Hitman Pro Found MBR Problem, Now I can't boot [Closed]
Started by
Brandon Maki
, Apr 02 2012 10:11 AM
-
This topic is locked
#1
Posted 02 April 2012 - 10:11 AM
Brandon Maki
-
- Member
-
- 63 posts
Member
#2
Posted 07 April 2012 - 08:55 AM
Gammo
-
- Malware Removal
-
- 2,299 posts
Member 2k
Hello and welcome to Geekstogo!
We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.
Please include a clear description of the problems you're having, along with any steps you may have performed so far.
Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.
After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.
Do you have the Windows CD ?
If not could you create a recovery disc as shown on this page
When you reboot you will see this although yours will say windows 7. Click repair my computer
Select your operating system
Select Command prompt
At the command prompt type the following
Can you successfully boot your PC after doing the above?
We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.
Please include a clear description of the problems you're having, along with any steps you may have performed so far.
Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.
After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.
Do you have the Windows CD ?
If not could you create a recovery disc as shown on this page
- Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here
When you reboot you will see this although yours will say windows 7. Click repair my computer
Select your operating system
Select Command prompt
At the command prompt type the following
- Bootrec.exe /FixMbr
- Once finished type Exit
Can you successfully boot your PC after doing the above?
#3
Posted 09 April 2012 - 09:01 AM
Brandon Maki
- Topic Starter
-
- Member
-
- 63 posts
Member
Tried the steps as you suggested and it still won't boot. Startup Repair still runs and says that it can't resolve the problem.
#4
Posted 09 April 2012 - 01:10 PM
Gammo
-
- Malware Removal
-
- 2,299 posts
Member 2k
For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.
Plug the flashdrive into the infected PC.
Enter System Recovery Options.
To enter System Recovery Options from the Advanced Boot Options:
To enter System Recovery Options by using Windows installation disc:
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.
Plug the flashdrive into the infected PC.
Enter System Recovery Options.
To enter System Recovery Options from the Advanced Boot Options:
- Restart the computer.
- As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
- Use the arrow keys to select the Repair your computer menu item.
- Select English as the keyboard language settings, and then click Next.
- Select the operating system you want to repair, and then click Next.
- Select your user account an click Next.
To enter System Recovery Options by using Windows installation disc:
- Insert the installation disc.
- Restart your computer.
- If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
- Click Repair your computer.
- Select English as the keyboard language settings, and then click Next.
- Select the operating system you want to repair, and then click Next.
- Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]
#5
Posted 09 April 2012 - 02:10 PM
Brandon Maki
- Topic Starter
-
- Member
-
- 63 posts
Member
Scan result of Farbar Recovery Scan Tool Version: 15-03-2012
Ran by SYSTEM at 09-04-2012 15:07:02
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001
========================== Registry (Whitelisted) =============
HKLM\...\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background [611896 2010-09-15] ()
HKLM\...\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe" [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup [2215768 2011-09-30] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [847872 2009-12-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [BrStsWnd] C:\Program Files (x86)\Brownie\BrstsW64.exe Autorun [3695928 2009-08-19] (brother)
HKLM-x32\...\Run: [BuffaloTools] C:\Program Files (x86)\BUFFALO\BuffaloTools\BuffaloTools.exe [169336 2010-10-18] (BUFFALO INC.)
HKLM-x32\...\Run: [Backup Utility TaskTray Tool] "C:\Program Files (x86)\BUFFALO\Backup_Utility\BUTray.exe" [1828216 2010-10-24] (BUFFALO INC.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2011-10-09] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [343168 2011-10-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" [2575712 2012-02-16] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ISTray] "C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe" /hideGUI [2659768 2012-02-24] (PC Tools)
HKU\Maki Chiropractic\...\Run: [Google Update] "C:\Users\Maki Chiropractic\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-03-20] (Google Inc.)
HKU\Maki Chiropractic\...\Run: [googletalk] C:\Users\Maki Chiropractic\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart [3739648 2007-01-01] (Google)
HKU\Maki Chiropractic\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4283256 2011-05-13] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
==================== Services (Whitelisted) ======
2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe" [5104992 2012-02-14] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
2 BFBackupUtilityService; C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe -Service_Execute [320888 2010-08-19] (BUFFALO INC.)
2 BFBackupUtilityVSSService; C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe -Service_Execute [359288 2010-04-27] (BUFFALO INC.)
2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [462184 2011-08-30] (Apple Inc.)
2 Browser Defender Update Service; "C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe" [550864 2012-02-17] (Threat Expert Ltd.)
2 EinsteinEMRService; "C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe" [2654208 2012-03-05] (AllianceTek Inc.)
2 HP Support Assistant Service; "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [86072 2011-09-09] (Hewlett-Packard Company)
2 HPClientSvc; "C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe" [291896 2010-08-05] (Hewlett-Packard Company)
2 NOBU; "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE [2804568 2010-06-01] (Symantec Corporation)
2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService [1119768 2010-09-28] (PDF Complete Inc)
2 QBCFMonitorService; "C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe" [45056 2011-11-04] (Intuit)
3 QBFCService; "C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe" [61440 2009-07-23] (Intuit Inc.)
2 QBVSS; "C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe" [1248256 2011-06-30] (Intuit Inc.)
3 QuickBooksDB21; C:\PROGRA~2\Intuit\QUICKB~1\QBDBMgrN.exe -hvQuickBooksDB21 [679936 2010-04-27] (Intuit, Inc.)
2 RoxioNow Service; C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [399344 2010-09-11] (Roxio)
2 sdAuxService; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [402336 2012-02-24] (PC Tools)
2 sdCoreService; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe [1117624 2012-02-24] (PC Tools)
3 ThreatFire; C:\Program Files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe service [71008 2012-02-24] (PC Tools)
2 LightScribeService; "c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" [x]
2 MsMpSvc; "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [x]
2 MSSQL$EEMRSQL; "c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sEEMRSQL [x]
4 MSSQLServerADHelper; "c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe" [x]
3 NisSrv; "c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe" [x]
2 SQLBrowser; "c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe" [x]
2 SQLWriter; "c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [x]
2 WinDefend; %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [x]
3 WMZuneComm; "c:\Program Files\Zune\WMZuneComm.exe" [x]
3 ZuneNetworkSvc; "c:\Program Files\Zune\ZuneNss.exe" [x]
3 ZuneWlanCfgSvc; "c:\Program Files\Zune\ZuneWlanCfgSvc.exe" [x]
========================== Drivers (Whitelisted) =============
0 amd_sata; C:\Windows\System32\Drivers\amd_sata.sys [75904 2010-08-13] (Advanced Micro Devices)
0 amd_xata; C:\Windows\System32\Drivers\amd_xata.sys [38016 2010-08-13] (Advanced Micro Devices)
2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55424 2011-06-24] (Advanced Micro Devices)
3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [124496 2011-12-23] (AVG Technologies CZ, s.r.o. )
0 AVGIDSEH; C:\Windows\System32\DRIVERS\avgidseha.sys [26704 2011-12-23] (AVG Technologies CZ, s.r.o. )
3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [289872 2012-02-22] (AVG Technologies CZ, s.r.o.)
1 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [382032 2012-02-22] (AVG Technologies CZ, s.r.o.)
0 bftpdskc64; C:\Windows\System32\Drivers\bftpdskc64.sys [69760 2010-08-17] (BUFFALO INC.)
3 bftpusbx64; C:\Windows\System32\Drivers\bftpusbx64.sys [20608 2010-09-21] (BUFFALO INC.)
3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [95232 2009-07-13] (Microsoft Corporation)
3 PCTBD; C:\Windows\System32\Drivers\PCTBD64.sys [70760 2011-09-28] (PC Tools)
0 pctBTFix; C:\Windows\System32\Drivers\pctBTFix64.sys [14776 2012-02-24] (PC Tools)
0 PCTCore; C:\Windows\System32\drivers\PCTCore64.sys [367912 2011-11-14] (PC Tools)
0 pctDS; C:\Windows\System32\drivers\pctDS64.sys [453896 2011-12-01] (PC Tools)
0 pctEFA; C:\Windows\System32\drivers\pctEFA64.sys [1096688 2011-12-01] (PC Tools)
1 pctgntdi; \??\C:\Windows\System32\drivers\pctgntdi64.sys [339608 2012-02-24] (PC Tools)
3 pctplsg; \??\C:\Windows\System32\drivers\pctplsg64.sys [92896 2012-02-24] (PC Tools)
1 PCTSD; C:\Windows\System32\Drivers\PCTSD64.sys [230952 2012-02-24] (PC Tools)
0 TfFsMon; C:\Windows\System32\Drivers\TfFsMon.sys [65664 2012-02-24] (PC Tools)
3 TfNetMon; C:\Windows\System32\Drivers\TfNetMon.sys [41968 2012-02-24] (PC Tools)
0 TFSysMon; C:\Windows\System32\Drivers\TFSysMon.sys [706776 2012-02-24] (PC Tools)
========================== NetSvcs (Whitelisted) ===========
============ One Month Created Files and Folders ==============
2012-04-09 15:06 - 2012-04-09 15:07 - 0000000 ____D C:\FRST
2012-04-02 07:22 - 2012-04-02 10:46 - 0000000 ____D C:\Users\All Users\HitmanPro
2012-04-02 07:22 - 2012-04-02 10:46 - 0000000 ____D C:\ProgramData\HitmanPro
2012-04-02 06:04 - 2012-04-02 06:05 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{06A3BA95-3114-4B21-B506-381054814463}
2012-04-02 01:53 - 2012-04-02 01:53 - 0000000 ____D C:\e0f64173c113f4fb89
2012-04-01 08:20 - 2012-04-01 08:20 - 0000000 ____A C:\Users\Maki Chiropractic\Downloads\HitmanPro36_x64.exe
2012-04-01 08:03 - 2012-04-01 08:03 - 2068016 ____A (Kaspersky Lab ZAO) C:\Users\Maki Chiropractic\Downloads\tdsskiller.exe
2012-04-01 07:47 - 2012-04-01 07:47 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{B0EA8FDA-699E-48B4-AEEA-6D6D43867EC2}
2012-03-31 07:27 - 2012-02-24 06:16 - 0706776 ____S (PC Tools) C:\Windows\System32\Drivers\TfSysMon.sys
2012-03-31 07:27 - 2012-02-24 06:16 - 0065664 ____S (PC Tools) C:\Windows\System32\Drivers\TfFsMon.sys
2012-03-31 07:27 - 2012-02-24 06:16 - 0041968 ____S (PC Tools) C:\Windows\System32\Drivers\TfNetMon.sys
2012-03-31 07:22 - 2012-03-31 07:26 - 0001557 ____A C:\Users\Maki Chiropractic\Desktop\sdsetup.exe.lnk
2012-03-31 07:22 - 2012-03-31 07:22 - 0002243 ____A C:\Users\Public\Desktop\PC Tools Spyware Doctor.lnk
2012-03-31 07:21 - 2012-03-31 07:21 - 3834832 ____A (PC Tools) C:\Users\Maki Chiropractic\Downloads\sdsetup.exe
2012-03-31 07:20 - 2012-03-31 07:20 - 0000248 ____A C:\Windows\System32\Drivers\kgpcpy.cfg
2012-03-31 07:17 - 2012-03-31 07:18 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{9162EB5B-9681-4096-A0F4-7444AAEF5823}
2012-03-30 11:21 - 2012-03-31 07:21 - 0389024 ____A (Bleeping Computer, LLC) C:\Users\Maki Chiropractic\Downloads\unhide.exe
2012-03-30 10:49 - 2012-01-12 06:28 - 0057976 ___RA (GFI Software) C:\Windows\System32\Drivers\SBREDrv.sys
2012-03-30 10:36 - 2012-02-24 07:31 - 0339608 ____A (PC Tools) C:\Windows\System32\Drivers\pctgntdi64.sys
2012-03-30 10:36 - 2012-02-24 07:31 - 0145432 ____A (PC Tools) C:\Windows\System32\Drivers\pctwfpfilter64.sys
2012-03-30 10:36 - 2012-02-17 12:08 - 2250704 ____A (Threat Expert Ltd.) C:\Windows\PCTBDCore.dll0326.old
2012-03-30 10:36 - 2012-02-17 12:08 - 2250704 ____A (Threat Expert Ltd.) C:\Windows\PCTBDCore.dll
2012-03-30 10:36 - 2012-02-17 12:08 - 1681360 ____A (Threat Expert Ltd.) C:\Windows\PCTBDRes.dll
2012-03-30 10:36 - 2012-02-17 12:08 - 0767952 ____A C:\Windows\BDTSupport.dll0326.old
2012-03-30 10:36 - 2012-02-17 12:08 - 0767952 ____A C:\Windows\BDTSupport.dll
2012-03-30 10:36 - 2012-02-17 12:08 - 0149456 ____A (PC Tools) C:\Windows\SGDetectionTool.dll0326.old
2012-03-30 10:36 - 2012-02-17 12:08 - 0149456 ____A (PC Tools) C:\Windows\SGDetectionTool.dll
2012-03-30 10:36 - 2011-09-28 10:14 - 0070760 ____A (PC Tools) C:\Windows\System32\Drivers\PCTBD64.sys
2012-03-30 10:36 - 2011-05-17 12:47 - 0003488 ____A C:\Windows\UDB.zip
2012-03-30 10:36 - 2010-08-20 07:50 - 0000882 ____A C:\Windows\RegSDImport.xml
2012-03-30 10:36 - 2010-01-22 06:44 - 0000879 ____A C:\Windows\RegISSImport.xml
2012-03-30 10:36 - 2008-11-26 09:08 - 0000131 ____A C:\Windows\IDB.zip
2012-03-30 10:35 - 2012-04-02 10:46 - 0000000 ____D C:\Program Files (x86)\PC Tools
2012-03-30 10:35 - 2012-02-24 07:37 - 0092896 ____A (PC Tools) C:\Windows\System32\Drivers\pctplsg64.sys
2012-03-30 10:35 - 2012-02-24 07:35 - 0014776 ____A (PC Tools) C:\Windows\System32\Drivers\pctBTFix64.sys
2012-03-30 10:34 - 2012-04-01 11:59 - 2530849 ____A C:\Windows\System32\Drivers\Cat.DB
2012-03-30 10:34 - 2012-02-24 07:36 - 0230952 ____A (PC Tools) C:\Windows\System32\Drivers\PCTSD64.sys
2012-03-30 10:34 - 2011-12-01 13:07 - 1096688 ____A (PC Tools) C:\Windows\System32\Drivers\pctEFA64.sys
2012-03-30 10:34 - 2011-12-01 13:07 - 0453896 ____A (PC Tools) C:\Windows\System32\Drivers\pctDS64.sys
2012-03-30 10:34 - 2011-11-14 12:12 - 0367912 ____A (PC Tools) C:\Windows\System32\Drivers\PCTCore64.sys
2012-03-30 10:33 - 2012-04-02 10:46 - 0000000 ___HD C:\Users\All Users\PC Tools
2012-03-30 10:33 - 2012-04-02 10:46 - 0000000 ___HD C:\ProgramData\PC Tools
2012-03-30 10:33 - 2012-03-30 10:33 - 3835344 ____A (PC Tools) C:\Users\Maki Chiropractic\Downloads\spyware-doctor.exe
2012-03-30 10:33 - 2012-03-30 10:33 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\TestApp
2012-03-30 10:19 - 2012-03-30 10:19 - 0000000 ___HD C:\Qoobox
2012-03-30 10:18 - 2012-04-02 10:46 - 0000000 ___SD C:\32788R22FWJFW
2012-03-30 09:23 - 2012-03-30 09:23 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\AVG2012
2012-03-30 09:22 - 2012-04-01 14:50 - 0000000 ____D C:\Windows\System32\Drivers\AVG
2012-03-30 09:22 - 2012-03-30 09:31 - 0000000 ___HD C:\Users\All Users\AVG2012
2012-03-30 09:22 - 2012-03-30 09:31 - 0000000 ___HD C:\ProgramData\AVG2012
2012-03-30 09:22 - 2012-03-30 09:22 - 0000000 ___HD C:\$AVG
2012-03-30 09:22 - 2012-03-30 09:22 - 0000000 ____D C:\Windows\SysWOW64\Drivers\AVG
2012-03-30 09:22 - 2012-03-30 09:22 - 0000000 ____D C:\Program Files (x86)\AVG
2012-03-30 09:18 - 2012-03-30 10:30 - 2068016 ____A (Kaspersky Lab ZAO) C:\Users\Maki Chiropractic\Desktop\abc123.exe
2012-03-30 09:13 - 2012-04-01 14:50 - 0000000 ___HD C:\Users\All Users\MFAData
2012-03-30 09:13 - 2012-04-01 14:50 - 0000000 ___HD C:\ProgramData\MFAData
2012-03-30 08:04 - 2012-03-30 08:04 - 15674504 ____A (SUPERAntiSpyware.com) C:\Users\Maki Chiropractic\Downloads\SUPERAntiSpyware.exe
2012-03-30 08:01 - 2012-03-30 08:01 - 0000000 ____D C:\Users\Maki Chiropractic\Downloads\tdsskiller
2012-03-30 08:00 - 2012-03-30 08:00 - 2048299 ____A C:\Users\Maki Chiropractic\Downloads\tdsskiller.zip
2012-03-30 07:29 - 2012-03-30 07:29 - 0042628 ____A C:\Windows\ntbtlog.txt
