Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can't open any programs except photoshop not even OTL


  • Please log in to reply

#46
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Can you try to download it on clean PC, rename it to combo.com and then transfer it on USB memory to infected system.

Just be sure to rename it.
  • 0

Advertisements


#47
neataznyam

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
that's what i did actually. I saved target as, changed combofix.exe to combofix.com then transfered it onto my computer.
  • 0

#48
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Please read this instruction carefully and pay attention to do everything for 64bit OS.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64.exe) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]
  • 0

#49
neataznyam

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
it says f:\frst.exe is not revcgnized as an internal or external ommand, operable program or batch file it says the same thing when i try 64
  • 0

#50
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
This error indicate that you type wrong drive (F:) or file name frst64.exe.

In your case you must must write f:\frst64.exe.

To make sure you have correct drive letter type

f:

end press Enter. If it change drive you have right one. Now just type

frst64.exe


to start program.
  • 0

#51
neataznyam

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
I get the same thing 'frst64.exe' is not recognized as an internal or external command. operable program or batcch file
  • 0

#52
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Do the same thing but this time type it with capital letters f:\FRST64.exe.

Type:

f:

end press Enter. If it change drive you have right one. Now just type

FRST64.exe

to start program.
  • 0

#53
neataznyam

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
nope still nothing
  • 0

#54
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
This is strange...

Let's make sure we have it on right disk.

Start you infected system and copy FRST64.exe from your USB to C:\ so you have it in C:\FRST64.exe

Restart your system and start Recovery Console by typing F8 as you did until now and try to run it by writing

C:\FRST64.exe

end press Enter to start program.
  • 0

#55
neataznyam

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
okay its working now
  • 0

Advertisements


#56
neataznyam

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
Scan result of Farbar Recovery Scan Tool Version: 15-03-2012
Ran by SYSTEM at 03-04-2012 00:35:37
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [499608 2011-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r [2439072 2010-05-24] (VIA)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-04-08] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-09-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [460872 2012-01-13] (Malwarebytes Corporation)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [821144 2010-10-25] (Adobe Systems Inc.)
HKU\henry\...\Run: [EPSON Stylus Photo 1400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBUA.EXE /FU "C:\Windows\TEMP\E_S6141.tmp" /EF "HKCU" [x]
HKU\henry\...\Run: [AdobeBridge] [x]
HKU\henry\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [1305408 2011-01-05] (DT Soft Ltd)
HKU\henry\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4283256 2011-05-13] (Microsoft Corporation)
HKU\henry\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [19550344 2011-10-13] (Skype Technologies S.A.)
HKU\henry\...\Run: [Akamai NetSession Interface] "C:\Users\henry\AppData\Local\Akamai\netsession_win.exe" [3329824 2012-02-02] (Akamai Technologies, Inc)
HKU\henry\...\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [393216 2010-09-30] (AMD)
HKU\henry\...\Run: [HydraVisionMDEngine] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe" [569344 2010-09-30] (AMD)
HKU\henry\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1242448 2012-02-07] (Valve Corporation)
HKU\henry\...\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet [6497592 2012-01-04] (Yahoo! Inc.)
HKU\henry\...\Run: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US [4321112 2012-02-29] (AOL Inc.)
Tcpip\Parameters: [DhcpNameServer] 76.14.0.8 76.14.0.9
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [102400 2006-04-18] (SEIKO EPSON CORPORATION)
3 FLEXnet Licensing Service 64; "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe" [1038088 2011-05-26] (Acresso Software Inc.)
2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-09-02] (Lavasoft Limited)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [652360 2012-01-13] (Malwarebytes Corporation)
2 TabletServicePen; C:\Windows\system32\Pen_Tablet.exe [5414184 2009-07-15] (Wacom Technology, Corp.)
2 tgsrvc_smartagent; C:\Windows\System32\se58mdfl.dll [6656 2009-07-13] (Oak Technology Inc.)
2 WTouchService; C:\Program Files\WTouch\WTouchService.exe [127272 2009-07-15] (Wacom Technology, Corp.)
2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll [x]

========================== Drivers (Whitelisted) =============

2 adfs; C:\Windows\System32\Drivers\adfs.sys [88632 2008-06-27] (Adobe Systems, Inc.)
2 adfs; C:\Windows\SysWow64\Drivers\adfs.sys [74720 2008-08-14] (Adobe Systems, Inc.)
3 DrvAgent64; C:\Windows\SysWow64\Drivers\DrvAgent64.sys [21712 2011-12-04] (Phoenix Technologies)
1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [254528 2011-01-19] (DT Soft Ltd)
3 Gun; \??\C:\Game\SoftnyxGame\GunBoundIS\Gun64.sys [45176 2011-06-24] ()
3 ivusb; C:\Windows\System32\Drivers\ivusb.sys [29720 2010-07-28] (Initio Corporation)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-08-09] ()
0 Lbd; C:\Windows\System32\Drivers\Lbd.sys [69376 2011-07-21] (Lavasoft AB)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [23152 2011-12-10] (Malwarebytes Corporation)
3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-15] ()
3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x64.sys [408960 2009-06-10] (NVIDIA Corporation)
0 nvstor64; C:\Windows\System32\Drivers\nvstor64.sys [244328 2010-04-08] (NVIDIA Corporation)
3 wacmoumonitor; C:\Windows\System32\Drivers\wacmoumonitor.sys [18216 2010-01-24] (Wacom Technology)
3 wacommousefilter; C:\Windows\System32\Drivers\wacommousefilter.sys [12848 2007-02-16] (Wacom Technology)
3 WacomVKHid; C:\Windows\System32\Drivers\WacomVKHid.sys [12976 2007-02-15] (Wacom Technology)
3 AODDriver4.0; [x]
2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
4 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [x]
3 NVNET; C:\Windows\System32\DRIVERS\nvmf6264.sys [x]
3 wacomvhid; C:\Windows\System32\DRIVERS\wacomvhid.sys [x]

========================== NetSvcs (Whitelisted) ===========
NETSVC: tgsrvc_smartagent

