-04 04:37 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\SimilarProducts
2014-02-04 03:40 - 2014-02-04 03:39 - 2224868656 _____ () C:\Users\Owner\Documents\Video_2014-02-04_034000.wmv
2014-02-03 20:39 - 2014-02-03 20:42 - 59713134 _____ () C:\Users\Owner\Downloads\السيّد بهاء الأعرجي في السيد الرئيس 26 - 10 - 2013.3GP
2014-02-03 20:08 - 2014-02-03 20:08 - 93047544 _____ () C:\Users\Owner\Documents\Video_2014-02-03_200812.wmv
2014-02-03 19:29 - 2014-02-03 19:29 - 3054921090 _____ () C:\Users\Owner\Documents\Video_2014-02-03_192933.wmv
2014-02-03 03:34 - 2014-02-03 03:35 - 04468705 _____ () C:\Users\Owner\Downloads\تغطية خاصة - علي حاتم سليمان - هناك مؤامرة على الانبار ونحن لسنا مع داعش ولسنا مع المالكي.3GP
2014-02-02 20:38 - 2014-02-02 20:38 - 00000000 ____D () C:\Windows\system32\config\Before Compact
2014-02-02 20:28 - 2014-02-08 13:29 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\ARHome
2014-02-02 20:28 - 2014-02-02 22:49 - 00013722 _____ () C:\Users\Owner\AppData\Roaming\addonVont.zip
2014-02-02 20:28 - 2014-02-02 22:49 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\VolIE
2014-02-02 20:28 - 2014-02-02 20:28 - 02809552 _____ () C:\Users\Owner\Desktop\system_mechanic_12.5_activator_only.rar
2014-02-02 20:27 - 2014-02-08 00:36 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\newnext.me
2014-02-02 20:27 - 2014-02-06 21:13 - 00000000 ____D () C:\Users\Owner\.android
2014-02-02 20:27 - 2014-02-06 01:05 - 00000000 ____D () C:\Users\Owner\AppData\Local\cache
2014-02-02 20:27 - 2014-02-02 20:27 - 00000000 ____D () C:\Users\Owner\Documents\Mobogenie
2014-02-02 20:27 - 2014-02-02 20:27 - 00000000 _____ () C:\Users\Owner\daemonprocess.txt
2014-02-02 20:24 - 2014-02-02 20:24 - 531699950 _____ () C:\Users\Owner\Documents\Video_2014-02-02_202440.wmv
2014-02-02 20:14 - 2014-02-02 20:14 - 00000000 ____D () C:\Windows\system32\config\Original
2014-02-02 20:13 - 2014-06-01 16:43 - 03955200 _____ (iolo technologies, LLC) C:\SystemGuardAlerter.exe
2014-02-02 20:13 - 2013-12-08 16:25 - 00266752 _____ (iolo technologies, LLC) C:\GvrMgr.dll
2014-02-02 20:11 - 2014-02-08 23:17 - 00000000 ____D () C:\Program Files\iolo
2014-02-02 20:11 - 2014-02-02 20:11 - 00002169 _____ () C:\Users\Owner\Desktop\System Mechanic.lnk
2014-02-02 20:11 - 2014-02-02 20:11 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\ioloGovernor
2014-02-02 20:11 - 2014-02-02 20:11 - 00000000 ____D () C:\ProgramData\ioloGovernor
2014-02-02 20:11 - 2013-12-03 10:47 - 00041616 _____ (iolo technologies, LLC) C:\Windows\system32\iolobtdfg.exe
2014-02-02 20:11 - 2013-12-03 10:47 - 00023568 _____ (iolo technologies, LLC) C:\Windows\system32\smrgdf.exe
2014-02-02 20:11 - 2013-12-03 10:01 - 02097984 _____ (iolo technologies, LLC) C:\Windows\system32\Incinerator32.dll
2014-02-02 20:11 - 2013-12-03 09:54 - 00068464 _____ (Raxco Software, Inc.) C:\Windows\system32\Drivers\PDFsFilter.sys
2014-02-02 20:11 - 2013-12-03 09:54 - 00056200 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2014-02-02 20:10 - 2014-02-10 15:23 - 00000000 ____D () C:\ProgramData\iolo
2014-02-02 20:10 - 2014-02-05 02:25 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\iolo
2014-02-02 20:10 - 2014-02-02 20:10 - 00074703 _____ () C:\Windows\system32\mfc45.dat
2014-02-02 15:18 - 2014-02-02 15:18 - 1998730488 _____ () C:\Users\Owner\Documents\Video_2014-02-02_151827.wmv
2014-02-02 02:55 - 2014-02-02 02:55 - 93948536 _____ () C:\Users\Owner\Documents\Video_2014-02-02_025514.wmv
2014-02-02 02:23 - 2014-02-02 02:23 - 00001584 _____ () C:\Users\Owner\Documents\ooo.txt
2014-02-02 02:23 - 2014-02-02 02:23 - 00001584 _____ () C:\Users\Owner\Documents\lll.txt
2014-02-02 02:15 - 2014-02-02 02:15 - 1462096526 _____ () C:\Users\Owner\Documents\Video_2014-02-02_021507.wmv
2014-02-02 01:55 - 2014-02-10 02:52 - 00000000 ____D () C:\ProgramData\TamoSoft
2014-02-01 21:41 - 2014-02-08 23:16 - 00000000 ____D () C:\Program Files\Comodo
2014-02-01 21:41 - 2014-02-01 21:41 - 00048392 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2014-02-01 21:41 - 2014-02-01 21:41 - 00001078 _____ () C:\Users\Public\Desktop\Comodo Dragon.lnk
2014-02-01 21:41 - 2014-02-01 21:41 - 00000000 ____D () C:\Users\Owner\AppData\Local\Comodo
2014-02-01 21:38 - 2014-02-01 21:38 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\gdiplus.dll
2014-02-01 21:38 - 2014-02-01 21:38 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll
2014-02-01 19:43 - 2014-02-01 19:43 - 2714731438 _____ () C:\Users\Owner\Documents\Video_2014-02-01_194350.wmv
2014-02-01 10:42 - 2014-02-01 10:42 - 1529172334 _____ () C:\Users\Owner\Documents\Video_2014-02-01_104207.wmv
2014-01-31 12:21 - 2014-01-31 12:21 - 1431880654 _____ () C:\Users\Owner\Documents\Video_2014-01-31_122106.wmv
2014-01-31 09:36 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\Opera
2014-01-31 09:36 - 2014-01-31 09:36 - 00001779 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-01-31 09:36 - 2014-01-31 09:36 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Opera
2014-01-31 09:36 - 2014-01-31 09:36 - 00000000 ____D () C:\Users\Owner\AppData\Local\Opera
2014-01-31 08:00 - 2014-01-31 08:00 - 00066999 _____ () C:\Users\Owner\Documents\RecoverMyFiles.CSV
2014-01-31 02:29 - 2014-01-31 02:29 - 2277533224 _____ () C:\Users\Owner\Documents\Video_2014-01-31_022924.wmv
2014-01-30 15:21 - 2014-01-30 15:20 - 207719386 _____ () C:\Users\Owner\Documents\Video_2014-01-30_152116.wmv
2014-01-30 14:43 - 2014-01-30 14:44 - 06174374 _____ () C:\Users\Owner\Downloads\---كاظم ماتت بمحراب عينيك.3gp
2014-01-30 14:41 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\Synaptics
2014-01-30 14:41 - 2014-01-30 14:41 - 07530736 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwNs32.sys
2014-01-30 14:41 - 2014-01-30 14:41 - 02767600 _____ (Intel Corporation) C:\Windows\system32\NETwNr32.dll
2014-01-30 14:41 - 2014-01-30 14:41 - 01629040 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2014-01-30 14:41 - 2014-01-30 14:41 - 00690928 _____ (Intel Corporation) C:\Windows\system32\NETwNc32.dll
2014-01-30 14:41 - 2014-01-30 14:41 - 00027888 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2014-01-30 14:41 - 2014-01-30 14:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2014-01-30 14:39 - 2014-01-30 14:39 - 11405824 _____ (Intel Corporation) C:\Windows\system32\ig4icd32.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 09037312 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys
2014-01-30 14:39 - 2014-01-30 14:39 - 08195640 _____ (Intel® Corporation) C:\Windows\system32\TVWSetup.exe
2014-01-30 14:39 - 2014-01-30 14:39 - 03158584 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-01-30 14:39 - 2014-01-30 14:39 - 00268856 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-01-30 14:39 - 2014-01-30 14:39 - 00261632 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 00228864 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 00195584 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 00189552 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00180280 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-01-30 14:39 - 2014-01-30 14:39 - 00178407 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00165395 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00139909 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00136401 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00133746 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00130048 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 00125558 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00123230 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00122927 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00122709 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00121173 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00120800 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00120366 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00120320 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 00119616 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00119586 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00119360 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00119067 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00118745 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00118697 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00118409 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00118058 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00115200 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-01-30 14:39 - 2014-01-30 14:39 - 00114852 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00114372 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00114261 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00110211 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00104044 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00102883 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00084480 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00084480 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00082944 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00082944 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00081920 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00081920 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00081920 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2869.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 00051652 _____ () C:\Windows\system32\iglhxs32.vp
2014-01-30 14:39 - 2014-01-30 14:39 - 00023552 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-01-30 14:35 - 2014-01-30 14:35 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-01-30 14:34 - 2014-02-09 00:11 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-01-30 14:34 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\Realtek
2014-01-30 14:33 - 2014-01-30 14:33 - 05681196 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-01-30 14:33 - 2014-01-30 14:33 - 02929048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2014-01-30 14:33 - 2014-01-30 14:33 - 02547928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 02329304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 01824000 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 01596488 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2014-01-30 14:33 - 2014-01-30 14:33 - 01379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00938752 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt32.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00919600 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00823040 _____ (DTS, Inc.) C:\Windows\system32\sl3apo32.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00819648 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00782040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00693329 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-01-30 14:33 - 2014-01-30 14:33 - 00604928 _____ (DTS, Inc.) C:\Windows\system32\sltech32.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00218368 _____ (TODO: <Company name>) C:\Windows\system32\slprp32.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00126680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2014-01-30 14:32 - 2014-01-30 14:33 - 41974272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2014-01-30 14:32 - 2014-01-30 14:32 - 27369216 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 13881600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 07162128 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 06176944 _____ (Dolby Laboratories) C:\Windows\system32\DDPP32A.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 05115672 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 03629824 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 02395680 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 01935104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 01677568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 01489072 _____ (Dolby Laboratories) C:\Windows\system32\DDPD32A.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 01097984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00926976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00873728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO40.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00865592 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00860416 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00852016 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00761088 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO20.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00502584 _____ () C:\Windows\system32\audioLibVc.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00426944 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00403392 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00357712 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00352016 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00346048 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00272048 _____ (Dolby Laboratories) C:\Windows\system32\DDPO32A.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00219312 _____ (Dolby Laboratories) C:\Windows\system32\DDPA32.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00188696 _____ () C:\Windows\system32\AcpiServiceVnA.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00182472 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00106768 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00092584 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00091920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00062224 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2014-01-30 14:27 - 2013-06-27 18:05 - 00024384 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe
2014-01-30 14:18 - 2014-02-11 06:47 - 00000272 _____ () C:\Windows\Tasks\Driver Booster Update.job

Link to post
Share on other sites

orporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-01-25 05:11 - 2013-09-24 18:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-01-25 05:11 - 2013-09-24 17:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-01-25 05:11 - 2013-09-24 17:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-01-25 05:11 - 2013-09-24 17:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-01-25 05:11 - 2013-09-24 17:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-01-25 05:11 - 2013-09-24 17:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-01-25 05:11 - 2013-09-24 16:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-01-25 05:11 - 2013-07-04 04:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-01-25 05:11 - 2013-03-18 20:48 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-01-25 05:11 - 2013-03-18 18:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-01-25 05:11 - 2011-10-25 20:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-01-25 05:11 - 2011-07-08 18:30 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-01-25 05:11 - 2011-04-26 18:17 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-01-25 05:11 - 2011-04-26 18:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-01-25 05:11 - 2010-12-22 21:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-01-25 05:11 - 2010-12-22 21:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-01-25 05:11 - 2010-12-22 21:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-01-25 05:10 - 2013-11-26 17:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-25 05:10 - 2013-11-26 17:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-25 05:10 - 2013-11-26 17:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-25 05:10 - 2013-11-26 17:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-25 05:10 - 2013-11-26 17:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-25 05:10 - 2013-11-26 17:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-25 05:10 - 2013-11-26 02:10 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-25 05:10 - 2013-09-24 16:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-01-25 05:10 - 2013-08-01 17:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-01-25 05:10 - 2013-08-01 17:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-01-25 05:10 - 2013-08-01 17:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 16:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-01-25 05:10 - 2013-08-01 16:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 16:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 16:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 16:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-01-25 05:10 - 2013-08-01 03:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-01-25 05:10 - 2013-05-12 19:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-01-25 05:10 - 2013-05-12 19:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-01-25 05:10 - 2013-04-09 21:18 - 00218984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-01-25 05:10 - 2013-01-02 21:04 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-01-25 05:10 - 2012-08-10 15:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-01-25 05:10 - 2012-06-05 21:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-01-25 05:10 - 2012-04-27 19:17 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-01-25 05:10 - 2012-03-16 23:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-01-25 05:10 - 2011-11-16 21:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-01-25 05:10 - 2011-10-14 21:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-01-25 05:10 - 2011-04-08 21:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-01-25 05:10 - 2011-03-10 21:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-01-25 05:10 - 2011-03-10 21:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-01-25 05:09 - 2013-11-11 18:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-01-25 05:09 - 2013-10-11 18:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-01-25 05:09 - 2013-10-11 18:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-01-25 05:09 - 2013-10-11 18:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-01-25 05:09 - 2013-10-11 18:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-01-25 05:09 - 2013-10-11 18:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-01-25 05:09 - 2013-10-11 17:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-01-25 05:09 - 2013-10-11 17:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-01-25 05:09 - 2013-07-12 02:08 - 00146816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-01-25 05:09 - 2013-07-12 02:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-01-25 05:09 - 2013-07-08 20:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-01-25 05:09 - 2013-07-02 19:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-01-25 05:09 - 2013-07-02 19:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-01-25 05:09 - 2013-06-05 20:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-01-25 05:09 - 2013-06-05 20:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-01-25 05:09 - 2013-06-05 20:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-01-25 05:09 - 2013-06-05 19:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-01-25 05:09 - 2013-06-05 19:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-01-25 05:09 - 2013-04-25 20:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-01-25 05:09 - 2013-04-12 05:45 - 01211752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-01-25 05:09 - 2013-02-11 19:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-01-25 05:09 - 2012-11-01 21:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-01-25 05:09 - 2012-10-31 20:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-01-25 05:09 - 2012-07-04 13:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-01-25 05:09 - 2012-07-04 13:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-01-25 05:09 - 2012-07-04 13:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-01-25 05:09 - 2012-06-05 21:05 - 01236992 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-01-25 05:09 - 2012-05-13 20:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-01-25 05:09 - 2012-04-25 20:45 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-01-25 05:09 - 2012-04-25 20:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-01-25 05:09 - 2012-04-25 20:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-01-25 05:09 - 2012-02-16 21:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-01-25 05:09 - 2012-02-16 20:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-01-25 05:09 - 2011-08-26 20:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-01-25 05:09 - 2011-08-26 20:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-01-25 05:09 - 2011-08-16 20:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-01-25 05:09 - 2011-08-16 20:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-01-25 05:09 - 2011-06-15 00:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2014-01-25 05:09 - 2011-06-15 00:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-01-25 05:09 - 2011-06-15 00:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-01-25 05:09 - 2011-06-15 00:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-01-25 05:09 - 2011-06-15 00:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-01-25 05:09 - 2011-05-02 20:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-01-25 05:09 - 2011-04-28 18:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-01-25 05:09 - 2011-04-28 18:46 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-01-25 05:09 - 2011-04-28 18:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-01-25 05:09 - 2011-03-02 21:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-01-25 05:09 - 2011-03-02 21:38 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-01-25 05:09 - 2011-03-02 21:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-01-25 05:09 - 2011-02-11 21:35 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-01-25 05:09 - 2010-06-25 19:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-01-25 05:08 - 2013-10-18 17:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-01-25 05:08 - 2013-10-03 17:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-01-25 05:08 - 2013-10-03 17:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-01-25 05:08 - 2013-10-02 17:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-01-25 05:08 - 2013-07-20 02:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-01-25 05:08 - 2013-07-04 03:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-01-25 05:08 - 2013-06-14 19:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-01-25 05:08 - 2013-06-03 20:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-01-25 05:08 - 2012-09-25 14:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-01-25 05:08 - 2011-12-15 23:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-01-25 05:08 - 2011-11-19 06:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-01-25 05:08 - 2011-05-24 02:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-01-25 05:08 - 2011-02-22 20:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-01-25 05:07 - 2014-01-16 09:59 - 00231584 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-25 05:06 - 2014-02-09 14:20 - 00000501 _____ () C:\Users\Public\Desktop\Pale Moon.lnk
2014-01-25 05:05 - 2014-02-09 14:20 - 00000000 ____D () C:\Program Files\Pale Moon
2014-01-25 04:59 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\FastStone Capture
2014-01-25 04:59 - 2014-01-25 10:42 - 00001037 _____ () C:\Users\Public\Desktop\FastStone Capture.lnk
2014-01-25 04:57 - 2013-02-26 21:05 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-01-25 04:57 - 2013-02-26 20:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-01-25 04:54 - 2014-01-25 05:05 - 255479656 _____ () C:\Users\Owner\Downloads\camtasia.exe
2014-01-25 04:52 - 2014-02-11 04:50 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\IDM
2014-01-25 04:52 - 2014-02-11 04:49 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\DMCache
2014-01-25 04:52 - 2014-02-10 17:55 - 00000000 ____D () C:\Users\Owner\Downloads\Compressed
2014-01-25 04:52 - 2014-02-07 14:57 - 00000000 ____D () C:\Users\Owner\Downloads\Video
2014-01-25 04:52 - 2014-01-25 04:52 - 00000000 ____D () C:\ProgramData\IDM
2014-01-25 04:51 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\Internet Download Manager
2014-01-25 04:51 - 2014-01-25 04:51 - 00000983 _____ () C:\Users\Owner\Desktop\Internet Download Manager.lnk
2014-01-25 04:51 - 2014-01-25 04:51 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2014-01-23 12:12 - 2014-01-23 12:56 - 05044479 _____ () C:\Users\Owner\AppData\Local\Temp1.exe
2014-01-20 08:25 - 2014-01-20 09:18 - 00000000 ____D () C:\Users\Owner\AppData\Local\IDM
2014-01-16 15:37 - 2013-11-27 16:24 - 00108000 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys

==================== One Month Modified Files and Folders =======

2014-06-01 16:43 - 2014-02-02 20:13 - 03955200 _____ (iolo technologies, LLC) C:\SystemGuardAlerter.exe
2014-02-11 14:28 - 2014-02-11 05:01 - 00000000 ____D () C:\FRST
2014-02-11 14:27 - 2014-01-25 11:58 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-11 14:27 - 2014-01-25 11:48 - 01225223 _____ () C:\Windows\WindowsUpdate.log
2014-02-11 06:53 - 2009-07-13 20:34 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-11 06:53 - 2009-07-13 20:34 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-11 06:51 - 2010-11-20 13:01 - 02157412 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-11 06:50 - 2014-02-11 06:50 - 00000642 _____ () C:\Users\Owner\Desktop\JRT.txt
2014-02-11 06:49 - 2014-01-25 05:15 - 00000000 ____D () C:\Program Files\Everything
2014-02-11 06:48 - 2014-02-11 04:35 - 00000000 ____D () C:\Windows\ERDNT
2014-02-11 06:47 - 2014-02-11 06:47 - 00000000 ____H () C:\ProgramData\cm-lock
2014-02-11 06:47 - 2014-02-10 22:27 - 00009586 _____ () C:\Windows\PFRO.log
2014-02-11 06:47 - 2014-02-10 13:08 - 00000224 _____ () C:\Windows\setupact.log
2014-02-11 06:47 - 2014-01-30 14:18 - 00000272 _____ () C:\Windows\Tasks\Driver Booster Update.job
2014-02-11 06:47 - 2009-07-13 20:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-11 06:46 - 2014-02-10 04:02 - 00000000 ____D () C:\AdwCleaner
2014-02-11 06:38 - 2014-02-11 06:38 - 30439667 _____ () C:\Users\Owner\Downloads\سرمد البياتي برنامج بالشمع الاحمر عنوان الحلقة الانترنت في غرف الزوجية 17-12-2013.3GP
2014-02-11 05:24 - 2014-02-10 14:08 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-11 05:24 - 2014-02-10 14:06 - 00000000 ____D () C:\Users\Owner\Desktop\mbar
2014-02-11 05:02 - 2014-02-11 05:02 - 00000000 ____D () C:\Program Files\ESET
2014-02-11 04:55 - 2014-02-11 04:55 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-11 04:55 - 2014-02-11 04:55 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-11 04:55 - 2014-02-11 04:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-11 04:54 - 2014-02-10 06:02 - 00029681 _____ () C:\Users\Owner\Desktop\dds.txt
2014-02-11 04:54 - 2014-02-10 06:02 - 00008305 _____ () C:\Users\Owner\Desktop\attach.txt
2014-02-11 04:53 - 2014-02-11 04:38 - 00000000 ____D () C:\Users\Owner\Desktop\RK_Quarantine
2014-02-11 04:51 - 2014-02-11 04:51 - 00001600 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_02112014_045108.txt
2014-02-11 04:50 - 2014-01-25 04:52 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\IDM
2014-02-11 04:49 - 2014-01-25 04:52 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\DMCache
2014-02-11 04:42 - 2014-02-11 04:42 - 00001567 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_02112014_044233.txt
2014-02-11 04:38 - 2014-02-11 04:38 - 03809792 _____ () C:\Users\Owner\Desktop\RogueKiller_2.exe
2014-02-11 04:37 - 2014-02-11 04:37 - 04403200 _____ () C:\Users\Owner\Desktop\RogueKillerX64.exe
2014-02-11 04:35 - 2014-02-11 04:35 - 00000898 _____ () C:\Users\Owner\Desktop\NTREGOPT.lnk
2014-02-11 04:35 - 2014-02-11 04:35 - 00000898 _____ () C:\Users\d\Desktop\NTREGOPT.lnk
2014-02-11 04:35 - 2014-02-11 04:35 - 00000879 _____ () C:\Users\Owner\Desktop\ERUNT.lnk
2014-02-11 04:35 - 2014-02-11 04:35 - 00000879 _____ () C:\Users\d\Desktop\ERUNT.lnk
2014-02-11 04:35 - 2014-02-11 04:35 - 00000000 ____D () C:\Program Files\ERUNT
2014-02-11 04:30 - 2014-02-11 04:30 - 00904743 _____ () C:\Users\Owner\Downloads\A2B63469251036344862401769472_14729024e60.4.6.8894272438047653657_0EmL2hK7hj7rnQXtX3xCgK7DrdiNlNLPW6HSv0CPP55uQYDkfTVf1H_7d9UiyDgK.mp4
2014-02-11 04:12 - 2014-02-11 04:12 - 01238617 _____ () C:\Users\Owner\Downloads\FF19EC1CFA1024471840065777664_138722721092161f9fce532.mp4_pRCiGvUkIeDSojpqECK9pYhe4w9e1P6eu9AUzLxQOGMwhIKLr0bjX8rBSk4dDF00.mp4
2014-02-11 03:59 - 2014-02-11 03:59 - 00893439 _____ () C:\Users\Owner\Downloads\82BB09F6A21039395578498506752_12961615bf0.3.2_iO2NJTifYodhq39uf3ebcTntrEFhZq0m96TLlJXPptgFXqTXo7604R7YiopCTC4l.mp4
2014-02-11 03:58 - 2014-02-11 03:58 - 00893373 _____ () C:\Users\Owner\Downloads\A4565337131039675904663662592_167880401cd.4.7.1703182332979559069_.qgBb6jAmfol.mkkRsiEfAmpXEuyYN47amAF9SYEoVi9X2rWQ1vInwhQMIZHAASS.mp4
2014-02-11 03:57 - 2014-02-11 03:57 - 00875939 _____ () C:\Users\Owner\Downloads\019EC4DC171029108921266290688_1aa642d4d69.4.5.6871069217078471256__E.YchHfRkZl2KlotHxNcl1TQmBno0NmKr9iuiVIfC0ojEYloH7skSvgswP8lPNI.mp4
2014-02-11 03:48 - 2014-01-28 04:21 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\vlc
2014-02-11 02:36 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-11 01:51 - 2014-01-28 08:24 - 00000000 ____D () C:\ProgramData\Apple
2014-02-11 01:49 - 2014-02-11 01:44 - 00000000 ____D () C:\Users\Owner\Documents\Network Monitor 3
2014-02-11 01:44 - 2014-02-11 01:44 - 00001016 _____ () C:\Users\Public\Desktop\Microsoft Network Monitor 3.4.lnk
2014-02-11 01:44 - 2014-02-11 01:44 - 00000000 ____D () C:\Program Files\Microsoft Network Monitor 3
2014-02-11 00:55 - 2014-01-29 02:00 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-02-11 00:54 - 2014-01-30 14:02 - 00000000 ____D () C:\Program Files\IObit
2014-02-11 00:53 - 2014-01-25 11:59 - 00000000 ____D () C:\ProgramData\Real
2014-02-11 00:48 - 2014-02-11 00:47 - 00000079 _____ () C:\Windows\wininit.ini
2014-02-10 23:52 - 2014-02-10 23:52 - 00001201 _____ () C:\Windows\IE11_main.log
2014-02-10 23:36 - 2009-07-13 18:37 - 00000000 ____D () C:\Users\Default
2014-02-10 22:27 - 2014-02-10 22:27 - 00409096 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-10 22:26 - 2014-02-10 22:26 - 49782784 _____ () C:\Windows\system32\config\software.iodefrag.bak
2014-02-10 22:26 - 2014-02-10 22:26 - 00167936 _____ () C:\Windows\system32\config\default.iodefrag.bak
2014-02-10 22:26 - 2014-02-10 22:26 - 00098304 _____ () C:\Windows\system32\config\sam.iodefrag.bak
2014-02-10 22:26 - 2014-02-10 22:26 - 00024576 _____ () C:\Windows\system32\config\security.iodefrag.bak
2014-02-10 22:26 - 2014-02-10 22:26 - 00000000 _____ () C:\asc_rdflag
2014-02-10 22:26 - 2014-01-25 11:51 - 00000000 ____D () C:\Users\Owner
2014-02-10 22:25 - 2014-02-10 22:25 - 00003304 ____N () C:\bootsqm.dat
2014-02-10 20:15 - 2014-02-10 20:16 - 00069183 _____ () C:\Users\Owner\Downloads\www_base_mod.js
2014-02-10 20:15 - 2014-02-10 20:16 - 00020065 _____ () C:\Users\Owner\Downloads\spf-vflY4jAlw.js
2014-02-10 18:23 - 2014-02-10 18:23 - 00000000 ____D () C:\Windows\CheckSur
2014-02-10 18:21 - 2014-02-10 18:21 - 183244764 _____ () C:\Users\Owner\Downloads\Windows6.1-KB947821-v31-x86.msu
2014-02-10 18:03 - 2014-02-10 18:01 - 00002592 _____ () C:\Users\Owner\Desktop\Rkill.txt
2014-02-10 18:01 - 2014-02-10 18:01 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Owner\Desktop\rkill.com
2014-02-10 17:55 - 2014-01-25 04:52 - 00000000 ____D () C:\Users\Owner\Downloads\Compressed
2014-02-10 17:45 - 2014-02-10 17:45 - 00000000 ____D () C:\_OTL
2014-02-10 16:17 - 2014-02-10 16:17 - 28823831 _____ () C:\Users\Owner\Downloads\عزت الشابندر _  ساعة حوار _  الاتجاه 04 02 2014.3GP
2014-02-10 15:23 - 2014-02-02 20:10 - 00000000 ____D () C:\ProgramData\iolo
2014-02-10 13:56 - 2014-02-10 13:49 - 00000000 ____D () C:\Windows\system32\CATROOT2OLD
2014-02-10 13:51 - 2014-02-10 13:51 - 00000000 ____D () C:\New folder
2014-02-10 13:49 - 2014-02-10 13:49 - 00109280 _____ () C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-10 13:49 - 2014-02-10 13:49 - 00001244 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-02-10 13:48 - 2014-02-10 13:48 - 00000000 ____D () C:\Program Files\Panda Security
2014-02-10 13:37 - 2014-01-25 13:15 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashDumps
2014-02-10 13:09 - 2014-02-10 13:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-10 06:00 - 2014-02-10 06:01 - 00688992 ____R (Swearware) C:\Users\Owner\Desktop\dds.scr
2014-02-10 05:33 - 2014-01-30 14:05 - 00002155 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-02-10 05:31 - 2014-01-30 14:17 - 49782784 _____ () C:\Windows\system32\config\software.iobit
2014-02-10 05:31 - 2014-01-30 14:17 - 00167936 _____ () C:\Windows\system32\config\default.iobit
2014-02-10 05:31 - 2014-01-30 14:17 - 00098304 _____ () C:\Windows\system32\config\sam.iobit
2014-02-10 05:31 - 2014-01-30 14:17 - 00024576 _____ () C:\Windows\system32\config\security.iobit
2014-02-10 04:37 - 2014-02-10 04:37 - 00001943 _____ () C:\Users\Owner\Desktop\Paltalk Messenger.lnk
2014-02-10 04:37 - 2014-02-10 04:37 - 00001214 _____ () C:\Users\Owner\Desktop\Upgrade to Paltalk Extreme.lnk
2014-02-10 04:37 - 2014-02-10 04:37 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Paltalk
2014-02-10 04:37 - 2014-02-10 04:37 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
2014-02-10 04:37 - 2014-02-10 04:37 - 00000000 ____D () C:\Program Files\Paltalk Messenger
2014-02-10 04:27 - 2009-07-13 18:04 - 00002577 _____ () C:\Windows\system32\config.nt
2014-02-10 04:21 - 2014-02-10 04:20 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-02-10 04:17 - 2014-02-06 06:37 - 00000000 ____D () C:\ProgramData\Wondershare Player
2014-02-10 04:13 - 2014-02-10 04:13 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-OWNER-PC-Microsoft-Windows-7-Ultimate-(32-bit).dat
2014-02-10 04:12 - 2014-02-10 04:12 - 00002121 _____ () C:\Users\Owner\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-02-10 04:12 - 2014-02-10 04:12 - 00000000 ____D () C:\RegBackup
2014-02-10 04:12 - 2014-02-10 04:10 - 00000000 ____D () C:\Users\d\AppData\Local\MoboGenie
2014-02-10 04:10 - 2014-02-10 04:10 - 00000000 ____D () C:\Users\d\AppData\Roaming\QFX Software
2014-02-10 04:10 - 2014-02-10 04:10 - 00000000 ____D () C:\Users\d\AppData\Roaming\Malwarebytes
2014-02-10 03:58 - 2014-02-10 03:58 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-02-10 03:21 - 2009-07-13 18:04 - 00000741 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_797
2014-02-10 03:04 - 2014-02-10 03:04 - 00000000 ____D () C:\Program Files\AdwareRemovalToolv3.7
2014-02-10 03:03 - 2014-02-10 03:03 - 00000000 ____D () C:\Windows\ERUNT
2014-02-10 03:02 - 2014-02-10 03:02 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Owner\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-10 03:01 - 2014-02-10 03:01 - 00414944 _____ () C:\Users\Owner\Desktop\Adware-Removal-Tool-V3.7.exe
2014-02-10 02:59 - 2014-02-10 02:59 - 01166132 _____ () C:\Users\Owner\Desktop\AdwCleaner.exe
2014-02-10 02:59 - 2014-02-10 02:59 - 01037530 _____ (Thisisu) C:\Users\Owner\Desktop\JRT.exe
2014-02-10 02:57 - 2014-02-10 02:57 - 00921000 _____ (Oracle Corporation) C:\Users\Owner\Desktop\jxpiinstall_3.exe
2014-02-10 02:52 - 2014-02-02 01:55 - 00000000 ____D () C:\ProgramData\TamoSoft
2014-02-10 02:30 - 2014-01-25 12:05 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-10 02:23 - 2014-02-10 02:23 - 00001234 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-02-10 02:23 - 2014-02-10 02:23 - 00000000 ____D () C:\Users\Owner\AppData\Local\VS Revo Group
2014-02-10 02:23 - 2014-02-10 02:23 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-02-10 02:17 - 2014-02-10 02:17 - 00000067 _____ () C:\Windows\avast5.ini
2014-02-10 01:22 - 2009-07-13 20:53 - 00008760 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-09 14:23 - 2014-02-09 14:23 - 00000989 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-02-09 14:23 - 2014-02-09 14:23 - 00000000 ____D () C:\Program Files\MozBackup
2014-02-09 14:20 - 2014-01-25 05:06 - 00000501 _____ () C:\Users\Public\Desktop\Pale Moon.lnk
2014-02-09 14:20 - 2014-01-25 05:05 - 00000000 ____D () C:\Program Files\Pale Moon
2014-02-09 14:12 - 2014-01-25 06:15 - 00000674 _____ () C:\Users\Public\Desktop\Hekasoft Backup & Restore.lnk
2014-02-09 01:23 - 2014-01-26 16:46 - 00000000 ____D () C:\wifidata
2014-02-09 00:16 - 2014-02-07 21:08 - 00000000 ____D () C:\Users\d
2014-02-09 00:16 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\twain_32
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 __RSD () C:\Windows\Media
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\TAPI
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\ras
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\icsxml
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\ias
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\com
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\rescache
2014-02-09 00:15 - 2014-01-28 04:35 - 00000000 ____D () C:\Windows\system32\Drivers\fr-FR
2014-02-09 00:15 - 2014-01-28 04:35 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA
2014-02-09 00:15 - 2014-01-28 04:35 - 00000000 ____D () C:\Windows\system32\ar
2014-02-09 00:15 - 2014-01-28 04:35 - 00000000 ____D () C:\Windows\fr-FR
2014-02-09 00:15 - 2014-01-28 04:35 - 00000000 ____D () C:\Windows\ar-SA
2014-02-09 00:15 - 2010-11-20 16:46 - 00000000 __SHD () C:\Windows\BitLockerDiscoveryVolumeContents
2014-02-09 00:15 - 2010-11-20 16:46 - 00000000 ____D () C:\Windows\ShellNew
2014-02-09 00:15 - 2010-11-20 16:46 - 00000000 ____D () C:\Program Files\Windows Journal
2014-02-09 00:15 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2014-02-09 00:15 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\addins
2014-02-09 00:15 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-02-09 00:15 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-02-09 00:15 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-02-09 00:15 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-02-09 00:15 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\DVD Maker