2012-03-30 06:56 - 2012-03-19 10:38 - 0002561 ____A C:\Users\Public\Desktop\SOAPe Platinum Plus.lnk
2012-03-30 06:56 - 2012-02-02 11:54 - 0002181 ____A C:\Users\Public\Desktop\HP Support Assistant.lnk
2012-03-30 06:56 - 2011-12-08 10:39 - 0001045 ____A C:\Users\Public\Desktop\Mplayer.lnk
2012-03-30 06:56 - 2011-10-17 06:17 - 0001785 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-03-30 06:56 - 2011-08-29 06:50 - 0000929 ____A C:\Users\Public\Desktop\Zune.lnk
2012-03-30 06:56 - 2011-08-10 07:22 - 0000824 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-03-30 06:56 - 2011-06-15 03:58 - 0002021 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk
2012-03-30 06:56 - 2011-05-12 04:54 - 0001140 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-03-30 06:56 - 2011-05-01 15:14 - 0000932 ____A C:\Users\Public\Desktop\EPSON Scan.lnk
2012-03-30 06:56 - 2011-02-20 10:55 - 0002436 ____A C:\Users\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
2012-03-30 06:56 - 2011-02-20 10:55 - 0002223 ____A C:\Users\All Users\Start Menu\Programs\Startup\Intuit Data Protect.lnk
2012-03-30 06:56 - 2011-02-20 10:55 - 0002113 ____A C:\Users\Public\Desktop\QuickBooks Pro 2011.lnk
2012-03-30 06:56 - 2011-02-20 10:55 - 0002032 ____A C:\Users\All Users\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
2012-03-30 06:56 - 2011-02-20 10:55 - 0001326 ____A C:\Users\Public\Desktop\Checks & More for QuickBooks.lnk
2012-03-30 06:56 - 2011-02-20 10:55 - 0001274 ____A C:\Users\Public\Desktop\Payroll for QuickBooks.lnk
2012-03-30 06:56 - 2011-02-20 10:55 - 0001220 ____A C:\Users\Public\Desktop\Support for QuickBooks.lnk
2012-03-30 06:56 - 2011-02-20 10:55 - 0001180 ____A C:\Users\Public\Desktop\Get More Customers with Intuit.lnk
2012-03-30 06:56 - 2011-02-15 15:19 - 0002007 ____A C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2012-03-30 06:56 - 2009-07-13 20:54 - 0000174 __ASH C:\Users\All Users\Start Menu\Programs\Startup\desktop.ini
2012-03-30 06:54 - 2012-03-30 06:56 - 0002462 ____A C:\Users\Maki Chiropractic\Desktop\unhide.txt
2012-03-30 06:41 - 2012-03-04 13:23 - 54215544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe
2012-03-30 06:33 - 2012-03-30 05:35 - 0001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-03-30 06:24 - 2012-03-30 06:24 - 0000000 __SHD C:\found.000
2012-03-30 05:35 - 2012-04-02 10:46 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-03-30 05:35 - 2012-03-30 05:35 - 0000000 ___HD C:\Users\All Users\Malwarebytes
2012-03-30 05:35 - 2012-03-30 05:35 - 0000000 ___HD C:\ProgramData\Malwarebytes
2012-03-30 05:35 - 2012-03-30 05:35 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\Malwarebytes
2012-03-30 05:33 - 2012-03-30 06:32 - 9502424 ____A (Malwarebytes Corporation ) C:\Users\Maki Chiropractic\Desktop\mbam--setup-1.60.1.1000.exe
2012-03-30 05:32 - 2012-04-02 07:16 - 0000403 ____A C:\rkill.log
2012-03-30 05:30 - 2012-03-30 06:27 - 1008141 ____A C:\Users\Maki Chiropractic\Desktop\malware.exe
2012-03-30 05:21 - 2012-03-30 07:34 - 1008141 ____A C:\Users\Maki Chiropractic\Downloads\iExplore.exe.com
2012-03-30 05:11 - 2012-04-01 07:45 - 0004558 ____A C:\Windows\PFRO.log
2012-03-30 05:07 - 2012-03-30 05:07 - 0243200 ___AH ( ) C:\Users\All Users\e8pkZwfbjFxA36.exe
2012-03-30 05:07 - 2012-03-30 05:07 - 0243200 ___AH ( ) C:\ProgramData\e8pkZwfbjFxA36.exe
2012-03-30 05:07 - 2012-03-30 05:07 - 0000256 ___AH C:\Users\All Users\e8pkZwfbjFxA36
2012-03-30 05:07 - 2012-03-30 05:07 - 0000256 ___AH C:\ProgramData\e8pkZwfbjFxA36
2012-03-30 05:07 - 2012-03-30 05:07 - 0000208 ___AH C:\Users\All Users\-e8pkZwfbjFxA36r
2012-03-30 05:07 - 2012-03-30 05:07 - 0000208 ___AH C:\ProgramData\-e8pkZwfbjFxA36r
2012-03-30 05:07 - 2012-03-30 05:07 - 0000000 ___AH C:\Users\All Users\-e8pkZwfbjFxA36
2012-03-30 05:07 - 2012-03-30 05:07 - 0000000 ___AH C:\ProgramData\-e8pkZwfbjFxA36
2012-03-30 04:56 - 2012-03-30 04:54 - 0317952 ___AH ( ) C:\Users\All Users\LurGImdondG.exe
2012-03-30 04:56 - 2012-03-30 04:54 - 0317952 ___AH ( ) C:\ProgramData\LurGImdondG.exe
2012-03-30 03:56 - 2012-03-30 03:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{F250FCD6-FB6E-428B-9092-7AB8102986A4}
2012-03-29 08:54 - 2012-03-30 03:55 - 0000380 ____A C:\Windows\Tasks\HPCeeScheduleForMaki Chiropractic.job
2012-03-29 08:42 - 2012-03-29 08:42 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{C7BEE9BD-5D5D-454D-87DF-9B47A4D63ABB}
2012-03-28 03:56 - 2012-03-28 03:57 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{14D053EF-84C2-4275-AB6A-08E343F0EF7F}
2012-03-28 03:56 - 2012-03-28 03:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{86F60C11-9812-4B4E-BA4C-ADE58567E1F3}
2012-03-27 08:50 - 2012-03-27 08:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{AB808B90-ECD1-4445-9E90-C6106AC0B8A3}
2012-03-27 08:50 - 2012-03-27 08:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{3FDC8CE0-B0CE-46EA-82D2-A38BD051D57D}
2012-03-26 05:58 - 2012-03-26 05:58 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{499A8AF9-A46C-458F-A125-E25D85906ADD}
2012-03-26 05:57 - 2012-03-26 05:58 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{015538F0-5DDC-4711-8E83-AB82FD876B2C}
2012-03-23 04:07 - 2012-03-23 04:08 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{2F4DF1DC-CDDE-40B6-AE54-7E281BB9DAE3}
2012-03-23 04:07 - 2012-03-23 04:07 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{2BA83915-6945-4318-A9BD-FC26507E6D6F}
2012-03-22 08:40 - 2012-03-22 08:40 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{5F1C65F4-0DF0-4F95-A790-14B7DD6CB635}
2012-03-22 08:40 - 2012-03-22 08:40 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{4A75128D-80C8-4197-8CF6-294EDFB25582}
2012-03-21 03:50 - 2012-03-21 03:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{1C283AE3-7187-4DB3-993A-D677FF4D3548}
2012-03-21 03:50 - 2012-03-21 03:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{0A116CE9-EECC-49E3-90CA-B9D8A38F33E4}
2012-03-20 07:37 - 2012-03-20 07:37 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{EDC48E37-F8F4-42DA-ACFB-82A3AA5574B8}
2012-03-20 07:37 - 2012-03-20 07:37 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{CBC4B92E-2962-402A-86A2-8AF679957F17}
2012-03-19 10:34 - 2012-03-19 10:34 - 0000000 ____D C:\Users\Maki Chiropractic\Desktop\PlatinumPlusNet_133
2012-03-19 10:24 - 2012-03-19 10:34 - 263548928 ____A C:\Users\Maki Chiropractic\Downloads\PlatinumPlusNet_133.exe
2012-03-19 05:56 - 2012-03-19 05:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{5ABA39F7-CFDA-485B-8B23-F7DDDEAE5D21}
2012-03-19 05:55 - 2012-03-19 05:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{C9C9B4AF-C9C1-4945-9EBD-0AAB04E19355}
2012-03-16 03:51 - 2012-03-16 03:52 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{1A62D937-D3F6-4A54-8F93-F11BA5A68764}
2012-03-16 03:51 - 2012-03-16 03:51 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{AADE7D3E-C469-4B95-B259-CA61D744EEB4}
2012-03-15 08:51 - 2012-03-15 08:51 - 9705472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 3695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2012-03-15 08:51 - 2012-03-15 08:51 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-03-15 08:51 - 2012-03-15 08:51 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-03-15 08:51 - 2012-03-15 08:51 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-03-15 08:51 - 2012-03-15 08:51 - 2308096 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 2144256 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1798656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1792000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 17790464 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1493504 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-03-15 08:51 - 2012-03-15 08:51 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-03-15 08:51 - 2012-03-15 08:51 - 1390080 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1345536 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 12282368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1127424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1103360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 10887168 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-03-15 08:51 - 2012-03-15 08:51 - 0434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-03-15 08:51 - 2012-03-15 08:51 - 0353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-03-15 08:51 - 2012-03-15 08:51 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0072822 ____A C:\Windows\SysWOW64\ieuinit.inf
2012-03-15 08:51 - 2012-03-15 08:51 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2012-03-15 08:51 - 2012-03-15 08:51 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2012-03-15 08:51 - 2012-03-15 08:51 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-03-15 08:47 - 2012-03-15 08:47 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{54B9D0A9-B28C-437B-99DB-BB86EEEFB97C}
2012-03-15 08:47 - 2012-03-15 08:47 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{0823F58B-E5F3-445F-A321-901F0E27BBD8}
2012-03-14 10:13 - 2011-11-19 07:20 - 5559152 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-03-14 10:13 - 2011-11-19 06:50 - 3968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-03-14 10:13 - 2011-11-19 06:50 - 3913584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-03-14 04:22 - 2012-02-09 22:36 - 1544192 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-03-14 04:22 - 2012-02-09 21:38 - 1077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-03-14 04:22 - 2012-02-02 20:34 - 3145728 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-03-14 04:22 - 2012-01-24 22:38 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-03-14 04:22 - 2012-01-24 22:38 - 0077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-03-14 04:22 - 2012-01-24 22:33 - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-03-14 04:21 - 2012-02-16 22:38 - 1031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-03-14 04:21 - 2012-02-16 21:34 - 0826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-03-14 04:21 - 2012-02-16 20:58 - 0210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-03-14 04:21 - 2012-02-16 20:57 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-03-14 04:18 - 2012-03-14 04:18 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{FA9455A7-06D4-434B-849D-074E7562B4F5}
2012-03-13 08:36 - 2012-03-13 08:36 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{FF7CCD1F-6F62-4DA7-B0EF-9EACA2B9C257}
2012-03-13 08:36 - 2012-03-13 08:36 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{00C85A1A-5C88-4FA1-871D-AEF4D8FBF134}
2012-03-12 05:59 - 2012-03-12 06:00 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{A753F1AC-8CD3-46FE-94D1-71E5C6E95BF9}
2012-03-12 05:59 - 2012-03-12 05:59 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{122D4B6D-6FF3-4289-BE93-DF2E5E580C34}
============ 3 Months Modified Files and Folders =============
2012-04-09 15:07 - 2012-04-09 15:06 - 0000000 ____D C:\FRST
2012-04-09 09:39 - 2011-03-05 11:13 - 0000000 ___HD C:\Users\All Users\Recovery
2012-04-09 09:39 - 2011-03-05 11:13 - 0000000 ___HD C:\ProgramData\Recovery
2012-04-02 10:46 - 2012-04-02 07:22 - 0000000 ____D C:\Users\All Users\HitmanPro
2012-04-02 10:46 - 2012-04-02 07:22 - 0000000 ____D C:\ProgramData\HitmanPro
2012-04-02 10:46 - 2012-03-30 10:35 - 0000000 ____D C:\Program Files (x86)\PC Tools
2012-04-02 10:46 - 2012-03-30 10:33 - 0000000 ___HD C:\Users\All Users\PC Tools
2012-04-02 10:46 - 2012-03-30 10:33 - 0000000 ___HD C:\ProgramData\PC Tools
2012-04-02 10:46 - 2012-03-30 10:18 - 0000000 ___SD C:\32788R22FWJFW
2012-04-02 10:46 - 2012-03-30 05:35 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-04-02 10:46 - 2011-08-08 08:44 - 0000000 ____D C:\Program Files (x86)\Coupons
2012-04-02 10:46 - 2011-05-23 06:44 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\Octoshape
2012-04-02 10:46 - 2011-04-20 19:08 - 0000000 ____D C:\Program Files (x86)\Java
2012-04-02 10:46 - 2011-02-20 10:56 - 0000000 ____D C:\users\QBDataServiceUser21
2012-04-02 10:46 - 2011-02-15 14:07 - 0000000 ____D C:\users\Maki Chiropractic
2012-04-02 10:46 - 2011-01-31 22:49 - 0000000 ___HD C:\Users\All Users\RoxioNow
2012-04-02 10:46 - 2011-01-31 22:49 - 0000000 ___HD C:\ProgramData\RoxioNow
2012-04-02 10:46 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2012-04-02 07:16 - 2012-03-30 05:32 - 0000403 ____A C:\rkill.log
2012-04-02 06:05 - 2012-04-02 06:04 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{06A3BA95-3114-4B21-B506-381054814463}
2012-04-02 06:04 - 2011-10-06 12:16 - 0000000 ____D C:\Users\Maki Chiropractic\Tracing
2012-04-02 06:03 - 2011-02-01 01:36 - 334979072 __ASH C:\hiberfil.sys
2012-04-02 01:53 - 2012-04-02 01:53 - 0000000 ____D C:\e0f64173c113f4fb89
2012-04-02 01:52 - 2011-01-31 22:30 - 1072963 ____A C:\Windows\WindowsUpdate.log
2012-04-02 01:11 - 2011-03-20 18:31 - 0000956 ___AH C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-612660174-3317846808-1130094984-1001UA.job
2012-04-01 14:50 - 2012-03-30 09:22 - 0000000 ____D C:\Windows\System32\Drivers\AVG
2012-04-01 14:50 - 2012-03-30 09:13 - 0000000 ___HD C:\Users\All Users\MFAData
2012-04-01 14:50 - 2012-03-30 09:13 - 0000000 ___HD C:\ProgramData\MFAData
2012-04-01 12:05 - 2009-07-13 20:45 - 0015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-04-01 12:05 - 2009-07-13 20:45 - 0015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-04-01 12:03 - 2009-07-13 21:13 - 0796392 ____A C:\Windows\System32\PerfStringBackup.INI
2012-04-01 11:59 - 2012-03-30 10:34 - 2530849 ____A C:\Windows\System32\Drivers\Cat.DB
2012-04-01 11:57 - 2011-08-11 08:19 - 0016857 ____A C:\Windows\setupact.log
2012-04-01 11:57 - 2011-05-01 15:31 - 0000340 ___AH C:\Windows\Brownie.ini
2012-04-01 11:57 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-04-01 08:20 - 2012-04-01 08:20 - 0000000 ____A C:\Users\Maki Chiropractic\Downloads\HitmanPro36_x64.exe
2012-04-01 08:03 - 2012-04-01 08:03 - 2068016 ____A (Kaspersky Lab ZAO) C:\Users\Maki Chiropractic\Downloads\tdsskiller.exe
2012-04-01 07:47 - 2012-04-01 07:47 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{B0EA8FDA-699E-48B4-AEEA-6D6D43867EC2}
2012-04-01 07:45 - 2012-03-30 05:11 - 0004558 ____A C:\Windows\PFRO.log
2012-04-01 07:25 - 2011-04-26 17:28 - 0000000 ___HD C:\SOAPe Platinum Plus
2012-03-31 09:11 - 2011-03-20 18:31 - 0000904 ___AH C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-612660174-3317846808-1130094984-1001Core.job
2012-03-31 07:26 - 2012-03-31 07:22 - 0001557 ____A C:\Users\Maki Chiropractic\Desktop\sdsetup.exe.lnk
2012-03-31 07:22 - 2012-03-31 07:22 - 0002243 ____A C:\Users\Public\Desktop\PC Tools Spyware Doctor.lnk
2012-03-31 07:21 - 2012-03-31 07:21 - 3834832 ____A (PC Tools) C:\Users\Maki Chiropractic\Downloads\sdsetup.exe
2012-03-31 07:21 - 2012-03-30 11:21 - 0389024 ____A (Bleeping Computer, LLC) C:\Users\Maki Chiropractic\Downloads\unhide.exe
2012-03-31 07:20 - 2012-03-31 07:20 - 0000248 ____A C:\Windows\System32\Drivers\kgpcpy.cfg
2012-03-31 07:18 - 2012-03-31 07:17 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{9162EB5B-9681-4096-A0F4-7444AAEF5823}
2012-03-30 10:37 - 2011-02-15 14:14 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\VirtualStore
2012-03-30 10:33 - 2012-03-30 10:33 - 3835344 ____A (PC Tools) C:\Users\Maki Chiropractic\Downloads\spyware-doctor.exe
2012-03-30 10:33 - 2012-03-30 10:33 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\TestApp
2012-03-30 10:30 - 2012-03-30 09:18 - 2068016 ____A (Kaspersky Lab ZAO) C:\Users\Maki Chiropractic\Desktop\abc123.exe
2012-03-30 10:19 - 2012-03-30 10:19 - 0000000 ___HD C:\Qoobox
2012-03-30 09:31 - 2012-03-30 09:22 - 0000000 ___HD C:\Users\All Users\AVG2012
2012-03-30 09:31 - 2012-03-30 09:22 - 0000000 ___HD C:\ProgramData\AVG2012
2012-03-30 09:23 - 2012-03-30 09:23 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\AVG2012