============ One Month Created Files and Folders ==============

2012-04-02 22:23 - 2012-04-03 09:32 - 4453973 ____A (Swearware) C:\Users\henry\Desktop\svscsv.com
2012-04-02 21:47 - 2012-04-02 21:47 - 4453973 ____A (Swearware) C:\Users\henry\Desktop\svchostt.com
2012-04-02 12:21 - 2012-04-02 12:21 - 0000000 ____A C:\Files.txt
2012-04-02 12:19 - 2012-04-02 12:21 - 0000000 ____D C:\Users\henry\Desktop\FileLister Folder
2012-04-02 12:01 - 2012-04-02 23:48 - 0020359 ____A C:\Users\henry\Desktop\FileLister.zip
2012-04-01 19:39 - 2012-04-02 06:26 - 98077435 ____A (Igor Pavlov) C:\Users\henry\Desktop\OTLPEStd.exe
2012-04-01 19:36 - 2012-04-01 19:36 - 0274888 ____A C:\Windows\Minidump\040112-24538-01.dmp
2012-04-01 18:46 - 2012-03-29 13:54 - 0132597 ____A C:\Users\henry\Desktop\Flash_Disinfector.exe
2012-04-01 18:38 - 2012-04-02 06:26 - 98077435 ____A (Igor Pavlov) C:\Users\henry\Desktop\svchost.exe (2).exe
2012-03-29 01:56 - 2012-03-29 13:47 - 0294400 ____A C:\Users\henry\Desktop\exeHelper.com
2012-03-29 01:13 - 2012-03-29 01:14 - 0013365 ____A C:\Users\henry\Desktop\New Text Document.txt
2012-03-29 00:08 - 2012-03-29 00:08 - 44238026 ____A C:\Users\henry\Desktop\color4.psd
2012-03-28 23:58 - 2012-03-28 23:58 - 44007097 ____A C:\Users\henry\Desktop\color3.psd
2012-03-28 23:48 - 2012-03-28 23:50 - 44379196 ____A C:\Users\henry\Desktop\color2.psd
2012-03-28 22:51 - 2012-03-28 22:51 - 42427168 ____A C:\Users\henry\Desktop\color1.psd
2012-03-28 15:05 - 2012-03-28 15:05 - 0110590 ____A C:\Users\henry\Desktop\003[1].JPG
2012-03-28 12:07 - 2012-03-28 12:07 - 0751581 ____A (maliprog @ Geekstogo) C:\Users\henry\Desktop\TheKiller2.scr
2012-03-28 12:04 - 2012-03-28 12:04 - 0751581 ____A (maliprog @ Geekstogo) C:\Users\henry\Downloads\TheKiller.scr
2012-03-26 19:51 - 2012-03-28 19:05 - 54543243 ____A C:\Users\henry\Desktop\sssss (2).psd
2012-03-26 12:43 - 2012-03-26 12:43 - 10165440 ____A (Microsoft Corporation) C:\Users\henry\Desktop\mseinstall.exe
2012-03-26 12:40 - 2012-03-26 12:47 - 0002150 ____A C:\Windows\epplauncher.mif
2012-03-26 12:37 - 2012-03-26 12:37 - 10165440 ____A (Microsoft Corporation) C:\Users\henry\Downloads\mseinstall.exe
2012-03-25 22:30 - 2012-03-26 09:31 - 256982966 ____A C:\Users\henry\Desktop\kav_rescue_10.iso
2012-03-25 19:17 - 2012-03-25 19:21 - 178789312 ____A (Kaspersky Lab) C:\Users\henry\Downloads\kis2012_12.0.0.374aEN_2778.exe
2012-03-25 19:07 - 2012-03-25 19:08 - 18099082 ____A C:\Users\henry\Downloads\kav_rescue_10.iso.g19r5to.partial
2012-03-24 23:39 - 2012-03-24 23:39 - 0000129 ____A C:\Windows\System32\MRT.INI
2012-03-24 20:54 - 2012-02-09 22:36 - 1544192 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-03-24 20:54 - 2012-02-09 21:38 - 1077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-03-24 20:54 - 2012-02-02 20:34 - 3145728 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-03-24 20:54 - 2012-01-24 22:38 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-03-24 20:54 - 2012-01-24 22:38 - 0077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-03-24 20:54 - 2012-01-24 22:33 - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-03-24 20:45 - 2012-03-24 20:45 - 0274888 ____A C:\Windows\Minidump\032412-22027-01.dmp
2012-03-24 20:12 - 2012-02-16 22:38 - 1031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-03-24 20:12 - 2012-02-16 21:34 - 0826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-03-24 20:12 - 2012-02-16 20:58 - 0210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-03-24 20:12 - 2012-02-16 20:57 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-03-21 20:39 - 2012-03-21 23:47 - 14082558 ____A C:\Users\henry\Desktop\sssss.psd
2012-03-21 20:30 - 2012-03-22 03:16 - 0063052 ____A C:\Users\henry\Desktop\Photo 99.jpg
2012-03-21 20:23 - 2012-03-22 08:14 - 0594432 ____A (OldTimer Tools) C:\Users\henry\Desktop\svchost.exe.exe
2012-03-21 20:02 - 2009-07-13 17:14 - 0020480 ____A (Microsoft Corporation) C:\Windows\svchost.exe
2012-03-21 16:24 - 2012-03-21 16:24 - 64784733 ____A C:\Users\henry\Desktop\progress of 3 weeks.psd
2012-03-21 14:02 - 2012-03-21 14:02 - 1977044 ____A C:\Users\henry\Desktop\final scne3.jpg
2012-03-21 13:01 - 2012-03-21 13:01 - 0000000 ____D C:\Users\henry\AppData\Local\{C025742C-FE8A-4939-ABA2-0E018F6821A5}
2012-03-21 13:00 - 2012-03-21 13:01 - 0000000 ____D C:\Users\henry\AppData\Local\{3B6DB259-A9FA-4CA7-B29B-6F1EFC819C94}
2012-03-21 00:42 - 2012-03-21 00:42 - 0000000 ____D C:\Users\henry\AppData\Local\{FEF4CBE1-6973-4D71-88F9-C7A656EFE5AC}
2012-03-20 12:42 - 2012-03-20 12:42 - 0000000 ____D C:\Users\henry\AppData\Local\{19DA093A-3CF8-4AF1-8400-A4C1CA4004EF}
2012-03-20 12:41 - 2012-03-21 00:42 - 0000000 ____D C:\Users\henry\AppData\Local\{374C5AC8-F957-4B0D-B00E-8E137F1EF1AB}
2012-03-19 21:05 - 2012-03-19 21:46 - 0022245 ____A C:\Users\henry\Desktop\pinball.odt
2012-03-19 15:08 - 2012-03-19 15:08 - 0000000 ____D C:\Users\henry\AppData\Local\{F959C390-FD7C-40A7-B7CE-2B716273A019}
2012-03-19 15:07 - 2012-03-19 15:08 - 0000000 ____D C:\Users\henry\AppData\Local\{70925E63-9DEF-493B-B2E0-9CF56444FCC7}
2012-03-17 20:57 - 2012-03-17 20:57 - 0000000 ____D C:\Users\henry\AppData\Local\{B309C81B-53D5-4529-96ED-A183AAB850CD}
2012-03-17 20:57 - 2012-03-17 20:57 - 0000000 ____D C:\Users\henry\AppData\Local\{543EEA10-5C4B-4C53-8B5B-EAC4B1204E49}
2012-03-17 11:07 - 2012-03-17 11:07 - 1712906 ____A C:\Users\henry\Desktop\girlandtheredumbrella.jpg
2012-03-17 01:39 - 2012-03-17 01:39 - 0000000 ____D C:\Users\henry\AppData\Local\{B4A96DEB-DEBB-4EDB-B3F8-5184EA92748F}
2012-03-16 19:49 - 2012-03-20 21:59 - 74955469 ____A C:\Users\henry\Desktop\final scne.psd
2012-03-16 13:48 - 2012-04-02 12:08 - 0000000 ____D C:\Users\henry\Desktop\desert final scene
2012-03-16 13:38 - 2012-03-17 01:39 - 0000000 ____D C:\Users\henry\AppData\Local\{52A8B52C-7ECA-41B5-9A82-F4669CA78101}
2012-03-16 13:38 - 2012-03-16 13:38 - 0000000 ____D C:\Users\henry\AppData\Local\{30E2248F-152C-41C3-9C50-FAE8418B43CE}
2012-03-16 01:37 - 2012-03-16 01:37 - 0000000 ____D C:\Users\henry\AppData\Local\{BD0BEE27-6E90-4170-89CF-E3F066B3195C}
2012-03-16 01:37 - 2012-03-16 01:37 - 0000000 ____D C:\Users\henry\AppData\Local\{762ED396-E7EE-4042-8774-37E282E6FFE6}
2012-03-15 01:10 - 2012-03-15 01:10 - 0000000 ____D C:\Users\henry\AppData\Local\{4AFF59CA-A3C8-4AE3-A574-CE16EBEF1880}
2012-03-14 13:09 - 2012-03-15 01:10 - 0000000 ____D C:\Users\henry\AppData\Local\{B7E9FCFF-7243-4E10-9AE1-0C2E8251B1E4}
2012-03-14 13:09 - 2012-03-14 13:09 - 0000000 ____D C:\Users\henry\AppData\Local\{55F57402-A538-493D-8663-7992040F8AFC}
2012-03-14 00:41 - 2012-03-14 00:41 - 0000000 ____D C:\Users\henry\AppData\Local\{E4BE028C-A095-46B9-B4BA-D48BEA97DD8D}
2012-03-13 13:59 - 2009-07-15 08:13 - 0392488 ____A (Wacom Technology, Corp.) C:\Windows\SysWOW64\Pen_Tablet.dln
2012-03-13 12:40 - 2012-03-14 00:41 - 0000000 ____D C:\Users\henry\AppData\Local\{96E20A9F-8A76-4500-B5F8-8ECC06E4084C}
2012-03-13 12:40 - 2012-03-13 12:40 - 0000000 ____D C:\Users\henry\AppData\Local\{B9CF85E9-91D6-476B-B75D-1A6293554775}
2012-03-12 23:57 - 2012-03-12 23:57 - 0000000 ____D C:\Users\henry\AppData\Local\{EA1916BE-FF27-40F9-9CE0-33A47746818C}
2012-03-12 23:57 - 2012-03-12 23:57 - 0000000 ____D C:\Users\henry\AppData\Local\{937E6033-B994-46DF-9C78-520A5F0CFE28}
2012-03-12 20:35 - 2012-03-12 20:35 - 0000225 ____A C:\Users\henry\Documents\hjiohoihio.rtf
2012-03-12 20:21 - 2012-03-12 20:22 - 0000000 ____D C:\Users\henry\Desktop\Pathfinder RPG
2012-03-12 12:22 - 2012-03-12 12:22 - 0000000 ____A C:\Users\henry\Desktop\install_flash_player_64bit.exe
2012-03-12 11:56 - 2012-03-12 11:56 - 0000000 ____D C:\Users\henry\AppData\Local\{E58D3ACD-CCFD-48BC-A9D1-42D295E23CB0}
2012-03-12 11:56 - 2012-03-12 11:56 - 0000000 ____D C:\Users\henry\AppData\Local\{7E293F7F-6AD9-40F8-BBFD-80C091D49DA7}
2012-03-12 01:44 - 2012-03-12 16:48 - 0027230 ____A C:\Users\henry\Desktop\bradly.odt
2012-03-12 00:20 - 2012-03-12 00:20 - 3784114 ____A C:\Users\henry\Desktop\figure.psd
2012-03-11 18:38 - 2012-03-11 18:39 - 0000000 ____D C:\Users\henry\AppData\Local\{CDCFCD60-F9F4-40F4-A466-EBED2757AABC}
2012-03-11 18:38 - 2012-03-11 18:38 - 0000000 ____D C:\Users\henry\AppData\Local\{B868F692-7A42-40A6-B8F0-29F0D0649688}
2012-03-10 16:09 - 2012-03-10 16:09 - 0000000 ____D C:\Users\henry\AppData\Local\{9AFEA366-0149-43CB-ABB9-15929029E251}
2012-03-10 16:09 - 2012-03-10 16:09 - 0000000 ____D C:\Users\henry\AppData\Local\{19D43604-FB12-4DBF-A165-DEBC1C30D647}
2012-03-09 11:26 - 2012-03-09 11:26 - 27578386 ____A C:\Users\henry\Desktop\character dull.psd
2012-03-09 10:38 - 2012-03-09 10:38 - 0000000 ____D C:\Users\henry\AppData\Roaming\Adobe Mini Bridge CS5.1
2012-03-09 00:22 - 2012-03-09 00:22 - 0000000 ____D C:\Users\henry\AppData\Local\{615FFADE-7433-477A-BC6F-A18E8B40396C}
2012-03-09 00:22 - 2012-03-09 00:22 - 0000000 ____D C:\Users\henry\AppData\Local\{5F4D5251-636A-4D00-AEBD-037BC00150EA}
2012-03-08 12:42 - 2012-03-08 12:42 - 0000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2012-03-08 12:42 - 2012-03-08 12:42 - 0000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2012-03-08 12:21 - 2012-03-08 12:21 - 0000000 ____D C:\Users\henry\AppData\Local\{F2863DA3-3B36-4396-8F8C-DCCADB8F5702}
2012-03-08 12:21 - 2012-03-08 12:21 - 0000000 ____D C:\Users\henry\AppData\Local\{BE63C8E8-01F7-4C9B-A072-C1F2A8B3554B}
2012-03-08 03:00 - 2011-12-13 23:43 - 17790464 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-03-08 03:00 - 2011-12-13 23:16 - 10887168 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-03-08 03:00 - 2011-12-13 23:11 - 2308096 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-03-08 03:00 - 2011-12-13 23:04 - 1390080 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-03-08 03:00 - 2011-12-13 23:04 - 1345536 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-03-08 03:00 - 2011-12-13 23:03 - 1493504 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-03-08 03:00 - 2011-12-13 23:03 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-03-08 03:00 - 2011-12-13 23:01 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-03-08 03:00 - 2011-12-13 23:00 - 0818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-03-08 03:00 - 2011-12-13 22:59 - 2144256 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-03-08 03:00 - 2011-12-13 22:57 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-03-08 03:00 - 2011-12-13 22:57 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-03-08 03:00 - 2011-12-13 22:53 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-03-08 03:00 - 2011-12-13 19:30 - 12282368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-03-08 03:00 - 2011-12-13 19:10 - 9705472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-03-08 03:00 - 2011-12-13 19:04 - 1798656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-03-08 03:00 - 2011-12-13 18:57 - 1127424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-03-08 03:00 - 2011-12-13 18:57 - 1103360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-03-08 03:00 - 2011-12-13 18:56 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-03-08 03:00 - 2011-12-13 18:55 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-03-08 03:00 - 2011-12-13 18:54 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-03-08 03:00 - 2011-12-13 18:53 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-03-08 03:00 - 2011-12-13 18:52 - 1792000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-03-08 03:00 - 2011-12-13 18:50 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-03-08 03:00 - 2011-12-13 18:50 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-03-08 03:00 - 2011-12-13 18:47 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-03-07 20:39 - 2012-03-07 20:39 - 0001720 ____A C:\Users\Public\Desktop\Play League of Legends.lnk
2012-03-07 19:43 - 2012-03-07 19:43 - 0000000 ____D C:\Riot Games
2012-03-07 19:41 - 2012-03-07 19:42 - 0000854 ____A C:\Users\henry\Desktop\gc.log
2012-03-07 19:10 - 2012-03-07 19:40 - 0001911 ____A C:\Users\Public\Desktop\AIM.lnk
2012-03-07 19:10 - 2012-03-07 19:40 - 0000000 ____D C:\Program Files (x86)\AIM
2012-03-07 19:10 - 2012-03-07 19:38 - 0000000 ____D C:\Users\henry\AppData\Local\AIM
2012-03-07 19:10 - 2012-03-07 19:15 - 0000000 ____D C:\Users\henry\AppData\Roaming\acccore
2012-03-07 19:10 - 2012-03-07 19:10 - 0000000 ____D C:\Users\All Users\AIM
2012-03-07 19:10 - 2012-03-07 19:10 - 0000000 ____D C:\ProgramData\AIM
2012-03-07 19:07 - 2012-03-07 19:07 - 0463080 ____A (CNET Download.com) C:\Users\henry\Desktop\cnet2_Install_AIM_exe.exe
2012-03-07 19:03 - 2012-03-07 19:03 - 0000000 ____A C:\Users\henry\Desktop\AIM_Install.exe
2012-03-07 17:59 - 2012-01-04 02:44 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-03-07 17:59 - 2012-01-04 02:44 - 0509952 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2012-03-07 17:59 - 2012-01-04 00:59 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-03-07 17:59 - 2012-01-04 00:58 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2012-03-07 17:59 - 2011-12-29 22:26 - 0515584 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2012-03-07 17:59 - 2011-12-29 21:27 - 0478720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2012-03-07 17:59 - 2011-12-27 19:59 - 0498688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2012-03-07 17:59 - 2011-12-16 00:46 - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2012-03-07 17:59 - 2011-12-15 23:52 - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2012-03-07 17:53 - 2012-03-07 17:53 - 0000000 ____D C:\Users\henry\AppData\Local\{A24E1888-7B91-47AA-86CE-4FE264919155}
2012-03-07 17:53 - 2012-03-07 17:53 - 0000000 ____D C:\Users\henry\AppData\Local\{515AF329-D58A-433E-95F5-6DCAB8B31B73}
2012-03-07 17:10 - 2012-03-07 17:46 - 0000000 ____D C:\Program Files (x86)\McAfee Security Scan
2012-03-07 14:37 - 2012-03-14 19:54 - 8375123 ____A C:\Users\henry\Desktop\onghenry.psd
2012-03-07 13:31 - 2012-03-07 13:31 - 0000000 ____D C:\Users\henry\AppData\Local\{A6C61CAA-E846-49AA-84C3-43478DB370C5}
2012-03-07 13:31 - 2012-03-07 13:31 - 0000000 ____D C:\Users\henry\AppData\Local\{42F826B1-7F03-4915-B6B4-C25614E3493D}
2012-03-07 02:02 - 2012-03-07 02:02 - 0000000 ____D C:\Users\henry\Desktop\portfolio final
2012-03-07 01:30 - 2012-03-07 01:31 - 0000000 ____D C:\Users\henry\AppData\Local\{FED365D3-EB1E-4B37-AA89-AA1D4B819569}
2012-03-07 01:30 - 2012-03-07 01:30 - 0000000 ____D C:\Users\henry\AppData\Local\{F0F3A29E-FE1D-46F2-B9AB-725B13287884}
2012-03-06 13:30 - 2012-03-06 13:30 - 0000000 ____D C:\Users\henry\AppData\Local\{8C1F5A68-BCC1-46E8-AE11-1894C4D3D6FF}
2012-03-06 13:30 - 2012-03-06 13:30 - 0000000 ____D C:\Users\henry\AppData\Local\{34362D3D-4C32-4A39-AA1C-4E9943083BE1}
2012-03-06 12:58 - 2012-03-07 00:46 - 0250554 ____A C:\Users\henry\Desktop\kris.pdf
2012-03-06 01:29 - 2012-03-06 01:29 - 0000000 ____D C:\Users\henry\AppData\Local\{D69BCD4A-AA4D-4FBB-8D50-0ACD2932E618}
2012-03-06 01:29 - 2012-03-06 01:29 - 0000000 ____D C:\Users\henry\AppData\Local\{559D1BE0-F725-4E5F-B1DE-9E298F400323}
2012-03-05 13:29 - 2012-03-05 13:29 - 0000000 ____D C:\Users\henry\AppData\Local\{D574F574-AFC3-478E-A710-C6F839DEBED2}
2012-03-05 13:28 - 2012-03-05 13:29 - 0000000 ____D C:\Users\henry\AppData\Local\{B3F5A0E9-370D-42E3-9FEA-AC30CEABB316}
2012-03-05 01:28 - 2012-03-05 01:28 - 0000000 ____D C:\Users\henry\AppData\Local\{9E610E66-9D4F-4D6C-8EFE-914AAD720CC4}
2012-03-04 19:43 - 2012-03-04 19:43 - 2228848 ____A C:\Users\henry\Desktop\Abandoned town.jpg
2012-03-04 19:31 - 2012-03-04 20:08 - 0000000 ____D C:\Users\henry\Desktop\Ong_Henry
2012-03-04 17:08 - 2012-03-04 22:27 - 0020153 ____A C:\Users\henry\Desktop\card.odt
2012-03-04 13:28 - 2012-03-04 13:28 - 0000000 ____D C:\Users\henry\AppData\Local\{279EF88E-A970-41D5-83F8-E90FB4224446}
2012-03-04 13:27 - 2012-03-05 01:28 - 0000000 ____D C:\Users\henry\AppData\Local\{208709C4-C72E-4BEB-BA58-B5785A45FED3}
2012-03-04 01:27 - 2012-03-04 01:27 - 0000000 ____D C:\Users\henry\AppData\Local\{D9BD6237-26A6-4008-B388-97E32E5EC499}
2012-03-04 01:27 - 2012-03-04 01:27 - 0000000 ____D C:\Users\henry\AppData\Local\{7A23DFE7-94F3-4366-93BE-06639FE0BC0E}