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\th-TH
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\it-IT
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\he-IL
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\et-EE
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\L2Schemas
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\IME
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Cursors
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\Services
2014-02-09 00:11 - 2014-01-30 14:34 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-02-09 00:11 - 2014-01-28 04:35 - 00000000 ____D () C:\Windows\system32\XPSViewer
2014-02-09 00:11 - 2014-01-25 11:58 - 00000000 ____D () C:\Windows\system32\Macromed
2014-02-09 00:11 - 2010-11-20 16:38 - 00000000 ____D () C:\Windows\system32\winrm
2014-02-09 00:11 - 2010-11-20 16:38 - 00000000 ____D () C:\Windows\system32\WCN
2014-02-09 00:11 - 2010-11-20 16:38 - 00000000 ____D () C:\Windows\system32\slmgr
2014-02-09 00:11 - 2010-11-20 16:38 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-02-09 00:11 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell
2014-02-09 00:11 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\system32\restore
2014-02-09 00:11 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\spp
2014-02-09 00:11 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\spool
2014-02-09 00:11 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\Speech
2014-02-09 00:11 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\SMI
2014-02-09 00:11 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\NetworkList
2014-02-09 00:11 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\MUI
2014-02-09 00:11 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\IME
2014-02-09 00:10 - 2014-01-27 07:28 - 00000000 ____D () C:\Windows\pss
2014-02-09 00:10 - 2014-01-26 15:35 - 00000000 ____D () C:\Windows\system32\Adobe
2014-02-09 00:10 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\Performance
2014-02-09 00:10 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Speech
2014-02-09 00:10 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\security
2014-02-09 00:10 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\schemas
2014-02-09 00:10 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Resources
2014-02-09 00:10 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\PLA
2014-02-09 00:10 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-09 00:09 - 2014-01-26 07:57 - 00000000 ____D () C:\ProgramData\QFX Software
2014-02-09 00:09 - 2014-01-25 08:03 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\TeraCopy
2014-02-09 00:09 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Help
2014-02-09 00:09 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Globalization
2014-02-09 00:09 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Branding
2014-02-09 00:09 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\AppCompat
2014-02-09 00:08 - 2014-02-04 18:58 - 00000000 ____D () C:\EEK
2014-02-09 00:08 - 2014-02-04 04:37 - 00000000 ____D () C:\Program Files\SimilarProducts
2014-02-09 00:08 - 2014-01-31 09:36 - 00000000 ____D () C:\Program Files\Opera
2014-02-09 00:08 - 2014-01-30 14:41 - 00000000 ____D () C:\Program Files\Synaptics
2014-02-09 00:08 - 2014-01-30 14:34 - 00000000 ____D () C:\Program Files\Realtek
2014-02-09 00:08 - 2014-01-30 14:02 - 00000000 ____D () C:\ProgramData\IObit
2014-02-09 00:08 - 2014-01-28 13:08 - 00000000 ____D () C:\Program Files\BSR Screen Recorder 6
2014-02-09 00:08 - 2014-01-28 07:10 - 00000000 ____D () C:\Program Files\iFunbox 2014
2014-02-09 00:08 - 2014-01-26 15:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-02-09 00:08 - 2014-01-26 04:14 - 00000000 ____D () C:\Program Files\Process Hacker 2
2014-02-09 00:08 - 2014-01-26 03:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-09 00:08 - 2014-01-26 01:07 - 00000000 ____D () C:\Program Files\Aomei Ntfs2Fat32 Pro Edition 2.0
2014-02-09 00:08 - 2014-01-25 14:17 - 00000000 ____D () C:\Program Files\GLArab.com
2014-02-09 00:08 - 2014-01-25 13:11 - 00000000 ____D () C:\Program Files\Common Files\TechSmith Shared
2014-02-09 00:08 - 2014-01-25 12:06 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-02-09 00:08 - 2014-01-25 12:06 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-02-09 00:08 - 2014-01-25 12:05 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-02-09 00:08 - 2014-01-25 12:04 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-02-09 00:08 - 2014-01-25 12:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-09 00:08 - 2014-01-25 12:00 - 00000000 ____D () C:\Program Files\WinRAR
2014-02-09 00:08 - 2014-01-25 12:00 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-02-09 00:08 - 2014-01-25 11:59 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-09 00:08 - 2014-01-25 11:57 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack
2014-02-09 00:08 - 2014-01-25 10:43 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-09 00:08 - 2014-01-25 08:03 - 00000000 ____D () C:\Program Files\TeraCopy
2014-02-09 00:08 - 2014-01-25 07:23 - 00000000 ____D () C:\Program Files\KeyScrambler
2014-02-09 00:08 - 2014-01-25 06:15 - 00000000 ____D () C:\Program Files\Hekasoft Backup & Restore
2014-02-09 00:08 - 2014-01-25 04:59 - 00000000 ____D () C:\Program Files\FastStone Capture
2014-02-09 00:08 - 2014-01-25 04:51 - 00000000 ____D () C:\Program Files\Internet Download Manager
2014-02-09 00:08 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-02-09 00:08 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\MSBuild
2014-02-09 00:08 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-02-09 00:08 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Windows NT
2014-02-09 00:08 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\SpeechEngines
2014-02-09 00:08 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-09 00:07 - 2010-11-20 16:46 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-09 00:05 - 2009-07-13 18:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-02-08 23:59 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\registration
2014-02-08 23:45 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Web
2014-02-08 23:45 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Vss
2014-02-08 23:21 - 2014-02-06 06:37 - 00000000 ____D () C:\Program Files\Wondershare
2014-02-08 23:21 - 2014-01-25 13:10 - 00000000 ____D () C:\ProgramData\TechSmith
2014-02-08 23:20 - 2014-01-26 15:36 - 00000000 ____D () C:\Program Files\VideoLAN
2014-02-08 23:20 - 2014-01-25 13:10 - 00000000 ____D () C:\Program Files\TechSmith
2014-02-08 23:19 - 2014-01-28 02:23 - 00000000 ____D () C:\Program Files\NirSoft
2014-02-08 23:18 - 2014-01-25 12:05 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework
2014-02-08 23:18 - 2014-01-25 12:05 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-02-08 23:18 - 2014-01-25 12:03 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-02-08 23:17 - 2014-02-02 20:11 - 00000000 ____D () C:\Program Files\iolo
2014-02-08 23:17 - 2014-01-26 01:02 - 00000000 ____D () C:\Program Files\Macrorit
2014-02-08 23:17 - 2014-01-25 12:04 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-02-08 23:17 - 2014-01-25 11:58 - 00000000 ____D () C:\Program Files\Java
2014-02-08 23:16 - 2014-02-06 06:41 - 00000000 ____D () C:\Program Files\Common Files\Wondershare
2014-02-08 23:16 - 2014-02-01 21:41 - 00000000 ____D () C:\Program Files\Comodo
2014-02-08 23:16 - 2014-01-28 04:26 - 00000000 ____D () C:\Program Files\Intel
2014-02-08 23:15 - 2014-01-25 11:59 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-02-08 23:15 - 2014-01-25 10:00 - 00000000 ____D () C:\Program Files\CodeMeter
2014-02-08 23:14 - 2014-01-25 06:03 - 00000000 ____D () C:\Program Files\Adobe
2014-02-08 23:13 - 2014-01-25 12:03 - 00000000 __RHD () C:\MSOCache
2014-02-08 23:13 - 2014-01-25 05:35 - 00000000 ____D () C:\Komku
2014-02-08 22:39 - 2014-02-08 22:39 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-02-08 13:29 - 2014-02-02 20:28 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\ARHome
2014-02-08 00:55 - 2014-02-08 00:55 - 00000000 ____D () C:\Users\d\AppData\Roaming\AVAST Software
2014-02-08 00:53 - 2014-02-07 22:48 - 00000000 ____D () C:\Users\d\AppData\Roaming\IObit
2014-02-08 00:36 - 2014-02-02 20:27 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\newnext.me
2014-02-08 00:28 - 2014-02-08 00:28 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\gjfrjteg.sys
2014-02-07 22:56 - 2014-02-07 22:56 - 00109280 _____ () C:\Users\d\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-07 22:55 - 2014-02-07 22:55 - 00000000 ____D () C:\Users\d\AppData\Local\Mozilla
2014-02-07 22:55 - 2014-02-07 22:48 - 00000000 ____D () C:\Users\d\AppData\Roaming\Mozilla
2014-02-07 22:48 - 2014-02-07 22:48 - 00000000 ____D () C:\Users\d\AppData\Roaming\Moonchild Productions
2014-02-07 22:48 - 2014-02-07 22:48 - 00000000 ____D () C:\Users\d\AppData\Roaming\FastStone
2014-02-07 22:48 - 2014-02-07 22:48 - 00000000 ____D () C:\Users\d\AppData\Local\Moonchild Productions
2014-02-07 22:48 - 2014-02-07 22:48 - 00000000 ____D () C:\Users\d\AppData\Local\FastStone
2014-02-07 21:15 - 2014-02-07 21:15 - 00000000 _____ () C:\Users\d\daemonprocess.txt
2014-02-07 21:12 - 2014-02-07 21:12 - 00000000 ____D () C:\Users\d\AppData\Roaming\ioloGovernor
2014-02-07 21:10 - 2014-02-07 21:10 - 00001417 _____ () C:\Users\d\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-07 21:10 - 2014-02-07 21:10 - 00000000 ____D () C:\Users\d\AppData\Roaming\Adobe
2014-02-07 21:10 - 2014-02-07 21:10 - 00000000 ____D () C:\Users\d\AppData\Local\VirtualStore
2014-02-07 21:09 - 2014-02-07 21:09 - 00000020 ___SH () C:\Users\d\ntuser.ini
2014-02-07 14:57 - 2014-01-25 04:52 - 00000000 ____D () C:\Users\Owner\Downloads\Video
2014-02-07 14:52 - 2014-02-07 14:52 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\WindSolutions
2014-02-07 14:38 - 2014-01-28 08:27 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-02-07 14:31 - 2014-02-07 14:31 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-02-07 14:00 - 2014-01-28 08:29 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Apple Computer
2014-02-07 05:45 - 2014-02-07 05:43 - 20553737 _____ () C:\Users\Owner\Downloads\يا أمة محمد - الخطبة التي سجن بسببها الشيخ خالد الراشد - كاملة.3GP
2014-02-07 03:36 - 2014-02-07 03:36 - 00512784 _____ (AVAST Software) C:\Users\Owner\Desktop\avastclear.exe
2014-02-07 03:35 - 2014-02-07 03:35 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\avkjrmmr.sys
2014-02-07 03:32 - 2014-02-07 03:32 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\tqjmaywk.sys
2014-02-07 00:59 - 2014-02-07 00:59 - 1182018380 _____ () C:\Users\Owner\Documents\Video_2014-02-07_005939.wmv
2014-02-06 21:27 - 2014-02-06 21:27 - 2014447186 _____ () C:\Users\Owner\Documents\Video_2014-02-06_212734.wmv
2014-02-06 21:13 - 2014-02-06 21:13 - 00002107 _____ () C:\Users\Public\Desktop\Wondershare MobileTrans.lnk
2014-02-06 21:13 - 2014-02-06 21:13 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Wondershare
2014-02-06 21:13 - 2014-02-02 20:27 - 00000000 ____D () C:\Users\Owner\.android
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 ____D () C:\Users\Owner\Documents\iTools
2014-02-06 18:14 - 2014-02-06 18:10 - 81246648 _____ () C:\Users\Owner\Downloads\Hearing- Al-Qaeda's Resurgence in Iraq- A Threat to U.S. Interests.3GP
2014-02-06 17:12 - 2014-02-06 17:12 - 00001684 _____ () C:\Users\Owner\Downloads\license(22).avastlic
2014-02-06 06:44 - 2014-02-06 06:44 - 145967924 _____ () C:\Users\Owner\Documents\Video_2014-02-06_064445.wmv
2014-02-06 06:41 - 2014-02-06 06:41 - 00000000 ____D () C:\Users\Owner\AppData\Local\Wondershare
2014-02-06 06:37 - 2014-02-06 06:36 - 00000000 ____D () C:\Users\Public\Documents\Wondershare
2014-02-06 06:23 - 2014-02-06 06:23 - 00000134 _____ () C:\Users\Owner\Desktop\Microsoft Fix it.url
2014-02-06 05:46 - 2014-01-28 13:10 - 00000000 ____D () C:\Users\Owner\Documents\BSR Photos
2014-02-06 05:45 - 2014-02-06 05:45 - 1483773358 _____ () C:\Users\Owner\Documents\Video_2014-02-06_054517.wmv
2014-02-06 02:22 - 2014-02-06 02:22 - 00000194 _____ () C:\console.log
2014-02-06 01:05 - 2014-02-02 20:27 - 00000000 ____D () C:\Users\Owner\AppData\Local\cache
2014-02-05 22:53 - 2014-02-05 22:53 - 1297253700 _____ () C:\Users\Owner\Documents\Video_2014-02-05_225344.wmv
2014-02-05 04:26 - 2014-02-05 04:27 - 532364488 _____ () C:\Users\Owner\Documents\Video_2014-02-05_042705.wmv
2014-02-05 02:25 - 2014-02-05 02:25 - 00000000 ____D () C:\Windows\system32\config\SM Registry Backup
2014-02-05 02:25 - 2014-02-02 20:10 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\iolo
2014-02-05 02:25 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-02-05 02:19 - 2014-02-05 02:17 - 28646487 _____ () C:\Users\Owner\Downloads\مع الحدث _  العراق واسباب تاجيل السيطرة على الفلوجة _  wnn 04 02 2014.3GP
2014-02-05 01:46 - 2014-02-05 01:46 - 825282056 _____ () C:\Users\Owner\Documents\Video_2014-02-05_014653.wmv
2014-02-05 00:52 - 2014-02-05 00:52 - 00162349 _____ () C:\Users\Owner\Downloads\J1Lb9UKW.jpeg
2014-02-04 22:04 - 2014-02-04 22:04 - 361895916 _____ () C:\Users\Owner\Documents\Video_2014-02-04_220411.wmv
2014-02-04 21:32 - 2014-02-04 21:32 - 01946971 _____ () C:\Users\Owner\Downloads\فكرة البيرقدار‬ - YouTube.3gp
2014-02-04 20:31 - 2014-02-04 20:31 - 260253652 _____ () C:\Users\Owner\Documents\Video_2014-02-04_203145.wmv
2014-02-04 20:26 - 2014-01-25 07:39 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\R-Studio
2014-02-04 19:14 - 2014-02-04 19:14 - 00004464 _____ () C:\Windows\system32\.crusader
2014-02-04 19:10 - 2014-02-04 19:11 - 717104010 _____ () C:\Users\Owner\Documents\Video_2014-02-04_191100.wmv
2014-02-04 18:59 - 2014-02-04 18:59 - 00000546 _____ () C:\Users\Owner\Desktop\Emsisoft Emergency Kit.lnk
2014-02-04 16:01 - 2014-02-04 16:01 - 1568183458 _____ () C:\Users\Owner\Documents\Video_2014-02-04_160150.wmv
2014-02-04 05:10 - 2014-02-04 04:50 - 571322368 _____ () C:\Users\Owner\Downloads\xpsp3_5512.080413-2113_usa_x86fre_spcd.iso
2014-02-04 03:39 - 2014-02-04 03:40 - 2224868656 _____ () C:\Users\Owner\Documents\Video_2014-02-04_034000.wmv
2014-02-03 20:42 - 2014-02-03 20:39 - 59713134 _____ () C:\Users\Owner\Downloads\السيّد بهاء الأعرجي في السيد الرئيس 26 - 10 - 2013.3GP
2014-02-03 20:08 - 2014-02-03 20:08 - 93047544 _____ () C:\Users\Owner\Documents\Video_2014-02-03_200812.wmv
2014-02-03 19:29 - 2014-02-03 19:29 - 3054921090 _____ () C:\Users\Owner\Documents\Video_2014-02-03_192933.wmv
2014-02-03 03:35 - 2014-02-03 03:34 - 04468705 _____ () C:\Users\Owner\Downloads\تغطية خاصة - علي حاتم سليمان - هناك مؤامرة على الانبار ونحن لسنا مع داعش ولسنا مع المالكي.3GP
2014-02-02 22:49 - 2014-02-02 20:28 - 00013722 _____ () C:\Users\Owner\AppData\Roaming\addonVont.zip
2014-02-02 22:49 - 2014-02-02 20:28 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\VolIE
2014-02-02 22:48 - 2014-01-25 11:58 - 00002330 _____ () C:\Users\Owner\Desktop\Google Chrome.lnk
2014-02-02 20:38 - 2014-02-02 20:38 - 00000000 ____D () C:\Windows\system32\config\Before Compact
2014-02-02 20:28 - 2014-02-02 20:28 - 02809552 _____ () C:\Users\Owner\Desktop\system_mechanic_12.5_activator_only.rar
2014-02-02 20:27 - 2014-02-02 20:27 - 00000000 ____D () C:\Users\Owner\Documents\Mobogenie
2014-02-02 20:27 - 2014-02-02 20:27 - 00000000 _____ () C:\Users\Owner\daemonprocess.txt
2014-02-02 20:24 - 2014-02-02 20:24 - 531699950 _____ () C:\Users\Owner\Documents\Video_2014-02-02_202440.wmv
2014-02-02 20:14 - 2014-02-02 20:14 - 00000000 ____D () C:\Windows\system32\config\Original
2014-02-02 20:11 - 2014-02-02 20:11 - 00002169 _____ () C:\Users\Owner\Desktop\System Mechanic.lnk
2014-02-02 20:11 - 2014-02-02 20:11 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\ioloGovernor
2014-02-02 20:11 - 2014-02-02 20:11 - 00000000 ____D () C:\ProgramData\ioloGovernor
2014-02-02 20:10 - 2014-02-02 20:10 - 00074703 _____ () C:\Windows\system32\mfc45.dat
2014-02-02 15:18 - 2014-02-02 15:18 - 1998730488 _____ () C:\Users\Owner\Documents\Video_2014-02-02_151827.wmv
2014-02-02 03:11 - 2014-01-30 14:17 - 30728192 _____ () C:\Windows\system32\config\COMPONENTS.iobit
2014-02-02 02:55 - 2014-02-02 02:55 - 93948536 _____ () C:\Users\Owner\Documents\Video_2014-02-02_025514.wmv
2014-02-02 02:23 - 2014-02-02 02:23 - 00001584 _____ () C:\Users\Owner\Documents\ooo.txt
2014-02-02 02:23 - 2014-02-02 02:23 - 00001584 _____ () C:\Users\Owner\Documents\lll.txt
2014-02-02 02:15 - 2014-02-02 02:15 - 1462096526 _____ () C:\Users\Owner\Documents\Video_2014-02-02_021507.wmv
2014-02-01 21:41 - 2014-02-01 21:41 - 00048392 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2014-02-01 21:41 - 2014-02-01 21:41 - 00001078 _____ () C:\Users\Public\Desktop\Comodo Dragon.lnk
2014-02-01 21:41 - 2014-02-01 21:41 - 00000000 ____D () C:\Users\Owner\AppData\Local\Comodo
2014-02-01 21:38 - 2014-02-01 21:38 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\gdiplus.dll
2014-02-01 21:38 - 2014-02-01 21:38 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll
2014-02-01 19:43 - 2014-02-01 19:43 - 2714731438 _____ () C:\Users\Owner\Documents\Video_2014-02-01_194350.wmv
2014-02-01 10:42 - 2014-02-01 10:42 - 1529172334 _____ () C:\Users\Owner\Documents\Video_2014-02-01_104207.wmv
2014-01-31 12:21 - 2014-01-31 12:21 - 1431880654 _____ () C:\Users\Owner\Documents\Video_2014-01-31_122106.wmv
2014-01-31 09:36 - 2014-01-31 09:36 - 00001779 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-01-31 09:36 - 2014-01-31 09:36 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Opera
2014-01-31 09:36 - 2014-01-31 09:36 - 00000000 ____D () C:\Users\Owner\AppData\Local\Opera
2014-01-31 08:00 - 2014-01-31 08:00 - 00066999 _____ () C:\Users\Owner\Documents\RecoverMyFiles.CSV
2014-01-31 02:29 - 2014-01-31 02:29 - 2277533224 _____ () C:\Users\Owner\Documents\Video_2014-01-31_022924.wmv
2014-01-30 15:20 - 2014-01-30 15:21 - 207719386 _____ () C:\Users\Owner\Documents\Video_2014-01-30_152116.wmv
2014-01-30 14:44 - 2014-01-30 14:43 - 06174374 _____ () C:\Users\Owner\Downloads\---كاظم ماتت بمحراب عينيك.3gp
2014-01-30 14:41 - 2014-01-30 14:41 - 07530736 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwNs32.sys
2014-01-30 14:41 - 2014-01-30 14:41 - 02767600 _____ (Intel Corporation) C:\Windows\system32\NETwNr32.dll
2014-01-30 14:41 - 2014-01-30 14:41 - 01629040 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2014-01-30 14:41 - 2014-01-30 14:41 - 00690928 _____ (Intel Corporation) C:\Windows\system32\NETwNc32.dll
2014-01-30 14:41 - 2014-01-30 14:41 - 00027888 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2014-01-30 14:41 - 2014-01-30 14:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2014-01-30 14:39 - 2014-01-30 14:39 - 11405824 _____ (Intel Corporation) C:\Windows\system32\ig4icd32.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 09037312 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys
2014-01-30 14:39 - 2014-01-30 14:39 - 08195640 _____ (Intel® Corporation) C:\Windows\system32\TVWSetup.exe