2012-03-30 09:22 - 2012-03-30 09:22 - 0000000 ___HD C:\$AVG
2012-03-30 09:22 - 2012-03-30 09:22 - 0000000 ____D C:\Windows\SysWOW64\Drivers\AVG
2012-03-30 09:22 - 2012-03-30 09:22 - 0000000 ____D C:\Program Files (x86)\AVG
2012-03-30 09:20 - 2011-02-15 14:46 - 0002121 ____A C:\Windows\epplauncher.mif
2012-03-30 09:13 - 2011-02-15 14:45 - 0000000 ____D C:\Program Files\Microsoft Security Client
2012-03-30 09:13 - 2009-07-13 19:20 - 0000000 ___HD C:\Windows\System32\GroupPolicy
2012-03-30 08:04 - 2012-03-30 08:04 - 15674504 ____A (SUPERAntiSpyware.com) C:\Users\Maki Chiropractic\Downloads\SUPERAntiSpyware.exe
2012-03-30 08:01 - 2012-03-30 08:01 - 0000000 ____D C:\Users\Maki Chiropractic\Downloads\tdsskiller
2012-03-30 08:00 - 2012-03-30 08:00 - 2048299 ____A C:\Users\Maki Chiropractic\Downloads\tdsskiller.zip
2012-03-30 07:52 - 2011-05-16 08:03 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\CrashDumps
2012-03-30 07:34 - 2012-03-30 05:21 - 1008141 ____A C:\Users\Maki Chiropractic\Downloads\iExplore.exe.com
2012-03-30 07:29 - 2012-03-30 07:29 - 0042628 ____A C:\Windows\ntbtlog.txt
2012-03-30 06:56 - 2012-03-30 06:54 - 0002462 ____A C:\Users\Maki Chiropractic\Desktop\unhide.txt
2012-03-30 06:32 - 2012-03-30 05:33 - 9502424 ____A (Malwarebytes Corporation ) C:\Users\Maki Chiropractic\Desktop\mbam--setup-1.60.1.1000.exe
2012-03-30 06:27 - 2012-03-30 05:30 - 1008141 ____A C:\Users\Maki Chiropractic\Desktop\malware.exe
2012-03-30 06:24 - 2012-03-30 06:24 - 0000000 __SHD C:\found.000
2012-03-30 05:35 - 2012-03-30 06:33 - 0001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-03-30 05:35 - 2012-03-30 05:35 - 0000000 ___HD C:\Users\All Users\Malwarebytes
2012-03-30 05:35 - 2012-03-30 05:35 - 0000000 ___HD C:\ProgramData\Malwarebytes
2012-03-30 05:35 - 2012-03-30 05:35 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\Malwarebytes
2012-03-30 05:07 - 2012-03-30 05:07 - 0243200 ___AH ( ) C:\Users\All Users\e8pkZwfbjFxA36.exe
2012-03-30 05:07 - 2012-03-30 05:07 - 0243200 ___AH ( ) C:\ProgramData\e8pkZwfbjFxA36.exe
2012-03-30 05:07 - 2012-03-30 05:07 - 0000256 ___AH C:\Users\All Users\e8pkZwfbjFxA36
2012-03-30 05:07 - 2012-03-30 05:07 - 0000256 ___AH C:\ProgramData\e8pkZwfbjFxA36
2012-03-30 05:07 - 2012-03-30 05:07 - 0000208 ___AH C:\Users\All Users\-e8pkZwfbjFxA36r
2012-03-30 05:07 - 2012-03-30 05:07 - 0000208 ___AH C:\ProgramData\-e8pkZwfbjFxA36r
2012-03-30 05:07 - 2012-03-30 05:07 - 0000000 ___AH C:\Users\All Users\-e8pkZwfbjFxA36
2012-03-30 05:07 - 2012-03-30 05:07 - 0000000 ___AH C:\ProgramData\-e8pkZwfbjFxA36
2012-03-30 04:57 - 2011-12-01 13:18 - 0157472 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2012-03-30 04:57 - 2011-12-01 13:18 - 0149280 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2012-03-30 04:57 - 2011-12-01 13:18 - 0149280 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2012-03-30 04:57 - 2011-04-20 20:57 - 0472808 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2012-03-30 04:54 - 2012-03-30 04:56 - 0317952 ___AH ( ) C:\Users\All Users\LurGImdondG.exe
2012-03-30 04:54 - 2012-03-30 04:56 - 0317952 ___AH ( ) C:\ProgramData\LurGImdondG.exe
2012-03-30 03:56 - 2012-03-30 03:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{F250FCD6-FB6E-428B-9092-7AB8102986A4}
2012-03-30 03:55 - 2012-03-29 08:54 - 0000380 ____A C:\Windows\Tasks\HPCeeScheduleForMaki Chiropractic.job
2012-03-29 09:56 - 2011-02-15 15:19 - 0000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2012-03-29 08:53 - 2011-11-03 09:11 - 0000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2012-03-29 08:53 - 2011-02-16 14:51 - 0000052 ____A C:\Windows\SysWOW64\DOErrors.log
2012-03-29 08:52 - 2011-02-16 14:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\HP Support Assistant
2012-03-29 08:52 - 2011-02-15 19:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\HpUpdate
2012-03-29 08:42 - 2012-03-29 08:42 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{C7BEE9BD-5D5D-454D-87DF-9B47A4D63ABB}
2012-03-28 04:56 - 2011-01-31 22:50 - 0000000 ___HD C:\Users\All Users\PDFC
2012-03-28 04:56 - 2011-01-31 22:50 - 0000000 ___HD C:\ProgramData\PDFC
2012-03-28 03:57 - 2012-03-28 03:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{14D053EF-84C2-4275-AB6A-08E343F0EF7F}
2012-03-28 03:56 - 2012-03-28 03:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{86F60C11-9812-4B4E-BA4C-ADE58567E1F3}
2012-03-28 03:56 - 2011-05-05 11:22 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\Windows Live
2012-03-27 14:48 - 2011-05-06 08:54 - 0000000 ____D C:\Users\Maki Chiropractic\Documents\Quickbooks Backup
2012-03-27 08:50 - 2012-03-27 08:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{AB808B90-ECD1-4445-9E90-C6106AC0B8A3}
2012-03-27 08:50 - 2012-03-27 08:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{3FDC8CE0-B0CE-46EA-82D2-A38BD051D57D}
2012-03-26 13:57 - 2011-03-09 21:39 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\SoftGrid Client
2012-03-26 05:58 - 2012-03-26 05:58 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{499A8AF9-A46C-458F-A125-E25D85906ADD}
2012-03-26 05:58 - 2012-03-26 05:57 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{015538F0-5DDC-4711-8E83-AB82FD876B2C}
2012-03-23 09:07 - 2011-03-20 18:31 - 0002462 ____A C:\Users\Maki Chiropractic\Desktop\Google Chrome.lnk
2012-03-23 04:08 - 2012-03-23 04:07 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{2F4DF1DC-CDDE-40B6-AE54-7E281BB9DAE3}
2012-03-23 04:07 - 2012-03-23 04:07 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{2BA83915-6945-4318-A9BD-FC26507E6D6F}
2012-03-22 08:40 - 2012-03-22 08:40 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{5F1C65F4-0DF0-4F95-A790-14B7DD6CB635}
2012-03-22 08:40 - 2012-03-22 08:40 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{4A75128D-80C8-4197-8CF6-294EDFB25582}
2012-03-21 03:50 - 2012-03-21 03:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{1C283AE3-7187-4DB3-993A-D677FF4D3548}
2012-03-21 03:50 - 2012-03-21 03:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{0A116CE9-EECC-49E3-90CA-B9D8A38F33E4}
2012-03-20 07:38 - 2011-02-15 14:35 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-03-20 07:37 - 2012-03-20 07:37 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{EDC48E37-F8F4-42DA-ACFB-82A3AA5574B8}
2012-03-20 07:37 - 2012-03-20 07:37 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{CBC4B92E-2962-402A-86A2-8AF679957F17}
2012-03-19 10:38 - 2012-03-30 06:56 - 0002561 ____A C:\Users\Public\Desktop\SOAPe Platinum Plus.lnk
2012-03-19 10:34 - 2012-03-19 10:34 - 0000000 ____D C:\Users\Maki Chiropractic\Desktop\PlatinumPlusNet_133
2012-03-19 10:34 - 2012-03-19 10:24 - 263548928 ____A C:\Users\Maki Chiropractic\Downloads\PlatinumPlusNet_133.exe
2012-03-19 10:16 - 2011-05-06 08:51 - 0000000 ____D C:\Users\Maki Chiropractic\Documents\Soape Backup
2012-03-19 09:30 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\rescache
2012-03-19 05:56 - 2012-03-19 05:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{5ABA39F7-CFDA-485B-8B23-F7DDDEAE5D21}
2012-03-19 05:56 - 2012-03-19 05:55 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{C9C9B4AF-C9C1-4945-9EBD-0AAB04E19355}
2012-03-16 03:52 - 2012-03-16 03:51 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{1A62D937-D3F6-4A54-8F93-F11BA5A68764}
2012-03-16 03:51 - 2012-03-16 03:51 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{AADE7D3E-C469-4B95-B259-CA61D744EEB4}
2012-03-15 14:46 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\PolicyDefinitions
2012-03-15 08:51 - 2012-03-15 08:51 - 9705472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 3695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2012-03-15 08:51 - 2012-03-15 08:51 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-03-15 08:51 - 2012-03-15 08:51 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-03-15 08:51 - 2012-03-15 08:51 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-03-15 08:51 - 2012-03-15 08:51 - 2308096 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 2144256 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1798656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1792000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 17790464 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1493504 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-03-15 08:51 - 2012-03-15 08:51 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-03-15 08:51 - 2012-03-15 08:51 - 1390080 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1345536 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 12282368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1127424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1103360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 10887168 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-03-15 08:51 - 2012-03-15 08:51 - 0434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-03-15 08:51 - 2012-03-15 08:51 - 0353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-03-15 08:51 - 2012-03-15 08:51 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0072822 ____A C:\Windows\SysWOW64\ieuinit.inf
2012-03-15 08:51 - 2012-03-15 08:51 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2012-03-15 08:51 - 2012-03-15 08:51 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2012-03-15 08:51 - 2012-03-15 08:51 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-03-15 08:51 - 2011-09-14 07:30 - 0011925 ____A C:\Windows\IE9_main.log
2012-03-15 08:47 - 2012-03-15 08:47 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{54B9D0A9-B28C-437B-99DB-BB86EEEFB97C}
2012-03-15 08:47 - 2012-03-15 08:47 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{0823F58B-E5F3-445F-A321-901F0E27BBD8}
2012-03-15 08:45 - 2009-07-13 20:45 - 0293832 ____A C:\Windows\System32\FNTCACHE.DAT
2012-03-14 04:18 - 2012-03-14 04:18 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{FA9455A7-06D4-434B-849D-074E7562B4F5}
2012-03-13 08:36 - 2012-03-13 08:36 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{FF7CCD1F-6F62-4DA7-B0EF-9EACA2B9C257}
2012-03-13 08:36 - 2012-03-13 08:36 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{00C85A1A-5C88-4FA1-871D-AEF4D8FBF134}
2012-03-12 06:00 - 2012-03-12 05:59 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{A753F1AC-8CD3-46FE-94D1-71E5C6E95BF9}
2012-03-12 05:59 - 2012-03-12 05:59 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{122D4B6D-6FF3-4289-BE93-DF2E5E580C34}
2012-03-09 05:10 - 2012-03-09 05:10 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{DB21CE55-437A-48D5-9D53-430B6364639B}
2012-03-09 05:10 - 2012-03-09 05:10 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{7E6683ED-97BA-4279-9672-3B5A3BD32F4E}
2012-03-08 09:36 - 2012-03-08 09:36 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{84127C5D-DCBD-44D9-8912-2807D8C5874F}
2012-03-07 06:53 - 2011-05-02 05:53 - 0000344 ____A C:\Windows\Tasks\HPCeeScheduleForFRONTDESK$.job
2012-03-07 05:27 - 2012-03-07 05:27 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{F887D1BC-E27D-465E-A498-EB1E6BC2F45B}
2012-03-07 05:27 - 2012-03-07 05:27 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{9E325D3C-CCA7-40FE-BD04-70E9934D97DF}
2012-03-06 10:06 - 2012-03-06 10:06 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{90C9BA3D-4647-43D4-8551-68E5D6BAF613}
2012-03-06 10:06 - 2012-03-06 10:06 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{6224E3D9-FBE5-459A-AEAD-4E421DEE04B1}
2012-03-05 07:04 - 2012-03-05 07:04 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{8299F9CE-5D40-4481-9C18-309E2EA43BCC}
2012-03-05 07:04 - 2012-03-05 07:03 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{527E10B6-69AD-45FB-8B82-451D4175A2A5}
2012-03-04 14:19 - 2011-02-15 14:39 - 56297240 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-03-04 13:23 - 2012-03-30 06:41 - 54215544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe
2012-03-04 07:05 - 2012-03-04 07:05 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{73361767-B507-48DB-B2CA-A31529C98CFD}
2012-03-04 07:05 - 2012-03-04 07:05 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{5A7A0225-6479-450D-83DB-2E98EC8D31CD}
2012-03-02 05:09 - 2012-03-02 05:09 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{2329D020-6D6C-4E9B-AF75-7AC44626C5B2}
2012-03-02 05:09 - 2012-03-02 05:09 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{13B766B1-5666-4FB7-8FB8-7F1910C213E2}
2012-03-01 09:50 - 2012-03-01 09:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{7D8FA45F-82BA-4DD2-B4CB-7FC9B9EB0579}
2012-03-01 09:50 - 2012-03-01 09:49 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{6F646A63-863C-4C00-8E60-891AF6EDB78F}
2012-02-29 05:39 - 2012-02-29 05:39 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{D9BC5548-20BE-4171-A5CB-E9E26ED1C59C}
2012-02-29 05:39 - 2012-02-29 05:39 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{0A0C69C6-70B9-4C64-AFDD-1FCDCD33706D}
2012-02-28 09:55 - 2012-02-28 09:55 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{E45979F9-44EA-4926-9960-23E12136DBEF}
2012-02-28 09:55 - 2012-02-28 09:55 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{46DA93F3-8959-4706-973F-D68D19D3C818}
2012-02-27 07:01 - 2012-02-27 07:01 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{E03D3D6F-DB86-4633-8484-113048BD0113}
2012-02-27 07:01 - 2012-02-27 07:01 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{C45AE8E7-A4E0-41E4-93BA-927DCAC5D500}
2012-02-24 07:37 - 2012-03-30 10:35 - 0092896 ____A (PC Tools) C:\Windows\System32\Drivers\pctplsg64.sys
2012-02-24 07:36 - 2012-03-30 10:34 - 0230952 ____A (PC Tools) C:\Windows\System32\Drivers\PCTSD64.sys
2012-02-24 07:35 - 2012-03-30 10:35 - 0014776 ____A (PC Tools) C:\Windows\System32\Drivers\pctBTFix64.sys
2012-02-24 07:31 - 2012-03-30 10:36 - 0339608 ____A (PC Tools) C:\Windows\System32\Drivers\pctgntdi64.sys
2012-02-24 07:31 - 2012-03-30 10:36 - 0145432 ____A (PC Tools) C:\Windows\System32\Drivers\pctwfpfilter64.sys
2012-02-24 06:16 - 2012-03-31 07:27 - 0706776 ____S (PC Tools) C:\Windows\System32\Drivers\TfSysMon.sys
2012-02-24 06:16 - 2012-03-31 07:27 - 0065664 ____S (PC Tools) C:\Windows\System32\Drivers\TfFsMon.sys
2012-02-24 06:16 - 2012-03-31 07:27 - 0041968 ____S (PC Tools) C:\Windows\System32\Drivers\TfNetMon.sys
2012-02-24 04:46 - 2012-02-24 04:46 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{E14A454C-80B1-44AC-887B-97A061B0A4C2}
2012-02-24 04:46 - 2012-02-24 04:46 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{D339F7F6-9569-47FC-98FB-B060B142F407}
2012-02-23 09:27 - 2011-05-16 09:08 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-02-23 09:26 - 2012-02-23 09:26 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{A7F55CE1-E1CC-4021-8266-1759115D7173}
2012-02-23 09:26 - 2012-02-23 09:26 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{522B6EEC-C202-4B43-9516-C8872DE1ED38}
2012-02-23 06:18 - 2011-02-15 14:24 - 0279656 ____A (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2012-02-22 04:56 - 2012-02-22 04:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{81C3657B-F028-4578-B0F6-1F9DE0D0EFF9}
2012-02-22 04:56 - 2012-02-22 04:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{0622DC52-025D-4A15-8588-2C967DE130B8}
2012-02-22 02:25 - 2012-02-22 02:25 - 0382032 ____A (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgtdia.sys
2012-02-22 02:25 - 2012-02-22 02:25 - 0289872 ____A (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgldx64.sys
2012-02-20 14:53 - 2012-02-20 14:53 - 0111300 ____A C:\Users\Maki Chiropractic\Downloads\Color Logo WP.jpg
2012-02-20 14:50 - 2012-02-20 14:50 - 0128628 ____A C:\Users\Maki Chiropractic\Downloads\Color Logo WP
2012-02-20 14:17 - 2012-02-20 14:17 - 0138625 ____A C:\Users\Maki Chiropractic\Downloads\Color Logo MC (920x414).jpg