============ 3 Months Modified Files and Folders =============

2012-04-03 09:32 - 2012-04-02 22:23 - 4453973 ____A (Swearware) C:\Users\henry\Desktop\svscsv.com
2012-04-03 00:35 - 2012-04-03 00:35 - 0000000 ____D C:\FRST
2012-04-02 23:48 - 2012-04-02 12:01 - 0020359 ____A C:\Users\henry\Desktop\FileLister.zip
2012-04-02 22:45 - 2012-02-06 15:50 - 2153372 ____A C:\Windows\ntbtlog.txt
2012-04-02 22:29 - 2009-07-13 21:13 - 0780156 ____A C:\Windows\System32\PerfStringBackup.INI
2012-04-02 22:24 - 2011-08-10 10:42 - 0102496 ____A C:\aaw7boot.log
2012-04-02 22:24 - 2010-11-05 22:25 - 2146873344 __ASH C:\hiberfil.sys
2012-04-02 22:23 - 2010-11-05 22:29 - 1979922 ____A C:\Windows\WindowsUpdate.log
2012-04-02 21:52 - 2009-07-13 20:45 - 0016720 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-04-02 21:52 - 2009-07-13 20:45 - 0016720 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-04-02 21:47 - 2012-04-02 21:47 - 4453973 ____A (Swearware) C:\Users\henry\Desktop\svchostt.com
2012-04-02 21:45 - 2011-06-01 13:43 - 0000000 ____D C:\Users\henry\AppData\Roaming\WTablet
2012-04-02 21:44 - 2012-02-03 00:20 - 0000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-04-02 21:44 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-04-02 21:43 - 2012-02-06 15:52 - 0003762 ____A C:\Windows\setupact.log
2012-04-02 12:21 - 2012-04-02 12:21 - 0000000 ____A C:\Files.txt
2012-04-02 12:21 - 2012-04-02 12:19 - 0000000 ____D C:\Users\henry\Desktop\FileLister Folder
2012-04-02 12:08 - 2012-03-16 13:48 - 0000000 ____D C:\Users\henry\Desktop\desert final scene
2012-04-02 06:26 - 2012-04-01 19:39 - 98077435 ____A (Igor Pavlov) C:\Users\henry\Desktop\OTLPEStd.exe
2012-04-02 06:26 - 2012-04-01 18:38 - 98077435 ____A (Igor Pavlov) C:\Users\henry\Desktop\svchost.exe (2).exe
2012-04-01 19:36 - 2012-04-01 19:36 - 0274888 ____A C:\Windows\Minidump\040112-24538-01.dmp
2012-04-01 19:36 - 2011-12-03 19:22 - 359864899 ____A C:\Windows\MEMORY.DMP
2012-04-01 19:36 - 2010-12-01 20:10 - 0000000 ____D C:\Windows\Minidump
2012-03-29 13:54 - 2012-04-01 18:46 - 0132597 ____A C:\Users\henry\Desktop\Flash_Disinfector.exe
2012-03-29 13:47 - 2012-03-29 01:56 - 0294400 ____A C:\Users\henry\Desktop\exeHelper.com
2012-03-29 01:45 - 2011-04-09 11:59 - 0000000 ____D C:\Users\henry\Desktop\movies
2012-03-29 01:14 - 2012-03-29 01:13 - 0013365 ____A C:\Users\henry\Desktop\New Text Document.txt
2012-03-29 00:36 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At4.job
2012-03-29 00:36 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At3.job
2012-03-29 00:36 - 2012-02-03 00:20 - 0000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-03-29 00:08 - 2012-03-29 00:08 - 44238026 ____A C:\Users\henry\Desktop\color4.psd
2012-03-28 23:58 - 2012-03-28 23:58 - 44007097 ____A C:\Users\henry\Desktop\color3.psd
2012-03-28 23:50 - 2012-03-28 23:48 - 44379196 ____A C:\Users\henry\Desktop\color2.psd
2012-03-28 23:36 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At2.job
2012-03-28 23:36 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At1.job
2012-03-28 22:51 - 2012-03-28 22:51 - 42427168 ____A C:\Users\henry\Desktop\color1.psd
2012-03-28 22:36 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At48.job
2012-03-28 22:36 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At47.job
2012-03-28 21:36 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At46.job
2012-03-28 21:36 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At45.job
2012-03-28 20:36 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At44.job
2012-03-28 20:36 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At43.job
2012-03-28 19:36 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At42.job
2012-03-28 19:36 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At41.job
2012-03-28 19:05 - 2012-03-26 19:51 - 54543243 ____A C:\Users\henry\Desktop\sssss (2).psd
2012-03-28 18:36 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At40.job
2012-03-28 18:36 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At39.job
2012-03-28 17:36 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At38.job
2012-03-28 17:36 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At37.job
2012-03-28 16:36 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At36.job
2012-03-28 16:36 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At35.job
2012-03-28 15:36 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At34.job
2012-03-28 15:36 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At33.job
2012-03-28 15:21 - 2011-12-09 18:35 - 0000000 ____D C:\Users\henry\AppData\Local\ElevatedDiagnostics
2012-03-28 15:05 - 2012-03-28 15:05 - 0110590 ____A C:\Users\henry\Desktop\003[1].JPG
2012-03-28 12:07 - 2012-03-28 12:07 - 0751581 ____A (maliprog @ Geekstogo) C:\Users\henry\Desktop\TheKiller2.scr
2012-03-28 12:04 - 2012-03-28 12:04 - 0751581 ____A (maliprog @ Geekstogo) C:\Users\henry\Downloads\TheKiller.scr
2012-03-26 14:36 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At32.job
2012-03-26 14:36 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At31.job
2012-03-26 13:36 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At30.job
2012-03-26 13:36 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At29.job
2012-03-26 12:47 - 2012-03-26 12:40 - 0002150 ____A C:\Windows\epplauncher.mif
2012-03-26 12:43 - 2012-03-26 12:43 - 10165440 ____A (Microsoft Corporation) C:\Users\henry\Desktop\mseinstall.exe
2012-03-26 12:37 - 2012-03-26 12:37 - 10165440 ____A (Microsoft Corporation) C:\Users\henry\Downloads\mseinstall.exe
2012-03-26 12:36 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At28.job
2012-03-26 12:36 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At27.job
2012-03-26 12:35 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\NDF
2012-03-26 09:31 - 2012-03-25 22:30 - 256982966 ____A C:\Users\henry\Desktop\kav_rescue_10.iso
2012-03-25 19:21 - 2012-03-25 19:17 - 178789312 ____A (Kaspersky Lab) C:\Users\henry\Downloads\kis2012_12.0.0.374aEN_2778.exe
2012-03-25 19:08 - 2012-03-25 19:07 - 18099082 ____A C:\Users\henry\Downloads\kav_rescue_10.iso.g19r5to.partial
2012-03-25 18:20 - 2009-07-13 20:45 - 4866976 ____A C:\Windows\System32\FNTCACHE.DAT
2012-03-24 23:39 - 2012-03-24 23:39 - 0000129 ____A C:\Windows\System32\MRT.INI
2012-03-24 23:38 - 2010-05-24 13:32 - 56297240 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-03-24 20:51 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\config\TxR
2012-03-24 20:45 - 2012-03-24 20:45 - 0274888 ____A C:\Windows\Minidump\032412-22027-01.dmp
2012-03-24 20:45 - 2011-10-26 11:57 - 0016924 ____A C:\Windows\PFRO.log
2012-03-24 20:42 - 2010-12-01 19:05 - 0000000 ____D C:\users\henry
2012-03-22 08:14 - 2012-03-21 20:23 - 0594432 ____A (OldTimer Tools) C:\Users\henry\Desktop\svchost.exe.exe
2012-03-22 03:16 - 2012-03-21 20:30 - 0063052 ____A C:\Users\henry\Desktop\Photo 99.jpg
2012-03-21 23:47 - 2012-03-21 20:39 - 14082558 ____A C:\Users\henry\Desktop\sssss.psd
2012-03-21 23:34 - 2011-01-07 02:55 - 0000000 ____D C:\Users\henry\AppData\Local\CrashDumps
2012-03-21 20:00 - 2012-02-07 23:55 - 0000000 ____D C:\Program Files (x86)\Steam
2012-03-21 20:00 - 2011-11-09 17:31 - 0000000 ____D C:\Users\henry\AppData\Local\Akamai
2012-03-21 20:00 - 2011-05-20 19:06 - 0000000 ____D C:\Users\All Users\PMB Files
2012-03-21 20:00 - 2011-05-20 19:06 - 0000000 ____D C:\ProgramData\PMB Files
2012-03-21 20:00 - 2010-12-03 15:40 - 0000000 ____D C:\Program Files\WTouch
2012-03-21 20:00 - 2010-12-03 15:38 - 0000000 ____D C:\Windows\System32\WTablet
2012-03-21 20:00 - 2010-12-03 15:38 - 0000000 ____D C:\Program Files (x86)\Tablet
2012-03-21 20:00 - 2010-12-02 01:16 - 0000000 ____D C:\Users\henry\AppData\Roaming\vlc
2012-03-21 20:00 - 2010-12-01 19:28 - 0000000 ____D C:\Program Files (x86)\Guild Wars
2012-03-21 20:00 - 2010-12-01 19:17 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-03-21 19:38 - 2011-05-20 19:06 - 0000000 ____D C:\Users\henry\AppData\Local\PMB Files
2012-03-21 17:34 - 2011-07-26 13:17 - 0000000 ____D C:\Users\henry\riotsGamesLogs
2012-03-21 16:24 - 2012-03-21 16:24 - 64784733 ____A C:\Users\henry\Desktop\progress of 3 weeks.psd
2012-03-21 14:02 - 2012-03-21 14:02 - 1977044 ____A C:\Users\henry\Desktop\final scne3.jpg
2012-03-21 13:01 - 2012-03-21 13:01 - 0000000 ____D C:\Users\henry\AppData\Local\{C025742C-FE8A-4939-ABA2-0E018F6821A5}
2012-03-21 13:01 - 2012-03-21 13:00 - 0000000 ____D C:\Users\henry\AppData\Local\{3B6DB259-A9FA-4CA7-B29B-6F1EFC819C94}
2012-03-21 13:01 - 2011-07-03 23:49 - 0000000 ____D C:\Users\henry\AppData\Local\Windows Live
2012-03-21 13:00 - 2011-07-04 01:06 - 0000000 ____D C:\Users\henry\Tracing
2012-03-21 00:42 - 2012-03-21 00:42 - 0000000 ____D C:\Users\henry\AppData\Local\{FEF4CBE1-6973-4D71-88F9-C7A656EFE5AC}
2012-03-21 00:42 - 2012-03-20 12:41 - 0000000 ____D C:\Users\henry\AppData\Local\{374C5AC8-F957-4B0D-B00E-8E137F1EF1AB}
2012-03-20 21:59 - 2012-03-16 19:49 - 74955469 ____A C:\Users\henry\Desktop\final scne.psd
2012-03-20 12:42 - 2012-03-20 12:42 - 0000000 ____D C:\Users\henry\AppData\Local\{19DA093A-3CF8-4AF1-8400-A4C1CA4004EF}
2012-03-19 21:46 - 2012-03-19 21:05 - 0022245 ____A C:\Users\henry\Desktop\pinball.odt
2012-03-19 15:08 - 2012-03-19 15:08 - 0000000 ____D C:\Users\henry\AppData\Local\{F959C390-FD7C-40A7-B7CE-2B716273A019}
2012-03-19 15:08 - 2012-03-19 15:07 - 0000000 ____D C:\Users\henry\AppData\Local\{70925E63-9DEF-493B-B2E0-9CF56444FCC7}
2012-03-17 20:57 - 2012-03-17 20:57 - 0000000 ____D C:\Users\henry\AppData\Local\{B309C81B-53D5-4529-96ED-A183AAB850CD}
2012-03-17 20:57 - 2012-03-17 20:57 - 0000000 ____D C:\Users\henry\AppData\Local\{543EEA10-5C4B-4C53-8B5B-EAC4B1204E49}
2012-03-17 11:07 - 2012-03-17 11:07 - 1712906 ____A C:\Users\henry\Desktop\girlandtheredumbrella.jpg
2012-03-17 01:39 - 2012-03-17 01:39 - 0000000 ____D C:\Users\henry\AppData\Local\{B4A96DEB-DEBB-4EDB-B3F8-5184EA92748F}
2012-03-17 01:39 - 2012-03-16 13:38 - 0000000 ____D C:\Users\henry\AppData\Local\{52A8B52C-7ECA-41B5-9A82-F4669CA78101}
2012-03-16 13:38 - 2012-03-16 13:38 - 0000000 ____D C:\Users\henry\AppData\Local\{30E2248F-152C-41C3-9C50-FAE8418B43CE}
2012-03-16 01:37 - 2012-03-16 01:37 - 0000000 ____D C:\Users\henry\AppData\Local\{BD0BEE27-6E90-4170-89CF-E3F066B3195C}
2012-03-16 01:37 - 2012-03-16 01:37 - 0000000 ____D C:\Users\henry\AppData\Local\{762ED396-E7EE-4042-8774-37E282E6FFE6}