2014-01-30 14:39 - 2014-01-30 14:39 - 03158584 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-01-30 14:39 - 2014-01-30 14:39 - 00268856 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-01-30 14:39 - 2014-01-30 14:39 - 00261632 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 00228864 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 00195584 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 00189552 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00180280 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-01-30 14:39 - 2014-01-30 14:39 - 00178407 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00165395 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00139909 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00136401 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00133746 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00130048 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll

Link to post
Share on other sites

2014-01-30 14:18 - 2014-01-30 14:18 - 00001142 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-01-30 14:17 - 2014-02-10 05:31 - 49782784 _____ () C:\Windows\system32\config\software.iobit
2014-01-30 14:17 - 2014-02-10 05:31 - 00167936 _____ () C:\Windows\system32\config\default.iobit
2014-01-30 14:17 - 2014-02-10 05:31 - 00098304 _____ () C:\Windows\system32\config\sam.iobit
2014-01-30 14:17 - 2014-02-10 05:31 - 00024576 _____ () C:\Windows\system32\config\security.iobit
2014-01-30 14:17 - 2014-02-02 03:11 - 30728192 _____ () C:\Windows\system32\config\COMPONENTS.iobit
2014-01-30 14:06 - 2014-01-30 14:06 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-30 14:05 - 2014-02-10 05:33 - 00002155 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-01-30 14:05 - 2014-01-30 14:05 - 00001175 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-01-30 14:05 - 2014-01-30 14:05 - 00000000 ____D () C:\ProgramData\ProductData
2014-01-30 14:03 - 2014-01-30 14:18 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\IObit
2014-01-30 14:02 - 2014-02-11 00:54 - 00000000 ____D () C:\Program Files\IObit
2014-01-30 14:02 - 2014-02-09 00:08 - 00000000 ____D () C:\ProgramData\IObit
2014-01-30 13:48 - 2014-01-30 13:48 - 739350526 _____ () C:\Users\Owner\Documents\Video_2014-01-30_134840.wmv
2014-01-30 05:15 - 2014-01-30 05:15 - 38831328 _____ () C:\Users\Owner\Documents\Video_2014-01-30_051542.wmv
2014-01-30 01:10 - 2014-01-30 01:10 - 134411250 _____ () C:\Users\Owner\Documents\Video_2014-01-30_011044.wmv
2014-01-30 00:03 - 2014-01-30 00:03 - 1656140734 _____ () C:\Users\Owner\Documents\Video_2014-01-30_000316.wmv
2014-01-29 14:37 - 2014-01-29 14:39 - 27044107 _____ () C:\Users\Owner\Downloads\لقاء وزير العدل حسن الشمري مع قناة الحرة.3GP
2014-01-29 14:37 - 2014-01-29 14:38 - 01192836 _____ () C:\Users\Owner\Downloads\تصريحات نارية وزير العدل العراقي حسن الشمري.3GP
2014-01-29 14:01 - 2014-01-29 14:02 - 06739404 _____ () C:\Users\Owner\Downloads\عاجل عاجل فصل عزه ابراهيم الدوري من الحزب - ٣.3GP
2014-01-29 14:00 - 2014-01-29 14:02 - 08878497 _____ () C:\Users\Owner\Downloads\عاجل عاجل فصل عزه ابراهيم الدوري من الحزب - ١.3GP
2014-01-29 12:57 - 2014-01-29 12:58 - 16557557 _____ () C:\Users\Owner\Downloads\مداخلة د. طه الدليمي حول لقاء د.حارث الضاري في قناة الجزيرة.3GP
2014-01-29 12:33 - 2014-01-29 12:33 - 640998956 _____ () C:\Users\Owner\Documents\Video_2014-01-29_123321.wmv
2014-01-29 10:57 - 2014-01-30 08:12 - 00000000 ____D () C:\Program Files\ColorSoft
2014-01-29 09:13 - 2014-01-30 08:35 - 00006840 _____ () C:\Windows\system32\HideMyIpSRV.ini
2014-01-29 09:13 - 2014-01-30 08:35 - 00003576 _____ () C:\Windows\system32\HideMyIpSRVOff.ini
2014-01-29 09:13 - 2013-06-19 17:26 - 00025448 _____ (Hide My IP) C:\Windows\system32\Drivers\hmip.sys
2014-01-29 09:10 - 2014-01-29 09:10 - 63979348 _____ () C:\Users\Owner\Documents\Video_2014-01-29_091005.wmv
2014-01-29 02:00 - 2014-02-11 00:55 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-01-28 16:11 - 2014-01-28 16:11 - 251711138 _____ () C:\Users\Owner\Documents\Video_2014-01-28_161146.wmv
2014-01-28 13:10 - 2014-02-06 05:46 - 00000000 ____D () C:\Users\Owner\Documents\BSR Photos
2014-01-28 13:10 - 2014-01-28 13:10 - 00692224 _____ () C:\Windows\system32\bsrmgcv.dll
2014-01-28 13:10 - 2014-01-28 13:10 - 00192512 _____ () C:\Windows\system32\bsrmgps.dll
2014-01-28 13:10 - 2014-01-28 13:10 - 00098304 _____ () C:\Windows\system32\bsreffs.dll
2014-01-28 13:10 - 2014-01-28 13:10 - 00090112 _____ () C:\Windows\system32\bsrlback.dll
2014-01-28 13:10 - 2014-01-28 13:10 - 00081920 _____ () C:\Windows\system32\bsrgvas.dll
2014-01-28 13:10 - 2014-01-28 13:10 - 00002059 _____ () C:\Users\Owner\Desktop\BSR Screen Recorder 6.lnk
2014-01-28 13:10 - 2014-01-28 13:10 - 00000000 ____D () C:\Users\Owner\AppData\Local\Bulents
2014-01-28 13:10 - 2014-01-28 13:10 - 00000000 ____D () C:\Users\Default\AppData\Local\Bulents
2014-01-28 13:10 - 2014-01-28 13:10 - 00000000 ____D () C:\Users\Default User\AppData\Local\Bulents
2014-01-28 13:08 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\BSR Screen Recorder 6
2014-01-28 13:08 - 2014-01-28 13:08 - 00585728 _____ () C:\Windows\system32\bsratswf.dll
2014-01-28 13:08 - 2014-01-28 13:08 - 00147456 _____ () C:\Windows\system32\bsratwmv.dll
2014-01-28 13:08 - 2014-01-28 13:08 - 00000000 ____D () C:\Users\Owner\Documents\BSR Projects
2014-01-28 08:57 - 2014-01-28 08:57 - 00071443 _____ () C:\Users\Owner\Downloads\xcz7Sn-2.jpeg
2014-01-28 08:29 - 2014-02-07 14:00 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Apple Computer
2014-01-28 08:29 - 2014-01-28 08:29 - 00000000 ____D () C:\Users\Owner\AppData\Local\Apple Computer
2014-01-28 08:27 - 2014-02-07 14:38 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-01-28 08:27 - 2014-01-28 08:27 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-01-28 08:26 - 2014-01-28 08:26 - 00000000 ____D () C:\Users\Owner\AppData\Local\Apple
2014-01-28 08:24 - 2014-02-11 01:51 - 00000000 ____D () C:\ProgramData\Apple
2014-01-28 07:10 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\iFunbox 2014
2014-01-28 07:10 - 2014-01-28 07:10 - 00001012 _____ () C:\Users\Public\Desktop\iFunBox 2014.lnk
2014-01-28 04:37 - 2012-08-23 06:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-01-28 04:37 - 2012-08-23 06:46 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\terminpt.sys
2014-01-28 04:37 - 2012-08-23 06:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-01-28 04:37 - 2012-08-23 06:41 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-01-28 04:37 - 2012-08-23 06:40 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-01-28 04:37 - 2012-08-23 06:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-01-28 04:37 - 2012-08-23 06:10 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-01-28 04:37 - 2012-08-23 05:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-01-28 04:37 - 2012-08-23 05:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-01-28 04:37 - 2012-08-23 05:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-01-28 04:37 - 2012-08-23 05:32 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-01-28 04:37 - 2012-08-23 05:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-01-28 04:37 - 2012-08-23 03:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-01-28 04:37 - 2012-08-23 03:32 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-01-28 04:37 - 2012-08-23 03:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-01-28 04:37 - 2012-08-23 03:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-01-28 04:37 - 2012-08-23 02:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-01-28 04:37 - 2012-08-23 02:08 - 02739712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-01-28 04:37 - 2012-08-23 00:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-01-28 04:35 - 2014-02-09 00:15 - 00000000 ____D () C:\Windows\system32\Drivers\fr-FR
2014-01-28 04:35 - 2014-02-09 00:15 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA
2014-01-28 04:35 - 2014-02-09 00:15 - 00000000 ____D () C:\Windows\system32\ar
2014-01-28 04:35 - 2014-02-09 00:15 - 00000000 ____D () C:\Windows\fr-FR
2014-01-28 04:35 - 2014-02-09 00:15 - 00000000 ____D () C:\Windows\ar-SA
2014-01-28 04:35 - 2014-02-09 00:11 - 00000000 ____D () C:\Windows\system32\XPSViewer
2014-01-28 04:35 - 2014-01-28 04:35 - 00000000 ____D () C:\Windows\system32\fr
2014-01-28 04:35 - 2014-01-28 04:35 - 00000000 ____D () C:\Windows\system32\040C
2014-01-28 04:26 - 2014-02-08 23:16 - 00000000 ____D () C:\Program Files\Intel
2014-01-28 04:26 - 2014-01-28 04:26 - 00000000 ____D () C:\Intel
2014-01-28 04:22 - 2012-05-04 01:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-01-28 04:21 - 2014-02-11 03:48 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\vlc
2014-01-28 02:53 - 2014-01-28 02:53 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Runscanner.net
2014-01-28 02:23 - 2014-02-08 23:19 - 00000000 ____D () C:\Program Files\NirSoft
2014-01-28 02:23 - 2014-01-28 02:23 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2014-01-28 02:21 - 2014-01-29 01:24 - 00000000 ____D () C:\Windows\Minidump
2014-01-28 02:08 - 2014-01-28 02:12 - 55170565 _____ () C:\Users\Owner\Downloads\الحقيقة الدولية .. مأساة سكان مخيم -اشرف- الانسانية‬ - YouTube.3gp
2014-01-27 22:52 - 2014-01-27 22:52 - 3132929792 _____ () C:\Users\Owner\Documents\Video_2014-01-27_225234.wmv
2014-01-27 07:28 - 2014-02-09 00:10 - 00000000 ____D () C:\Windows\pss
2014-01-27 01:53 - 2014-01-27 01:53 - 1185891078 _____ () C:\Users\Owner\Documents\Video_2014-01-27_015311.wmv
2014-01-26 18:23 - 2013-11-26 02:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-26 18:23 - 2013-11-26 01:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-26 18:23 - 2013-11-26 01:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-01-26 18:23 - 2013-11-26 00:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-26 18:23 - 2013-11-26 00:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-01-26 18:23 - 2013-11-26 00:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-26 18:23 - 2013-11-26 00:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-26 18:23 - 2013-11-26 00:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-26 18:23 - 2013-11-26 00:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-26 18:23 - 2013-11-26 00:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-26 18:23 - 2013-11-26 00:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-01-26 18:23 - 2013-11-26 00:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-01-26 18:23 - 2013-11-26 00:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-26 18:23 - 2013-11-26 00:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-26 18:23 - 2013-11-25 23:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-26 18:23 - 2013-11-25 23:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-26 18:23 - 2013-11-25 22:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-26 18:23 - 2013-11-25 22:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-26 18:23 - 2013-11-25 22:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-26 18:10 - 2014-01-26 18:10 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-26 18:10 - 2014-01-26 18:10 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-26 18:03 - 2014-01-26 18:03 - 434954710 _____ () C:\Users\Owner\Documents\Video_2014-01-26_180329.wmv
2014-01-26 16:46 - 2014-02-09 01:23 - 00000000 ____D () C:\wifidata
2014-01-26 15:46 - 2014-01-26 15:46 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-26 15:45 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-26 15:45 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-26 15:45 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-26 15:45 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-26 15:42 - 2014-01-26 15:42 - 566907024 _____ () C:\Users\Owner\Documents\Video_2014-01-26_154233.wmv
2014-01-26 15:41 - 2014-01-26 15:45 - 00005134 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-01-26 15:38 - 2014-01-26 15:38 - 00001028 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-01-26 15:37 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-01-26 15:36 - 2014-02-08 23:20 - 00000000 ____D () C:\Program Files\VideoLAN
2014-01-26 15:35 - 2014-02-09 00:10 - 00000000 ____D () C:\Windows\system32\Adobe
2014-01-26 12:15 - 2014-01-26 12:15 - 202526376 _____ () C:\Users\Owner\Documents\Video_2014-01-26_121502.wmv
2014-01-26 11:53 - 2012-02-10 21:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-01-26 11:53 - 2011-02-24 21:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-01-26 07:57 - 2014-02-09 00:09 - 00000000 ____D () C:\ProgramData\QFX Software
2014-01-26 07:57 - 2014-01-26 07:57 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\QFX Software
2014-01-26 05:34 - 2014-01-26 05:34 - 624682326 _____ () C:\Users\Owner\Documents\Video_2014-01-26_053436.wmv
2014-01-26 05:25 - 2014-01-26 05:28 - 32423974 _____ () C:\Users\Owner\Downloads\THE FUTURE OF IRAQ.3GP
2014-01-26 04:16 - 2014-01-26 04:16 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Process Hacker 2
2014-01-26 04:14 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\Process Hacker 2
2014-01-26 04:14 - 2014-01-26 04:14 - 00001998 _____ () C:\Users\Owner\Desktop\Process Hacker 2.lnk
2014-01-26 03:19 - 2012-07-25 19:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-01-26 03:19 - 2012-07-25 19:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-01-26 03:19 - 2012-07-25 19:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-01-26 03:19 - 2012-07-25 19:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-01-26 03:19 - 2012-07-25 19:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-01-26 03:19 - 2012-07-25 18:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-01-26 03:19 - 2012-07-25 18:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-01-26 03:19 - 2012-06-02 06:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-01-26 03:12 - 2013-05-09 20:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-01-26 03:12 - 2013-05-09 20:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-26 03:10 - 2014-01-26 03:10 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-26 03:10 - 2014-01-26 03:10 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-26 03:10 - 2014-01-26 03:10 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-26 03:10 - 2014-01-26 03:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-26 03:10 - 2014-01-26 03:10 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-26 03:10 - 2014-01-26 03:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-26 03:10 - 2014-01-26 03:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-26 03:10 - 2014-01-26 03:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-26 03:10 - 2014-01-26 03:10 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-26 03:09 - 2014-01-26 03:09 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-01-26 03:09 - 2014-01-26 03:09 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-01-26 03:09 - 2014-01-26 03:09 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-01-26 03:09 - 2014-01-26 03:09 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-01-26 03:09 - 2014-01-26 03:09 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-01-26 03:09 - 2014-01-26 03:09 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-01-26 03:09 - 2014-01-26 03:09 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-01-26 03:09 - 2014-01-26 03:09 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-01-26 03:08 - 2014-01-26 03:08 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-01-26 03:07 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-26 01:18 - 2014-01-26 01:18 - 00000000 ____D () C:\ProgramData\FastStone
2014-01-26 01:08 - 2014-01-26 01:08 - 00000072 _____ () C:\Users\Owner\Downloads\check.htm
2014-01-26 01:08 - 2013-11-23 10:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-01-26 01:08 - 2013-10-29 18:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-01-26 01:08 - 2013-10-03 17:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-01-26 01:08 - 2013-10-03 17:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-01-26 01:08 - 2013-10-03 17:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-01-26 01:08 - 2013-08-27 16:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-01-26 01:08 - 2013-05-09 19:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-01-26 01:08 - 2013-03-18 20:53 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-01-26 01:08 - 2013-03-18 19:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-01-26 01:08 - 2013-01-23 20:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-01-26 01:08 - 2012-11-21 20:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-01-26 01:08 - 2012-10-03 08:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-01-26 01:08 - 2012-10-03 08:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-01-26 01:08 - 2012-10-03 08:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-01-26 01:08 - 2012-10-03 08:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-01-26 01:08 - 2012-10-03 08:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-01-26 01:08 - 2012-10-03 08:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-01-26 01:08 - 2012-10-03 07:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-01-26 01:08 - 2012-08-22 09:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-01-26 01:08 - 2012-08-21 12:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-01-26 01:08 - 2012-07-06 11:23 - 00393728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-01-26 01:08 - 2012-07-04 11:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-01-26 01:08 - 2011-12-29 21:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-01-26 01:08 - 2011-06-15 20:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-01-26 01:08 - 2011-03-10 21:39 - 00148864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-01-26 01:08 - 2011-03-10 21:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-01-26 01:08 - 2011-03-10 21:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-01-26 01:08 - 2011-03-10 21:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-01-26 01:08 - 2011-03-10 21:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-01-26 01:08 - 2011-03-10 21:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-01-26 01:08 - 2011-03-10 21:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-01-26 01:08 - 2011-03-10 21:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-01-26 01:08 - 2011-03-10 20:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-01-26 01:08 - 2011-02-17 21:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-01-26 01:07 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\Aomei Ntfs2Fat32 Pro Edition 2.0
2014-01-26 01:07 - 2014-01-26 01:07 - 00001049 _____ () C:\Users\Public\Desktop\Aomei Ntfs2Fat32 Pro Edition 2.0.lnk