2012-02-20 08:21 - 2012-02-20 08:21 - 0757858 ____A C:\Users\Maki Chiropractic\Downloads\8245120230048120_02-18-2012.pdf
2012-02-20 05:12 - 2012-02-20 05:12 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{BDA1AECB-5846-47E4-ABEF-C241EA6103EB}
2012-02-20 05:12 - 2012-02-20 05:12 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{9D0A4DFC-A4A7-43CA-A8B3-4B8BE0D78729}
2012-02-17 12:08 - 2012-03-30 10:36 - 2250704 ____A (Threat Expert Ltd.) C:\Windows\PCTBDCore.dll0326.old
2012-02-17 12:08 - 2012-03-30 10:36 - 2250704 ____A (Threat Expert Ltd.) C:\Windows\PCTBDCore.dll
2012-02-17 12:08 - 2012-03-30 10:36 - 1681360 ____A (Threat Expert Ltd.) C:\Windows\PCTBDRes.dll
2012-02-17 12:08 - 2012-03-30 10:36 - 0767952 ____A C:\Windows\BDTSupport.dll0326.old
2012-02-17 12:08 - 2012-03-30 10:36 - 0767952 ____A C:\Windows\BDTSupport.dll
2012-02-17 12:08 - 2012-03-30 10:36 - 0149456 ____A (PC Tools) C:\Windows\SGDetectionTool.dll0326.old
2012-02-17 12:08 - 2012-03-30 10:36 - 0149456 ____A (PC Tools) C:\Windows\SGDetectionTool.dll
2012-02-17 04:46 - 2012-02-17 04:46 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{F9E5224C-B083-48E6-9BD7-B73B9233F0EE}
2012-02-17 04:46 - 2012-02-17 04:46 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{0508681A-DCF6-487A-AB04-5F1051A548FA}
2012-02-17 04:46 - 2011-08-18 13:23 - 0000000 ___RD C:\Users\Maki Chiropractic\Podcasts
2012-02-17 04:46 - 2011-02-15 14:14 - 0000174 ___SH C:\Users\Maki Chiropractic\Start Menu\Programs\Startup\desktop.ini
2012-02-17 04:46 - 2011-02-15 14:14 - 0000174 ___SH C:\Users\Maki Chiropractic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-02-16 22:38 - 2012-03-14 04:21 - 1031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-02-16 21:34 - 2012-03-14 04:21 - 0826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-02-16 20:58 - 2012-03-14 04:21 - 0210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-02-16 20:57 - 2012-03-14 04:21 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-02-16 15:53 - 2011-03-09 21:38 - 0000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2012-02-16 15:53 - 2011-02-15 14:45 - 0812596 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-02-16 15:53 - 2011-01-31 22:58 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-02-16 07:50 - 2012-02-16 07:50 - 2541056 ____A C:\Users\Maki Chiropractic\Maki Chiropractic (Portable).QBM
2012-02-16 07:49 - 2012-02-16 07:48 - 11436032 ____A C:\Users\Maki Chiropractic\Maki Chiropractic (Backup Feb 16,2012 09 48 AM).QBB
2012-02-16 07:41 - 2012-02-16 07:41 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{A28962ED-4629-4D63-B708-0AF85C6ED5D1}
2012-02-16 07:41 - 2012-02-16 07:41 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{87DFEB9F-89E5-4E9D-80CA-38B039169322}
2012-02-15 05:54 - 2012-02-15 05:54 - 0022401 ____A C:\Users\Maki Chiropractic\Downloads\PPO Radiology Management Program - Provider Specialty Privileging Exempt Counties chart.pdf
2012-02-15 05:04 - 2012-02-15 05:04 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{426D6C10-D5F5-4E14-AF21-C40F4139A598}
2012-02-15 05:04 - 2012-02-15 05:04 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{238E8D09-50C8-4B0E-85A9-E3AFD1E76E7D}
2012-02-14 09:56 - 2012-02-14 09:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{E2A16B71-E464-48B1-B783-3027FCD38D27}
2012-02-14 09:56 - 2012-02-14 09:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{2147DB16-956E-4F13-B20A-D9DD4C90DE6D}
2012-02-13 09:14 - 2012-02-13 09:14 - 0041795 ____A C:\Users\Maki Chiropractic\Documents\Statement Strauss.pdf
2012-02-13 09:14 - 2011-02-15 14:14 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\PDFC
2012-02-13 07:48 - 2012-02-13 07:48 - 0353432 ____A C:\Users\Maki Chiropractic\Downloads\Maki Chiropractic Informed Consent (2).pdf
2012-02-13 07:04 - 2012-02-13 07:04 - 0000000 ___HD C:\Users\All Users\ATI
2012-02-13 07:04 - 2012-02-13 07:04 - 0000000 ___HD C:\ProgramData\ATI
2012-02-13 07:04 - 2012-02-13 07:04 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{F975E9B0-9127-4CA0-A153-554CAC6E9319}
2012-02-13 07:04 - 2012-02-13 07:04 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{F58BF637-5E0F-4639-B527-686DD8B8B8B4}
2012-02-13 07:03 - 2011-04-20 18:30 - 0159880 ____A C:\Windows\System32\log.xml
2012-02-10 06:39 - 2011-05-18 06:35 - 0000000 ____D C:\Program Files (x86)\ATI Technologies
2012-02-10 06:38 - 2011-05-18 06:35 - 0000000 ____D C:\Program Files\ATI Technologies
2012-02-10 06:37 - 2010-06-14 18:07 - 0000000 __AHD C:\swsetup
2012-02-10 04:12 - 2012-02-10 04:12 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{6F27EBAC-769A-4BA3-BA2E-9E6FF8A08FDF}
2012-02-10 04:12 - 2012-02-10 04:12 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{00177AF2-E49E-402E-B808-7677D5BC7AF7}
2012-02-10 04:08 - 2009-07-13 21:08 - 0032528 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-02-09 22:36 - 2012-03-14 04:22 - 1544192 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-02-09 21:38 - 2012-03-14 04:22 - 1077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-02-09 09:28 - 2012-02-09 09:28 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{FE533516-2DBE-40CF-B6AE-7C1CA948926C}
2012-02-09 09:28 - 2012-02-09 09:28 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{C20F1A1E-E977-4D23-9108-91306D49E351}
2012-02-08 03:48 - 2012-02-08 03:48 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{E6FC5171-AB0B-4968-8BC5-098C52F1BCDC}
2012-02-08 03:48 - 2012-02-08 03:48 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{BC36FD27-D7C0-421B-BEF1-A56C20B08E1E}
2012-02-07 13:21 - 2012-02-07 13:21 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{C8A72958-FC86-45B6-B3B8-7E35CC71C2C6}
2012-02-07 13:21 - 2012-02-07 13:21 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{70E95FE8-FCD9-4A4B-9B69-8EEBFDDFB7D6}
2012-02-06 05:07 - 2012-02-06 05:06 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{936E6F01-B1DA-4356-BEF9-BDD8C58E4784}
2012-02-06 05:06 - 2012-02-06 05:06 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{22F5D370-9228-451B-82CC-C05E3BC16255}
2012-02-03 05:13 - 2012-02-03 05:12 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{B6D8181F-74FF-4553-8A6B-5167EAD07117}
2012-02-03 05:12 - 2012-02-03 05:12 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{1E7C003B-0916-43D3-86DC-CA7AB7E147E1}
2012-02-02 20:34 - 2012-03-14 04:22 - 3145728 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-02-02 11:57 - 2011-01-31 22:29 - 0000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2012-02-02 11:57 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Help
2012-02-02 11:54 - 2012-03-30 06:56 - 0002181 ____A C:\Users\Public\Desktop\HP Support Assistant.lnk
2012-02-02 11:54 - 2011-01-31 22:28 - 0000000 ____D C:\Program Files (x86)\Hewlett-Packard
2012-02-02 11:53 - 2012-02-02 11:53 - 0000000 ___HD C:\Users\All Users\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2012-02-02 11:53 - 2012-02-02 11:53 - 0000000 ___HD C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2012-02-02 09:29 - 2012-02-02 09:28 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{7628E899-7787-4725-8EFC-E618FD288322}
2012-02-02 09:28 - 2012-02-02 09:28 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{97ECD5F2-B04A-4501-9B89-49D637DC08FA}
2012-02-01 05:18 - 2012-02-01 05:18 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{89BDD945-E0A6-4D28-8D19-367CD4276C86}
2012-02-01 05:18 - 2012-02-01 05:18 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{5C4FF753-F91B-4F63-B10F-D70740E9F0F9}
2012-01-31 10:15 - 2012-01-31 10:15 - 0000000 ____D C:\Program Files (x86)\MagTek
2012-01-31 01:46 - 2012-01-31 01:46 - 0036944 ____A (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgrkx64.sys
2012-01-30 07:09 - 2012-01-30 07:08 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{3BFDB4BB-9A3C-4E52-9B61-5064EBAFFDE4}
2012-01-30 07:08 - 2012-01-30 07:08 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{CC1151B2-4EA4-4798-993C-8C9EDBD2E946}
2012-01-28 08:51 - 2012-01-28 08:51 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{EE74DFAB-A96A-446D-A357-A42F34D95830}
2012-01-28 08:51 - 2012-01-28 08:51 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{8DD077B1-FA7E-4F39-87A3-7420396437CF}
2012-01-27 05:13 - 2012-01-27 05:13 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{7DDEB407-3FB4-4EFC-A1FB-DB30D44E4378}
2012-01-27 05:13 - 2012-01-27 05:12 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{2E336786-3214-48B1-91D3-7CD93E91EEFE}
2012-01-26 09:49 - 2012-01-26 09:49 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{C6962DC4-E7DE-44D1-B546-2E31A5046B86}
2012-01-26 09:49 - 2012-01-26 09:49 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{82B5FC76-7AA5-4934-A245-DE4657142F6D}
2012-01-25 05:35 - 2012-01-25 05:35 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{B7DF8FE5-4D31-466D-8CFC-980A37978CCF}
2012-01-25 05:35 - 2012-01-25 05:35 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{A17EB6AC-0E12-460D-86DC-415C40CA7CE2}
2012-01-24 22:38 - 2012-03-14 04:22 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-01-24 22:38 - 2012-03-14 04:22 - 0077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-01-24 22:33 - 2012-03-14 04:22 - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-01-24 10:04 - 2012-01-24 10:04 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{0A52EDD3-2BD6-4F45-BEA9-4AAC5F89F742}
2012-01-23 08:18 - 2012-01-23 08:18 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{827DE88F-78B6-438B-A03C-255919CB9BC3}
2012-01-23 08:18 - 2012-01-23 08:18 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{3A184DC8-1C6B-4EB7-AF78-BB8C93BD7013}
2012-01-20 05:18 - 2012-01-20 05:18 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{C81B8876-C181-4984-A00F-236648A72049}
2012-01-20 05:18 - 2012-01-20 05:18 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{5330187B-F2A8-4FCC-9A03-01F9423BCA1A}
2012-01-19 09:43 - 2012-01-19 09:43 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{E9AA0482-63D8-4CAE-A9F7-40C5B8CDD066}
2012-01-19 09:43 - 2012-01-19 09:43 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{5FE2AD86-DB15-4B78-AD8E-8C91AB4AAC0E}
2012-01-19 09:42 - 2011-02-15 14:13 - 0068216 ____A C:\Users\Maki Chiropractic\AppData\Local\GDIPFONTCACHEV1.DAT
2012-01-19 07:22 - 2012-01-19 07:22 - 0045936 ___RA (GFI Software) C:\Windows\System32\SBBD.EXE
2012-01-18 08:52 - 2012-01-18 08:52 - 0000000 ___HD C:\Users\All Users\Microsoft Help
2012-01-18 08:52 - 2012-01-18 08:52 - 0000000 ___HD C:\ProgramData\Microsoft Help
2012-01-18 08:52 - 2012-01-18 08:52 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\Microsoft Help
2012-01-18 04:59 - 2012-01-18 04:59 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{97327360-5783-43C1-AAA2-A18B4195D946}
2012-01-18 04:59 - 2012-01-18 04:59 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{400276BC-9445-4673-B780-476B0347F461}
2012-01-17 10:15 - 2012-01-17 10:15 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{FB8C1EBB-E07C-44B8-94C9-3D229B7C73A2}
2012-01-17 10:15 - 2012-01-17 10:15 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{942E137F-B48E-4C01-92A7-932553385B10}
2012-01-16 07:12 - 2012-01-16 07:12 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{B76EAF60-D3E5-4EE0-A8F8-AAB53FEDA1F1}
2012-01-16 07:12 - 2012-01-16 07:11 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{B81E8781-DD41-4C74-91B2-963B15C1983B}
2012-01-13 05:30 - 2012-01-13 05:30 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{5A37A37B-7006-4CFD-9D79-B7853915AD0B}
2012-01-13 05:30 - 2012-01-13 05:30 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{33968036-2D83-4ECD-B4E1-5C4E12FB009C}
2012-01-12 09:49 - 2012-01-12 09:49 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{D07E8B7E-DF0A-4DD2-8035-DF17C6052EBB}
2012-01-12 09:49 - 2012-01-12 09:49 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{8FDBA29C-E483-4D59-9440-189168AC9618}
2012-01-12 06:28 - 2012-03-30 10:49 - 0057976 ___RA (GFI Software) C:\Windows\System32\Drivers\SBREDrv.sys
2012-01-11 05:11 - 2012-01-11 05:11 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{CD4E295F-B538-4D50-AC4A-8EE12CDE898C}
2012-01-11 05:11 - 2012-01-11 05:11 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{6DCBE472-F1D4-4DAA-9846-52178556DEAC}
========================= Known DLLs (Whitelisted) ============
========================= Bamital & volsnap Check ============
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
========================= Memory info ======================
Percentage of memory in use: 15%
Total physical RAM: 5887.29 MB
Available physical RAM: 4970.46 MB
Total Pagefile: 5885.43 MB
Available Pagefile: 4943.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
======================= Partitions =========================
1 Drive c: (OS) (Fixed) (Total:918.5 GB) (Free:847.91 GB) NTFS
2 Drive e: (HP_RECOVERY) (Fixed) (Total:12.91 GB) (Free:1.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive g: (HD-PCTU2) (Fixed) (Total:298.09 GB) (Free:242.83 GB) NTFS
9 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
10 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 8 MB
Disk 1 Online 298 GB 1024 KB
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 No Media 0 B 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 918 GB 101 MB
Partition 3 Primary 12 GB 918 GB
======================================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy
======================================================================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 918 GB Healthy
======================================================================================================
Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E HP_RECOVERY NTFS Partition 12 GB Healthy
======================================================================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 298 GB 32 KB
======================================================================================================
Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G HD-PCTU2 NTFS Partition 298 GB Healthy
======================================================================================================
==========================================================
Last Boot: 2012-03-30 12:26
======================= End Of Log ==========================
Ran by SYSTEM at 09-04-2012 15:07:02
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001
========================== Registry (Whitelisted) =============
HKLM\...\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background [611896 2010-09-15] ()
HKLM\...\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe" [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup [2215768 2011-09-30] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [847872 2009-12-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [BrStsWnd] C:\Program Files (x86)\Brownie\BrstsW64.exe Autorun [3695928 2009-08-19] (brother)
HKLM-x32\...\Run: [BuffaloTools] C:\Program Files (x86)\BUFFALO\BuffaloTools\BuffaloTools.exe [169336 2010-10-18] (BUFFALO INC.)
HKLM-x32\...\Run: [Backup Utility TaskTray Tool] "C:\Program Files (x86)\BUFFALO\Backup_Utility\BUTray.exe" [1828216 2010-10-24] (BUFFALO INC.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2011-10-09] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [343168 2011-10-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" [2575712 2012-02-16] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ISTray] "C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe" /hideGUI [2659768 2012-02-24] (PC Tools)
HKU\Maki Chiropractic\...\Run: [Google Update] "C:\Users\Maki Chiropractic\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-03-20] (Google Inc.)