2012-03-15 01:10 - 2012-03-15 01:10 - 0000000 ____D C:\Users\henry\AppData\Local\{4AFF59CA-A3C8-4AE3-A574-CE16EBEF1880}
2012-03-15 01:10 - 2012-03-14 13:09 - 0000000 ____D C:\Users\henry\AppData\Local\{B7E9FCFF-7243-4E10-9AE1-0C2E8251B1E4}
2012-03-14 19:54 - 2012-03-07 14:37 - 8375123 ____A C:\Users\henry\Desktop\onghenry.psd
2012-03-14 13:09 - 2012-03-14 13:09 - 0000000 ____D C:\Users\henry\AppData\Local\{55F57402-A538-493D-8663-7992040F8AFC}
2012-03-14 01:36 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At6.job
2012-03-14 01:36 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At5.job
2012-03-14 00:41 - 2012-03-14 00:41 - 0000000 ____D C:\Users\henry\AppData\Local\{E4BE028C-A095-46B9-B4BA-D48BEA97DD8D}
2012-03-14 00:41 - 2012-03-13 12:40 - 0000000 ____D C:\Users\henry\AppData\Local\{96E20A9F-8A76-4500-B5F8-8ECC06E4084C}
2012-03-13 22:33 - 2011-08-12 22:33 - 0000064 ____A C:\Windows\SysWOW64\rp_stats.dat
2012-03-13 22:33 - 2011-08-12 22:33 - 0000044 ____A C:\Windows\SysWOW64\rp_rules.dat
2012-03-13 12:40 - 2012-03-13 12:40 - 0000000 ____D C:\Users\henry\AppData\Local\{B9CF85E9-91D6-476B-B75D-1A6293554775}
2012-03-13 12:39 - 2012-01-22 23:44 - 0001039 ____A C:\Users\henry\Start Menu\Programs\Startup\ZooskMessenger.lnk
2012-03-13 12:39 - 2012-01-22 23:44 - 0001039 ____A C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk
2012-03-13 02:36 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At8.job
2012-03-13 02:36 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At7.job
2012-03-12 23:57 - 2012-03-12 23:57 - 0000000 ____D C:\Users\henry\AppData\Local\{EA1916BE-FF27-40F9-9CE0-33A47746818C}
2012-03-12 23:57 - 2012-03-12 23:57 - 0000000 ____D C:\Users\henry\AppData\Local\{937E6033-B994-46DF-9C78-520A5F0CFE28}
2012-03-12 20:35 - 2012-03-12 20:35 - 0000225 ____A C:\Users\henry\Documents\hjiohoihio.rtf
2012-03-12 20:22 - 2012-03-12 20:21 - 0000000 ____D C:\Users\henry\Desktop\Pathfinder RPG
2012-03-12 17:54 - 2012-02-27 19:07 - 41357358 ____A C:\Users\henry\Desktop\olaas.psd
2012-03-12 16:48 - 2012-03-12 01:44 - 0027230 ____A C:\Users\henry\Desktop\bradly.odt
2012-03-12 12:22 - 2012-03-12 12:22 - 0000000 ____A C:\Users\henry\Desktop\install_flash_player_64bit.exe
2012-03-12 11:56 - 2012-03-12 11:56 - 0000000 ____D C:\Users\henry\AppData\Local\{E58D3ACD-CCFD-48BC-A9D1-42D295E23CB0}
2012-03-12 11:56 - 2012-03-12 11:56 - 0000000 ____D C:\Users\henry\AppData\Local\{7E293F7F-6AD9-40F8-BBFD-80C091D49DA7}
2012-03-12 00:20 - 2012-03-12 00:20 - 3784114 ____A C:\Users\henry\Desktop\figure.psd
2012-03-11 18:39 - 2012-03-11 18:38 - 0000000 ____D C:\Users\henry\AppData\Local\{CDCFCD60-F9F4-40F4-A466-EBED2757AABC}
2012-03-11 18:38 - 2012-03-11 18:38 - 0000000 ____D C:\Users\henry\AppData\Local\{B868F692-7A42-40A6-B8F0-29F0D0649688}
2012-03-10 16:09 - 2012-03-10 16:09 - 0000000 ____D C:\Users\henry\AppData\Local\{9AFEA366-0149-43CB-ABB9-15929029E251}
2012-03-10 16:09 - 2012-03-10 16:09 - 0000000 ____D C:\Users\henry\AppData\Local\{19D43604-FB12-4DBF-A165-DEBC1C30D647}
2012-03-09 11:26 - 2012-03-09 11:26 - 27578386 ____A C:\Users\henry\Desktop\character dull.psd
2012-03-09 10:38 - 2012-03-09 10:38 - 0000000 ____D C:\Users\henry\AppData\Roaming\Adobe Mini Bridge CS5.1
2012-03-09 10:36 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At22.job
2012-03-09 10:36 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At21.job
2012-03-09 10:33 - 2009-07-13 21:08 - 0032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-03-09 00:22 - 2012-03-09 00:22 - 0000000 ____D C:\Users\henry\AppData\Local\{615FFADE-7433-477A-BC6F-A18E8B40396C}
2012-03-09 00:22 - 2012-03-09 00:22 - 0000000 ____D C:\Users\henry\AppData\Local\{5F4D5251-636A-4D00-AEBD-037BC00150EA}
2012-03-08 12:42 - 2012-03-08 12:42 - 0000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2012-03-08 12:42 - 2012-03-08 12:42 - 0000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2012-03-08 12:42 - 2010-12-01 19:36 - 0000000 ____D C:\Program Files (x86)\Adobe
2012-03-08 12:36 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At26.job
2012-03-08 12:36 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At25.job
2012-03-08 12:21 - 2012-03-08 12:21 - 0000000 ____D C:\Users\henry\AppData\Local\{F2863DA3-3B36-4396-8F8C-DCCADB8F5702}
2012-03-08 12:21 - 2012-03-08 12:21 - 0000000 ____D C:\Users\henry\AppData\Local\{BE63C8E8-01F7-4C9B-A072-C1F2A8B3554B}
2012-03-08 03:25 - 2010-12-01 19:08 - 0000174 ___SH C:\Users\henry\Start Menu\Programs\Startup\desktop.ini
2012-03-08 03:25 - 2010-12-01 19:08 - 0000174 ___SH C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-03-08 03:24 - 2010-06-21 15:41 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-03-08 03:04 - 2011-02-08 11:41 - 0796360 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-03-08 03:04 - 2011-02-08 11:41 - 0000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2012-03-07 20:39 - 2012-03-07 20:39 - 0001720 ____A C:\Users\Public\Desktop\Play League of Legends.lnk
2012-03-07 19:43 - 2012-03-07 19:43 - 0000000 ____D C:\Riot Games
2012-03-07 19:42 - 2012-03-07 19:41 - 0000854 ____A C:\Users\henry\Desktop\gc.log
2012-03-07 19:41 - 2010-12-01 19:18 - 0001107 ___AH C:\IPH.PH
2012-03-07 19:40 - 2012-03-07 19:10 - 0001911 ____A C:\Users\Public\Desktop\AIM.lnk
2012-03-07 19:40 - 2012-03-07 19:10 - 0000000 ____D C:\Program Files (x86)\AIM
2012-03-07 19:38 - 2012-03-07 19:10 - 0000000 ____D C:\Users\henry\AppData\Local\AIM
2012-03-07 19:15 - 2012-03-07 19:10 - 0000000 ____D C:\Users\henry\AppData\Roaming\acccore
2012-03-07 19:10 - 2012-03-07 19:10 - 0000000 ____D C:\Users\All Users\AIM
2012-03-07 19:10 - 2012-03-07 19:10 - 0000000 ____D C:\ProgramData\AIM
2012-03-07 19:09 - 2010-12-01 19:17 - 8239264 ____A (AOL Inc.) C:\Users\henry\Downloads\Install_AIM.exe
2012-03-07 19:09 - 2010-12-01 19:05 - 0000000 ____D C:\Users\henry\AppData\LocalLow
2012-03-07 19:07 - 2012-03-07 19:07 - 0463080 ____A (CNET Download.com) C:\Users\henry\Desktop\cnet2_Install_AIM_exe.exe
2012-03-07 19:03 - 2012-03-07 19:03 - 0000000 ____A C:\Users\henry\Desktop\AIM_Install.exe
2012-03-07 18:46 - 2010-12-04 01:00 - 0000000 ____D C:\Users\henry\AppData\Roaming\BitComet
2012-03-07 17:53 - 2012-03-07 17:53 - 0000000 ____D C:\Users\henry\AppData\Local\{A24E1888-7B91-47AA-86CE-4FE264919155}
2012-03-07 17:53 - 2012-03-07 17:53 - 0000000 ____D C:\Users\henry\AppData\Local\{515AF329-D58A-433E-95F5-6DCAB8B31B73}
2012-03-07 17:46 - 2012-03-07 17:10 - 0000000 ____D C:\Program Files (x86)\McAfee Security Scan
2012-03-07 17:46 - 2011-06-13 15:52 - 0000000 ____D C:\Users\All Users\Spybot - Search & Destroy
2012-03-07 17:46 - 2011-06-13 15:52 - 0000000 ____D C:\ProgramData\Spybot - Search & Destroy
2012-03-07 17:45 - 2012-02-27 02:12 - 0000000 ____D C:\Users\henry\Desktop\DesertCliff-tutorial
2012-03-07 17:42 - 2011-02-08 11:42 - 0000000 ____D C:\Users\henry\AppData\Roaming\SoftGrid Client
2012-03-07 17:42 - 2010-12-01 19:34 - 0000000 ____D C:\Users\henry\AppData\Roaming\Adobe
2012-03-07 13:31 - 2012-03-07 13:31 - 0000000 ____D C:\Users\henry\AppData\Local\{A6C61CAA-E846-49AA-84C3-43478DB370C5}
2012-03-07 13:31 - 2012-03-07 13:31 - 0000000 ____D C:\Users\henry\AppData\Local\{42F826B1-7F03-4915-B6B4-C25614E3493D}
2012-03-07 02:02 - 2012-03-07 02:02 - 0000000 ____D C:\Users\henry\Desktop\portfolio final
2012-03-07 01:31 - 2012-03-07 01:30 - 0000000 ____D C:\Users\henry\AppData\Local\{FED365D3-EB1E-4B37-AA89-AA1D4B819569}
2012-03-07 01:30 - 2012-03-07 01:30 - 0000000 ____D C:\Users\henry\AppData\Local\{F0F3A29E-FE1D-46F2-B9AB-725B13287884}
2012-03-07 00:46 - 2012-03-06 12:58 - 0250554 ____A C:\Users\henry\Desktop\kris.pdf
2012-03-06 13:30 - 2012-03-06 13:30 - 0000000 ____D C:\Users\henry\AppData\Local\{8C1F5A68-BCC1-46E8-AE11-1894C4D3D6FF}
2012-03-06 13:30 - 2012-03-06 13:30 - 0000000 ____D C:\Users\henry\AppData\Local\{34362D3D-4C32-4A39-AA1C-4E9943083BE1}
2012-03-06 01:29 - 2012-03-06 01:29 - 0000000 ____D C:\Users\henry\AppData\Local\{D69BCD4A-AA4D-4FBB-8D50-0ACD2932E618}
2012-03-06 01:29 - 2012-03-06 01:29 - 0000000 ____D C:\Users\henry\AppData\Local\{559D1BE0-F725-4E5F-B1DE-9E298F400323}
2012-03-05 13:29 - 2012-03-05 13:29 - 0000000 ____D C:\Users\henry\AppData\Local\{D574F574-AFC3-478E-A710-C6F839DEBED2}
2012-03-05 13:29 - 2012-03-05 13:28 - 0000000 ____D C:\Users\henry\AppData\Local\{B3F5A0E9-370D-42E3-9FEA-AC30CEABB316}
2012-03-05 01:28 - 2012-03-05 01:28 - 0000000 ____D C:\Users\henry\AppData\Local\{9E610E66-9D4F-4D6C-8EFE-914AAD720CC4}
2012-03-05 01:28 - 2012-03-04 13:27 - 0000000 ____D C:\Users\henry\AppData\Local\{208709C4-C72E-4BEB-BA58-B5785A45FED3}
2012-03-04 22:27 - 2012-03-04 17:08 - 0020153 ____A C:\Users\henry\Desktop\card.odt
2012-03-04 20:08 - 2012-03-04 19:31 - 0000000 ____D C:\Users\henry\Desktop\Ong_Henry
2012-03-04 20:01 - 2011-12-16 20:12 - 0000000 ____D C:\Users\henry\Desktop\real final
2012-03-04 19:43 - 2012-03-04 19:43 - 2228848 ____A C:\Users\henry\Desktop\Abandoned town.jpg
2012-03-04 19:30 - 2012-02-15 19:16 - 23747045 ____A C:\Users\henry\Desktop\red girl2.psd
2012-03-04 13:28 - 2012-03-04 13:28 - 0000000 ____D C:\Users\henry\AppData\Local\{279EF88E-A970-41D5-83F8-E90FB4224446}
2012-03-04 01:27 - 2012-03-04 01:27 - 0000000 ____D C:\Users\henry\AppData\Local\{D9BD6237-26A6-4008-B388-97E32E5EC499}
2012-03-04 01:27 - 2012-03-04 01:27 - 0000000 ____D C:\Users\henry\AppData\Local\{7A23DFE7-94F3-4366-93BE-06639FE0BC0E}
2012-03-03 13:27 - 2012-03-03 13:26 - 0000000 ____D C:\Users\henry\AppData\Local\{1EAE8B1C-2D2F-4A20-901D-52941288D79F}
2012-03-03 13:26 - 2012-03-03 13:26 - 0000000 ____D C:\Users\henry\AppData\Local\{E0A374B8-E62B-4E96-9619-668FD747EF8B}
2012-03-03 01:26 - 2012-03-03 01:26 - 0000000 ____D C:\Users\henry\AppData\Local\{6BD7D511-D165-4556-9A2D-1C8464AF522B}
2012-03-03 01:26 - 2012-03-03 01:26 - 0000000 ____D C:\Users\henry\AppData\Local\{0BDBF274-E424-4B49-9BE9-1A33D0664CEE}
2012-03-02 13:25 - 2012-03-02 13:25 - 0000000 ____D C:\Users\henry\AppData\Local\{7FB0131B-2005-4306-A7DD-5E7C1B867740}
2012-03-02 13:25 - 2012-03-02 13:25 - 0000000 ____D C:\Users\henry\AppData\Local\{452F73C8-29E7-4DC6-9CBF-D199319320F7}
2012-03-01 23:14 - 2012-03-01 23:14 - 0000000 ____D C:\Users\henry\AppData\Local\{CF969DD0-9DA3-4211-BE25-902B110EC4AC}
2012-03-01 23:14 - 2012-03-01 23:13 - 0000000 ____D C:\Users\henry\AppData\Local\{4AF96651-0D67-4F30-91D7-80A71A9D8515}
2012-02-29 21:05 - 2012-02-29 17:10 - 1307435 ____A C:\Users\henry\Desktop\newqguy.jpg