2014-01-26 01:07 - 2013-11-26 03:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-26 01:07 - 2013-08-04 17:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-01-26 01:07 - 2013-07-04 03:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-26 01:07 - 2013-07-04 03:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-26 01:07 - 2013-07-04 01:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-01-26 01:07 - 2013-04-16 23:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-01-26 01:07 - 2012-12-07 04:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-01-26 01:07 - 2012-12-07 04:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-01-26 01:07 - 2012-12-07 02:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-01-26 01:07 - 2012-12-07 02:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-01-26 01:07 - 2012-12-07 02:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-01-26 01:07 - 2012-12-07 02:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-01-26 01:07 - 2012-12-07 02:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-01-26 01:07 - 2012-12-07 02:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-01-26 01:07 - 2012-12-07 02:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-01-26 01:07 - 2012-12-07 02:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-01-26 01:07 - 2012-12-07 02:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-01-26 01:07 - 2012-12-07 02:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-01-26 01:07 - 2012-12-07 02:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-01-26 01:07 - 2012-12-07 02:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-01-26 01:07 - 2012-12-07 02:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-01-26 01:07 - 2012-12-07 02:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-01-26 01:07 - 2012-11-29 15:17 - 00420064 _____ () C:\Windows\system32\locale.nls
2014-01-26 01:07 - 2012-10-09 09:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-01-26 01:07 - 2012-10-09 09:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-01-26 01:07 - 2012-05-04 23:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-01-26 01:07 - 2012-04-30 20:44 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-01-26 01:07 - 2012-04-07 03:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-01-26 01:07 - 2012-01-04 00:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-01-26 01:07 - 2011-05-03 20:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-01-26 01:07 - 2011-05-03 20:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-01-26 01:07 - 2011-05-03 20:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-01-26 01:07 - 2011-05-03 20:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-01-26 01:07 - 2011-05-03 20:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-01-26 01:07 - 2011-05-03 20:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-01-26 01:07 - 2011-05-03 20:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-01-26 01:07 - 2011-05-03 20:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-01-26 01:07 - 2011-05-03 20:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-01-26 01:07 - 2011-04-22 11:14 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-01-26 01:02 - 2014-02-08 23:17 - 00000000 ____D () C:\Program Files\Macrorit
2014-01-26 01:02 - 2014-01-26 01:02 - 00001133 _____ () C:\Users\Owner\Desktop\Macrorit NTFS To FAT32 Converter.lnk
2014-01-26 01:02 - 2014-01-26 01:02 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macrorit NTFS To FAT32 Converter
2014-01-26 00:59 - 2014-01-26 00:59 - 00000053 __RSH () C:\Windows\system32\Drivers\wmiacpi.winsecurity
2014-01-26 00:59 - 2014-01-26 00:59 - 00000000 ____D () C:\ProgramData\CodeMeter
2014-01-25 15:51 - 2014-01-25 04:51 - 05865480 _____ (Tonec Inc.) C:\Users\Owner\Downloads\idman618build12.exe
2014-01-25 15:50 - 2014-01-25 04:53 - 04669416 _____ (AVAST Software) C:\Users\Owner\Downloads\avast_internet_security_setup_online.exe
2014-01-25 15:46 - 2014-01-25 15:46 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Macromedia
2014-01-25 15:46 - 2014-01-25 15:46 - 00000000 ____D () C:\Users\Owner\AppData\Local\Macromedia
2014-01-25 15:45 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-01-25 15:45 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-01-25 15:45 - 2012-06-02 14:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-01-25 15:45 - 2012-06-02 14:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-01-25 15:45 - 2012-06-02 14:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-01-25 15:45 - 2012-06-02 14:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-01-25 15:45 - 2012-06-02 14:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-01-25 15:45 - 2012-06-02 14:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-01-25 15:45 - 2012-06-02 14:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-01-25 15:44 - 2014-01-25 15:44 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Mozilla
2014-01-25 15:44 - 2014-01-25 15:44 - 00000000 ____D () C:\Users\Owner\AppData\Local\Mozilla
2014-01-25 15:15 - 2014-01-25 15:15 - 00352814 _____ () C:\Users\Owner\Documents\cdcds.wav
2014-01-25 15:06 - 2014-01-25 15:06 - 00000000 ____D () C:\Users\Owner\AppData\Local\TechSmith
2014-01-25 15:05 - 2014-01-25 15:05 - 11595680 _____ () C:\Users\Owner\Documents\Video_2014-01-25_150536.wmv
2014-01-25 15:01 - 2014-01-25 15:01 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\TechSmith
2014-01-25 15:00 - 2014-01-28 08:15 - 00000000 ____D () C:\Users\Owner\Documents\Camtasia Studio
2014-01-25 14:59 - 2014-01-25 14:58 - 317807924 _____ () C:\Users\Owner\Documents\Video_2014-01-25_145856.wmv
2014-01-25 14:17 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\GLArab.com
2014-01-25 13:22 - 2011-04-27 19:15 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2014-01-25 13:15 - 2014-02-10 13:37 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashDumps
2014-01-25 13:15 - 2014-01-26 04:07 - 00000000 ____D () C:\Users\Owner\AppData\Local\Adobe
2014-01-25 13:12 - 2014-01-25 13:12 - 00001126 _____ () C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2014-01-25 13:12 - 2014-01-25 13:12 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2014-01-25 13:12 - 2014-01-25 13:12 - 00000000 ____D () C:\Program Files\QuickTime
2014-01-25 13:11 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\Common Files\TechSmith Shared
2014-01-25 13:10 - 2014-02-08 23:21 - 00000000 ____D () C:\ProgramData\TechSmith
2014-01-25 13:10 - 2014-02-08 23:20 - 00000000 ____D () C:\Program Files\TechSmith
2014-01-25 12:17 - 2014-01-25 12:17 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\FastStone
2014-01-25 12:17 - 2014-01-25 12:17 - 00000000 ____D () C:\Users\Owner\AppData\Local\FastStone
2014-01-25 12:08 - 2012-01-15 14:01 - 00010752 _____ (Sony Corporation) C:\Windows\system32\Drivers\SFEP.sys
2014-01-25 12:07 - 2009-09-22 22:24 - 00626688 _____ (Sony Corporation) C:\Windows\snymsico.dll
2014-01-25 12:07 - 2009-09-22 22:24 - 00069120 _____ (REDC) C:\Windows\system32\Drivers\rimsptsk.sys
2014-01-25 12:06 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-01-25 12:06 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-01-25 12:05 - 2014-02-10 02:30 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-01-25 12:05 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-01-25 12:05 - 2014-02-08 23:18 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework
2014-01-25 12:05 - 2014-02-08 23:18 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-01-25 12:05 - 2014-01-26 04:07 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Adobe
2014-01-25 12:05 - 2014-01-25 12:05 - 00000000 ____D () C:\Windows\PCHEALTH
2014-01-25 12:04 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-01-25 12:04 - 2014-02-08 23:17 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-01-25 12:03 - 2014-02-09 00:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-25 12:03 - 2014-02-08 23:18 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-01-25 12:03 - 2014-02-08 23:13 - 00000000 __RHD () C:\MSOCache
2014-01-25 12:03 - 2014-01-25 12:03 - 00000000 ____D () C:\Users\Owner\AppData\Local\Microsoft Help
2014-01-25 12:00 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\WinRAR
2014-01-25 12:00 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-01-25 12:00 - 2014-01-25 12:00 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-25 11:59 - 2014-02-11 00:53 - 00000000 ____D () C:\ProgramData\Real
2014-01-25 11:59 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-01-25 11:59 - 2014-02-08 23:15 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-01-25 11:59 - 2014-01-25 11:59 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-25 11:59 - 2014-01-25 11:59 - 00000000 ____D () C:\ProgramData\Sun
2014-01-25 11:59 - 2014-01-25 11:59 - 00000000 ____D () C:\ProgramData\Mozilla
2014-01-25 11:59 - 2014-01-25 06:03 - 00000000 ____D () C:\ProgramData\Adobe
2014-01-25 11:58 - 2014-02-11 14:27 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-25 11:58 - 2014-02-09 00:11 - 00000000 ____D () C:\Windows\system32\Macromed
2014-01-25 11:58 - 2014-02-08 23:17 - 00000000 ____D () C:\Program Files\Java
2014-01-25 11:58 - 2014-02-02 22:48 - 00002330 _____ () C:\Users\Owner\Desktop\Google Chrome.lnk
2014-01-25 11:58 - 2014-01-25 11:58 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-01-25 11:58 - 2014-01-25 11:58 - 00000000 ____D () C:\Users\Owner\AppData\Local\Google
2014-01-25 11:58 - 2014-01-25 06:27 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-01-25 11:58 - 2014-01-25 06:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-01-25 11:58 - 2013-08-22 09:09 - 00217176 _____ () C:\Windows\system32\unrar.dll
2014-01-25 11:57 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack
2014-01-25 11:55 - 2014-01-25 11:55 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-01-25 11:51 - 2014-02-10 22:26 - 00000000 ____D () C:\Users\Owner
2014-01-25 11:51 - 2014-01-26 16:47 - 00000000 ____D () C:\Users\Owner\AppData\Local\VirtualStore
2014-01-25 11:51 - 2014-01-25 11:51 - 00000020 ___SH () C:\Users\Owner\ntuser.ini
2014-01-25 11:51 - 2014-01-25 11:51 - 00000000 __SHD () C:\Recovery
2014-01-25 11:51 - 2009-07-13 20:42 - 00000000 ___RD () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-25 11:51 - 2009-07-13 20:37 - 00000000 ___RD () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-25 11:48 - 2014-02-11 14:27 - 01225223 _____ () C:\Windows\WindowsUpdate.log
2014-01-25 11:44 - 2014-01-30 14:27 - 00000000 ____D () C:\Windows\Panther
2014-01-25 10:43 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-01-25 10:00 - 2014-02-08 23:15 - 00000000 ____D () C:\Program Files\CodeMeter
2014-01-25 10:00 - 2014-01-25 10:00 - 00000617 _____ () C:\Users\Owner\Desktop\Recover My Files v5.lnk
2014-01-25 10:00 - 2014-01-25 10:00 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recover My Files v5
2014-01-25 10:00 - 2013-11-27 12:26 - 00719720 _____ (WIBU-SYSTEMS AG) C:\Windows\system32\WibuCm32.dll
2014-01-25 09:26 - 2014-01-25 09:26 - 00000618 _____ () C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 7.0.lnk
2014-01-25 08:03 - 2014-02-09 00:09 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\TeraCopy
2014-01-25 08:03 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\TeraCopy
2014-01-25 07:43 - 2014-01-25 07:43 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\R-TT
2014-01-25 07:39 - 2014-02-04 20:26 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\R-Studio
2014-01-25 07:39 - 2014-01-25 07:43 - 00000000 ____D () C:\Users\Owner\Documents\R-TT
2014-01-25 07:23 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\KeyScrambler
2014-01-25 07:23 - 2013-05-31 06:53 - 00209016 _____ (QFX Software Corporation) C:\Windows\system32\Drivers\keyscrambler.sys
2014-01-25 07:13 - 2014-01-25 07:13 - 00001417 _____ () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-25 06:15 - 2014-02-09 14:12 - 00000674 _____ () C:\Users\Public\Desktop\Hekasoft Backup & Restore.lnk
2014-01-25 06:15 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\Hekasoft Backup & Restore
2014-01-25 06:15 - 2014-01-25 06:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Hekasoft
2014-01-25 06:13 - 2014-01-25 06:13 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\MPC-HC
2014-01-25 06:04 - 2014-01-25 06:04 - 00001989 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-01-25 06:03 - 2014-02-08 23:14 - 00000000 ____D () C:\Program Files\Adobe
2014-01-25 05:40 - 2014-01-25 05:40 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\WinRAR
2014-01-25 05:38 - 2012-02-29 21:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-01-25 05:38 - 2012-02-29 21:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-01-25 05:35 - 2014-02-08 23:13 - 00000000 ____D () C:\Komku
2014-01-25 05:30 - 2014-01-25 05:30 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Moonchild Productions
2014-01-25 05:30 - 2014-01-25 05:30 - 00000000 ____D () C:\Users\Owner\AppData\Local\Moonchild Productions
2014-01-25 05:24 - 2014-01-25 05:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-25 05:24 - 2014-01-06 16:20 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-25 05:20 - 2014-01-25 05:20 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-01-25 05:17 - 2014-01-25 05:17 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-01-25 05:15 - 2014-02-11 06:49 - 00000000 ____D () C:\Program Files\Everything
2014-01-25 05:15 - 2014-01-25 05:15 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-01-25 05:15 - 2014-01-25 05:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2014-01-25 05:13 - 2013-10-05 11:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-01-25 05:13 - 2013-07-25 00:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-01-25 05:13 - 2013-07-08 20:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-01-25 05:13 - 2013-07-08 20:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-01-25 05:13 - 2013-07-08 20:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-01-25 05:12 - 2013-07-25 17:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-01-25 05:12 - 2013-07-25 17:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-01-25 05:12 - 2013-06-25 14:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-01-25 05:12 - 2012-11-28 14:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-01-25 05:12 - 2012-11-28 14:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-01-25 05:12 - 2012-11-28 14:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-01-25 05:11 - 2013-09-24 18:01 - 00136640 _____ (Microsoft C

Link to post
Share on other sites

usb8023.sys
2014-01-25 05:09 - 2012-11-01 21:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-01-25 05:09 - 2012-10-31 20:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-01-25 05:09 - 2012-07-04 13:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-01-25 05:09 - 2012-07-04 13:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-01-25 05:09 - 2012-07-04 13:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-01-25 05:09 - 2012-06-05 21:05 - 01236992 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-01-25 05:09 - 2012-05-13 20:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-01-25 05:09 - 2012-04-25 20:45 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-01-25 05:09 - 2012-04-25 20:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-01-25 05:09 - 2012-04-25 20:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-01-25 05:09 - 2012-02-16 21:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-01-25 05:09 - 2012-02-16 20:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-01-25 05:09 - 2011-08-26 20:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-01-25 05:09 - 2011-08-26 20:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-01-25 05:09 - 2011-08-16 20:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-01-25 05:09 - 2011-08-16 20:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-01-25 05:09 - 2011-06-15 00:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2014-01-25 05:09 - 2011-06-15 00:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-01-25 05:09 - 2011-06-15 00:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-01-25 05:09 - 2011-06-15 00:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-01-25 05:09 - 2011-06-15 00:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-01-25 05:09 - 2011-05-02 20:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-01-25 05:09 - 2011-04-28 18:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-01-25 05:09 - 2011-04-28 18:46 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-01-25 05:09 - 2011-04-28 18:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-01-25 05:09 - 2011-03-02 21:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-01-25 05:09 - 2011-03-02 21:38 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-01-25 05:09 - 2011-03-02 21:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-01-25 05:09 - 2011-02-11 21:35 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-01-25 05:09 - 2010-06-25 19:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-01-25 05:08 - 2013-10-18 17:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-01-25 05:08 - 2013-10-03 17:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-01-25 05:08 - 2013-10-03 17:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-01-25 05:08 - 2013-10-02 17:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-01-25 05:08 - 2013-07-20 02:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-01-25 05:08 - 2013-07-04 03:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-01-25 05:08 - 2013-06-14 19:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-01-25 05:08 - 2013-06-03 20:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-01-25 05:08 - 2012-09-25 14:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-01-25 05:08 - 2011-12-15 23:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-01-25 05:08 - 2011-11-19 06:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-01-25 05:08 - 2011-05-24 02:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-01-25 05:08 - 2011-02-22 20:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-01-25 05:07 - 2014-01-16 09:59 - 00231584 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-25 05:06 - 2014-02-09 14:20 - 00000501 _____ () C:\Users\Public\Desktop\Pale Moon.lnk
2014-01-25 05:05 - 2014-02-09 14:20 - 00000000 ____D () C:\Program Files\Pale Moon
2014-01-25 04:59 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\FastStone Capture
2014-01-25 04:59 - 2014-01-25 10:42 - 00001037 _____ () C:\Users\Public\Desktop\FastStone Capture.lnk
2014-01-25 04:57 - 2013-02-26 21:05 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-01-25 04:57 - 2013-02-26 20:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-01-25 04:54 - 2014-01-25 05:05 - 255479656 _____ () C:\Users\Owner\Downloads\camtasia.exe
2014-01-25 04:52 - 2014-02-11 04:50 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\IDM
2014-01-25 04:52 - 2014-02-11 04:49 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\DMCache
2014-01-25 04:52 - 2014-02-10 17:55 - 00000000 ____D () C:\Users\Owner\Downloads\Compressed
2014-01-25 04:52 - 2014-02-07 14:57 - 00000000 ____D () C:\Users\Owner\Downloads\Video
2014-01-25 04:52 - 2014-01-25 04:52 - 00000000 ____D () C:\ProgramData\IDM
2014-01-25 04:51 - 2014-02-09 00:08 - 00000000 ____D () C:\Program Files\Internet Download Manager