HKU\Maki Chiropractic\...\Run: [googletalk] C:\Users\Maki Chiropractic\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart [3739648 2007-01-01] (Google)
HKU\Maki Chiropractic\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4283256 2011-05-13] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
==================== Services (Whitelisted) ======
2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe" [5104992 2012-02-14] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
2 BFBackupUtilityService; C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe -Service_Execute [320888 2010-08-19] (BUFFALO INC.)
2 BFBackupUtilityVSSService; C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe -Service_Execute [359288 2010-04-27] (BUFFALO INC.)
2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [462184 2011-08-30] (Apple Inc.)
2 Browser Defender Update Service; "C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe" [550864 2012-02-17] (Threat Expert Ltd.)
2 EinsteinEMRService; "C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe" [2654208 2012-03-05] (AllianceTek Inc.)
2 HP Support Assistant Service; "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [86072 2011-09-09] (Hewlett-Packard Company)
2 HPClientSvc; "C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe" [291896 2010-08-05] (Hewlett-Packard Company)
2 NOBU; "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE [2804568 2010-06-01] (Symantec Corporation)
2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService [1119768 2010-09-28] (PDF Complete Inc)
2 QBCFMonitorService; "C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe" [45056 2011-11-04] (Intuit)
3 QBFCService; "C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe" [61440 2009-07-23] (Intuit Inc.)
2 QBVSS; "C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe" [1248256 2011-06-30] (Intuit Inc.)
3 QuickBooksDB21; C:\PROGRA~2\Intuit\QUICKB~1\QBDBMgrN.exe -hvQuickBooksDB21 [679936 2010-04-27] (Intuit, Inc.)
2 RoxioNow Service; C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [399344 2010-09-11] (Roxio)
2 sdAuxService; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [402336 2012-02-24] (PC Tools)
2 sdCoreService; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe [1117624 2012-02-24] (PC Tools)
3 ThreatFire; C:\Program Files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe service [71008 2012-02-24] (PC Tools)
2 LightScribeService; "c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" [x]
2 MsMpSvc; "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [x]
2 MSSQL$EEMRSQL; "c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sEEMRSQL [x]
4 MSSQLServerADHelper; "c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe" [x]
3 NisSrv; "c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe" [x]
2 SQLBrowser; "c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe" [x]
2 SQLWriter; "c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [x]
2 WinDefend; %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [x]
3 WMZuneComm; "c:\Program Files\Zune\WMZuneComm.exe" [x]
3 ZuneNetworkSvc; "c:\Program Files\Zune\ZuneNss.exe" [x]
3 ZuneWlanCfgSvc; "c:\Program Files\Zune\ZuneWlanCfgSvc.exe" [x]
========================== Drivers (Whitelisted) =============
0 amd_sata; C:\Windows\System32\Drivers\amd_sata.sys [75904 2010-08-13] (Advanced Micro Devices)
0 amd_xata; C:\Windows\System32\Drivers\amd_xata.sys [38016 2010-08-13] (Advanced Micro Devices)
2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55424 2011-06-24] (Advanced Micro Devices)
3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [124496 2011-12-23] (AVG Technologies CZ, s.r.o. )
0 AVGIDSEH; C:\Windows\System32\DRIVERS\avgidseha.sys [26704 2011-12-23] (AVG Technologies CZ, s.r.o. )
3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [289872 2012-02-22] (AVG Technologies CZ, s.r.o.)
1 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [382032 2012-02-22] (AVG Technologies CZ, s.r.o.)
0 bftpdskc64; C:\Windows\System32\Drivers\bftpdskc64.sys [69760 2010-08-17] (BUFFALO INC.)
3 bftpusbx64; C:\Windows\System32\Drivers\bftpusbx64.sys [20608 2010-09-21] (BUFFALO INC.)
3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [95232 2009-07-13] (Microsoft Corporation)
3 PCTBD; C:\Windows\System32\Drivers\PCTBD64.sys [70760 2011-09-28] (PC Tools)
0 pctBTFix; C:\Windows\System32\Drivers\pctBTFix64.sys [14776 2012-02-24] (PC Tools)
0 PCTCore; C:\Windows\System32\drivers\PCTCore64.sys [367912 2011-11-14] (PC Tools)
0 pctDS; C:\Windows\System32\drivers\pctDS64.sys [453896 2011-12-01] (PC Tools)
0 pctEFA; C:\Windows\System32\drivers\pctEFA64.sys [1096688 2011-12-01] (PC Tools)
1 pctgntdi; \??\C:\Windows\System32\drivers\pctgntdi64.sys [339608 2012-02-24] (PC Tools)
3 pctplsg; \??\C:\Windows\System32\drivers\pctplsg64.sys [92896 2012-02-24] (PC Tools)
1 PCTSD; C:\Windows\System32\Drivers\PCTSD64.sys [230952 2012-02-24] (PC Tools)
0 TfFsMon; C:\Windows\System32\Drivers\TfFsMon.sys [65664 2012-02-24] (PC Tools)
3 TfNetMon; C:\Windows\System32\Drivers\TfNetMon.sys [41968 2012-02-24] (PC Tools)
0 TFSysMon; C:\Windows\System32\Drivers\TFSysMon.sys [706776 2012-02-24] (PC Tools)
========================== NetSvcs (Whitelisted) ===========
============ One Month Created Files and Folders ==============
2012-04-09 15:06 - 2012-04-09 15:07 - 0000000 ____D C:\FRST
2012-04-02 07:22 - 2012-04-02 10:46 - 0000000 ____D C:\Users\All Users\HitmanPro
2012-04-02 07:22 - 2012-04-02 10:46 - 0000000 ____D C:\ProgramData\HitmanPro
2012-04-02 06:04 - 2012-04-02 06:05 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{06A3BA95-3114-4B21-B506-381054814463}
2012-04-02 01:53 - 2012-04-02 01:53 - 0000000 ____D C:\e0f64173c113f4fb89
2012-04-01 08:20 - 2012-04-01 08:20 - 0000000 ____A C:\Users\Maki Chiropractic\Downloads\HitmanPro36_x64.exe
2012-04-01 08:03 - 2012-04-01 08:03 - 2068016 ____A (Kaspersky Lab ZAO) C:\Users\Maki Chiropractic\Downloads\tdsskiller.exe
2012-04-01 07:47 - 2012-04-01 07:47 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{B0EA8FDA-699E-48B4-AEEA-6D6D43867EC2}
2012-03-31 07:27 - 2012-02-24 06:16 - 0706776 ____S (PC Tools) C:\Windows\System32\Drivers\TfSysMon.sys
2012-03-31 07:27 - 2012-02-24 06:16 - 0065664 ____S (PC Tools) C:\Windows\System32\Drivers\TfFsMon.sys
2012-03-31 07:27 - 2012-02-24 06:16 - 0041968 ____S (PC Tools) C:\Windows\System32\Drivers\TfNetMon.sys
2012-03-31 07:22 - 2012-03-31 07:26 - 0001557 ____A C:\Users\Maki Chiropractic\Desktop\sdsetup.exe.lnk
2012-03-31 07:22 - 2012-03-31 07:22 - 0002243 ____A C:\Users\Public\Desktop\PC Tools Spyware Doctor.lnk
2012-03-31 07:21 - 2012-03-31 07:21 - 3834832 ____A (PC Tools) C:\Users\Maki Chiropractic\Downloads\sdsetup.exe
2012-03-31 07:20 - 2012-03-31 07:20 - 0000248 ____A C:\Windows\System32\Drivers\kgpcpy.cfg
2012-03-31 07:17 - 2012-03-31 07:18 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{9162EB5B-9681-4096-A0F4-7444AAEF5823}
2012-03-30 11:21 - 2012-03-31 07:21 - 0389024 ____A (Bleeping Computer, LLC) C:\Users\Maki Chiropractic\Downloads\unhide.exe
2012-03-30 10:49 - 2012-01-12 06:28 - 0057976 ___RA (GFI Software) C:\Windows\System32\Drivers\SBREDrv.sys
2012-03-30 10:36 - 2012-02-24 07:31 - 0339608 ____A (PC Tools) C:\Windows\System32\Drivers\pctgntdi64.sys
2012-03-30 10:36 - 2012-02-24 07:31 - 0145432 ____A (PC Tools) C:\Windows\System32\Drivers\pctwfpfilter64.sys
2012-03-30 10:36 - 2012-02-17 12:08 - 2250704 ____A (Threat Expert Ltd.) C:\Windows\PCTBDCore.dll0326.old
2012-03-30 10:36 - 2012-02-17 12:08 - 2250704 ____A (Threat Expert Ltd.) C:\Windows\PCTBDCore.dll
2012-03-30 10:36 - 2012-02-17 12:08 - 1681360 ____A (Threat Expert Ltd.) C:\Windows\PCTBDRes.dll
2012-03-30 10:36 - 2012-02-17 12:08 - 0767952 ____A C:\Windows\BDTSupport.dll0326.old
2012-03-30 10:36 - 2012-02-17 12:08 - 0767952 ____A C:\Windows\BDTSupport.dll
2012-03-30 10:36 - 2012-02-17 12:08 - 0149456 ____A (PC Tools) C:\Windows\SGDetectionTool.dll0326.old
2012-03-30 10:36 - 2012-02-17 12:08 - 0149456 ____A (PC Tools) C:\Windows\SGDetectionTool.dll
2012-03-30 10:36 - 2011-09-28 10:14 - 0070760 ____A (PC Tools) C:\Windows\System32\Drivers\PCTBD64.sys
2012-03-30 10:36 - 2011-05-17 12:47 - 0003488 ____A C:\Windows\UDB.zip
2012-03-30 10:36 - 2010-08-20 07:50 - 0000882 ____A C:\Windows\RegSDImport.xml
2012-03-30 10:36 - 2010-01-22 06:44 - 0000879 ____A C:\Windows\RegISSImport.xml
2012-03-30 10:36 - 2008-11-26 09:08 - 0000131 ____A C:\Windows\IDB.zip
2012-03-30 10:35 - 2012-04-02 10:46 - 0000000 ____D C:\Program Files (x86)\PC Tools
2012-03-30 10:35 - 2012-02-24 07:37 - 0092896 ____A (PC Tools) C:\Windows\System32\Drivers\pctplsg64.sys
2012-03-30 10:35 - 2012-02-24 07:35 - 0014776 ____A (PC Tools) C:\Windows\System32\Drivers\pctBTFix64.sys
2012-03-30 10:34 - 2012-04-01 11:59 - 2530849 ____A C:\Windows\System32\Drivers\Cat.DB
2012-03-30 10:34 - 2012-02-24 07:36 - 0230952 ____A (PC Tools) C:\Windows\System32\Drivers\PCTSD64.sys
2012-03-30 10:34 - 2011-12-01 13:07 - 1096688 ____A (PC Tools) C:\Windows\System32\Drivers\pctEFA64.sys
2012-03-30 10:34 - 2011-12-01 13:07 - 0453896 ____A (PC Tools) C:\Windows\System32\Drivers\pctDS64.sys
2012-03-30 10:34 - 2011-11-14 12:12 - 0367912 ____A (PC Tools) C:\Windows\System32\Drivers\PCTCore64.sys
2012-03-30 10:33 - 2012-04-02 10:46 - 0000000 ___HD C:\Users\All Users\PC Tools
2012-03-30 10:33 - 2012-04-02 10:46 - 0000000 ___HD C:\ProgramData\PC Tools
2012-03-30 10:33 - 2012-03-30 10:33 - 3835344 ____A (PC Tools) C:\Users\Maki Chiropractic\Downloads\spyware-doctor.exe
2012-03-30 10:33 - 2012-03-30 10:33 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\TestApp
2012-03-30 10:19 - 2012-03-30 10:19 - 0000000 ___HD C:\Qoobox
2012-03-30 10:18 - 2012-04-02 10:46 - 0000000 ___SD C:\32788R22FWJFW
2012-03-30 09:23 - 2012-03-30 09:23 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\AVG2012
2012-03-30 09:22 - 2012-04-01 14:50 - 0000000 ____D C:\Windows\System32\Drivers\AVG
2012-03-30 09:22 - 2012-03-30 09:31 - 0000000 ___HD C:\Users\All Users\AVG2012
2012-03-30 09:22 - 2012-03-30 09:31 - 0000000 ___HD C:\ProgramData\AVG2012
2012-03-30 09:22 - 2012-03-30 09:22 - 0000000 ___HD C:\$AVG
2012-03-30 09:22 - 2012-03-30 09:22 - 0000000 ____D C:\Windows\SysWOW64\Drivers\AVG
2012-03-30 09:22 - 2012-03-30 09:22 - 0000000 ____D C:\Program Files (x86)\AVG
2012-03-30 09:18 - 2012-03-30 10:30 - 2068016 ____A (Kaspersky Lab ZAO) C:\Users\Maki Chiropractic\Desktop\abc123.exe
2012-03-30 09:13 - 2012-04-01 14:50 - 0000000 ___HD C:\Users\All Users\MFAData
2012-03-30 09:13 - 2012-04-01 14:50 - 0000000 ___HD C:\ProgramData\MFAData
2012-03-30 08:04 - 2012-03-30 08:04 - 15674504 ____A (SUPERAntiSpyware.com) C:\Users\Maki Chiropractic\Downloads\SUPERAntiSpyware.exe
2012-03-30 08:01 - 2012-03-30 08:01 - 0000000 ____D C:\Users\Maki Chiropractic\Downloads\tdsskiller
2012-03-30 08:00 - 2012-03-30 08:00 - 2048299 ____A C:\Users\Maki Chiropractic\Downloads\tdsskiller.zip
2012-03-30 07:29 - 2012-03-30 07:29 - 0042628 ____A C:\Windows\ntbtlog.txt
2012-03-30 06:56 - 2012-03-19 10:38 - 0002561 ____A C:\Users\Public\Desktop\SOAPe Platinum Plus.lnk
2012-03-30 06:56 - 2012-02-02 11:54 - 0002181 ____A C:\Users\Public\Desktop\HP Support Assistant.lnk
2012-03-30 06:56 - 2011-12-08 10:39 - 0001045 ____A C:\Users\Public\Desktop\Mplayer.lnk
2012-03-30 06:56 - 2011-10-17 06:17 - 0001785 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-03-30 06:56 - 2011-08-29 06:50 - 0000929 ____A C:\Users\Public\Desktop\Zune.lnk
2012-03-30 06:56 - 2011-08-10 07:22 - 0000824 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-03-30 06:56 - 2011-06-15 03:58 - 0002021 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk
2012-03-30 06:56 - 2011-05-12 04:54 - 0001140 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-03-30 06:56 - 2011-05-01 15:14 - 0000932 ____A C:\Users\Public\Desktop\EPSON Scan.lnk
2012-03-30 06:56 - 2011-02-20 10:55 - 0002436 ____A C:\Users\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
2012-03-30 06:56 - 2011-02-20 10:55 - 0002223 ____A C:\Users\All Users\Start Menu\Programs\Startup\Intuit Data Protect.lnk
2012-03-30 06:56 - 2011-02-20 10:55 - 0002113 ____A C:\Users\Public\Desktop\QuickBooks Pro 2011.lnk
2012-03-30 06:56 - 2011-02-20 10:55 - 0002032 ____A C:\Users\All Users\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
2012-03-30 06:56 - 2011-02-20 10:55 - 0001326 ____A C:\Users\Public\Desktop\Checks & More for QuickBooks.lnk
2012-03-30 06:56 - 2011-02-20 10:55 - 0001274 ____A C:\Users\Public\Desktop\Payroll for QuickBooks.lnk
2012-03-30 06:56 - 2011-02-20 10:55 - 0001220 ____A C:\Users\Public\Desktop\Support for QuickBooks.lnk
2012-03-30 06:56 - 2011-02-20 10:55 - 0001180 ____A C:\Users\Public\Desktop\Get More Customers with Intuit.lnk
2012-03-30 06:56 - 2011-02-15 15:19 - 0002007 ____A C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2012-03-30 06:56 - 2009-07-13 20:54 - 0000174 __ASH C:\Users\All Users\Start Menu\Programs\Startup\desktop.ini
2012-03-30 06:54 - 2012-03-30 06:56 - 0002462 ____A C:\Users\Maki Chiropractic\Desktop\unhide.txt
2012-03-30 06:41 - 2012-03-04 13:23 - 54215544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe
2012-03-30 06:33 - 2012-03-30 05:35 - 0001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-03-30 06:24 - 2012-03-30 06:24 - 0000000 __SHD C:\found.000
2012-03-30 05:35 - 2012-04-02 10:46 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-03-30 05:35 - 2012-03-30 05:35 - 0000000 ___HD C:\Users\All Users\Malwarebytes
2012-03-30 05:35 - 2012-03-30 05:35 - 0000000 ___HD C:\ProgramData\Malwarebytes
2012-03-30 05:35 - 2012-03-30 05:35 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\Malwarebytes
2012-03-30 05:33 - 2012-03-30 06:32 - 9502424 ____A (Malwarebytes Corporation ) C:\Users\Maki Chiropractic\Desktop\mbam--setup-1.60.1.1000.exe
2012-03-30 05:32 - 2012-04-02 07:16 - 0000403 ____A C:\rkill.log
2012-03-30 05:30 - 2012-03-30 06:27 - 1008141 ____A C:\Users\Maki Chiropractic\Desktop\malware.exe
2012-03-30 05:21 - 2012-03-30 07:34 - 1008141 ____A C:\Users\Maki Chiropractic\Downloads\iExplore.exe.com
2012-03-30 05:11 - 2012-04-01 07:45 - 0004558 ____A C:\Windows\PFRO.log
2012-03-30 05:07 - 2012-03-30 05:07 - 0243200 ___AH ( ) C:\Users\All Users\e8pkZwfbjFxA36.exe
2012-03-30 05:07 - 2012-03-30 05:07 - 0243200 ___AH ( ) C:\ProgramData\e8pkZwfbjFxA36.exe
2012-03-30 05:07 - 2012-03-30 05:07 - 0000256 ___AH C:\Users\All Users\e8pkZwfbjFxA36
2012-03-30 05:07 - 2012-03-30 05:07 - 0000256 ___AH C:\ProgramData\e8pkZwfbjFxA36
2012-03-30 05:07 - 2012-03-30 05:07 - 0000208 ___AH C:\Users\All Users\-e8pkZwfbjFxA36r
2012-03-30 05:07 - 2012-03-30 05:07 - 0000208 ___AH C:\ProgramData\-e8pkZwfbjFxA36r
2012-03-30 05:07 - 2012-03-30 05:07 - 0000000 ___AH C:\Users\All Users\-e8pkZwfbjFxA36
2012-03-30 05:07 - 2012-03-30 05:07 - 0000000 ___AH C:\ProgramData\-e8pkZwfbjFxA36
2012-03-30 04:56 - 2012-03-30 04:54 - 0317952 ___AH ( ) C:\Users\All Users\LurGImdondG.exe
2012-03-30 04:56 - 2012-03-30 04:54 - 0317952 ___AH ( ) C:\ProgramData\LurGImdondG.exe
2012-03-30 03:56 - 2012-03-30 03:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{F250FCD6-FB6E-428B-9092-7AB8102986A4}
2012-03-29 08:54 - 2012-03-30 03:55 - 0000380 ____A C:\Windows\Tasks\HPCeeScheduleForMaki Chiropractic.job
2012-03-29 08:42 - 2012-03-29 08:42 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{C7BEE9BD-5D5D-454D-87DF-9B47A4D63ABB}
2012-03-28 03:56 - 2012-03-28 03:57 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{14D053EF-84C2-4275-AB6A-08E343F0EF7F}
2012-03-28 03:56 - 2012-03-28 03:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{86F60C11-9812-4B4E-BA4C-ADE58567E1F3}