2012-02-29 15:49 - 2012-02-29 15:49 - 0059767 ____A C:\Users\henry\Desktop\GordorianFront_fg.jpg
2012-02-29 14:04 - 2012-02-29 14:04 - 0000000 ____D C:\Users\henry\AppData\Local\{4F01EDF1-A143-431A-A552-119588908A9C}
2012-02-29 14:04 - 2012-02-29 14:04 - 0000000 ____D C:\Users\henry\AppData\Local\{44DB2657-02F4-4316-A3E1-041A5B45BA47}
2012-02-29 03:29 - 2012-02-27 03:20 - 79587457 ____A C:\Users\henry\Desktop\gas station.psd
2012-02-29 02:04 - 2012-02-29 02:04 - 0000000 ____D C:\Users\henry\AppData\Local\{D446D861-C8A4-43FE-8F4B-8F2E03BCFD88}
2012-02-29 02:04 - 2012-02-29 02:03 - 0000000 ____D C:\Users\henry\AppData\Local\{FAEFD702-7BF5-4B5B-A656-73BD22BCB029}
2012-02-28 14:03 - 2012-02-28 14:03 - 0000000 ____D C:\Users\henry\AppData\Local\{949A6181-D1FA-47A8-B981-A2B2DBBDE03D}
2012-02-28 14:03 - 2012-02-28 14:03 - 0000000 ____D C:\Users\henry\AppData\Local\{605549EE-0AE0-471C-9439-0CB2CB1A31BB}
2012-02-28 02:03 - 2012-02-28 02:02 - 0000000 ____D C:\Users\henry\AppData\Local\{ED7980F5-8CA5-4C67-AC84-7D4D62BB91F7}
2012-02-28 02:02 - 2012-02-27 14:01 - 0000000 ____D C:\Users\henry\AppData\Local\{240EA13A-4AE5-46BF-9B7F-4CFF6400C4C5}
2012-02-27 21:00 - 2012-02-27 21:00 - 1361399 ____A C:\Users\henry\Desktop\olaas2.jpg
2012-02-27 16:13 - 2011-11-12 01:33 - 0000000 ____D C:\Users\henry\Desktop\redo
2012-02-27 14:02 - 2012-02-27 14:02 - 0000000 ____D C:\Users\henry\AppData\Local\{F00C992D-8F23-4B6B-975B-7080B553DA10}
2012-02-27 09:56 - 2012-02-26 22:10 - 0537894 ____A C:\Users\henry\Desktop\chris.pdf
2012-02-27 03:20 - 2012-02-27 03:19 - 15123376 ____A C:\Users\henry\Desktop\gas station.pdf
2012-02-26 22:14 - 2012-02-26 22:14 - 3254215 ____A C:\Users\henry\Desktop\cghris.jpg
2012-02-26 19:20 - 2012-02-26 19:20 - 0000000 ____D C:\Users\henry\AppData\Local\{BADAEC31-FD3B-4A81-96DB-C396DC54AFF0}
2012-02-26 19:20 - 2012-02-26 19:20 - 0000000 ____D C:\Users\henry\AppData\Local\{1D938DD8-6A4A-42EA-959B-D827B07BC98C}
2012-02-26 01:17 - 2012-02-26 01:17 - 0000000 ____D C:\Users\henry\AppData\Local\{1CCE0747-47F1-454F-8F70-95D8BE268A61}
2012-02-26 01:17 - 2012-02-25 13:16 - 0000000 ____D C:\Users\henry\AppData\Local\{764E1182-96E9-4D8F-9845-4A5D163FF63A}
2012-02-25 13:23 - 2012-02-25 13:21 - 144127603 ____A C:\Users\henry\Desktop\desertcliff-tutorial.zip
2012-02-25 13:16 - 2012-02-25 13:16 - 0000000 ____D C:\Users\henry\AppData\Local\{78D5BB10-EBCC-4A7D-9189-DF2467E84842}
2012-02-25 03:09 - 2012-02-25 03:09 - 0422885 ____A C:\Users\henry\Desktop\1722-1-1322380748.jpg
2012-02-24 22:22 - 2012-02-24 22:22 - 0000000 ____D C:\Users\henry\AppData\Local\{B58B0078-39FA-4EFE-AD9B-0D8842299B56}
2012-02-24 22:22 - 2012-02-24 22:22 - 0000000 ____D C:\Users\henry\AppData\Local\{92A89C9B-94E3-4970-A1AB-00DB7B3F4136}
2012-02-23 01:40 - 2012-02-23 01:40 - 3387220 ____A C:\Users\henry\Desktop\henry_ong_character.pdf
2012-02-23 01:40 - 2012-02-22 23:04 - 1316830 ____A C:\Users\henry\Desktop\Henry_Ong_Character.jpg
2012-02-23 01:39 - 2012-02-23 01:39 - 3204946 ____A C:\Users\henry\Desktop\henry_ong_character.psd
2012-02-23 01:20 - 2012-02-23 01:20 - 0735293 ____A C:\Users\henry\Desktop\sword2.psd
2012-02-22 21:55 - 2012-02-22 21:55 - 0000000 ____D C:\Users\henry\AppData\Local\{FF59D539-C61A-4F72-A5D7-9BC87890A14F}
2012-02-22 21:54 - 2012-02-22 21:54 - 0000000 ____D C:\Users\henry\AppData\Local\{A67476DE-C13B-48D1-97C6-D9AAB097DFDF}
2012-02-22 03:00 - 2012-02-22 03:00 - 0053760 ____A C:\Users\henry\Desktop\Copyright-Symbol-psd29676.png
2012-02-22 01:21 - 2012-02-22 01:21 - 0000000 ____D C:\Users\henry\AppData\Local\{F27F9EC9-8C69-4F86-9D75-C07D6B6B6D92}
2012-02-22 01:21 - 2012-02-22 01:21 - 0000000 ____D C:\Users\henry\AppData\Local\{3B1E5A94-51BB-4FD7-826E-899795BBAC89}
2012-02-21 13:21 - 2012-02-21 13:20 - 0000000 ____D C:\Users\henry\AppData\Local\{8887F20D-F8C5-449D-95CA-98AE662DAEE7}
2012-02-21 13:20 - 2012-02-21 13:20 - 0000000 ____D C:\Users\henry\AppData\Local\{6B476DA4-0B60-4FB3-B87F-BCD135666C69}
2012-02-21 01:07 - 2012-02-21 01:07 - 0000000 ____D C:\Users\henry\AppData\Local\{C90B6CFD-6E34-487D-8337-F9283D246839}
2012-02-21 01:07 - 2012-02-20 13:05 - 0000000 ____D C:\Users\henry\AppData\Local\{23D96AAC-5C62-4358-B238-4571FF4512AF}
2012-02-20 13:09 - 2012-02-20 13:09 - 0008443 ____A C:\Users\henry\Desktop\Henry Ong.pdf
2012-02-20 13:06 - 2012-02-20 13:06 - 0000000 ____D C:\Users\henry\AppData\Local\{FCF785AA-CA6F-4689-AFD2-7880B790BF51}
2012-02-20 02:11 - 2012-02-20 02:11 - 0156521 ____A C:\Users\henry\Desktop\Leg_Armor_by_yangfeili.png
2012-02-19 19:33 - 2012-02-19 19:33 - 0000000 ____D C:\Users\henry\AppData\Local\{A8BA8ECF-A59E-4741-BDF0-77D4195B56C0}
2012-02-19 19:33 - 2012-02-19 19:32 - 0000000 ____D C:\Users\henry\AppData\Local\{C7E768EF-F08A-4E76-8A52-50E5E0FD3F3A}
2012-02-19 19:30 - 2010-12-10 23:56 - 0000000 ____D C:\WTablet
2012-02-19 06:38 - 2012-02-18 18:58 - 0214622 ____A C:\Users\henry\Desktop\vcharater.pdf
2012-02-19 06:32 - 2012-02-18 18:58 - 0243552 ____A C:\Users\henry\Desktop\cjarcter.pdf
2012-02-19 02:09 - 2012-02-19 02:09 - 0000000 ____D C:\Users\henry\AppData\Local\{84CB3007-071B-4765-B79A-6C60C02B9ADB}
2012-02-19 02:09 - 2012-02-18 14:08 - 0000000 ____D C:\Users\henry\AppData\Local\{307F2228-690E-4872-893C-9A799FCA6720}
2012-02-18 14:29 - 2012-02-18 14:29 - 28414228 ____A C:\Users\henry\Desktop\canyon.psd
2012-02-18 14:09 - 2012-02-18 14:08 - 0000000 ____D C:\Users\henry\AppData\Local\{7978DE6F-51C2-4B22-89DC-B282BF9A7AF9}
2012-02-18 02:08 - 2012-02-18 02:08 - 0000000 ____D C:\Users\henry\AppData\Local\{EFBBE3F7-4F59-4A1D-AAAA-88539FB3A620}
2012-02-18 02:08 - 2012-02-18 02:08 - 0000000 ____D C:\Users\henry\AppData\Local\{1B9C6715-98CE-4748-A191-B93B69F24E86}
2012-02-17 14:07 - 2012-02-17 14:07 - 0000000 ____D C:\Users\henry\AppData\Local\{FE4667A8-CD5C-4516-85D3-B9DE9B9F3F3B}
2012-02-17 14:07 - 2012-02-17 14:07 - 0000000 ____D C:\Users\henry\AppData\Local\{956E4263-64EB-4D94-B4A0-0331997691CB}
2012-02-16 22:55 - 2012-02-16 22:54 - 0000000 ____D C:\Users\henry\AppData\Local\{F6F80A24-4C04-41F1-932C-6E57BE86D5E0}
2012-02-16 22:54 - 2012-02-16 22:54 - 0000000 ____D C:\Users\henry\AppData\Local\{CDCD482C-9E34-4377-A263-214EC9DF2171}
2012-02-16 22:38 - 2012-03-24 20:12 - 1031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-02-16 21:34 - 2012-03-24 20:12 - 0826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-02-16 20:58 - 2012-03-24 20:12 - 0210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-02-16 20:57 - 2012-03-24 20:12 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-02-16 02:48 - 2012-02-16 02:39 - 23824716 ____A C:\Users\henry\Desktop\red girl221.psd
2012-02-16 02:26 - 2012-02-16 02:26 - 2227850 ____A C:\Users\henry\Desktop\red girl22.jpg
2012-02-16 01:32 - 2012-02-16 01:32 - 0000000 ____D C:\Users\henry\AppData\Local\{F96ACB2C-5447-470D-85D4-BCCC3AA574E1}
2012-02-16 01:32 - 2012-02-16 01:32 - 0000000 ____D C:\Users\henry\AppData\Local\{D4244FE5-9073-4896-B168-121E3715E42C}
2012-02-15 13:32 - 2012-02-15 13:31 - 0000000 ____D C:\Users\henry\AppData\Local\{AFD8B044-B5CC-4B8C-8D71-31CD291F8C6C}
2012-02-15 13:31 - 2012-02-15 13:31 - 0000000 ____D C:\Users\henry\AppData\Local\{D86933D8-27B5-4FB4-BD19-7131738D3A17}
2012-02-15 01:27 - 2012-02-15 01:27 - 0000000 ____D C:\Users\henry\AppData\Local\{D429B9FF-DD7F-4462-AB8D-337E726F7D77}
2012-02-15 01:27 - 2012-02-15 01:27 - 0000000 ____D C:\Users\henry\AppData\Local\{5B2511EE-7035-40E4-A92A-AC03E6F6FFB7}
2012-02-14 23:46 - 2012-02-14 23:46 - 0356397 ____A C:\Users\henry\Desktop\Henry_Ong_Gree.pdf
2012-02-14 13:26 - 2012-02-14 13:26 - 0000000 ____D C:\Users\henry\AppData\Local\{FCB51EFC-F66C-4B78-945B-1E1D035D46F8}
2012-02-14 13:26 - 2012-02-14 13:26 - 0000000 ____D C:\Users\henry\AppData\Local\{6A3AEA4A-4B1D-4E59-8153-049EDCC2D16F}
2012-02-14 13:25 - 2010-12-01 19:08 - 0066224 ____A C:\Users\henry\AppData\Local\GDIPFONTCACHEV1.DAT
2012-02-14 02:40 - 2012-02-11 02:19 - 13954197 ____A C:\Users\henry\Desktop\lol thumbvb.psd
2012-02-14 01:09 - 2012-02-14 01:09 - 0001235 ____A C:\Users\henry\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
2012-02-14 01:09 - 2012-02-14 01:09 - 0001235 ____A C:\Users\henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
2012-02-14 01:09 - 2012-02-14 01:09 - 0000000 ____D C:\Users\henry\AppData\Roaming\OpenOffice.org
2012-02-14 01:07 - 2012-02-14 01:07 - 0001120 ____A C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
2012-02-14 01:06 - 2012-02-14 01:06 - 0000000 ____D C:\Program Files (x86)\OpenOffice.org 3
2012-02-14 01:05 - 2011-02-03 02:12 - 0000000 ____D C:\Program Files (x86)\Java
2012-02-14 01:04 - 2012-02-14 01:04 - 0000000 ____D C:\Users\henry\Desktop\OpenOffice.org 3.3 (en-US) Installation Files
2012-02-13 21:51 - 2012-02-13 21:51 - 0002674 ____A C:\Users\henry\Desktop\gamje.rtf
2012-02-13 21:07 - 2012-02-13 21:04 - 158067944 ____A C:\Users\henry\Desktop\OOo_3.3.0_Win_x86_install-wJRE_en-US.exe
2012-02-13 19:41 - 2012-02-11 22:00 - 0001401 ____A C:\Users\henry\Desktop\game.rtf
2012-02-13 18:27 - 2012-02-13 18:27 - 0000000 ____D C:\Users\henry\AppData\Local\{C5BADF91-2511-4CAC-AB6C-4D3FAC1F6138}
2012-02-13 18:27 - 2012-02-13 18:27 - 0000000 ____D C:\Users\henry\AppData\Local\{90510189-B773-4718-A4CA-22F204BB142A}
2012-02-13 18:26 - 2012-02-05 12:07 - 0000000 __ASH C:\Windows\System32\dds_trash_log.cmd
2012-02-12 01:36 - 2012-02-12 01:36 - 0000000 ____D C:\Users\henry\AppData\Local\{00B1E53F-947D-4335-B72B-5F9DFD1E805E}
2012-02-12 01:36 - 2012-02-11 13:35 - 0000000 ____D C:\Users\henry\AppData\Local\{6FCDD234-CB51-4A38-923A-17C99FE76D40}
2012-02-11 13:35 - 2012-02-11 13:35 - 0000000 ____D C:\Users\henry\AppData\Local\{73F970D8-451B-4E85-924F-337B1497492E}
2012-02-11 01:35 - 2012-02-11 01:35 - 0000000 ____D C:\Users\henry\AppData\Local\{82472FAA-3036-4B5A-AEB8-CAD33BE75143}
2012-02-11 01:35 - 2012-02-10 13:34 - 0000000 ____D C:\Users\henry\AppData\Local\{A4FC1966-4216-4739-9E98-38A53F0A455D}
2012-02-10 17:41 - 2012-02-10 17:41 - 0000000 ____D C:\Users\henry\AppData\Local\Yahoo!
2012-02-10 17:41 - 2012-02-10 17:40 - 0000000 ____D C:\Users\henry\AppData\Roaming\Yahoo!
2012-02-10 17:40 - 2012-02-10 17:40 - 0000000 ____D C:\Users\All Users\Yahoo! Companion
2012-02-10 17:40 - 2012-02-10 17:40 - 0000000 ____D C:\Users\All Users\Yahoo!
2012-02-10 17:40 - 2012-02-10 17:40 - 0000000 ____D C:\ProgramData\Yahoo! Companion
2012-02-10 17:40 - 2012-02-10 17:40 - 0000000 ____D C:\ProgramData\Yahoo!
2012-02-10 17:40 - 2012-02-10 17:39 - 0000000 ____D C:\Program Files (x86)\Yahoo!