2014-01-25 04:51 - 2014-01-25 04:51 - 00000983 _____ () C:\Users\Owner\Desktop\Internet Download Manager.lnk
2014-01-25 04:51 - 2014-01-25 04:51 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2014-01-23 12:12 - 2014-01-23 12:56 - 05044479 _____ () C:\Users\Owner\AppData\Local\Temp1.exe
2014-01-20 08:25 - 2014-01-20 09:18 - 00000000 ____D () C:\Users\Owner\AppData\Local\IDM
2014-01-16 15:37 - 2013-11-27 16:24 - 00108000 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys

==================== One Month Modified Files and Folders =======

2014-06-01 16:43 - 2014-02-02 20:13 - 03955200 _____ (iolo technologies, LLC) C:\SystemGuardAlerter.exe
2014-02-11 14:28 - 2014-02-11 05:01 - 00000000 ____D () C:\FRST
2014-02-11 14:27 - 2014-01-25 11:58 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-11 14:27 - 2014-01-25 11:48 - 01225223 _____ () C:\Windows\WindowsUpdate.log
2014-02-11 06:53 - 2009-07-13 20:34 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-11 06:53 - 2009-07-13 20:34 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-11 06:51 - 2010-11-20 13:01 - 02157412 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-11 06:50 - 2014-02-11 06:50 - 00000642 _____ () C:\Users\Owner\Desktop\JRT.txt
2014-02-11 06:49 - 2014-01-25 05:15 - 00000000 ____D () C:\Program Files\Everything
2014-02-11 06:48 - 2014-02-11 04:35 - 00000000 ____D () C:\Windows\ERDNT
2014-02-11 06:47 - 2014-02-11 06:47 - 00000000 ____H () C:\ProgramData\cm-lock
2014-02-11 06:47 - 2014-02-10 22:27 - 00009586 _____ () C:\Windows\PFRO.log
2014-02-11 06:47 - 2014-02-10 13:08 - 00000224 _____ () C:\Windows\setupact.log
2014-02-11 06:47 - 2014-01-30 14:18 - 00000272 _____ () C:\Windows\Tasks\Driver Booster Update.job
2014-02-11 06:47 - 2009-07-13 20:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-11 06:46 - 2014-02-10 04:02 - 00000000 ____D () C:\AdwCleaner
2014-02-11 06:38 - 2014-02-11 06:38 - 30439667 _____ () C:\Users\Owner\Downloads\سرمد البياتي برنامج بالشمع الاحمر عنوان الحلقة الانترنت في غرف الزوجية 17-12-2013.3GP
2014-02-11 05:24 - 2014-02-10 14:08 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-11 05:24 - 2014-02-10 14:06 - 00000000 ____D () C:\Users\Owner\Desktop\mbar
2014-02-11 05:02 - 2014-02-11 05:02 - 00000000 ____D () C:\Program Files\ESET
2014-02-11 04:55 - 2014-02-11 04:55 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-11 04:55 - 2014-02-11 04:55 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-11 04:55 - 2014-02-11 04:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-11 04:54 - 2014-02-10 06:02 - 00029681 _____ () C:\Users\Owner\Desktop\dds.txt
2014-02-11 04:54 - 2014-02-10 06:02 - 00008305 _____ () C:\Users\Owner\Desktop\attach.txt
2014-02-11 04:53 - 2014-02-11 04:38 - 00000000 ____D () C:\Users\Owner\Desktop\RK_Quarantine
2014-02-11 04:51 - 2014-02-11 04:51 - 00001600 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_02112014_045108.txt
2014-02-11 04:50 - 2014-01-25 04:52 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\IDM
2014-02-11 04:49 - 2014-01-25 04:52 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\DMCache
2014-02-11 04:42 - 2014-02-11 04:42 - 00001567 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_02112014_044233.txt
2014-02-11 04:38 - 2014-02-11 04:38 - 03809792 _____ () C:\Users\Owner\Desktop\RogueKiller_2.exe
2014-02-11 04:37 - 2014-02-11 04:37 - 04403200 _____ () C:\Users\Owner\Desktop\RogueKillerX64.exe
2014-02-11 04:35 - 2014-02-11 04:35 - 00000898 _____ () C:\Users\Owner\Desktop\NTREGOPT.lnk
2014-02-11 04:35 - 2014-02-11 04:35 - 00000898 _____ () C:\Users\d\Desktop\NTREGOPT.lnk
2014-02-11 04:35 - 2014-02-11 04:35 - 00000879 _____ () C:\Users\Owner\Desktop\ERUNT.lnk
2014-02-11 04:35 - 2014-02-11 04:35 - 00000879 _____ () C:\Users\d\Desktop\ERUNT.lnk
2014-02-11 04:35 - 2014-02-11 04:35 - 00000000 ____D () C:\Program Files\ERUNT
2014-02-11 04:30 - 2014-02-11 04:30 - 00904743 _____ () C:\Users\Owner\Downloads\A2B63469251036344862401769472_14729024e60.4.6.8894272438047653657_0EmL2hK7hj7rnQXtX3xCgK7DrdiNlNLPW6HSv0CPP55uQYDkfTVf1H_7d9UiyDgK.mp4
2014-02-11 04:12 - 2014-02-11 04:12 - 01238617 _____ () C:\Users\Owner\Downloads\FF19EC1CFA1024471840065777664_138722721092161f9fce532.mp4_pRCiGvUkIeDSojpqECK9pYhe4w9e1P6eu9AUzLxQOGMwhIKLr0bjX8rBSk4dDF00.mp4
2014-02-11 03:59 - 2014-02-11 03:59 - 00893439 _____ () C:\Users\Owner\Downloads\82BB09F6A21039395578498506752_12961615bf0.3.2_iO2NJTifYodhq39uf3ebcTntrEFhZq0m96TLlJXPptgFXqTXo7604R7YiopCTC4l.mp4
2014-02-11 03:58 - 2014-02-11 03:58 - 00893373 _____ () C:\Users\Owner\Downloads\A4565337131039675904663662592_167880401cd.4.7.1703182332979559069_.qgBb6jAmfol.mkkRsiEfAmpXEuyYN47amAF9SYEoVi9X2rWQ1vInwhQMIZHAASS.mp4
2014-02-11 03:57 - 2014-02-11 03:57 - 00875939 _____ () C:\Users\Owner\Downloads\019EC4DC171029108921266290688_1aa642d4d69.4.5.6871069217078471256__E.YchHfRkZl2KlotHxNcl1TQmBno0NmKr9iuiVIfC0ojEYloH7skSvgswP8lPNI.mp4
2014-02-11 03:48 - 2014-01-28 04:21 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\vlc
2014-02-11 02:36 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-11 01:51 - 2014-01-28 08:24 - 00000000 ____D () C:\ProgramData\Apple
2014-02-11 01:49 - 2014-02-11 01:44 - 00000000 ____D () C:\Users\Owner\Documents\Network Monitor 3
2014-02-11 01:44 - 2014-02-11 01:44 - 00001016 _____ () C:\Users\Public\Desktop\Microsoft Network Monitor 3.4.lnk
2014-02-11 01:44 - 2014-02-11 01:44 - 00000000 ____D () C:\Program Files\Microsoft Network Monitor 3
2014-02-11 00:55 - 2014-01-29 02:00 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-02-11 00:54 - 2014-01-30 14:02 - 00000000 ____D () C:\Program Files\IObit
2014-02-11 00:53 - 2014-01-25 11:59 - 00000000 ____D () C:\ProgramData\Real
2014-02-11 00:48 - 2014-02-11 00:47 - 00000079 _____ () C:\Windows\wininit.ini
2014-02-10 23:52 - 2014-02-10 23:52 - 00001201 _____ () C:\Windows\IE11_main.log
2014-02-10 23:36 - 2009-07-13 18:37 - 00000000 ____D () C:\Users\Default
2014-02-10 22:27 - 2014-02-10 22:27 - 00409096 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-10 22:26 - 2014-02-10 22:26 - 49782784 _____ () C:\Windows\system32\config\software.iodefrag.bak
2014-02-10 22:26 - 2014-02-10 22:26 - 00167936 _____ () C:\Windows\system32\config\default.iodefrag.bak
2014-02-10 22:26 - 2014-02-10 22:26 - 00098304 _____ () C:\Windows\system32\config\sam.iodefrag.bak
2014-02-10 22:26 - 2014-02-10 22:26 - 00024576 _____ () C:\Windows\system32\config\security.iodefrag.bak
2014-02-10 22:26 - 2014-02-10 22:26 - 00000000 _____ () C:\asc_rdflag
2014-02-10 22:26 - 2014-01-25 11:51 - 00000000 ____D () C:\Users\Owner
2014-02-10 22:25 - 2014-02-10 22:25 - 00003304 ____N () C:\bootsqm.dat
2014-02-10 20:15 - 2014-02-10 20:16 - 00069183 _____ () C:\Users\Owner\Downloads\www_base_mod.js
2014-02-10 20:15 - 2014-02-10 20:16 - 00020065 _____ () C:\Users\Owner\Downloads\spf-vflY4jAlw.js
2014-02-10 18:23 - 2014-02-10 18:23 - 00000000 ____D () C:\Windows\CheckSur
2014-02-10 18:21 - 2014-02-10 18:21 - 183244764 _____ () C:\Users\Owner\Downloads\Windows6.1-KB947821-v31-x86.msu
2014-02-10 18:03 - 2014-02-10 18:01 - 00002592 _____ () C:\Users\Owner\Desktop\Rkill.txt
2014-02-10 18:01 - 2014-02-10 18:01 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Owner\Desktop\rkill.com
2014-02-10 17:55 - 2014-01-25 04:52 - 00000000 ____D () C:\Users\Owner\Downloads\Compressed
2014-02-10 17:45 - 2014-02-10 17:45 - 00000000 ____D () C:\_OTL
2014-02-10 16:17 - 2014-02-10 16:17 - 28823831 _____ () C:\Users\Owner\Downloads\عزت الشابندر _  ساعة حوار _  الاتجاه 04 02 2014.3GP
2014-02-10 15:23 - 2014-02-02 20:10 - 00000000 ____D () C:\ProgramData\iolo
2014-02-10 13:56 - 2014-02-10 13:49 - 00000000 ____D () C:\Windows\system32\CATROOT2OLD
2014-02-10 13:51 - 2014-02-10 13:51 - 00000000 ____D () C:\New folder
2014-02-10 13:49 - 2014-02-10 13:49 - 00109280 _____ () C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-10 13:49 - 2014-02-10 13:49 - 00001244 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-02-10 13:48 - 2014-02-10 13:48 - 00000000 ____D () C:\Program Files\Panda Security
2014-02-10 13:37 - 2014-01-25 13:15 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashDumps
2014-02-10 13:09 - 2014-02-10 13:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-10 06:00 - 2014-02-10 06:01 - 00688992 ____R (Swearware) C:\Users\Owner\Desktop\dds.scr
2014-02-10 05:33 - 2014-01-30 14:05 - 00002155 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-02-10 05:31 - 2014-01-30 14:17 - 49782784 _____ () C:\Windows\system32\config\software.iobit
2014-02-10 05:31 - 2014-01-30 14:17 - 00167936 _____ () C:\Windows\system32\config\default.iobit
2014-02-10 05:31 - 2014-01-30 14:17 - 00098304 _____ () C:\Windows\system32\config\sam.iobit
2014-02-10 05:31 - 2014-01-30 14:17 - 00024576 _____ () C:\Windows\system32\config\security.iobit
2014-02-10 04:37 - 2014-02-10 04:37 - 00001943 _____ () C:\Users\Owner\Desktop\Paltalk Messenger.lnk
2014-02-10 04:37 - 2014-02-10 04:37 - 00001214 _____ () C:\Users\Owner\Desktop\Upgrade to Paltalk Extreme.lnk
2014-02-10 04:37 - 2014-02-10 04:37 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Paltalk
2014-02-10 04:37 - 2014-02-10 04:37 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
2014-02-10 04:37 - 2014-02-10 04:37 - 00000000 ____D () C:\Program Files\Paltalk Messenger
2014-02-10 04:27 - 2009-07-13 18:04 - 00002577 _____ () C:\Windows\system32\config.nt
2014-02-10 04:21 - 2014-02-10 04:20 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-02-10 04:17 - 2014-02-06 06:37 - 00000000 ____D () C:\ProgramData\Wondershare Player
2014-02-10 04:13 - 2014-02-10 04:13 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-OWNER-PC-Microsoft-Windows-7-Ultimate-(32-bit).dat
2014-02-10 04:12 - 2014-02-10 04:12 - 00002121 _____ () C:\Users\Owner\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-02-10 04:12 - 2014-02-10 04:12 - 00000000 ____D () C:\RegBackup
2014-02-10 04:12 - 2014-02-10 04:10 - 00000000 ____D () C:\Users\d\AppData\Local\MoboGenie
2014-02-10 04:10 - 2014-02-10 04:10 - 00000000 ____D () C:\Users\d\AppData\Roaming\QFX Software
2014-02-10 04:10 - 2014-02-10 04:10 - 00000000 ____D () C:\Users\d\AppData\Roaming\Malwarebytes
2014-02-10 03:58 - 2014-02-10 03:58 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-02-10 03:21 - 2009-07-13 18:04 - 00000741 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_797
2014-02-10 03:04 - 2014-02-10 03:04 - 00000000 ____D () C:\Program Files\AdwareRemovalToolv3.7
2014-02-10 03:03 - 2014-02-10 03:03 - 00000000 ____D () C:\Windows\ERUNT
2014-02-10 03:02 - 2014-02-10 03:02 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Owner\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-10 03:01 - 2014-02-10 03:01 - 00414944 _____ () C:\Users\Owner\Desktop\Adware-Removal-Tool-V3.7.exe
2014-02-10 02:59 - 2014-02-10 02:59 - 01166132 _____ () C:\Users\Owner\Desktop\AdwCleaner.exe
2014-02-10 02:59 - 2014-02-10 02:59 - 01037530 _____ (Thisisu) C:\Users\Owner\Desktop\JRT.exe
2014-02-10 02:57 - 2014-02-10 02:57 - 00921000 _____ (Oracle Corporation) C:\Users\Owner\Desktop\jxpiinstall_3.exe
2014-02-10 02:52 - 2014-02-02 01:55 - 00000000 ____D () C:\ProgramData\TamoSoft
2014-02-10 02:30 - 2014-01-25 12:05 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-10 02:23 - 2014-02-10 02:23 - 00001234 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-02-10 02:23 - 2014-02-10 02:23 - 00000000 ____D () C:\Users\Owner\AppData\Local\VS Revo Group
2014-02-10 02:23 - 2014-02-10 02:23 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-02-10 02:17 - 2014-02-10 02:17 - 00000067 _____ () C:\Windows\avast5.ini
2014-02-10 01:22 - 2009-07-13 20:53 - 00008760 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-09 14:23 - 2014-02-09 14:23 - 00000989 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-02-09 14:23 - 2014-02-09 14:23 - 00000000 ____D () C:\Program Files\MozBackup
2014-02-09 14:20 - 2014-01-25 05:06 - 00000501 _____ () C:\Users\Public\Desktop\Pale Moon.lnk
2014-02-09 14:20 - 2014-01-25 05:05 - 00000000 ____D () C:\Program Files\Pale Moon
2014-02-09 14:12 - 2014-01-25 06:15 - 00000674 _____ () C:\Users\Public\Desktop\Hekasoft Backup & Restore.lnk
2014-02-09 01:23 - 2014-01-26 16:46 - 00000000 ____D () C:\wifidata
2014-02-09 00:16 - 2014-02-07 21:08 - 00000000 ____D () C:\Users\d
2014-02-09 00:16 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\twain_32
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 __RSD () C:\Windows\Media
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\TAPI
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\ras
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\icsxml
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\ias
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\com
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-02-09 00:16 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\rescache
2014-02-09 00:15 - 2014-01-28 04:35 - 00000000 ____D () C:\Windows\system32\Drivers\fr-FR
2014-02-09 00:15 - 2014-01-28 04:35 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA
2014-02-09 00:15 - 2014-01-28 04:35 - 00000000 ____D () C:\Windows\system32\ar
2014-02-09 00:15 - 2014-01-28 04:35 - 00000000 ____D () C:\Windows\fr-FR
2014-02-09 00:15 - 2014-01-28 04:35 - 00000000 ____D () C:\Windows\ar-SA
2014-02-09 00:15 - 2010-11-20 16:46 - 00000000 __SHD () C:\Windows\BitLockerDiscoveryVolumeContents
2014-02-09 00:15 - 2010-11-20 16:46 - 00000000 ____D () C:\Windows\ShellNew
2014-02-09 00:15 - 2010-11-20 16:46 - 00000000 ____D () C:\Program Files\Windows Journal
2014-02-09 00:15 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2014-02-09 00:15 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\addins
2014-02-09 00:15 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-02-09 00:15 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-02-09 00:15 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-02-09 00:15 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-02-09 00:15 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\DVD Maker
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\th-TH
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\it-IT
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\he-IL
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\et-EE
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\L2Schemas
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\IME
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Cursors
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-02-09 00:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\Services
2014-02-09 00:11 - 2014-01-30 14:34 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-02-09 00:11 - 2014-01-28 04:35 - 00000000 ____D () C:\Windows\system32\XPSViewer
2014-02-09 00:11 - 2014-01-25 11:58 - 00000000 ____D () C:\Windows\system32\Macromed
2014-02-09 00:11 - 2010-11-20 16:38 - 00000000 ____D () C:\Windows\system32\winrm
2014-02-09 00:11 - 2010-11-20 16:38 - 00000000 ____D () C:\Windows\system32\WCN
2014-02-09 00:11 - 2010-11-20 16:38 - 00000000 ____D () C:\Windows\system32\slmgr
2014-02-09 00:11 - 2010-11-20 16:38 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-02-09 00:11 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell
2014-02-09 00:11 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\system32\restore
2014-02-09 00:11 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\spp
2014-02-09 00:11 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\spool
2014-02-09 00:11 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\Speech
2014-02-09 00:11 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\SMI
2014-02-09 00:11 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\NetworkList
2014-02-09 00:11 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\MUI
2014-02-09 00:11 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\IME
2014-02-09 00:10 - 2014-01-27 07:28 - 00000000 ____D () C:\Windows\pss
2014-02-09 00:10 - 2014-01-26 15:35 - 00000000 ____D () C:\Windows\system32\Adobe
2014-02-09 00:10 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\Performance
2014-02-09 00:10 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Speech
2014-02-09 00:10 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\security
2014-02-09 00:10 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\schemas
2014-02-09 00:10 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Resources
2014-02-09 00:10 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\PLA
2014-02-09 00:10 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-09 00:09 - 2014-01-26 07:57 - 00000000 ____D () C:\ProgramData\QFX Software
2014-02-09 00:09 - 2014-01-25 08:03 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\TeraCopy
2014-02-09 00:09 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Help
2014-02-09 00:09 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Globalization
2014-02-09 00:09 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Branding
2014-02-09 00:09 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\AppCompat
2014-02-09 00:08 - 2014-02-04 18:58 - 00000000 ____D () C:\EEK
2014-02-09 00:08 - 2014-02-04 04:37 - 00000000 ____D () C:\Program Files\SimilarProducts
2014-02-09 00:08 - 2014-01-31 09:36 - 00000000 ____D () C:\Program Files\Opera
2014-02-09 00:08 - 2014-01-30 14:41 - 00000000 ____D () C:\Program Files\Synaptics
2014-02-09 00:08 - 2014-01-30 14:34 - 00000000 ____D () C:\Program Files\Realtek
2014-02-09 00:08 - 2014-01-30 14:02 - 00000000 ____D () C:\ProgramData\IObit
2014-02-09 00:08 - 2014-01-28 13:08 - 00000000 ____D () C:\Program Files\BSR Screen Recorder 6
2014-02-09 00:08 - 2014-01-28 07:10 - 00000000 ____D () C:\Program Files\iFunbox 2014
2014-02-09 00:08 - 2014-01-26 15:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-02-09 00:08 - 2014-01-26 04:14 - 00000000 ____D () C:\Program Files\Process Hacker 2
2014-02-09 00:08 - 2014-01-26 03:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-09 00:08 - 2014-01-26 01:07 - 00000000 ____D () C:\Program Files\Aomei Ntfs2Fat32 Pro Edition 2.0
2014-02-09 00:08 - 2014-01-25 14:17 - 00000000 ____D () C:\Program Files\GLArab.com
2014-02-09 00:08 - 2014-01-25 13:11 - 00000000 ____D () C:\Program Files\Common Files\TechSmith Shared
2014-02-09 00:08 - 2014-01-25 12:06 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-02-09 00:08 - 2014-01-25 12:06 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-02-09 00:08 - 2014-01-25 12:05 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-02-09 00:08 - 2014-01-25 12:04 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-02-09 00:08 - 2014-01-25 12:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-09 00:08 - 2014-01-25 12:00 - 00000000 ____D () C:\Program Files\WinRAR
2014-02-09 00:08 - 2014-01-25 12:00 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-02-09 00:08 - 2014-01-25 11:59 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-09 00:08 - 2014-01-25 11:57 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack
2014-02-09 00:08 - 2014-01-25 10:43 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-09 00:08 - 2014-01-25 08:03 - 00000000 ____D () C:\Program Files\TeraCopy