2012-03-27 08:50 - 2012-03-27 08:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{AB808B90-ECD1-4445-9E90-C6106AC0B8A3}
2012-03-27 08:50 - 2012-03-27 08:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{3FDC8CE0-B0CE-46EA-82D2-A38BD051D57D}
2012-03-26 05:58 - 2012-03-26 05:58 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{499A8AF9-A46C-458F-A125-E25D85906ADD}
2012-03-26 05:57 - 2012-03-26 05:58 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{015538F0-5DDC-4711-8E83-AB82FD876B2C}
2012-03-23 04:07 - 2012-03-23 04:08 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{2F4DF1DC-CDDE-40B6-AE54-7E281BB9DAE3}
2012-03-23 04:07 - 2012-03-23 04:07 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{2BA83915-6945-4318-A9BD-FC26507E6D6F}
2012-03-22 08:40 - 2012-03-22 08:40 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{5F1C65F4-0DF0-4F95-A790-14B7DD6CB635}
2012-03-22 08:40 - 2012-03-22 08:40 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{4A75128D-80C8-4197-8CF6-294EDFB25582}
2012-03-21 03:50 - 2012-03-21 03:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{1C283AE3-7187-4DB3-993A-D677FF4D3548}
2012-03-21 03:50 - 2012-03-21 03:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{0A116CE9-EECC-49E3-90CA-B9D8A38F33E4}
2012-03-20 07:37 - 2012-03-20 07:37 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{EDC48E37-F8F4-42DA-ACFB-82A3AA5574B8}
2012-03-20 07:37 - 2012-03-20 07:37 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{CBC4B92E-2962-402A-86A2-8AF679957F17}
2012-03-19 10:34 - 2012-03-19 10:34 - 0000000 ____D C:\Users\Maki Chiropractic\Desktop\PlatinumPlusNet_133
2012-03-19 10:24 - 2012-03-19 10:34 - 263548928 ____A C:\Users\Maki Chiropractic\Downloads\PlatinumPlusNet_133.exe
2012-03-19 05:56 - 2012-03-19 05:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{5ABA39F7-CFDA-485B-8B23-F7DDDEAE5D21}
2012-03-19 05:55 - 2012-03-19 05:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{C9C9B4AF-C9C1-4945-9EBD-0AAB04E19355}
2012-03-16 03:51 - 2012-03-16 03:52 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{1A62D937-D3F6-4A54-8F93-F11BA5A68764}
2012-03-16 03:51 - 2012-03-16 03:51 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{AADE7D3E-C469-4B95-B259-CA61D744EEB4}
2012-03-15 08:51 - 2012-03-15 08:51 - 9705472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 3695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2012-03-15 08:51 - 2012-03-15 08:51 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-03-15 08:51 - 2012-03-15 08:51 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-03-15 08:51 - 2012-03-15 08:51 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-03-15 08:51 - 2012-03-15 08:51 - 2308096 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 2144256 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1798656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1792000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 17790464 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1493504 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-03-15 08:51 - 2012-03-15 08:51 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-03-15 08:51 - 2012-03-15 08:51 - 1390080 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1345536 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 12282368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1127424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1103360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 10887168 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-03-15 08:51 - 2012-03-15 08:51 - 0434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-03-15 08:51 - 2012-03-15 08:51 - 0353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-03-15 08:51 - 2012-03-15 08:51 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0072822 ____A C:\Windows\SysWOW64\ieuinit.inf
2012-03-15 08:51 - 2012-03-15 08:51 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2012-03-15 08:51 - 2012-03-15 08:51 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2012-03-15 08:51 - 2012-03-15 08:51 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-03-15 08:47 - 2012-03-15 08:47 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{54B9D0A9-B28C-437B-99DB-BB86EEEFB97C}
2012-03-15 08:47 - 2012-03-15 08:47 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{0823F58B-E5F3-445F-A321-901F0E27BBD8}
2012-03-14 10:13 - 2011-11-19 07:20 - 5559152 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-03-14 10:13 - 2011-11-19 06:50 - 3968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-03-14 10:13 - 2011-11-19 06:50 - 3913584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-03-14 04:22 - 2012-02-09 22:36 - 1544192 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-03-14 04:22 - 2012-02-09 21:38 - 1077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-03-14 04:22 - 2012-02-02 20:34 - 3145728 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-03-14 04:22 - 2012-01-24 22:38 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-03-14 04:22 - 2012-01-24 22:38 - 0077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-03-14 04:22 - 2012-01-24 22:33 - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-03-14 04:21 - 2012-02-16 22:38 - 1031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-03-14 04:21 - 2012-02-16 21:34 - 0826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-03-14 04:21 - 2012-02-16 20:58 - 0210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-03-14 04:21 - 2012-02-16 20:57 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-03-14 04:18 - 2012-03-14 04:18 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{FA9455A7-06D4-434B-849D-074E7562B4F5}
2012-03-13 08:36 - 2012-03-13 08:36 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{FF7CCD1F-6F62-4DA7-B0EF-9EACA2B9C257}
2012-03-13 08:36 - 2012-03-13 08:36 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{00C85A1A-5C88-4FA1-871D-AEF4D8FBF134}
2012-03-12 05:59 - 2012-03-12 06:00 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{A753F1AC-8CD3-46FE-94D1-71E5C6E95BF9}
2012-03-12 05:59 - 2012-03-12 05:59 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{122D4B6D-6FF3-4289-BE93-DF2E5E580C34}
============ 3 Months Modified Files and Folders =============
2012-04-09 15:07 - 2012-04-09 15:06 - 0000000 ____D C:\FRST
2012-04-09 09:39 - 2011-03-05 11:13 - 0000000 ___HD C:\Users\All Users\Recovery
2012-04-09 09:39 - 2011-03-05 11:13 - 0000000 ___HD C:\ProgramData\Recovery
2012-04-02 10:46 - 2012-04-02 07:22 - 0000000 ____D C:\Users\All Users\HitmanPro
2012-04-02 10:46 - 2012-04-02 07:22 - 0000000 ____D C:\ProgramData\HitmanPro
2012-04-02 10:46 - 2012-03-30 10:35 - 0000000 ____D C:\Program Files (x86)\PC Tools
2012-04-02 10:46 - 2012-03-30 10:33 - 0000000 ___HD C:\Users\All Users\PC Tools
2012-04-02 10:46 - 2012-03-30 10:33 - 0000000 ___HD C:\ProgramData\PC Tools
2012-04-02 10:46 - 2012-03-30 10:18 - 0000000 ___SD C:\32788R22FWJFW
2012-04-02 10:46 - 2012-03-30 05:35 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-04-02 10:46 - 2011-08-08 08:44 - 0000000 ____D C:\Program Files (x86)\Coupons
2012-04-02 10:46 - 2011-05-23 06:44 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\Octoshape
2012-04-02 10:46 - 2011-04-20 19:08 - 0000000 ____D C:\Program Files (x86)\Java
2012-04-02 10:46 - 2011-02-20 10:56 - 0000000 ____D C:\users\QBDataServiceUser21
2012-04-02 10:46 - 2011-02-15 14:07 - 0000000 ____D C:\users\Maki Chiropractic
2012-04-02 10:46 - 2011-01-31 22:49 - 0000000 ___HD C:\Users\All Users\RoxioNow
2012-04-02 10:46 - 2011-01-31 22:49 - 0000000 ___HD C:\ProgramData\RoxioNow
2012-04-02 10:46 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2012-04-02 07:16 - 2012-03-30 05:32 - 0000403 ____A C:\rkill.log
2012-04-02 06:05 - 2012-04-02 06:04 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{06A3BA95-3114-4B21-B506-381054814463}
2012-04-02 06:04 - 2011-10-06 12:16 - 0000000 ____D C:\Users\Maki Chiropractic\Tracing
2012-04-02 06:03 - 2011-02-01 01:36 - 334979072 __ASH C:\hiberfil.sys
2012-04-02 01:53 - 2012-04-02 01:53 - 0000000 ____D C:\e0f64173c113f4fb89
2012-04-02 01:52 - 2011-01-31 22:30 - 1072963 ____A C:\Windows\WindowsUpdate.log
2012-04-02 01:11 - 2011-03-20 18:31 - 0000956 ___AH C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-612660174-3317846808-1130094984-1001UA.job
2012-04-01 14:50 - 2012-03-30 09:22 - 0000000 ____D C:\Windows\System32\Drivers\AVG
2012-04-01 14:50 - 2012-03-30 09:13 - 0000000 ___HD C:\Users\All Users\MFAData
2012-04-01 14:50 - 2012-03-30 09:13 - 0000000 ___HD C:\ProgramData\MFAData
2012-04-01 12:05 - 2009-07-13 20:45 - 0015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-04-01 12:05 - 2009-07-13 20:45 - 0015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-04-01 12:03 - 2009-07-13 21:13 - 0796392 ____A C:\Windows\System32\PerfStringBackup.INI
2012-04-01 11:59 - 2012-03-30 10:34 - 2530849 ____A C:\Windows\System32\Drivers\Cat.DB
2012-04-01 11:57 - 2011-08-11 08:19 - 0016857 ____A C:\Windows\setupact.log
2012-04-01 11:57 - 2011-05-01 15:31 - 0000340 ___AH C:\Windows\Brownie.ini
2012-04-01 11:57 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-04-01 08:20 - 2012-04-01 08:20 - 0000000 ____A C:\Users\Maki Chiropractic\Downloads\HitmanPro36_x64.exe
2012-04-01 08:03 - 2012-04-01 08:03 - 2068016 ____A (Kaspersky Lab ZAO) C:\Users\Maki Chiropractic\Downloads\tdsskiller.exe
2012-04-01 07:47 - 2012-04-01 07:47 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{B0EA8FDA-699E-48B4-AEEA-6D6D43867EC2}
2012-04-01 07:45 - 2012-03-30 05:11 - 0004558 ____A C:\Windows\PFRO.log
2012-04-01 07:25 - 2011-04-26 17:28 - 0000000 ___HD C:\SOAPe Platinum Plus
2012-03-31 09:11 - 2011-03-20 18:31 - 0000904 ___AH C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-612660174-3317846808-1130094984-1001Core.job
2012-03-31 07:26 - 2012-03-31 07:22 - 0001557 ____A C:\Users\Maki Chiropractic\Desktop\sdsetup.exe.lnk
2012-03-31 07:22 - 2012-03-31 07:22 - 0002243 ____A C:\Users\Public\Desktop\PC Tools Spyware Doctor.lnk
2012-03-31 07:21 - 2012-03-31 07:21 - 3834832 ____A (PC Tools) C:\Users\Maki Chiropractic\Downloads\sdsetup.exe
2012-03-31 07:21 - 2012-03-30 11:21 - 0389024 ____A (Bleeping Computer, LLC) C:\Users\Maki Chiropractic\Downloads\unhide.exe
2012-03-31 07:20 - 2012-03-31 07:20 - 0000248 ____A C:\Windows\System32\Drivers\kgpcpy.cfg
2012-03-31 07:18 - 2012-03-31 07:17 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{9162EB5B-9681-4096-A0F4-7444AAEF5823}
2012-03-30 10:37 - 2011-02-15 14:14 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\VirtualStore
2012-03-30 10:33 - 2012-03-30 10:33 - 3835344 ____A (PC Tools) C:\Users\Maki Chiropractic\Downloads\spyware-doctor.exe
2012-03-30 10:33 - 2012-03-30 10:33 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\TestApp
2012-03-30 10:30 - 2012-03-30 09:18 - 2068016 ____A (Kaspersky Lab ZAO) C:\Users\Maki Chiropractic\Desktop\abc123.exe
2012-03-30 10:19 - 2012-03-30 10:19 - 0000000 ___HD C:\Qoobox
2012-03-30 09:31 - 2012-03-30 09:22 - 0000000 ___HD C:\Users\All Users\AVG2012
2012-03-30 09:31 - 2012-03-30 09:22 - 0000000 ___HD C:\ProgramData\AVG2012
2012-03-30 09:23 - 2012-03-30 09:23 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\AVG2012
2012-03-30 09:22 - 2012-03-30 09:22 - 0000000 ___HD C:\$AVG
2012-03-30 09:22 - 2012-03-30 09:22 - 0000000 ____D C:\Windows\SysWOW64\Drivers\AVG
2012-03-30 09:22 - 2012-03-30 09:22 - 0000000 ____D C:\Program Files (x86)\AVG
2012-03-30 09:20 - 2011-02-15 14:46 - 0002121 ____A C:\Windows\epplauncher.mif
2012-03-30 09:13 - 2011-02-15 14:45 - 0000000 ____D C:\Program Files\Microsoft Security Client
2012-03-30 09:13 - 2009-07-13 19:20 - 0000000 ___HD C:\Windows\System32\GroupPolicy
2012-03-30 08:04 - 2012-03-30 08:04 - 15674504 ____A (SUPERAntiSpyware.com) C:\Users\Maki Chiropractic\Downloads\SUPERAntiSpyware.exe
2012-03-30 08:01 - 2012-03-30 08:01 - 0000000 ____D C:\Users\Maki Chiropractic\Downloads\tdsskiller
2012-03-30 08:00 - 2012-03-30 08:00 - 2048299 ____A C:\Users\Maki Chiropractic\Downloads\tdsskiller.zip
2012-03-30 07:52 - 2011-05-16 08:03 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\CrashDumps
2012-03-30 07:34 - 2012-03-30 05:21 - 1008141 ____A C:\Users\Maki Chiropractic\Downloads\iExplore.exe.com
2012-03-30 07:29 - 2012-03-30 07:29 - 0042628 ____A C:\Windows\ntbtlog.txt
2012-03-30 06:56 - 2012-03-30 06:54 - 0002462 ____A C:\Users\Maki Chiropractic\Desktop\unhide.txt
2012-03-30 06:32 - 2012-03-30 05:33 - 9502424 ____A (Malwarebytes Corporation ) C:\Users\Maki Chiropractic\Desktop\mbam--setup-1.60.1.1000.exe
2012-03-30 06:27 - 2012-03-30 05:30 - 1008141 ____A C:\Users\Maki Chiropractic\Desktop\malware.exe
2012-03-30 06:24 - 2012-03-30 06:24 - 0000000 __SHD C:\found.000
2012-03-30 05:35 - 2012-03-30 06:33 - 0001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-03-30 05:35 - 2012-03-30 05:35 - 0000000 ___HD C:\Users\All Users\Malwarebytes
2012-03-30 05:35 - 2012-03-30 05:35 - 0000000 ___HD C:\ProgramData\Malwarebytes
2012-03-30 05:35 - 2012-03-30 05:35 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\Malwarebytes
2012-03-30 05:07 - 2012-03-30 05:07 - 0243200 ___AH ( ) C:\Users\All Users\e8pkZwfbjFxA36.exe
2012-03-30 05:07 - 2012-03-30 05:07 - 0243200 ___AH ( ) C:\ProgramData\e8pkZwfbjFxA36.exe
2012-03-30 05:07 - 2012-03-30 05:07 - 0000256 ___AH C:\Users\All Users\e8pkZwfbjFxA36
2012-03-30 05:07 - 2012-03-30 05:07 - 0000256 ___AH C:\ProgramData\e8pkZwfbjFxA36
2012-03-30 05:07 - 2012-03-30 05:07 - 0000208 ___AH C:\Users\All Users\-e8pkZwfbjFxA36r
2012-03-30 05:07 - 2012-03-30 05:07 - 0000208 ___AH C:\ProgramData\-e8pkZwfbjFxA36r
2012-03-30 05:07 - 2012-03-30 05:07 - 0000000 ___AH C:\Users\All Users\-e8pkZwfbjFxA36
2012-03-30 05:07 - 2012-03-30 05:07 - 0000000 ___AH C:\ProgramData\-e8pkZwfbjFxA36
2012-03-30 04:57 - 2011-12-01 13:18 - 0157472 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2012-03-30 04:57 - 2011-12-01 13:18 - 0149280 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2012-03-30 04:57 - 2011-12-01 13:18 - 0149280 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2012-03-30 04:57 - 2011-04-20 20:57 - 0472808 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2012-03-30 04:54 - 2012-03-30 04:56 - 0317952 ___AH ( ) C:\Users\All Users\LurGImdondG.exe
2012-03-30 04:54 - 2012-03-30 04:56 - 0317952 ___AH ( ) C:\ProgramData\LurGImdondG.exe
2012-03-30 03:56 - 2012-03-30 03:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{F250FCD6-FB6E-428B-9092-7AB8102986A4}
2012-03-30 03:55 - 2012-03-29 08:54 - 0000380 ____A C:\Windows\Tasks\HPCeeScheduleForMaki Chiropractic.job
2012-03-29 09:56 - 2011-02-15 15:19 - 0000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2012-03-29 08:53 - 2011-11-03 09:11 - 0000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2012-03-29 08:53 - 2011-02-16 14:51 - 0000052 ____A C:\Windows\SysWOW64\DOErrors.log
2012-03-29 08:52 - 2011-02-16 14:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\HP Support Assistant
2012-03-29 08:52 - 2011-02-15 19:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\HpUpdate
2012-03-29 08:42 - 2012-03-29 08:42 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{C7BEE9BD-5D5D-454D-87DF-9B47A4D63ABB}
2012-03-28 04:56 - 2011-01-31 22:50 - 0000000 ___HD C:\Users\All Users\PDFC
2012-03-28 04:56 - 2011-01-31 22:50 - 0000000 ___HD C:\ProgramData\PDFC
2012-03-28 03:57 - 2012-03-28 03:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{14D053EF-84C2-4275-AB6A-08E343F0EF7F}
2012-03-28 03:56 - 2012-03-28 03:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{86F60C11-9812-4B4E-BA4C-ADE58567E1F3}