2012-02-10 17:40 - 2011-06-08 17:42 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-02-10 13:34 - 2012-02-10 13:34 - 0000000 ____D C:\Users\henry\AppData\Local\{F45171E0-2CD6-4B73-A2D7-5D60E8429C00}
2012-02-10 01:34 - 2012-02-10 01:34 - 0000000 ____D C:\Users\henry\AppData\Local\{06D3EC2F-0774-4456-B8C6-9BFC6E213463}
2012-02-10 01:34 - 2012-02-10 01:33 - 0000000 ____D C:\Users\henry\AppData\Local\{E0536CF3-6F3D-425A-87D0-922411A4A8BF}
2012-02-09 22:36 - 2012-03-24 20:54 - 1544192 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-02-09 21:38 - 2012-03-24 20:54 - 1077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-02-09 13:33 - 2012-02-09 13:33 - 0000000 ____D C:\Users\henry\AppData\Local\{D1CE17AC-B2DD-4892-B6A6-6FC8E8228F33}
2012-02-09 13:33 - 2012-02-09 13:33 - 0000000 ____D C:\Users\henry\AppData\Local\{8FEF66E6-73D0-466D-A37B-DC5A0BF7D8E2}
2012-02-09 01:32 - 2012-02-09 01:32 - 0000000 ____D C:\Users\henry\AppData\Local\{1930590C-E6F5-47A8-B289-1D2E391E5F5A}
2012-02-09 01:32 - 2012-02-08 13:32 - 0000000 ____D C:\Users\henry\AppData\Local\{E7728E4B-E2CB-4874-B7AF-F874D5349D5A}
2012-02-09 01:23 - 2012-02-09 01:23 - 0250401 ____A C:\Users\henry\Desktop\hamster.pdf
2012-02-08 18:42 - 2012-02-08 18:42 - 0183430 ____A C:\Users\henry\Desktop\Hamster.jpg
2012-02-08 14:32 - 2012-02-08 14:27 - 0064052 ____A C:\Users\henry\Desktop\6789035393879077612.jpg
2012-02-08 13:49 - 2011-05-20 19:04 - 0000000 ____D C:\Program Files (x86)\Google
2012-02-08 13:32 - 2012-02-08 13:32 - 0000000 ____D C:\Users\henry\AppData\Local\{4C89C6D7-CCBA-4780-8ED4-924F4AA9C961}
2012-02-08 01:31 - 2012-02-08 01:31 - 0000000 ____D C:\Users\henry\AppData\Local\{EEF13889-45EB-4E8C-B59E-176C3678D72A}
2012-02-08 01:31 - 2012-02-08 01:31 - 0000000 ____D C:\Users\henry\AppData\Local\{90D0F317-E7E1-4143-9682-D3F106678733}
2012-02-07 23:56 - 2012-02-07 23:56 - 0000917 ____A C:\Users\Public\Desktop\Steam.lnk
2012-02-07 16:12 - 2012-02-07 16:12 - 0001066 ____A C:\Users\Public\Desktop\VLC media player.lnk
2012-02-07 16:04 - 2012-02-07 16:04 - 21073936 ____A C:\Users\henry\Documents\vlc-1.1.11-win32.exe
2012-02-07 13:31 - 2012-02-07 13:31 - 0000000 ____D C:\Users\henry\AppData\Local\{88226A5E-950A-4CD4-ADC2-6BCEF5C6C8A3}
2012-02-07 13:31 - 2012-02-07 13:30 - 0000000 ____D C:\Users\henry\AppData\Local\{21E9B387-6B87-458F-B3DE-30D6B295DCA7}
2012-02-07 13:29 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At24.job
2012-02-07 13:29 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At20.job
2012-02-07 13:29 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At18.job
2012-02-07 13:29 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At16.job
2012-02-07 13:29 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At14.job
2012-02-07 13:29 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At12.job
2012-02-07 13:29 - 2012-02-06 17:02 - 0000348 ____A C:\Windows\Tasks\At10.job
2012-02-07 13:29 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At9.job
2012-02-07 13:29 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At23.job
2012-02-07 13:29 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At19.job
2012-02-07 13:29 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At17.job
2012-02-07 13:29 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At15.job
2012-02-07 13:29 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At13.job
2012-02-07 13:29 - 2012-02-06 17:02 - 0000346 ____A C:\Windows\Tasks\At11.job
2012-02-07 00:09 - 2012-02-07 00:09 - 0000000 ____D C:\Users\henry\AppData\Local\{C9B09461-90A4-4928-B96C-B565EDBC5434}
2012-02-07 00:09 - 2012-02-07 00:09 - 0000000 ____D C:\Users\henry\AppData\Local\{6914B2E4-9F10-4092-BCB9-C2FB2EA918D2}
2012-02-06 17:08 - 2012-02-06 17:02 - 0000112 ____A C:\Users\All Users\7G22j3n78.dat
2012-02-06 17:08 - 2012-02-06 17:02 - 0000112 ____A C:\ProgramData\7G22j3n78.dat
2012-02-06 17:03 - 2012-02-06 17:02 - 0086432 ____A C:\Windows\SysWOW64\MlTy3E.com_
2012-02-06 13:51 - 2012-02-06 13:51 - 0001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-02-06 13:51 - 2011-05-14 20:40 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-06 12:09 - 2012-02-06 12:09 - 0000000 ____D C:\Users\henry\AppData\Local\{8BFE6BF3-E4E4-4764-8578-70BBE97D06BA}
2012-02-06 12:09 - 2012-02-06 12:08 - 0000000 ____D C:\Users\henry\AppData\Local\{22D2353D-54D4-4A96-9086-1C9DE25D0FA1}
2012-02-06 00:08 - 2012-02-06 00:08 - 0000000 ____D C:\Users\henry\AppData\Local\{FDC07DAE-4E79-4294-86FF-F8F6C0862D6A}
2012-02-06 00:08 - 2012-02-06 00:08 - 0000000 ____D C:\Users\henry\AppData\Local\{8D967ED0-44E8-4F6D-B165-9F39F950F741}
2012-02-05 23:20 - 2012-02-05 23:05 - 0000000 ____D C:\Users\henry\Desktop\me
2012-02-05 23:07 - 2012-02-05 23:07 - 0023365 ____A C:\Users\henry\Desktop\19354_301822571123_692166123_4808157_6737368_n.jpg
2012-02-05 12:08 - 2012-02-05 12:07 - 0000000 ____D C:\Users\henry\AppData\Local\{53C95817-6508-40C6-A55B-9E69A9AADD84}
2012-02-05 12:07 - 2012-02-05 12:07 - 0000000 ____D C:\Users\henry\AppData\Local\{C1BE8BB6-2AC0-4F38-A730-69D71A0D5BAD}
2012-02-04 21:02 - 2012-02-04 21:02 - 0000000 ____D C:\Users\henry\AppData\Local\{8231ED5A-AD37-4B2C-ADDD-5A83EB6ED23F}
2012-02-04 21:02 - 2012-02-04 21:02 - 0000000 ____D C:\Users\henry\AppData\Local\{2EFDD19F-BEE3-4B7E-84BC-356B8022A2AF}
2012-02-04 03:07 - 2012-02-04 03:07 - 0000000 ____D C:\Users\henry\AppData\Local\{51D2CD95-4114-4742-A059-4992B74023E5}
2012-02-04 03:07 - 2012-02-04 03:06 - 0000000 ____D C:\Users\henry\AppData\Local\{A0234533-CE64-4E6E-825A-76CD021CAC31}
2012-02-03 11:25 - 2012-02-03 11:25 - 0000000 ____D C:\Users\henry\AppData\Local\{821CE428-5D6A-43F6-9780-87C73DAE5A3D}
2012-02-03 11:25 - 2012-02-03 11:24 - 0000000 ____D C:\Users\henry\AppData\Local\{3F4F18AA-1DC8-4101-944B-F399B6BBABA3}
2012-02-03 00:21 - 2011-05-20 19:04 - 0000000 ____D C:\Users\henry\AppData\Local\Google
2012-02-03 00:20 - 2012-02-03 00:20 - 0606536 ____A (Google Inc.) C:\Users\henry\Desktop\GoogleEarthSetup.exe
2012-02-02 22:54 - 2012-02-02 22:53 - 0000000 ____D C:\Users\henry\AppData\Local\{10403399-7398-4B24-915B-067625B7CE63}
2012-02-02 22:53 - 2012-02-02 22:53 - 0000000 ____D C:\Users\henry\AppData\Local\{0167071C-DF9C-47E4-8A1C-FC4A7D569F09}
2012-02-02 20:34 - 2012-03-24 20:54 - 3145728 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-02-02 02:25 - 2012-02-02 02:25 - 0000000 ____D C:\Users\henry\AppData\Local\{D467A05C-B7AE-4AA3-8A21-E95F79BA41B6}
2012-02-02 02:25 - 2012-02-01 14:24 - 0000000 ____D C:\Users\henry\AppData\Local\{D35A9E7A-45C7-4BF5-90B2-472AB3A6AE73}
2012-02-01 14:25 - 2012-02-01 14:25 - 0000000 ____D C:\Users\henry\AppData\Local\{12C94DF2-F468-4F1A-890A-B10448CCA927}
2012-02-01 02:24 - 2012-02-01 02:24 - 0000000 ____D C:\Users\henry\AppData\Local\{EE0527D1-8A1D-40BE-9CAD-C8A0C0155A03}
2012-02-01 02:24 - 2012-02-01 02:24 - 0000000 ____D C:\Users\henry\AppData\Local\{BD3E4962-FA5D-4534-88FD-8C36A0659C97}
2012-01-31 14:23 - 2012-01-31 14:23 - 0000000 ____D C:\Users\henry\AppData\Local\{6577B562-DDDD-4042-B89A-162637D3C29D}
2012-01-31 14:23 - 2012-01-31 14:23 - 0000000 ____D C:\Users\henry\AppData\Local\{446AF6A5-92B9-42D8-B71F-DD0D7F1E05FB}
2012-01-31 02:23 - 2012-01-31 02:23 - 0000000 ____D C:\Users\henry\AppData\Local\{9854EF1D-36F8-4BAE-A03A-9BCFBA49E2B4}
2012-01-31 02:23 - 2012-01-30 14:22 - 0000000 ____D C:\Users\henry\AppData\Local\{CE98DAF8-DA18-4C25-AFD8-1589A0F21CF4}
2012-01-31 01:25 - 2012-01-31 01:25 - 0241179 ____A C:\Users\henry\Desktop\f5.jpg
2012-01-30 14:22 - 2012-01-30 14:22 - 0000000 ____D C:\Users\henry\AppData\Local\{E24CF0ED-123A-4258-82F2-0E5226B8F162}
2012-01-30 02:18 - 2012-01-30 02:18 - 0000252 ____A C:\Windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
2012-01-29 19:17 - 2012-01-29 19:17 - 0000000 ____D C:\Users\henry\AppData\Local\{7E541046-E135-483E-8465-93F5EA04A672}
2012-01-29 19:17 - 2012-01-29 19:17 - 0000000 ____D C:\Users\henry\AppData\Local\{451AA597-0315-4003-9E5B-083B5E744610}
2012-01-29 02:10 - 2012-01-29 02:09 - 0000000 ____D C:\Users\henry\AppData\Local\{0A6F146E-8947-46BF-8393-B13F322406F4}
2012-01-29 02:09 - 2012-01-28 14:08 - 0000000 ____D C:\Users\henry\AppData\Local\{D38B6B30-D334-48D7-9EA4-1A23E1DB49FF}
2012-01-28 14:09 - 2012-01-28 14:09 - 0000000 ____D C:\Users\henry\AppData\Local\{527962A1-2B8E-4B6E-B08E-888B49AD59F9}
2012-01-27 12:16 - 2012-01-27 12:16 - 0000000 ____D C:\Users\henry\AppData\Local\{77F148F5-40D5-4A2A-8FEB-A710EE9ABD95}
2012-01-27 12:16 - 2012-01-27 12:15 - 0000000 ____D C:\Users\henry\AppData\Local\{A0A1117D-475B-4940-8032-296BCEF35595}
2012-01-26 13:23 - 2012-01-26 13:23 - 0000000 ____D C:\Users\henry\AppData\Local\{CC4FEE6F-23CE-49CC-ADD7-F43E0BB2BB98}
2012-01-26 13:23 - 2012-01-26 13:23 - 0000000 ____D C:\Users\henry\AppData\Local\{592353AE-6B83-42B1-983D-3A2AEC7D0E31}
2012-01-25 22:58 - 2012-01-25 22:58 - 0000000 ____D C:\Users\henry\AppData\Local\{E5184E93-3C52-401B-AD2D-529782A3319A}
2012-01-25 22:58 - 2012-01-25 22:58 - 0000000 ____D C:\Users\henry\AppData\Local\{D07151E3-9A24-49B4-B54E-DEFC4B80BD91}
2012-01-25 02:10 - 2012-01-25 02:09 - 0000000 ____D C:\Users\henry\AppData\Local\{D2761134-DD84-41A1-A59F-987C56DF0671}
2012-01-25 02:09 - 2012-01-25 02:09 - 0000000 ____D C:\Users\henry\AppData\Local\{6AD18E66-C977-4374-AC11-01FE042A26DB}
2012-01-24 22:38 - 2012-03-24 20:54 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-01-24 22:38 - 2012-03-24 20:54 - 0077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-01-24 22:33 - 2012-03-24 20:54 - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-01-24 14:09 - 2012-01-24 14:09 - 0000000 ____D C:\Users\henry\AppData\Local\{EEA7CB4C-FADF-441E-BDDD-3D8045F2D990}
2012-01-24 14:09 - 2012-01-24 14:09 - 0000000 ____D C:\Users\henry\AppData\Local\{D4D95E07-C9A7-48C3-BDAE-8F2AE8CEEC5E}
2012-01-24 02:08 - 2012-01-24 02:08 - 0000000 ____D C:\Users\henry\AppData\Local\{0531A247-4C01-430F-8F7C-B3A2EF02A929}
2012-01-24 02:08 - 2012-01-23 14:08 - 0000000 ____D C:\Users\henry\AppData\Local\{D32DC6F5-5A6A-4F57-AD41-6FEAE329E0B2}
2012-01-23 16:07 - 2012-01-14 16:55 - 0000000 ____D C:\Users\henry\Desktop\monday
2012-01-23 14:08 - 2012-01-23 14:08 - 0000000 ____D C:\Users\henry\AppData\Local\{021B7D4B-0322-4C2E-B20F-08C93A9D4286}
2012-01-22 23:44 - 2012-01-22 23:44 - 0000931 ____A C:\Users\Public\Desktop\ZooskMessenger.lnk
2012-01-22 23:44 - 2012-01-22 23:44 - 0000000 ____D C:\Users\henry\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