2014-02-09 00:08 - 2014-01-25 07:23 - 00000000 ____D () C:\Program Files\KeyScrambler
2014-02-09 00:08 - 2014-01-25 06:15 - 00000000 ____D () C:\Program Files\Hekasoft Backup & Restore
2014-02-09 00:08 - 2014-01-25 04:59 - 00000000 ____D () C:\Program Files\FastStone Capture
2014-02-09 00:08 - 2014-01-25 04:51 - 00000000 ____D () C:\Program Files\Internet Download Manager
2014-02-09 00:08 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-02-09 00:08 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\MSBuild
2014-02-09 00:08 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-02-09 00:08 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Windows NT
2014-02-09 00:08 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\SpeechEngines
2014-02-09 00:08 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-09 00:07 - 2010-11-20 16:46 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-09 00:05 - 2009-07-13 18:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-02-08 23:59 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\registration
2014-02-08 23:45 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Web
2014-02-08 23:45 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Vss
2014-02-08 23:21 - 2014-02-06 06:37 - 00000000 ____D () C:\Program Files\Wondershare
2014-02-08 23:21 - 2014-01-25 13:10 - 00000000 ____D () C:\ProgramData\TechSmith
2014-02-08 23:20 - 2014-01-26 15:36 - 00000000 ____D () C:\Program Files\VideoLAN
2014-02-08 23:20 - 2014-01-25 13:10 - 00000000 ____D () C:\Program Files\TechSmith
2014-02-08 23:19 - 2014-01-28 02:23 - 00000000 ____D () C:\Program Files\NirSoft
2014-02-08 23:18 - 2014-01-25 12:05 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework
2014-02-08 23:18 - 2014-01-25 12:05 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-02-08 23:18 - 2014-01-25 12:03 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-02-08 23:17 - 2014-02-02 20:11 - 00000000 ____D () C:\Program Files\iolo
2014-02-08 23:17 - 2014-01-26 01:02 - 00000000 ____D () C:\Program Files\Macrorit
2014-02-08 23:17 - 2014-01-25 12:04 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-02-08 23:17 - 2014-01-25 11:58 - 00000000 ____D () C:\Program Files\Java
2014-02-08 23:16 - 2014-02-06 06:41 - 00000000 ____D () C:\Program Files\Common Files\Wondershare
2014-02-08 23:16 - 2014-02-01 21:41 - 00000000 ____D () C:\Program Files\Comodo
2014-02-08 23:16 - 2014-01-28 04:26 - 00000000 ____D () C:\Program Files\Intel
2014-02-08 23:15 - 2014-01-25 11:59 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-02-08 23:15 - 2014-01-25 10:00 - 00000000 ____D () C:\Program Files\CodeMeter
2014-02-08 23:14 - 2014-01-25 06:03 - 00000000 ____D () C:\Program Files\Adobe
2014-02-08 23:13 - 2014-01-25 12:03 - 00000000 __RHD () C:\MSOCache
2014-02-08 23:13 - 2014-01-25 05:35 - 00000000 ____D () C:\Komku
2014-02-08 22:39 - 2014-02-08 22:39 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-02-08 13:29 - 2014-02-02 20:28 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\ARHome
2014-02-08 00:55 - 2014-02-08 00:55 - 00000000 ____D () C:\Users\d\AppData\Roaming\AVAST Software
2014-02-08 00:53 - 2014-02-07 22:48 - 00000000 ____D () C:\Users\d\AppData\Roaming\IObit
2014-02-08 00:36 - 2014-02-02 20:27 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\newnext.me
2014-02-08 00:28 - 2014-02-08 00:28 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\gjfrjteg.sys
2014-02-07 22:56 - 2014-02-07 22:56 - 00109280 _____ () C:\Users\d\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-07 22:55 - 2014-02-07 22:55 - 00000000 ____D () C:\Users\d\AppData\Local\Mozilla
2014-02-07 22:55 - 2014-02-07 22:48 - 00000000 ____D () C:\Users\d\AppData\Roaming\Mozilla
2014-02-07 22:48 - 2014-02-07 22:48 - 00000000 ____D () C:\Users\d\AppData\Roaming\Moonchild Productions
2014-02-07 22:48 - 2014-02-07 22:48 - 00000000 ____D () C:\Users\d\AppData\Roaming\FastStone
2014-02-07 22:48 - 2014-02-07 22:48 - 00000000 ____D () C:\Users\d\AppData\Local\Moonchild Productions
2014-02-07 22:48 - 2014-02-07 22:48 - 00000000 ____D () C:\Users\d\AppData\Local\FastStone
2014-02-07 21:15 - 2014-02-07 21:15 - 00000000 _____ () C:\Users\d\daemonprocess.txt
2014-02-07 21:12 - 2014-02-07 21:12 - 00000000 ____D () C:\Users\d\AppData\Roaming\ioloGovernor
2014-02-07 21:10 - 2014-02-07 21:10 - 00001417 _____ () C:\Users\d\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-07 21:10 - 2014-02-07 21:10 - 00000000 ____D () C:\Users\d\AppData\Roaming\Adobe
2014-02-07 21:10 - 2014-02-07 21:10 - 00000000 ____D () C:\Users\d\AppData\Local\VirtualStore
2014-02-07 21:09 - 2014-02-07 21:09 - 00000020 ___SH () C:\Users\d\ntuser.ini
2014-02-07 14:57 - 2014-01-25 04:52 - 00000000 ____D () C:\Users\Owner\Downloads\Video
2014-02-07 14:52 - 2014-02-07 14:52 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\WindSolutions
2014-02-07 14:38 - 2014-01-28 08:27 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-02-07 14:31 - 2014-02-07 14:31 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-02-07 14:00 - 2014-01-28 08:29 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Apple Computer
2014-02-07 05:45 - 2014-02-07 05:43 - 20553737 _____ () C:\Users\Owner\Downloads\يا أمة محمد - الخطبة التي سجن بسببها الشيخ خالد الراشد - كاملة.3GP
2014-02-07 03:36 - 2014-02-07 03:36 - 00512784 _____ (AVAST Software) C:\Users\Owner\Desktop\avastclear.exe
2014-02-07 03:35 - 2014-02-07 03:35 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\avkjrmmr.sys
2014-02-07 03:32 - 2014-02-07 03:32 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\tqjmaywk.sys
2014-02-07 00:59 - 2014-02-07 00:59 - 1182018380 _____ () C:\Users\Owner\Documents\Video_2014-02-07_005939.wmv
2014-02-06 21:27 - 2014-02-06 21:27 - 2014447186 _____ () C:\Users\Owner\Documents\Video_2014-02-06_212734.wmv
2014-02-06 21:13 - 2014-02-06 21:13 - 00002107 _____ () C:\Users\Public\Desktop\Wondershare MobileTrans.lnk
2014-02-06 21:13 - 2014-02-06 21:13 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Wondershare
2014-02-06 21:13 - 2014-02-02 20:27 - 00000000 ____D () C:\Users\Owner\.android
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 ____D () C:\Users\Owner\Documents\iTools
2014-02-06 18:14 - 2014-02-06 18:10 - 81246648 _____ () C:\Users\Owner\Downloads\Hearing- Al-Qaeda's Resurgence in Iraq- A Threat to U.S. Interests.3GP
2014-02-06 17:12 - 2014-02-06 17:12 - 00001684 _____ () C:\Users\Owner\Downloads\license(22).avastlic
2014-02-06 06:44 - 2014-02-06 06:44 - 145967924 _____ () C:\Users\Owner\Documents\Video_2014-02-06_064445.wmv
2014-02-06 06:41 - 2014-02-06 06:41 - 00000000 ____D () C:\Users\Owner\AppData\Local\Wondershare
2014-02-06 06:37 - 2014-02-06 06:36 - 00000000 ____D () C:\Users\Public\Documents\Wondershare
2014-02-06 06:23 - 2014-02-06 06:23 - 00000134 _____ () C:\Users\Owner\Desktop\Microsoft Fix it.url
2014-02-06 05:46 - 2014-01-28 13:10 - 00000000 ____D () C:\Users\Owner\Documents\BSR Photos
2014-02-06 05:45 - 2014-02-06 05:45 - 1483773358 _____ () C:\Users\Owner\Documents\Video_2014-02-06_054517.wmv
2014-02-06 02:22 - 2014-02-06 02:22 - 00000194 _____ () C:\console.log
2014-02-06 01:05 - 2014-02-02 20:27 - 00000000 ____D () C:\Users\Owner\AppData\Local\cache
2014-02-05 22:53 - 2014-02-05 22:53 - 1297253700 _____ () C:\Users\Owner\Documents\Video_2014-02-05_225344.wmv
2014-02-05 04:26 - 2014-02-05 04:27 - 532364488 _____ () C:\Users\Owner\Documents\Video_2014-02-05_042705.wmv
2014-02-05 02:25 - 2014-02-05 02:25 - 00000000 ____D () C:\Windows\system32\config\SM Registry Backup
2014-02-05 02:25 - 2014-02-02 20:10 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\iolo
2014-02-05 02:25 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-02-05 02:19 - 2014-02-05 02:17 - 28646487 _____ () C:\Users\Owner\Downloads\مع الحدث _  العراق واسباب تاجيل السيطرة على الفلوجة _  wnn 04 02 2014.3GP
2014-02-05 01:46 - 2014-02-05 01:46 - 825282056 _____ () C:\Users\Owner\Documents\Video_2014-02-05_014653.wmv
2014-02-05 00:52 - 2014-02-05 00:52 - 00162349 _____ () C:\Users\Owner\Downloads\J1Lb9UKW.jpeg
2014-02-04 22:04 - 2014-02-04 22:04 - 361895916 _____ () C:\Users\Owner\Documents\Video_2014-02-04_220411.wmv
2014-02-04 21:32 - 2014-02-04 21:32 - 01946971 _____ () C:\Users\Owner\Downloads\فكرة البيرقدار‬ - YouTube.3gp
2014-02-04 20:31 - 2014-02-04 20:31 - 260253652 _____ () C:\Users\Owner\Documents\Video_2014-02-04_203145.wmv
2014-02-04 20:26 - 2014-01-25 07:39 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\R-Studio
2014-02-04 19:14 - 2014-02-04 19:14 - 00004464 _____ () C:\Windows\system32\.crusader
2014-02-04 19:10 - 2014-02-04 19:11 - 717104010 _____ () C:\Users\Owner\Documents\Video_2014-02-04_191100.wmv
2014-02-04 18:59 - 2014-02-04 18:59 - 00000546 _____ () C:\Users\Owner\Desktop\Emsisoft Emergency Kit.lnk
2014-02-04 16:01 - 2014-02-04 16:01 - 1568183458 _____ () C:\Users\Owner\Documents\Video_2014-02-04_160150.wmv
2014-02-04 05:10 - 2014-02-04 04:50 - 571322368 _____ () C:\Users\Owner\Downloads\xpsp3_5512.080413-2113_usa_x86fre_spcd.iso
2014-02-04 03:39 - 2014-02-04 03:40 - 2224868656 _____ () C:\Users\Owner\Documents\Video_2014-02-04_034000.wmv
2014-02-03 20:42 - 2014-02-03 20:39 - 59713134 _____ () C:\Users\Owner\Downloads\السيّد بهاء الأعرجي في السيد الرئيس 26 - 10 - 2013.3GP
2014-02-03 20:08 - 2014-02-03 20:08 - 93047544 _____ () C:\Users\Owner\Documents\Video_2014-02-03_200812.wmv
2014-02-03 19:29 - 2014-02-03 19:29 - 3054921090 _____ () C:\Users\Owner\Documents\Video_2014-02-03_192933.wmv
2014-02-03 03:35 - 2014-02-03 03:34 - 04468705 _____ () C:\Users\Owner\Downloads\تغطية خاصة - علي حاتم سليمان - هناك مؤامرة على الانبار ونحن لسنا مع داعش ولسنا مع المالكي.3GP
2014-02-02 22:49 - 2014-02-02 20:28 - 00013722 _____ () C:\Users\Owner\AppData\Roaming\addonVont.zip
2014-02-02 22:49 - 2014-02-02 20:28 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\VolIE
2014-02-02 22:48 - 2014-01-25 11:58 - 00002330 _____ () C:\Users\Owner\Desktop\Google Chrome.lnk
2014-02-02 20:38 - 2014-02-02 20:38 - 00000000 ____D () C:\Windows\system32\config\Before Compact
2014-02-02 20:28 - 2014-02-02 20:28 - 02809552 _____ () C:\Users\Owner\Desktop\system_mechanic_12.5_activator_only.rar
2014-02-02 20:27 - 2014-02-02 20:27 - 00000000 ____D () C:\Users\Owner\Documents\Mobogenie
2014-02-02 20:27 - 2014-02-02 20:27 - 00000000 _____ () C:\Users\Owner\daemonprocess.txt
2014-02-02 20:24 - 2014-02-02 20:24 - 531699950 _____ () C:\Users\Owner\Documents\Video_2014-02-02_202440.wmv
2014-02-02 20:14 - 2014-02-02 20:14 - 00000000 ____D () C:\Windows\system32\config\Original
2014-02-02 20:11 - 2014-02-02 20:11 - 00002169 _____ () C:\Users\Owner\Desktop\System Mechanic.lnk
2014-02-02 20:11 - 2014-02-02 20:11 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\ioloGovernor
2014-02-02 20:11 - 2014-02-02 20:11 - 00000000 ____D () C:\ProgramData\ioloGovernor
2014-02-02 20:10 - 2014-02-02 20:10 - 00074703 _____ () C:\Windows\system32\mfc45.dat
2014-02-02 15:18 - 2014-02-02 15:18 - 1998730488 _____ () C:\Users\Owner\Documents\Video_2014-02-02_151827.wmv
2014-02-02 03:11 - 2014-01-30 14:17 - 30728192 _____ () C:\Windows\system32\config\COMPONENTS.iobit
2014-02-02 02:55 - 2014-02-02 02:55 - 93948536 _____ () C:\Users\Owner\Documents\Video_2014-02-02_025514.wmv
2014-02-02 02:23 - 2014-02-02 02:23 - 00001584 _____ () C:\Users\Owner\Documents\ooo.txt
2014-02-02 02:23 - 2014-02-02 02:23 - 00001584 _____ () C:\Users\Owner\Documents\lll.txt
2014-02-02 02:15 - 2014-02-02 02:15 - 1462096526 _____ () C:\Users\Owner\Documents\Video_2014-02-02_021507.wmv
2014-02-01 21:41 - 2014-02-01 21:41 - 00048392 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2014-02-01 21:41 - 2014-02-01 21:41 - 00001078 _____ () C:\Users\Public\Desktop\Comodo Dragon.lnk
2014-02-01 21:41 - 2014-02-01 21:41 - 00000000 ____D () C:\Users\Owner\AppData\Local\Comodo
2014-02-01 21:38 - 2014-02-01 21:38 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\gdiplus.dll
2014-02-01 21:38 - 2014-02-01 21:38 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll
2014-02-01 19:43 - 2014-02-01 19:43 - 2714731438 _____ () C:\Users\Owner\Documents\Video_2014-02-01_194350.wmv
2014-02-01 10:42 - 2014-02-01 10:42 - 1529172334 _____ () C:\Users\Owner\Documents\Video_2014-02-01_104207.wmv
2014-01-31 12:21 - 2014-01-31 12:21 - 1431880654 _____ () C:\Users\Owner\Documents\Video_2014-01-31_122106.wmv
2014-01-31 09:36 - 2014-01-31 09:36 - 00001779 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-01-31 09:36 - 2014-01-31 09:36 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Opera
2014-01-31 09:36 - 2014-01-31 09:36 - 00000000 ____D () C:\Users\Owner\AppData\Local\Opera
2014-01-31 08:00 - 2014-01-31 08:00 - 00066999 _____ () C:\Users\Owner\Documents\RecoverMyFiles.CSV
2014-01-31 02:29 - 2014-01-31 02:29 - 2277533224 _____ () C:\Users\Owner\Documents\Video_2014-01-31_022924.wmv
2014-01-30 15:20 - 2014-01-30 15:21 - 207719386 _____ () C:\Users\Owner\Documents\Video_2014-01-30_152116.wmv
2014-01-30 14:44 - 2014-01-30 14:43 - 06174374 _____ () C:\Users\Owner\Downloads\---كاظم ماتت بمحراب عينيك.3gp
2014-01-30 14:41 - 2014-01-30 14:41 - 07530736 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwNs32.sys
2014-01-30 14:41 - 2014-01-30 14:41 - 02767600 _____ (Intel Corporation) C:\Windows\system32\NETwNr32.dll
2014-01-30 14:41 - 2014-01-30 14:41 - 01629040 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2014-01-30 14:41 - 2014-01-30 14:41 - 00690928 _____ (Intel Corporation) C:\Windows\system32\NETwNc32.dll
2014-01-30 14:41 - 2014-01-30 14:41 - 00027888 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2014-01-30 14:41 - 2014-01-30 14:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2014-01-30 14:39 - 2014-01-30 14:39 - 11405824 _____ (Intel Corporation) C:\Windows\system32\ig4icd32.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 09037312 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys
2014-01-30 14:39 - 2014-01-30 14:39 - 08195640 _____ (Intel® Corporation) C:\Windows\system32\TVWSetup.exe
2014-01-30 14:39 - 2014-01-30 14:39 - 03158584 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-01-30 14:39 - 2014-01-30 14:39 - 00268856 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-01-30 14:39 - 2014-01-30 14:39 - 00261632 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 00228864 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 00195584 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 00189552 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00180280 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-01-30 14:39 - 2014-01-30 14:39 - 00178407 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00165395 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00139909 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00136401 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00133746 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00130048 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 00125558 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00123230 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00122927 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00122709 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00121173 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00120800 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00120366 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00120320 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 00119616 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00119586 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00119360 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00119067 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00118745 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00118697 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00118409 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00118058 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00115200 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-01-30 14:39 - 2014-01-30 14:39 - 00114852 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00114372 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00114261 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00110211 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00104044 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00102883 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-01-30 14:39 - 2014-01-30 14:39 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00085504 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00084480 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00084480 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00082944 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00082944 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00081920 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00081920 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-01-30 14:39 - 2014-01-30 14:39 - 00081920 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2869.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 00051652 _____ () C:\Windows\system32\iglhxs32.vp
2014-01-30 14:39 - 2014-01-30 14:39 - 00023552 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-01-30 14:39 - 2014-01-30 14:39 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-01-30 14:39 - 2011-02-11 19:12 - 04896768 _____ (Intel Corporation) C:\Windows\system32\igdumd32.dll
2014-01-30 14:39 - 2011-02-11 19:09 - 00571904 _____ (Intel Corporation) C:\Windows\system32\igdumdx32.dll
2014-01-30 14:39 - 2011-02-11 19:04 - 04338688 _____ (Intel Corporation) C:\Windows\system32\igd10umd32.dll
2014-01-30 14:39 - 2011-02-11 18:41 - 00057856 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2014-01-30 14:39 - 2011-02-11 18:40 - 00828928 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-01-30 14:39 - 2011-02-11 18:40 - 00095232 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2014-01-30 14:35 - 2014-01-30 14:35 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-01-30 14:33 - 2014-01-30 14:33 - 05681196 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-01-30 14:33 - 2014-01-30 14:33 - 02929048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2014-01-30 14:33 - 2014-01-30 14:33 - 02547928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 02329304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 01824000 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 01596488 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2014-01-30 14:33 - 2014-01-30 14:33 - 01379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00938752 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt32.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00919600 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00823040 _____ (DTS, Inc.) C:\Windows\system32\sl3apo32.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00819648 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00782040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00693329 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-01-30 14:33 - 2014-01-30 14:33 - 00604928 _____ (DTS, Inc.) C:\Windows\system32\sltech32.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00218368 _____ (TODO: <Company name>) C:\Windows\system32\slprp32.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00126680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2014-01-30 14:33 - 2014-01-30 14:33 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2014-01-30 14:33 - 2014-01-30 14:32 - 41974272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2014-01-30 14:32 - 2014-01-30 14:32 - 27369216 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 13881600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 07162128 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 06176944 _____ (Dolby Laboratories) C:\Windows\system32\DDPP32A.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 05115672 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 03629824 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 02395680 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 01935104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 01677568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 01489072 _____ (Dolby Laboratories) C:\Windows\system32\DDPD32A.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 01097984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00926976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00873728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO40.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00865592 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00860416 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00852016 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00761088 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO20.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00502584 _____ () C:\Windows\system32\audioLibVc.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00426944 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00403392 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00357712 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00352016 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00346048 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00272048 _____ (Dolby Laboratories) C:\Windows\system32\DDPO32A.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00219312 _____ (Dolby Laboratories) C:\Windows\system32\DDPA32.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00188696 _____ () C:\Windows\system32\AcpiServiceVnA.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00182472 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00106768 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00092584 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00091920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2014-01-30 14:32 - 2014-01-30 14:32 - 00062224 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2014-01-30 14:27 - 2014-01-25 11:44 - 00000000 ____D () C:\Windows\Panther
2014-01-30 14:18 - 2014-01-30 14:18 - 00001142 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-01-30 14:18 - 2014-01-30 14:03 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\IObit
2014-01-30 14:06 - 2014-01-30 14:06 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-30 14:05 - 2014-01-30 14:05 - 00001175 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-01-30 14:05 - 2014-01-30 14:05 - 00000000 ____D () C:\ProgramData\ProductData
2014-01-30 13:48 - 2014-01-30 13:48 - 739350526 _____ () C:\Users\Owner\Documents\Video_2014-01-30_134840.wmv
2014-01-30 08:35 - 2014-01-29 09:13 - 00006840 _____ () C:\Windows\system32\HideMyIpSRV.ini
2014-01-30 08:35 - 2014-01-29 09:13 - 00003576 _____ () C:\Windows\system32\HideMyIpSRVOff.ini
2014-01-30 08:12 - 2014-01-29 10:57 - 00000000 ____D () C:\Program Files\ColorSoft
2014-01-30 05:15 - 2014-01-30 05:15 - 38831328 _____ () C:\Users\Owner\Documents\Video_2014-01-30_051542.wmv
2014-01-30 01:10 - 2014-01-30 01:10 - 134411250 _____ () C:\Users\Owner\Documents\Video_2014-01-30_011044.wmv
2014-01-30 00:03 - 2014-01-30 00:03 - 1656140734 _____ () C:\Users\Owner\Documents\Video_2014-01-30_000316.wmv
2014-01-29 14:39 - 2014-01-29 14:37 - 27044107 _____ () C:\Users\Owner\Downloads\لقاء وزير العدل حسن الشمري مع قناة الحرة.3GP
2014-01-29 14:38 - 2014-01-29 14:37 - 01192836 _____ () C:\Users\Owner\Downloads\تصريحات نارية وزير العدل العراقي حسن الشمري.3GP
2014-01-29 14:02 - 2014-01-29 14:01 - 06739404 _____ () C:\Users\Owner\Downloads\عاجل عاجل فصل عزه ابراهيم الدوري من الحزب - ٣.3GP
2014-01-29 14:02 - 2014-01-29 14:00 - 08878497 _____ () C:\Users\Owner\Downloads\عاجل عاجل فصل عزه ابراهيم الدوري من الحزب - ١.3GP
2014-01-29 12:58 - 2014-01-29 12:57 - 16557557 _____ () C:\Users\Owner\Downloads\مداخلة د. طه الدليمي حول لقاء د.حارث الضاري في قناة الجزيرة.3GP
2014-01-29 12:33 - 2014-01-29 12:33 - 640998956 _____ () C:\Users\Owner\Documents\Video_2014-01-29_123321.wmv
2014-01-29 09:10 - 2014-01-29 09:10 - 63979348 _____ () C:\Users\Owner\Documents\Video_2014-01-29_091005.wmv
2014-01-29 01:24 - 2014-01-28 02:21 - 00000000 ____D () C:\Windows\Minidump
2014-01-28 16:11 - 2014-01-28 16:11 - 251711138 _____ () C:\Users\Owner\Documents\Video_2014-01-28_161146.wmv
2014-01-28 15:17 - 2009-07-13 18:04 - 00001037 _____ () C:\Windows\system32\Drivers\etc\HOSTS.BAK
2014-01-28 13:10 - 2014-02-07 21:08 - 00000000 ____D () C:\Users\d\AppData\Local\Bulents
2014-01-28 13:10 - 2014-01-28 13:10 - 00692224 _____ () C:\Windows\system32\bsrmgcv.dll
2014-01-28 13:10 - 2014-01-28 13:10 - 00192512 _____ () C:\Windows\system32\bsrmgps.dll
2014-01-28 13:10 - 2014-01-28 13:10 - 00098304 _____ () C:\Windows\system32\bsreffs.dll
2014-01-28 13:10 - 2014-01-28 13:10 - 00090112 _____ () C:\Windows\system32\bsrlback.dll
2014-01-28 13:10 - 2014-01-28 13:10 - 00081920 _____ () C:\Windows\system32\bsrgvas.dll
2014-01-28 13:10 - 2014-01-28 13:10 - 00002059 _____ () C:\Users\Owner\Desktop\BSR Screen Recorder 6.lnk
2014-01-28 13:10 - 2014-01-28 13:10 - 00000000 ____D () C:\Users\Owner\AppData\Local\Bulents
2014-01-28 13:10 - 2014-01-28 13:10 - 00000000 ____D () C:\Users\Default\AppData\Local\Bulents
2014-01-28 13:10 - 2014-01-28 13:10 - 00000000 ____D () C:\Users\Default User\AppData\Local\Bulents
2014-01-28 13:08 - 2014-01-28 13:08 - 00585728 _____ () C:\Windows\system32\bsratswf.dll
2014-01-28 13:08 - 2014-01-28 13:08 - 00147456 _____ () C:\Windows\system32\bsratwmv.dll
2014-01-28 13:08 - 2014-01-28 13:08 - 00000000 ____D () C:\Users\Owner\Documents\BSR Projects
2014-01-28 08:57 - 2014-01-28 08:57 - 00071443 _____ () C:\Users\Owner\Downloads\xcz7Sn-2.jpeg
2014-01-28 08:29 - 2014-01-28 08:29 - 00000000 ____D () C:\Users\Owner\AppData\Local\Apple Computer
2014-01-28 08:27 - 2014-01-28 08:27 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-01-28 08:26 - 2014-01-28 08:26 - 00000000 ____D () C:\Users\Owner\AppData\Local\Apple
2014-01-28 08:15 - 2014-01-25 15:00 - 00000000 ____D () C:\Users\Owner\Documents\Camtasia Studio
2014-01-28 07:10 - 2014-01-28 07:10 - 00001012 _____ () C:\Users\Public\Desktop\iFunBox 2014.lnk
2014-01-28 04:35 - 2014-01-28 04:35 - 00000000 ____D () C:\Windows\system32\fr
2014-01-28 04:35 - 2014-01-28 04:35 - 00000000 ____D () C:\Windows\system32\040C
2014-01-28 04:35 - 2010-11-20 16:38 - 00000000 ____D () C:\Windows\DigitalLocker
2014-01-28 04:26 - 2014-01-28 04:26 - 00000000 ____D () C:\Intel
2014-01-28 03:13 - 2009-07-13 18:04 - 00000478 _____ () C:\Windows\win.ini
2014-01-28 02:53 - 2014-01-28 02:53 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Runscanner.net
2014-01-28 02:23 - 2014-01-28 02:23 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2014-01-28 02:12 - 2014-01-28 02:08 - 55170565 _____ () C:\Users\Owner\Downloads\الحقيقة الدولية .. مأساة سكان مخيم -اشرف- الانسانية‬ - YouTube.3gp
2014-01-27 22:52 - 2014-01-27 22:52 - 3132929792 _____ () C:\Users\Owner\Documents\Video_2014-01-27_225234.wmv
2014-01-27 01:53 - 2014-01-27 01:53 - 1185891078 _____ () C:\Users\Owner\Documents\Video_2014-01-27_015311.wmv
2014-01-26 18:10 - 2014-02-07 21:08 - 00000000 ____D () C:\Users\d\AppData\Local\Microsoft Help
2014-01-26 18:10 - 2014-01-26 18:10 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-26 18:10 - 2014-01-26 18:10 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-26 18:03 - 2014-01-26 18:03 - 434954710 _____ () C:\Users\Owner\Documents\Video_2014-01-26_180329.wmv
2014-01-26 16:47 - 2014-01-25 11:51 - 00000000 ____D () C:\Users\Owner\AppData\Local\VirtualStore
2014-01-26 15:46 - 2014-01-26 15:46 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-26 15:45 - 2014-01-26 15:41 - 00005134 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-01-26 15:42 - 2014-01-26 15:42 - 566907024 _____ () C:\Users\Owner\Documents\Video_2014-01-26_154233.wmv
2014-01-26 15:41 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-01-26 15:38 - 2014-01-26 15:38 - 00001028 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-01-26 12:15 - 2014-01-26 12:15 - 202526376 _____ () C:\Users\Owner\Documents\Video_2014-01-26_121502.wmv
2014-01-26 07:57 - 2014-01-26 07:57 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\QFX Software
2014-01-26 05:34 - 2014-01-26 05:34 - 624682326 _____ () C:\Users\Owner\Documents\Video_2014-01-26_053436.wmv
2014-01-26 05:28 - 2014-01-26 05:25 - 32423974 _____ () C:\Users\Owner\Downloads\THE FUTURE OF IRAQ.3GP
2014-01-26 04:16 - 2014-01-26 04:16 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Process Hacker 2
2014-01-26 04:14 - 2014-01-26 04:14 - 00001998 _____ () C:\Users\Owner\Desktop\Process Hacker 2.lnk
2014-01-26 04:07 - 2014-01-25 13:15 - 00000000 ____D () C:\Users\Owner\AppData\Local\Adobe
2014-01-26 04:07 - 2014-01-25 12:05 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Adobe
2014-01-26 03:10 - 2014-01-26 03:10 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-26 03:10 - 2014-01-26 03:10 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-26 03:10 - 2014-01-26 03:10 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-26 03:10 - 2014-01-26 03:10 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-26 03:10 - 2014-01-26 03:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-26 03:10 - 2014-01-26 03:10 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-26 03:10 - 2014-01-26 03:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-26 03:10 - 2014-01-26 03:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-26 03:10 - 2014-01-26 03:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-26 03:10 - 2014-01-26 03:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-26 03:10 - 2014-01-26 03:10 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-26 03:09 - 2014-01-26 03:09 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-01-26 03:09 - 2014-01-26 03:09 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-01-26 03:09 - 2014-01-26 03:09 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-01-26 03:09 - 2014-01-26 03:09 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-01-26 03:09 - 2014-01-26 03:09 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-01-26 03:09 - 2014-01-26 03:09 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-01-26 03:09 - 2014-01-26 03:09 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-01-26 03:09 - 2014-01-26 03:09 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-01-26 03:08 - 2014-01-26 03:08 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-01-26 01:18 - 2014-01-26 01:18 - 00000000 ____D () C:\ProgramData\FastStone
2014-01-26 01:08 - 2014-01-26 01:08 - 00000072 _____ () C:\Users\Owner\Downloads\check.htm
2014-01-26 01:07 - 2014-01-26 01:07 - 00001049 _____ () C:\Users\Public\Desktop\Aomei Ntfs2Fat32 Pro Edition 2.0.lnk
2014-01-26 01:02 - 2014-01-26 01:02 - 00001133 _____ () C:\Users\Owner\Desktop\Macrorit NTFS To FAT32 Converter.lnk
2014-01-26 01:02 - 2014-01-26 01:02 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macrorit NTFS To FAT32 Converter
2014-01-26 00:59 - 2014-01-26 00:59 - 00000053 __RSH () C:\Windows\system32\Drivers\wmiacpi.winsecurity
2014-01-26 00:59 - 2014-01-26 00:59 - 00000000 ____D () C:\ProgramData\CodeMeter
2014-01-25 15:46 - 2014-01-25 15:46 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Macromedia
2014-01-25 15:46 - 2014-01-25 15:46 - 00000000 ____D () C:\Users\Owner\AppData\Local\Macromedia
2014-01-25 15:44 - 2014-01-25 15:44 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Mozilla
2014-01-25 15:44 - 2014-01-25 15:44 - 00000000 ____D () C:\Users\Owner\AppData\Local\Mozilla
2014-01-25 15:43 - 2009-07-13 18:37 - 00000000 __RHD () C:\Users\Public\Libraries
2014-01-25 15:43 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-01-25 15:15 - 2014-01-25 15:15 - 00352814 _____ () C:\Users\Owner\Documents\cdcds.wav
2014-01-25 15:06 - 2014-01-25 15:06 - 00000000 ____D () C:\Users\Owner\AppData\Local\TechSmith
2014-01-25 15:05 - 2014-01-25 15:05 - 11595680 _____ () C:\Users\Owner\Documents\Video_2014-01-25_150536.wmv
2014-01-25 15:01 - 2014-01-25 15:01 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\TechSmith
2014-01-25 14:58 - 2014-01-25 14:59 - 317807924 _____ () C:\Users\Owner\Documents\Video_2014-01-25_145856.wmv
2014-01-25 13:12 - 2014-01-25 13:12 - 00001126 _____ () C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2014-01-25 13:12 - 2014-01-25 13:12 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2014-01-25 13:12 - 2014-01-25 13:12 - 00000000 ____D () C:\Program Files\QuickTime
2014-01-25 12:17 - 2014-01-25 12:17 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\FastStone
2014-01-25 12:17 - 2014-01-25 12:17 - 00000000 ____D () C:\Users\Owner\AppData\Local\FastStone
2014-01-25 12:05 - 2014-01-25 12:05 - 00000000 ____D () C:\Windows\PCHEALTH
2014-01-25 12:03 - 2014-01-25 12:03 - 00000000 ____D () C:\Users\Owner\AppData\Local\Microsoft Help
2014-01-25 12:00 - 2014-01-25 12:00 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-25 11:59 - 2014-01-25 11:59 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-25 11:59 - 2014-01-25 11:59 - 00000000 ____D () C:\ProgramData\Sun
2014-01-25 11:59 - 2014-01-25 11:59 - 00000000 ____D () C:\ProgramData\Mozilla
2014-01-25 11:58 - 2014-01-25 11:58 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-01-25 11:58 - 2014-01-25 11:58 - 00000000 ____D () C:\Users\Owner\AppData\Local\Google
2014-01-25 11:55 - 2014-01-25 11:55 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-01-25 11:51 - 2014-01-25 11:51 - 00000020 ___SH () C:\Users\Owner\ntuser.ini
2014-01-25 11:51 - 2014-01-25 11:51 - 00000000 __SHD () C:\Recovery
2014-01-25 11:46 - 2010-11-20 16:46 - 00000000 ____D () C:\Windows\CSC
2014-01-25 11:44 - 2009-07-13 20:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-01-25 11:44 - 2009-07-13 20:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-01-25 10:42 - 2014-01-25 04:59 - 00001037 _____ () C:\Users\Public\Desktop\FastStone Capture.lnk
2014-01-25 10:00 - 2014-01-25 10:00 - 00000617 _____ () C:\Users\Owner\Desktop\Recover My Files v5.lnk
2014-01-25 10:00 - 2014-01-25 10:00 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recover My Files v5
2014-01-25 09:26 - 2014-01-25 09:26 - 00000618 _____ () C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 7.0.lnk
2014-01-25 07:43 - 2014-01-25 07:43 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\R-TT
2014-01-25 07:43 - 2014-01-25 07:39 - 00000000 ____D () C:\Users\Owner\Documents\R-TT
2014-01-25 07:13 - 2014-01-25 07:13 - 00001417 _____ () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-25 06:27 - 2014-01-25 11:58 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-01-25 06:27 - 2014-01-25 11:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-01-25 06:15 - 2014-01-25 06:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Hekasoft
2014-01-25 06:13 - 2014-01-25 06:13 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\MPC-HC
2014-01-25 06:04 - 2014-01-25 06:04 - 00001989 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-01-25 06:03 - 2014-01-25 11:59 - 00000000 ____D () C:\ProgramData\Adobe
2014-01-25 05:40 - 2014-01-25 05:40 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\WinRAR
2014-01-25 05:30 - 2014-01-25 05:30 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Moonchild Productions
2014-01-25 05:30 - 2014-01-25 05:30 - 00000000 ____D () C:\Users\Owner\AppData\Local\Moonchild Productions
2014-01-25 05:26 - 2014-01-25 05:24 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-25 05:20 - 2014-01-25 05:20 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-01-25 05:17 - 2014-01-25 05:17 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-01-25 05:17 - 2014-01-25 05:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-01-25 05:15 - 2014-01-25 05:15 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-01-25 05:15 - 2014-01-25 05:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2014-01-25 05:05 - 2014-01-25 04:54 - 255479656 _____ () C:\Users\Owner\Downloads\camtasia.exe
2014-01-25 04:53 - 2014-01-25 15:50 - 04669416 _____ (AVAST Software) C:\Users\Owner\Downloads\avast_internet_security_setup_online.exe
2014-01-25 04:52 - 2014-01-25 04:52 - 00000000 ____D () C:\ProgramData\IDM
2014-01-25 04:51 - 2014-01-25 15:51 - 05865480 _____ (Tonec Inc.) C:\Users\Owner\Downloads\idman618build12.exe
2014-01-25 04:51 - 2014-01-25 04:51 - 00000983 _____ () C:\Users\Owner\Desktop\Internet Download Manager.lnk
2014-01-25 04:51 - 2014-01-25 04:51 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2014-01-23 12:56 - 2014-01-23 12:12 - 05044479 _____ () C:\Users\Owner\AppData\Local\Temp1.exe
2014-01-20 09:18 - 2014-01-20 08:25 - 00000000 ____D () C:\Users\Owner\AppData\Local\IDM
2014-01-16 09:59 - 2014-01-25 05:07 - 00231584 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\HitmanPro.exe
C:\Users\Owner\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Owner\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
path                    \bootmgr
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {23863607-85f9-11e3-a92a-fa1ecd9daf48}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
osdevice                partition=C:
systemroot              \Windows
resumeobject            {23863607-85f9-11e3-a92a-fa1ecd9daf48}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {23863609-85f9-11e3-a92a-fa1ecd9daf48}
device                  ramdisk=[C:]\Recovery\23863609-85f9-11e3-a92a-fa1ecd9daf48\Winre.wim,{2386360a-85f9-11e3-a92a-fa1ecd9daf48}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment (recovered)
locale                  
osdevice                ramdisk=[C:]\Recovery\23863609-85f9-11e3-a92a-fa1ecd9daf48\Winre.wim,{2386360a-85f9-11e3-a92a-fa1ecd9daf48}
systemroot              \windows
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {23863607-85f9-11e3-a92a-fa1ecd9daf48}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
pae                     Yes
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {2386360a-85f9-11e3-a92a-fa1ecd9daf48}
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\23863609-85f9-11e3-a92a-fa1ecd9daf48\boot.sdi



LastRegBack: 2014-02-10 15:14

==================== End Of Log ============================

Link to post
Share on other sites