2012-03-28 03:56 - 2011-05-05 11:22 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\Windows Live
2012-03-27 14:48 - 2011-05-06 08:54 - 0000000 ____D C:\Users\Maki Chiropractic\Documents\Quickbooks Backup
2012-03-27 08:50 - 2012-03-27 08:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{AB808B90-ECD1-4445-9E90-C6106AC0B8A3}
2012-03-27 08:50 - 2012-03-27 08:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{3FDC8CE0-B0CE-46EA-82D2-A38BD051D57D}
2012-03-26 13:57 - 2011-03-09 21:39 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Roaming\SoftGrid Client
2012-03-26 05:58 - 2012-03-26 05:58 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{499A8AF9-A46C-458F-A125-E25D85906ADD}
2012-03-26 05:58 - 2012-03-26 05:57 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{015538F0-5DDC-4711-8E83-AB82FD876B2C}
2012-03-23 09:07 - 2011-03-20 18:31 - 0002462 ____A C:\Users\Maki Chiropractic\Desktop\Google Chrome.lnk
2012-03-23 04:08 - 2012-03-23 04:07 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{2F4DF1DC-CDDE-40B6-AE54-7E281BB9DAE3}
2012-03-23 04:07 - 2012-03-23 04:07 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{2BA83915-6945-4318-A9BD-FC26507E6D6F}
2012-03-22 08:40 - 2012-03-22 08:40 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{5F1C65F4-0DF0-4F95-A790-14B7DD6CB635}
2012-03-22 08:40 - 2012-03-22 08:40 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{4A75128D-80C8-4197-8CF6-294EDFB25582}
2012-03-21 03:50 - 2012-03-21 03:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{1C283AE3-7187-4DB3-993A-D677FF4D3548}
2012-03-21 03:50 - 2012-03-21 03:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{0A116CE9-EECC-49E3-90CA-B9D8A38F33E4}
2012-03-20 07:38 - 2011-02-15 14:35 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-03-20 07:37 - 2012-03-20 07:37 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{EDC48E37-F8F4-42DA-ACFB-82A3AA5574B8}
2012-03-20 07:37 - 2012-03-20 07:37 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{CBC4B92E-2962-402A-86A2-8AF679957F17}
2012-03-19 10:38 - 2012-03-30 06:56 - 0002561 ____A C:\Users\Public\Desktop\SOAPe Platinum Plus.lnk
2012-03-19 10:34 - 2012-03-19 10:34 - 0000000 ____D C:\Users\Maki Chiropractic\Desktop\PlatinumPlusNet_133
2012-03-19 10:34 - 2012-03-19 10:24 - 263548928 ____A C:\Users\Maki Chiropractic\Downloads\PlatinumPlusNet_133.exe
2012-03-19 10:16 - 2011-05-06 08:51 - 0000000 ____D C:\Users\Maki Chiropractic\Documents\Soape Backup
2012-03-19 09:30 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\rescache
2012-03-19 05:56 - 2012-03-19 05:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{5ABA39F7-CFDA-485B-8B23-F7DDDEAE5D21}
2012-03-19 05:56 - 2012-03-19 05:55 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{C9C9B4AF-C9C1-4945-9EBD-0AAB04E19355}
2012-03-16 03:52 - 2012-03-16 03:51 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{1A62D937-D3F6-4A54-8F93-F11BA5A68764}
2012-03-16 03:51 - 2012-03-16 03:51 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{AADE7D3E-C469-4B95-B259-CA61D744EEB4}
2012-03-15 14:46 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\PolicyDefinitions
2012-03-15 08:51 - 2012-03-15 08:51 - 9705472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 3695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2012-03-15 08:51 - 2012-03-15 08:51 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-03-15 08:51 - 2012-03-15 08:51 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-03-15 08:51 - 2012-03-15 08:51 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-03-15 08:51 - 2012-03-15 08:51 - 2308096 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 2144256 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1798656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1792000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 17790464 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1493504 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-03-15 08:51 - 2012-03-15 08:51 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-03-15 08:51 - 2012-03-15 08:51 - 1390080 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1345536 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 12282368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1127424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 1103360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 10887168 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-03-15 08:51 - 2012-03-15 08:51 - 0434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-03-15 08:51 - 2012-03-15 08:51 - 0353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-03-15 08:51 - 2012-03-15 08:51 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0072822 ____A C:\Windows\SysWOW64\ieuinit.inf
2012-03-15 08:51 - 2012-03-15 08:51 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2012-03-15 08:51 - 2012-03-15 08:51 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2012-03-15 08:51 - 2012-03-15 08:51 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-03-15 08:51 - 2012-03-15 08:51 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-03-15 08:51 - 2012-03-15 08:51 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-03-15 08:51 - 2011-09-14 07:30 - 0011925 ____A C:\Windows\IE9_main.log
2012-03-15 08:47 - 2012-03-15 08:47 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{54B9D0A9-B28C-437B-99DB-BB86EEEFB97C}
2012-03-15 08:47 - 2012-03-15 08:47 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{0823F58B-E5F3-445F-A321-901F0E27BBD8}
2012-03-15 08:45 - 2009-07-13 20:45 - 0293832 ____A C:\Windows\System32\FNTCACHE.DAT
2012-03-14 04:18 - 2012-03-14 04:18 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{FA9455A7-06D4-434B-849D-074E7562B4F5}
2012-03-13 08:36 - 2012-03-13 08:36 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{FF7CCD1F-6F62-4DA7-B0EF-9EACA2B9C257}
2012-03-13 08:36 - 2012-03-13 08:36 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{00C85A1A-5C88-4FA1-871D-AEF4D8FBF134}
2012-03-12 06:00 - 2012-03-12 05:59 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{A753F1AC-8CD3-46FE-94D1-71E5C6E95BF9}
2012-03-12 05:59 - 2012-03-12 05:59 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{122D4B6D-6FF3-4289-BE93-DF2E5E580C34}
2012-03-09 05:10 - 2012-03-09 05:10 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{DB21CE55-437A-48D5-9D53-430B6364639B}
2012-03-09 05:10 - 2012-03-09 05:10 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{7E6683ED-97BA-4279-9672-3B5A3BD32F4E}
2012-03-08 09:36 - 2012-03-08 09:36 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{84127C5D-DCBD-44D9-8912-2807D8C5874F}
2012-03-07 06:53 - 2011-05-02 05:53 - 0000344 ____A C:\Windows\Tasks\HPCeeScheduleForFRONTDESK$.job
2012-03-07 05:27 - 2012-03-07 05:27 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{F887D1BC-E27D-465E-A498-EB1E6BC2F45B}
2012-03-07 05:27 - 2012-03-07 05:27 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{9E325D3C-CCA7-40FE-BD04-70E9934D97DF}
2012-03-06 10:06 - 2012-03-06 10:06 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{90C9BA3D-4647-43D4-8551-68E5D6BAF613}
2012-03-06 10:06 - 2012-03-06 10:06 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{6224E3D9-FBE5-459A-AEAD-4E421DEE04B1}
2012-03-05 07:04 - 2012-03-05 07:04 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{8299F9CE-5D40-4481-9C18-309E2EA43BCC}
2012-03-05 07:04 - 2012-03-05 07:03 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{527E10B6-69AD-45FB-8B82-451D4175A2A5}
2012-03-04 14:19 - 2011-02-15 14:39 - 56297240 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-03-04 13:23 - 2012-03-30 06:41 - 54215544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe
2012-03-04 07:05 - 2012-03-04 07:05 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{73361767-B507-48DB-B2CA-A31529C98CFD}
2012-03-04 07:05 - 2012-03-04 07:05 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{5A7A0225-6479-450D-83DB-2E98EC8D31CD}
2012-03-02 05:09 - 2012-03-02 05:09 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{2329D020-6D6C-4E9B-AF75-7AC44626C5B2}
2012-03-02 05:09 - 2012-03-02 05:09 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{13B766B1-5666-4FB7-8FB8-7F1910C213E2}
2012-03-01 09:50 - 2012-03-01 09:50 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{7D8FA45F-82BA-4DD2-B4CB-7FC9B9EB0579}
2012-03-01 09:50 - 2012-03-01 09:49 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{6F646A63-863C-4C00-8E60-891AF6EDB78F}
2012-02-29 05:39 - 2012-02-29 05:39 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{D9BC5548-20BE-4171-A5CB-E9E26ED1C59C}
2012-02-29 05:39 - 2012-02-29 05:39 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{0A0C69C6-70B9-4C64-AFDD-1FCDCD33706D}
2012-02-28 09:55 - 2012-02-28 09:55 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{E45979F9-44EA-4926-9960-23E12136DBEF}
2012-02-28 09:55 - 2012-02-28 09:55 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{46DA93F3-8959-4706-973F-D68D19D3C818}
2012-02-27 07:01 - 2012-02-27 07:01 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{E03D3D6F-DB86-4633-8484-113048BD0113}
2012-02-27 07:01 - 2012-02-27 07:01 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{C45AE8E7-A4E0-41E4-93BA-927DCAC5D500}
2012-02-24 07:37 - 2012-03-30 10:35 - 0092896 ____A (PC Tools) C:\Windows\System32\Drivers\pctplsg64.sys
2012-02-24 07:36 - 2012-03-30 10:34 - 0230952 ____A (PC Tools) C:\Windows\System32\Drivers\PCTSD64.sys
2012-02-24 07:35 - 2012-03-30 10:35 - 0014776 ____A (PC Tools) C:\Windows\System32\Drivers\pctBTFix64.sys
2012-02-24 07:31 - 2012-03-30 10:36 - 0339608 ____A (PC Tools) C:\Windows\System32\Drivers\pctgntdi64.sys
2012-02-24 07:31 - 2012-03-30 10:36 - 0145432 ____A (PC Tools) C:\Windows\System32\Drivers\pctwfpfilter64.sys
2012-02-24 06:16 - 2012-03-31 07:27 - 0706776 ____S (PC Tools) C:\Windows\System32\Drivers\TfSysMon.sys
2012-02-24 06:16 - 2012-03-31 07:27 - 0065664 ____S (PC Tools) C:\Windows\System32\Drivers\TfFsMon.sys
2012-02-24 06:16 - 2012-03-31 07:27 - 0041968 ____S (PC Tools) C:\Windows\System32\Drivers\TfNetMon.sys
2012-02-24 04:46 - 2012-02-24 04:46 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{E14A454C-80B1-44AC-887B-97A061B0A4C2}
2012-02-24 04:46 - 2012-02-24 04:46 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{D339F7F6-9569-47FC-98FB-B060B142F407}
2012-02-23 09:27 - 2011-05-16 09:08 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-02-23 09:26 - 2012-02-23 09:26 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{A7F55CE1-E1CC-4021-8266-1759115D7173}
2012-02-23 09:26 - 2012-02-23 09:26 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{522B6EEC-C202-4B43-9516-C8872DE1ED38}
2012-02-23 06:18 - 2011-02-15 14:24 - 0279656 ____A (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2012-02-22 04:56 - 2012-02-22 04:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{81C3657B-F028-4578-B0F6-1F9DE0D0EFF9}
2012-02-22 04:56 - 2012-02-22 04:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{0622DC52-025D-4A15-8588-2C967DE130B8}
2012-02-22 02:25 - 2012-02-22 02:25 - 0382032 ____A (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgtdia.sys
2012-02-22 02:25 - 2012-02-22 02:25 - 0289872 ____A (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgldx64.sys
2012-02-20 14:53 - 2012-02-20 14:53 - 0111300 ____A C:\Users\Maki Chiropractic\Downloads\Color Logo WP.jpg
2012-02-20 14:50 - 2012-02-20 14:50 - 0128628 ____A C:\Users\Maki Chiropractic\Downloads\Color Logo WP
2012-02-20 14:17 - 2012-02-20 14:17 - 0138625 ____A C:\Users\Maki Chiropractic\Downloads\Color Logo MC (920x414).jpg
2012-02-20 08:21 - 2012-02-20 08:21 - 0757858 ____A C:\Users\Maki Chiropractic\Downloads\8245120230048120_02-18-2012.pdf
2012-02-20 05:12 - 2012-02-20 05:12 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{BDA1AECB-5846-47E4-ABEF-C241EA6103EB}
2012-02-20 05:12 - 2012-02-20 05:12 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{9D0A4DFC-A4A7-43CA-A8B3-4B8BE0D78729}
2012-02-17 12:08 - 2012-03-30 10:36 - 2250704 ____A (Threat Expert Ltd.) C:\Windows\PCTBDCore.dll0326.old
2012-02-17 12:08 - 2012-03-30 10:36 - 2250704 ____A (Threat Expert Ltd.) C:\Windows\PCTBDCore.dll
2012-02-17 12:08 - 2012-03-30 10:36 - 1681360 ____A (Threat Expert Ltd.) C:\Windows\PCTBDRes.dll
2012-02-17 12:08 - 2012-03-30 10:36 - 0767952 ____A C:\Windows\BDTSupport.dll0326.old
2012-02-17 12:08 - 2012-03-30 10:36 - 0767952 ____A C:\Windows\BDTSupport.dll
2012-02-17 12:08 - 2012-03-30 10:36 - 0149456 ____A (PC Tools) C:\Windows\SGDetectionTool.dll0326.old
2012-02-17 12:08 - 2012-03-30 10:36 - 0149456 ____A (PC Tools) C:\Windows\SGDetectionTool.dll
2012-02-17 04:46 - 2012-02-17 04:46 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{F9E5224C-B083-48E6-9BD7-B73B9233F0EE}
2012-02-17 04:46 - 2012-02-17 04:46 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{0508681A-DCF6-487A-AB04-5F1051A548FA}
2012-02-17 04:46 - 2011-08-18 13:23 - 0000000 ___RD C:\Users\Maki Chiropractic\Podcasts
2012-02-17 04:46 - 2011-02-15 14:14 - 0000174 ___SH C:\Users\Maki Chiropractic\Start Menu\Programs\Startup\desktop.ini
2012-02-17 04:46 - 2011-02-15 14:14 - 0000174 ___SH C:\Users\Maki Chiropractic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-02-16 22:38 - 2012-03-14 04:21 - 1031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-02-16 21:34 - 2012-03-14 04:21 - 0826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-02-16 20:58 - 2012-03-14 04:21 - 0210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-02-16 20:57 - 2012-03-14 04:21 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-02-16 15:53 - 2011-03-09 21:38 - 0000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2012-02-16 15:53 - 2011-02-15 14:45 - 0812596 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-02-16 15:53 - 2011-01-31 22:58 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-02-16 07:50 - 2012-02-16 07:50 - 2541056 ____A C:\Users\Maki Chiropractic\Maki Chiropractic (Portable).QBM
2012-02-16 07:49 - 2012-02-16 07:48 - 11436032 ____A C:\Users\Maki Chiropractic\Maki Chiropractic (Backup Feb 16,2012 09 48 AM).QBB
2012-02-16 07:41 - 2012-02-16 07:41 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{A28962ED-4629-4D63-B708-0AF85C6ED5D1}
2012-02-16 07:41 - 2012-02-16 07:41 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{87DFEB9F-89E5-4E9D-80CA-38B039169322}
2012-02-15 05:54 - 2012-02-15 05:54 - 0022401 ____A C:\Users\Maki Chiropractic\Downloads\PPO Radiology Management Program - Provider Specialty Privileging Exempt Counties chart.pdf
2012-02-15 05:04 - 2012-02-15 05:04 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{426D6C10-D5F5-4E14-AF21-C40F4139A598}
2012-02-15 05:04 - 2012-02-15 05:04 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{238E8D09-50C8-4B0E-85A9-E3AFD1E76E7D}
2012-02-14 09:56 - 2012-02-14 09:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{E2A16B71-E464-48B1-B783-3027FCD38D27}
2012-02-14 09:56 - 2012-02-14 09:56 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{2147DB16-956E-4F13-B20A-D9DD4C90DE6D}
2012-02-13 09:14 - 2012-02-13 09:14 - 0041795 ____A C:\Users\Maki Chiropractic\Documents\Statement Strauss.pdf
2012-02-13 09:14 - 2011-02-15 14:14 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\PDFC
2012-02-13 07:48 - 2012-02-13 07:48 - 0353432 ____A C:\Users\Maki Chiropractic\Downloads\Maki Chiropractic Informed Consent (2).pdf
2012-02-13 07:04 - 2012-02-13 07:04 - 0000000 ___HD C:\Users\All Users\ATI
2012-02-13 07:04 - 2012-02-13 07:04 - 0000000 ___HD C:\ProgramData\ATI
2012-02-13 07:04 - 2012-02-13 07:04 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{F975E9B0-9127-4CA0-A153-554CAC6E9319}
2012-02-13 07:04 - 2012-02-13 07:04 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{F58BF637-5E0F-4639-B527-686DD8B8B8B4}
2012-02-13 07:03 - 2011-04-20 18:30 - 0159880 ____A C:\Windows\System32\log.xml
2012-02-10 06:39 - 2011-05-18 06:35 - 0000000 ____D C:\Program Files (x86)\ATI Technologies
2012-02-10 06:38 - 2011-05-18 06:35 - 0000000 ____D C:\Program Files\ATI Technologies
2012-02-10 06:37 - 2010-06-14 18:07 - 0000000 __AHD C:\swsetup
2012-02-10 04:12 - 2012-02-10 04:12 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{6F27EBAC-769A-4BA3-BA2E-9E6FF8A08FDF}
2012-02-10 04:12 - 2012-02-10 04:12 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{00177AF2-E49E-402E-B808-7677D5BC7AF7}
2012-02-10 04:08 - 2009-07-13 21:08 - 0032528 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-02-09 22:36 - 2012-03-14 04:22 - 1544192 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-02-09 21:38 - 2012-03-14 04:22 - 1077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-02-09 09:28 - 2012-02-09 09:28 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{FE533516-2DBE-40CF-B6AE-7C1CA948926C}
2012-02-09 09:28 - 2012-02-09 09:28 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{C20F1A1E-E977-4D23-9108-91306D49E351}
2012-02-08 03:48 - 2012-02-08 03:48 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{E6FC5171-AB0B-4968-8BC5-098C52F1BCDC}
2012-02-08 03:48 - 2012-02-08 03:48 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{BC36FD27-D7C0-421B-BEF1-A56C20B08E1E}
2012-02-07 13:21 - 2012-02-07 13:21 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{C8A72958-FC86-45B6-B3B8-7E35CC71C2C6}
2012-02-07 13:21 - 2012-02-07 13:21 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{70E95FE8-FCD9-4A4B-9B69-8EEBFDDFB7D6}
2012-02-06 05:07 - 2012-02-06 05:06 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{936E6F01-B1DA-4356-BEF9-BDD8C58E4784}
2012-02-06 05:06 - 2012-02-06 05:06 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{22F5D370-9228-451B-82CC-C05E3BC16255}
2012-02-03 05:13 - 2012-02-03 05:12 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{B6D8181F-74FF-4553-8A6B-5167EAD07117}
2012-02-03 05:12 - 2012-02-03 05:12 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{1E7C003B-0916-43D3-86DC-CA7AB7E147E1}
2012-02-02 20:34 - 2012-03-14 04:22 - 3145728 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-02-02 11:57 - 2011-01-31 22:29 - 0000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2012-02-02 11:57 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Help
2012-02-02 11:54 - 2012-03-30 06:56 - 0002181 ____A C:\Users\Public\Desktop\HP Support Assistant.lnk
2012-02-02 11:54 - 2011-01-31 22:28 - 0000000 ____D C:\Program Files (x86)\Hewlett-Packard
2012-02-02 11:53 - 2012-02-02 11:53 - 0000000 ___HD C:\Users\All Users\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2012-02-02 11:53 - 2012-02-02 11:53 - 0000000 ___HD C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2012-02-02 09:29 - 2012-02-02 09:28 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{7628E899-7787-4725-8EFC-E618FD288322}
2012-02-02 09:28 - 2012-02-02 09:28 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{97ECD5F2-B04A-4501-9B89-49D637DC08FA}
2012-02-01 05:18 - 2012-02-01 05:18 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{89BDD945-E0A6-4D28-8D19-367CD4276C86}
2012-02-01 05:18 - 2012-02-01 05:18 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{5C4FF753-F91B-4F63-B10F-D70740E9F0F9}
2012-01-31 10:15 - 2012-01-31 10:15 - 0000000 ____D C:\Program Files (x86)\MagTek
2012-01-31 01:46 - 2012-01-31 01:46 - 0036944 ____A (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgrkx64.sys
2012-01-30 07:09 - 2012-01-30 07:08 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{3BFDB4BB-9A3C-4E52-9B61-5064EBAFFDE4}
2012-01-30 07:08 - 2012-01-30 07:08 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{CC1151B2-4EA4-4798-993C-8C9EDBD2E946}
2012-01-28 08:51 - 2012-01-28 08:51 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{EE74DFAB-A96A-446D-A357-A42F34D95830}
2012-01-28 08:51 - 2012-01-28 08:51 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{8DD077B1-FA7E-4F39-87A3-7420396437CF}
2012-01-27 05:13 - 2012-01-27 05:13 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{7DDEB407-3FB4-4EFC-A1FB-DB30D44E4378}
2012-01-27 05:13 - 2012-01-27 05:12 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{2E336786-3214-48B1-91D3-7CD93E91EEFE}
2012-01-26 09:49 - 2012-01-26 09:49 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{C6962DC4-E7DE-44D1-B546-2E31A5046B86}
2012-01-26 09:49 - 2012-01-26 09:49 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{82B5FC76-7AA5-4934-A245-DE4657142F6D}
2012-01-25 05:35 - 2012-01-25 05:35 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{B7DF8FE5-4D31-466D-8CFC-980A37978CCF}
2012-01-25 05:35 - 2012-01-25 05:35 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{A17EB6AC-0E12-460D-86DC-415C40CA7CE2}
2012-01-24 22:38 - 2012-03-14 04:22 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-01-24 22:38 - 2012-03-14 04:22 - 0077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-01-24 22:33 - 2012-03-14 04:22 - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-01-24 10:04 - 2012-01-24 10:04 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{0A52EDD3-2BD6-4F45-BEA9-4AAC5F89F742}
2012-01-23 08:18 - 2012-01-23 08:18 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{827DE88F-78B6-438B-A03C-255919CB9BC3}
2012-01-23 08:18 - 2012-01-23 08:18 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{3A184DC8-1C6B-4EB7-AF78-BB8C93BD7013}
2012-01-20 05:18 - 2012-01-20 05:18 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{C81B8876-C181-4984-A00F-236648A72049}
2012-01-20 05:18 - 2012-01-20 05:18 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{5330187B-F2A8-4FCC-9A03-01F9423BCA1A}
2012-01-19 09:43 - 2012-01-19 09:43 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{E9AA0482-63D8-4CAE-A9F7-40C5B8CDD066}
2012-01-19 09:43 - 2012-01-19 09:43 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{5FE2AD86-DB15-4B78-AD8E-8C91AB4AAC0E}
2012-01-19 09:42 - 2011-02-15 14:13 - 0068216 ____A C:\Users\Maki Chiropractic\AppData\Local\GDIPFONTCACHEV1.DAT
2012-01-19 07:22 - 2012-01-19 07:22 - 0045936 ___RA (GFI Software) C:\Windows\System32\SBBD.EXE
2012-01-18 08:52 - 2012-01-18 08:52 - 0000000 ___HD C:\Users\All Users\Microsoft Help
2012-01-18 08:52 - 2012-01-18 08:52 - 0000000 ___HD C:\ProgramData\Microsoft Help
2012-01-18 08:52 - 2012-01-18 08:52 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\Microsoft Help
2012-01-18 04:59 - 2012-01-18 04:59 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{97327360-5783-43C1-AAA2-A18B4195D946}
2012-01-18 04:59 - 2012-01-18 04:59 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{400276BC-9445-4673-B780-476B0347F461}
2012-01-17 10:15 - 2012-01-17 10:15 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{FB8C1EBB-E07C-44B8-94C9-3D229B7C73A2}
2012-01-17 10:15 - 2012-01-17 10:15 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{942E137F-B48E-4C01-92A7-932553385B10}
2012-01-16 07:12 - 2012-01-16 07:12 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{B76EAF60-D3E5-4EE0-A8F8-AAB53FEDA1F1}
2012-01-16 07:12 - 2012-01-16 07:11 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{B81E8781-DD41-4C74-91B2-963B15C1983B}
2012-01-13 05:30 - 2012-01-13 05:30 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{5A37A37B-7006-4CFD-9D79-B7853915AD0B}
2012-01-13 05:30 - 2012-01-13 05:30 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{33968036-2D83-4ECD-B4E1-5C4E12FB009C}
2012-01-12 09:49 - 2012-01-12 09:49 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{D07E8B7E-DF0A-4DD2-8035-DF17C6052EBB}
2012-01-12 09:49 - 2012-01-12 09:49 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{8FDBA29C-E483-4D59-9440-189168AC9618}
2012-01-12 06:28 - 2012-03-30 10:49 - 0057976 ___RA (GFI Software) C:\Windows\System32\Drivers\SBREDrv.sys
2012-01-11 05:11 - 2012-01-11 05:11 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{CD4E295F-B538-4D50-AC4A-8EE12CDE898C}
2012-01-11 05:11 - 2012-01-11 05:11 - 0000000 ____D C:\Users\Maki Chiropractic\AppData\Local\{6DCBE472-F1D4-4DAA-9846-52178556DEAC}
========================= Known DLLs (Whitelisted) ============
========================= Bamital & volsnap Check ============
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
========================= Memory info ======================
Percentage of memory in use: 15%
Total physical RAM: 5887.29 MB
Available physical RAM: 4970.46 MB
Total Pagefile: 5885.43 MB
Available Pagefile: 4943.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
======================= Partitions =========================
1 Drive c: (OS) (Fixed) (Total:918.5 GB) (Free:847.91 GB) NTFS
2 Drive e: (HP_RECOVERY) (Fixed) (Total:12.91 GB) (Free:1.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive g: (HD-PCTU2) (Fixed) (Total:298.09 GB) (Free:242.83 GB) NTFS
9 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
10 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 8 MB
Disk 1 Online 298 GB 1024 KB
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 No Media 0 B 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 918 GB 101 MB
Partition 3 Primary 12 GB 918 GB
======================================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy
======================================================================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 918 GB Healthy
======================================================================================================
Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E HP_RECOVERY NTFS Partition 12 GB Healthy
======================================================================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 298 GB 32 KB
======================================================================================================
Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G HD-PCTU2 NTFS Partition 298 GB Healthy
======================================================================================================
==========================================================
Last Boot: 2012-03-30 12:26
======================= End Of Log ==========================
#6
Posted 09 April 2012 - 02:20 PM
Gammo
-
- Malware Removal
-
- 2,299 posts
Member 2k
Do you have the Windows CD ?
If not could you create a recovery disc as shown on this page
When you reboot you will see this although yours will say windows 7. Click repair my computer
Select your operating system
Select Command prompt
At the command prompt type the following
Can you successfully boot your PC after doing the above?
If not could you create a recovery disc as shown on this page
- Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here
When you reboot you will see this although yours will say windows 7. Click repair my computer
Select your operating system
Select Command prompt
At the command prompt type the following
- Bootrec /Fixboot
- Once finished type Exit
Can you successfully boot your PC after doing the above?
#7
Posted 09 April 2012 - 02:57 PM
Brandon Maki
- Topic Starter
-
- Member
-
- 63 posts
Member
Same as before, Startup Repair Runs and says it can't repair the system automatically.
#8
Posted 09 April 2012 - 03:08 PM
Gammo
-
- Malware Removal
-
- 2,299 posts
Member 2k
Just to clarify things:
You don't need to run startup repair. You need to open the command prompt and perform these two commands:
- Bootrec /FixMbr
- Bootrec /Fixboot
Have you done that?
If so, exactly where in the startup process does it go wrong? What's the last thing you see? Do you get as far as the Windows logo?
You don't need to run startup repair. You need to open the command prompt and perform these two commands:
- Bootrec /FixMbr
- Bootrec /Fixboot
Have you done that?
If so, exactly where in the startup process does it go wrong? What's the last thing you see? Do you get as far as the Windows logo?
#9
Posted 09 April 2012 - 03:20 PM
Brandon Maki
- Topic Starter
-
- Member
-
- 63 posts
Member
I ran both of those. When I try to boot up after exiting the command prompt, the HP startup logo comes up, followed by Windows Logo, then it turns to Windows is trying to load files and it goes from there straight to Startup Repair automatically.
#10
Posted 09 April 2012 - 03:30 PM
Gammo
-
- Malware Removal
-
- 2,299 posts
Member 2k
I was looking at the wrong part of Windows's boot sequence then.
I noticed you have downloaded TDSSKiller. Did you also run it? If so:
1. Do you still have the log to show me?
2. Did it find anything / did you cure or remove anything?
I noticed you have downloaded TDSSKiller. Did you also run it? If so:
1. Do you still have the log to show me?
2. Did it find anything / did you cure or remove anything?
#11
Posted 09 April 2012 - 03:36 PM
Brandon Maki
- Topic Starter
-
- Member
-
- 63 posts
Member
I could never get it to run for me. Microsoft Security Essentials found the TDSS rootkit but couldn't remove it. Spyware Doctor found it as well and said that it was successful in removing it, but each time I ran it after cleaning, TDSS was still there. I originally ran Malwarebytes after Security Essentials couldn't remove it, but it never found anything in a scan.
#12
Posted 09 April 2012 - 03:39 PM
Gammo
-
- Malware Removal
-
- 2,299 posts
Member 2k
For the instructions below you're gonna need an empty CD. If you don't have one, I can give you alternative instructions that uses a USB flash drive instead.
Follow these first steps on another PC:
Please print these instruction out so that you know what you are doing.
Follow these first steps on another PC:
Please print these instruction out so that you know what you are doing.
- Download OTLPEStd.exe to your desktop.
- Ensure that you have a blank CD in the drive.
- Double click OTLPEStd.exe and this will then open imgburn to burn the file to CD.
- Reboot the infected system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here. - As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads.
- Your system should now display a Reatogo desktop.
Note : as you are running from CD it is not exactly speedy. - Double-click on the OTLPE icon.
- Select the Windows folder of the infected drive if it asks for a location.
- When asked "Do you wish to load the remote registry", select Yes.
- When asked "Do you wish to load remote user profile(s) for scanning", select Yes.
- Ensure the box "Automatically Load All Remaining Users" is checked and press OK.
- OTL should now start.
- Press Run Scan to start the scan.
- When finished, the file will be saved in drive C:\OTL.txt.
- Copy this file to your USB drive if you do not have internet connection on this system.
- Right click the file and select send to : select the USB drive.
- Confirm that it has copied to the USB drive by selecting it
- You can backup any files that you wish from this OS
- Please post the contents of the C:\OTL.txt file in your reply.
#13
Posted 09 April 2012 - 03:59 PM
Brandon Maki
- Topic Starter
-
- Member
-
- 63 posts
Member
While loading the Reatogo desktop I got a Blue Screen of Death. Tried again and same result. Should I try burning OTLPE again?
#14
Posted 09 April 2012 - 04:02 PM
Gammo
-
- Malware Removal
-
- 2,299 posts
Member 2k
Yes, please burn OTLPE on another new CD and then try running OTLPE again.
#15
Posted 10 April 2012 - 10:49 AM
Brandon Maki
- Topic Starter
-
- Member
-
- 63 posts
Member
Same result with the second disc.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