2012-01-22 23:44 - 2012-01-22 23:44 - 0000000 ____D C:\Program Files (x86)\ZooskMessenger
2012-01-22 19:39 - 2012-01-22 19:39 - 0021082 ____A C:\Users\henry\Desktop\bowlign.jpg
2012-01-22 19:11 - 2012-01-22 19:11 - 0000000 ____D C:\Users\henry\AppData\Local\{E837D6EA-8546-4C0F-8FDB-40E0FFD6F93D}
2012-01-22 19:11 - 2012-01-22 19:11 - 0000000 ____D C:\Users\henry\AppData\Local\{972A93F9-15B0-435F-8F5F-27A8001A5F1B}
2012-01-22 01:54 - 2012-01-22 01:54 - 0000000 ____D C:\Users\henry\AppData\Local\{EA67E4DA-554C-4F9E-B874-555FE863880F}
2012-01-22 01:54 - 2012-01-22 01:54 - 0000000 ____D C:\Users\henry\AppData\Local\{73723E2A-CC41-4467-B3E4-121DFE212E2A}
2012-01-21 13:53 - 2012-01-21 13:53 - 0000000 ____D C:\Users\henry\AppData\Local\{E0A95C72-D48E-489F-8200-45F98867E859}
2012-01-21 13:53 - 2012-01-21 13:53 - 0000000 ____D C:\Users\henry\AppData\Local\{A4B30153-5D72-467E-A327-139E0F597969}
2012-01-21 01:53 - 2012-01-21 01:53 - 0000000 ____D C:\Users\henry\AppData\Local\{ACB091C6-86F9-441E-AAC7-0C7606B4A10F}
2012-01-21 01:53 - 2012-01-21 01:52 - 0000000 ____D C:\Users\henry\AppData\Local\{A66040E4-FF10-40BE-9CAE-9EE5627EE739}
2012-01-20 19:30 - 2012-01-20 18:29 - 0008955 ____A C:\Users\All Users\22cd857d
2012-01-20 19:30 - 2012-01-20 18:29 - 0008955 ____A C:\ProgramData\22cd857d
2012-01-20 19:30 - 2012-01-20 18:29 - 0008861 ____A C:\Users\henry\AppData\Roaming\10c8feaa
2012-01-20 19:30 - 2012-01-20 18:29 - 0008776 ____A C:\Users\henry\AppData\Local\9fe946d3
2012-01-20 18:33 - 2012-01-20 18:33 - 0001205 ____A C:\Users\henry\Desktop\FixNCR.reg
2012-01-20 18:29 - 2012-01-20 18:29 - 0000012 ____A C:\Windows\srun.log
2012-01-20 18:29 - 2012-01-20 18:29 - 0000000 ____D C:\Windows\system64
2012-01-20 18:29 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Resources
2012-01-20 15:28 - 2010-12-01 19:34 - 0000000 ____D C:\Users\henry\AppData\Local\Adobe
2012-01-20 13:52 - 2012-01-20 13:52 - 0000000 ____D C:\Users\henry\AppData\Local\{FB7A5117-7308-4765-9C6F-6ED46CDC858C}
2012-01-20 13:52 - 2012-01-20 13:52 - 0000000 ____D C:\Users\henry\AppData\Local\{6195FBEC-2090-4E5C-ABE7-5B5522FB2FF7}
2012-01-20 03:22 - 2011-10-26 17:42 - 0000000 ____D C:\Users\henry\AppData\Roaming\Skype
2012-01-20 01:52 - 2012-01-20 01:51 - 0000000 ____D C:\Users\henry\AppData\Local\{261D44BC-CA6B-45C5-9281-A9C1277D2752}
2012-01-20 01:51 - 2012-01-19 13:50 - 0000000 ____D C:\Users\henry\AppData\Local\{EF2A7DBE-6431-478E-97A9-D8C97384DE80}
2012-01-19 13:51 - 2012-01-19 13:51 - 0000000 ____D C:\Users\henry\AppData\Local\{BEBA7A96-47E7-4FEE-8205-FB692FB2F511}
2012-01-19 00:28 - 2012-01-19 00:27 - 0000000 ____D C:\Users\henry\AppData\Local\{0309A09C-6D14-4691-A686-22C03AB3EFDA}
2012-01-19 00:27 - 2012-01-18 12:27 - 0000000 ____D C:\Users\henry\AppData\Local\{C26BE47B-90FF-430C-A1DA-13FF9AC167E3}
2012-01-18 12:27 - 2012-01-18 12:27 - 0000000 ____D C:\Users\henry\AppData\Local\{D80104C8-8361-4FA8-8FC3-41F2A7FC6877}
2012-01-18 00:27 - 2010-12-01 19:54 - 0000000 ____D C:\Users\All Users\regid.1986-12.com.adobe
2012-01-18 00:27 - 2010-12-01 19:54 - 0000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2012-01-17 20:44 - 2010-12-01 19:40 - 0000000 ____D C:\Program Files\Adobe
2012-01-17 20:44 - 2010-12-01 19:39 - 0000000 ____D C:\Program Files\Common Files\Adobe
2012-01-17 20:39 - 2010-12-01 19:36 - 0000000 ____D C:\Users\All Users\Adobe
2012-01-17 20:39 - 2010-12-01 19:36 - 0000000 ____D C:\ProgramData\Adobe
2012-01-17 20:30 - 2012-01-17 20:30 - 0000000 ____D C:\Users\henry\Adobe Flash Builder 4.5
2012-01-17 20:23 - 2012-01-17 20:23 - 0002026 ____A C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2012-01-17 20:20 - 2012-01-17 20:20 - 0001085 ____A C:\Users\Public\Desktop\Adobe Content Viewer.lnk
2012-01-17 20:19 - 2012-01-17 20:19 - 0000000 ____D C:\Program Files (x86)\Adobe Story
2012-01-17 20:17 - 2012-01-17 20:17 - 0000000 ____D C:\Program Files (x86)\My Company Name
2012-01-17 20:08 - 2012-01-17 18:42 - 0000000 ____D C:\Users\henry\Desktop\CS5.5 Master Collection
2012-01-17 19:45 - 2012-01-17 19:45 - 0000000 ____D C:\Users\henry\Documents\AIMLogger
2012-01-17 18:41 - 2012-01-17 18:41 - 2288128 ____A C:\Users\henry\Desktop\LeagueofLegends.exe
2012-01-17 17:48 - 2012-01-17 17:48 - 0000000 ____D C:\Users\henry\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-01-17 17:47 - 2012-01-17 17:47 - 0001031 ____A C:\Users\Public\Desktop\Adobe Download Assistant.lnk
2012-01-17 17:47 - 2012-01-17 17:47 - 0000000 ____D C:\Program Files (x86)\Adobe Download Assistant
2012-01-17 17:46 - 2012-01-17 17:46 - 0000000 ____D C:\Users\henry\Desktop\1325-1279-4409-9491-6280-5123
2012-01-17 16:32 - 2012-01-17 16:32 - 0000000 ___AD C:\Users\henry\Desktop\Loomis
2012-01-17 16:01 - 2012-01-17 16:01 - 0000000 ____D C:\Users\henry\AppData\Local\{8D0FEB72-BB7E-46A6-B9B3-7FB56D4B6E52}
2012-01-17 16:01 - 2012-01-17 16:01 - 0000000 ____D C:\Users\henry\AppData\Local\{83A49127-45FE-4108-8EE8-DE41CB3EB8BB}
2012-01-17 15:29 - 2012-01-17 15:27 - 0008998 ____A C:\Users\All Users\9b7760c7
2012-01-17 15:29 - 2012-01-17 15:27 - 0008998 ____A C:\ProgramData\9b7760c7
2012-01-17 15:29 - 2012-01-17 15:27 - 0008945 ____A C:\Users\henry\AppData\Local\2653a369
2012-01-17 15:29 - 2012-01-17 15:27 - 0008888 ____A C:\Users\henry\AppData\Roaming\a9721b10
2012-01-17 12:19 - 2012-01-17 12:19 - 0000000 ____D C:\Users\henry\AppData\Local\{A46937CE-5DE6-404F-B847-91FA41A3B7A5}
2012-01-17 12:19 - 2012-01-17 12:18 - 0000000 ____D C:\Users\henry\AppData\Local\{28F7D0F7-B6DF-4F27-82BC-BBE51E714DEB}
2012-01-16 21:41 - 2011-02-10 02:00 - 0000000 ____D C:\Users\henry\AppData\Local\Deployment
2012-01-16 17:25 - 2012-01-16 17:25 - 0000000 ____D C:\Users\henry\AppData\Local\{89AFB00C-7BF1-45C1-BB43-52D0E2E4FE2A}
2012-01-16 17:25 - 2012-01-16 17:25 - 0000000 ____D C:\Users\henry\AppData\Local\{78362BF3-B60B-41A6-8CA1-D224649E39C3}
2012-01-15 19:31 - 2012-01-15 19:30 - 0000000 ____D C:\Users\henry\AppData\Local\{0687E56E-8DD3-4A4F-AD99-CB6CEC59616F}
2012-01-15 19:30 - 2012-01-15 19:30 - 0000000 ____D C:\Users\henry\AppData\Local\{1E27CF8E-1F34-4CB5-98A9-E4EC9B4924AA}
2012-01-14 17:05 - 2012-01-14 17:04 - 0000000 ____D C:\Users\henry\AppData\Local\{A5975671-0DA4-4AD9-B057-F1AE6BD517E3}
2012-01-14 17:04 - 2012-01-14 17:04 - 0000000 ____D C:\Users\henry\AppData\Local\{F0516731-D776-4D15-AE35-8EB612714B0B}
2012-01-14 17:01 - 2011-01-10 14:20 - 0000000 ____D C:\Users\All Users\FLEXnet
2012-01-14 17:01 - 2011-01-10 14:20 - 0000000 ____D C:\ProgramData\FLEXnet
2012-01-14 13:09 - 2012-01-14 13:09 - 0000000 ____D C:\Users\henry\AppData\Local\{80E442E0-A8B1-4289-BD30-E443532E2EF3}
2012-01-14 13:09 - 2012-01-14 13:09 - 0000000 ____D C:\Users\henry\AppData\Local\{65E26C71-8A8C-4616-96FC-EDED6C804B74}
2012-01-14 01:08 - 2012-01-14 01:08 - 0000000 ____D C:\Users\henry\AppData\Local\{2AFCA2BB-508F-48C6-BBD5-D8719496CF38}
2012-01-14 01:08 - 2012-01-13 13:08 - 0000000 ____D C:\Users\henry\AppData\Local\{A908EBE2-E170-4317-A9E1-11C730164280}
2012-01-13 13:08 - 2012-01-13 13:08 - 0000000 ____D C:\Users\henry\AppData\Local\{F9BD8595-D5A1-4276-AD21-D4B58CC48B86}
2012-01-13 12:54 - 2012-01-13 12:54 - 0711412 ____A C:\Users\henry\Desktop\Henry_Ong_Resume_kabam.jpg
2012-01-13 01:07 - 2012-01-13 01:07 - 0000000 ____D C:\Users\henry\AppData\Local\{634C9105-DE8A-4CF0-9C3B-CDA99D39F910}
2012-01-13 01:07 - 2012-01-12 13:06 - 0000000 ____D C:\Users\henry\AppData\Local\{93B0058A-EBF0-418A-8472-9D282B775015}
2012-01-12 13:07 - 2012-01-12 13:07 - 0000000 ____D C:\Users\henry\AppData\Local\{ACB4D370-51F7-4579-BDA0-03A1A4158190}
2012-01-12 01:06 - 2012-01-12 01:06 - 0000000 ____D C:\Users\henry\AppData\Local\{87FB357F-7D2E-403D-AB30-4160C1A6A01C}
2012-01-12 01:06 - 2012-01-11 13:05 - 0000000 ____D C:\Users\henry\AppData\Local\{BC97A04C-C788-4767-9E7B-E5B1486B00FD}
2012-01-11 13:06 - 2012-01-11 13:06 - 0000000 ____D C:\Users\henry\AppData\Local\{FDCBFBD4-691F-4D21-B00D-418BE23B8068}
2012-01-11 01:04 - 2012-01-11 01:03 - 0000000 ____D C:\Users\henry\AppData\Local\{F0F9D0B6-32A7-478F-961C-1B75C4C9D10C}
2012-01-11 01:03 - 2012-01-10 13:03 - 0000000 ____D C:\Users\henry\AppData\Local\{1B925365-AF60-41A4-A789-5FD7A0B13AD0}
2012-01-10 21:25 - 2012-01-10 21:25 - 25972132 ____N C:\Users\henry\Desktop\MVI_2848.AVI
2012-01-10 13:03 - 2012-01-10 13:03 - 0000000 ____D C:\Users\henry\AppData\Local\{36ABFCC2-24EC-4EE8-98CD-10CEF19B752E}
2012-01-10 01:03 - 2012-01-10 01:02 - 0000000 ____D C:\Users\henry\AppData\Local\{52051B56-160B-4DB2-B4EE-90C9D2B462C8}
2012-01-10 01:02 - 2012-01-09 13:02 - 0000000 ____D C:\Users\henry\AppData\Local\{5E8E688F-D1A5-444F-A5D8-1178702833BD}
2012-01-09 21:29 - 2012-01-09 21:29 - 0025550 ____A C:\Users\henry\Desktop\21554_334319071123_692166123_4959032_6616784_n.jpg
2012-01-09 13:02 - 2012-01-09 13:02 - 0000000 ____D C:\Users\henry\AppData\Local\{99674EA8-28F7-43B6-AF1A-23BDA1E3CB5D}
2012-01-08 19:22 - 2012-01-08 19:22 - 0000000 ____D C:\Users\henry\AppData\Local\{2243523E-8705-48C8-AF8D-711C76B8E8B6}
2012-01-08 19:22 - 2012-01-08 19:22 - 0000000 ____D C:\Users\henry\AppData\Local\{0EAADB92-3AEF-4D8C-9BC1-23840313CC91}
2012-01-08 01:11 - 2012-01-08 01:11 - 0000000 ____D C:\Users\henry\AppData\Local\{7AFAE1B3-901C-4F53-AF70-76E7D17CA413}
2012-01-08 01:11 - 2012-01-07 13:11 - 0000000 ____D C:\Users\henry\AppData\Local\{2302C642-02F2-4DF8-A362-E536C0169523}
2012-01-07 13:11 - 2012-01-07 13:11 - 0000000 ____D C:\Users\henry\AppData\Local\{90004412-5311-41F4-AA77-0634FBB2E758}
2012-01-07 01:10 - 2012-01-07 01:10 - 0000000 ____D C:\Users\henry\AppData\Local\{9A5A71CB-6E24-45A1-9060-3FF012646EDE}
2012-01-07 01:10 - 2012-01-06 13:10 - 0000000 ____D C:\Users\henry\AppData\Local\{E71B4579-CBEA-401A-91BE-7DC9A06409E9}
2012-01-06 13:10 - 2012-01-06 13:10 - 0000000 ____D C:\Users\henry\AppData\Local\{7ADDF6C5-92D2-4DFF-9DA0-ACCA4F58F970}
2012-01-06 01:09 - 2012-01-06 01:09 - 0000000 ____D C:\Users\henry\AppData\Local\{21CC2EFB-27EC-4FEE-855E-9AD018FB3F12}
2012-01-06 01:09 - 2012-01-05 13:09 - 0000000 ____D C:\Users\henry\AppData\Local\{498730F2-1951-4599-8A4B-A9E90127C0FA}
2012-01-05 13:09 - 2012-01-05 13:09 - 0000000 ____D C:\Users\henry\AppData\Local\{45B971F1-EBA1-42CC-9305-666786252700}
2012-01-05 01:08 - 2012-01-05 01:08 - 0000000 ____D C:\Users\henry\AppData\Local\{F1DE812B-4D7D-499B-860E-15A3F23849F4}
2012-01-05 01:08 - 2012-01-05 01:08 - 0000000 ____D C:\Users\henry\AppData\Local\{455CB302-A28F-435A-AEA7-028629AD4080}

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 9%
Total physical RAM: 8191.23 MB
Available physical RAM: 7384.84 MB
Total Pagefile: 8189.38 MB
Available Pagefile: 7375.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:235.53 GB) NTFS
3 Drive f: (PATRIOT) (Removable) (Total:7.45 GB) (Free:2.18 GB) FAT32
4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
5 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 7640 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 465 GB 101 MB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 465 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7636 MB 4032 KB

======================================================================================================

Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F PATRIOT FAT32 Removable 7636 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2012-04-02 22:07

======================= End Of Log ==========================
  • 0

#57
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Finally we have some progress. Let's try to fix your system now.

Step 1

NOTE: You have very nasty infection! I would strongly advice you to backup all your important data from your system before you begin with the fix.

This malware tends to disable you whole system and let you with nothing. Please backup your data.

Step 2

Download

Attached File  fixlist.txt   4.69KB   58 downloads

and copy/paste fixlist.txt in same folder where is FRST64.exe is located. In your case it will be in C:\

Run FRST64.exe as you did before, except that this time around, click on the Fix button and wait.

The tool will make a log on the C:\ (Fixlog.txt) please post it to your reply.
  • 0

#58
neataznyam

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
so all I do is put the fixlist.txt in the usb then run frst64 like last time?
  • 0

#59
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Yes. But make sure that fixlist.txt is in the same folder as FRST64.exe that you run. As I sad, in your case put fixlist.txt in C:\ because you run C:\FRST64.exe.
  • 0

#60
neataznyam

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
Fix result of Farbar Recovery Scan Tool (FRST written by farbar) Version: 15-03-2012
Ran by SYSTEM at 2012-04-03 01:30:49 R:1
Running from F:\

==============================================

HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\SubSystems\\Windows Value was restored.
tgsrvc_smartagent service deleted successfully.
C:\Windows\System32\se58mdfl.dll moved successfully.
C:\Windows\Tasks\At4.job moved successfully.
C:\Windows\Tasks\At3.job moved successfully.
C:\Windows\Tasks\At2.job moved successfully.
C:\Windows\Tasks\At1.job moved successfully.
C:\Windows\Tasks\At48.job moved successfully.
C:\Windows\Tasks\At47.job moved successfully.
C:\Windows\Tasks\At46.job moved successfully.
C:\Windows\Tasks\At45.job moved successfully.
C:\Windows\Tasks\At44.job moved successfully.
C:\Windows\Tasks\At43.job moved successfully.
C:\Windows\Tasks\At42.job moved successfully.
C:\Windows\Tasks\At41.job moved successfully.
C:\Windows\Tasks\At40.job moved successfully.
C:\Windows\Tasks\At39.job moved successfully.
C:\Windows\Tasks\At38.job moved successfully.
C:\Windows\Tasks\At37.job moved successfully.
C:\Windows\Tasks\At36.job moved successfully.
C:\Windows\Tasks\At35.job moved successfully.
C:\Windows\Tasks\At34.job moved successfully.
C:\Windows\Tasks\At33.job moved successfully.
C:\Windows\Tasks\At32.job moved successfully.
C:\Windows\Tasks\At31.job moved successfully.
C:\Windows\Tasks\At30.job moved successfully.
C:\Windows\Tasks\At29.job moved successfully.
C:\Windows\Tasks\At28.job moved successfully.
C:\Windows\Tasks\At27.job moved successfully.
C:\Windows\Tasks\At6.job moved successfully.
C:\Windows\Tasks\At5.job moved successfully.
C:\Windows\Tasks\At8.job moved successfully.
C:\Windows\Tasks\At7.job moved successfully.
C:\Windows\Tasks\At22.job moved successfully.
C:\Windows\Tasks\At21.job moved successfully.
C:\Windows\Tasks\At26.job moved successfully.
C:\Windows\Tasks\At25.job moved successfully.
C:\Windows\Tasks\At24.job moved successfully.
C:\Windows\Tasks\At20.job moved successfully.
C:\Windows\Tasks\At18.job moved successfully.
C:\Windows\Tasks\At16.job moved successfully.
C:\Windows\Tasks\At14.job moved successfully.
C:\Windows\Tasks\At12.job moved successfully.
C:\Windows\Tasks\At10.job moved successfully.
C:\Windows\Tasks\At9.job moved successfully.
C:\Windows\Tasks\At23.job moved successfully.
C:\Windows\Tasks\At19.job moved successfully.
C:\Windows\Tasks\At17.job moved successfully.
C:\Windows\Tasks\At15.job moved successfully.
C:\Windows\Tasks\At13.job moved successfully.
C:\Windows\Tasks\At11.job moved successfully.
C:\Users\All Users\7G22j3n78.dat moved successfully.
C:\ProgramData\7G22j3n78.dat not found.
C:\Users\All Users\22cd857d moved successfully.
C:\ProgramData\22cd857d not found.
C:\Users\henry\AppData\Roaming\10c8feaa moved successfully.
C:\Users\henry\AppData\Local\9fe946d3 moved successfully.
C:\Users\All Users\9b7760c7 moved successfully.
C:\ProgramData\9b7760c7 not found.
C:\Users\henry\AppData\Local\2653a369 moved successfully.
C:\Users\henry\AppData\Roaming\a9721b10 moved successfully.

==== End of Fixlog ====
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP