Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win32:DNS Changer-VJ [Trj] and Win:32malware-gen


  • This topic is locked This topic is locked
22 replies to this topic

#1 Tm0n31695

Tm0n31695

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:ohio
  • Local time:01:46 PM

Posted 05 June 2012 - 10:44 PM

avast keeps alerting me to Win32:DNS Changer-VJ [Trj] and Win:32malware-gen like every 5 mins. also don't know if related but i have to launch explorer through task manager when i start up


DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1
Run by Tm0n31695 at 23:18:36 on 2012-06-05
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.5815.3195 [GMT -4:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Windows\SysWOW64\PnkBstrA.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Windows\explorer.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Users\Tm0n31695\AppData\Roaming\DRPSu\DrvUpdater.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\AUDIODG.EXE
C:\Users\Tm0n31695\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tm0n31695\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tm0n31695\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tm0n31695\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tm0n31695\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tm0n31695\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tm0n31695\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tm0n31695\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tm0n31695\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tm0n31695\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tm0n31695\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tm0n31695\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tm0n31695\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = https://www.google.com/
uInternet Settings,ProxyOverride = *.local;<local>
mWinlogon: Userinit=userinit.exe
uWinlogon: Shell=expstart.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
EB: Developer Tools: {1a6fe369-f28c-4ad9-a3e6-2bcb50807cf1} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [DrvUpdater] C:\Users\Tm0n31695\AppData\Roaming\DRPSu\DrvUpdater.exe /hide
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [IAStorIcon] c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe
mRun: [LManager] c:\program files (x86)\launch manager\lmanager.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Download All using 4shared Desktop - C:\Program Files (x86)\4shared Desktop\Desktop.32/D_ALL_LINK
IE: &Download using 4shared Desktop - C:\Program Files (x86)\4shared Desktop\Desktop.32/D_ONE_LINK
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{BFD15E48-6616-4470-A4C8-9B9A91F13DB7} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{BFD15E48-6616-4470-A4C8-9B9A91F13DB7}\2375942554838343 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{BFD15E48-6616-4470-A4C8-9B9A91F13DB7}\4456E6E69737D27657563747 : DhcpNameServer = 192.168.7.254
TCP: Interfaces\{BFD15E48-6616-4470-A4C8-9B9A91F13DB7}\C696E6B6379737 : DhcpNameServer = 209.18.47.61 209.18.47.62
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
EB-X64: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - No File
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun-x64: [IAStorIcon] c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe
mRun-x64: [LManager] c:\program files (x86)\launch manager\lmanager.exe
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\system32\DRIVERS\aswNdis.sys --> C:\Windows\system32\DRIVERS\aswNdis.sys [?]
R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\system32\drivers\aswNdis2.sys --> C:\Windows\system32\drivers\aswNdis2.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\system32\Drivers\SmartDefragDriver.sys --> C:\Windows\system32\Drivers\SmartDefragDriver.sys [?]
R1 aswFW;avast! TDI Firewall driver;C:\Windows\system32\drivers\aswFW.sys --> C:\Windows\system32\drivers\aswFW.sys [?]
R1 aswKbd;aswKbd;C:\Windows\system32\drivers\aswKbd.sys --> C:\Windows\system32\drivers\aswKbd.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-4-10 913752]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-6-5 44768]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2012-6-5 134920]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-2-11 346704]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-4-9 873064]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-4-9 13336]
R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-4-23 821592]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-5 654408]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-4-15 2666880]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-15 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-9 257696]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2012-5-13 21712]
S3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-5-14 21384]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-15 116648]
S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2012-5-14 33184]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2012-5-14 21872]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2012-4-30 14544]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0105;RsFx0105 Driver;C:\Windows\system32\DRIVERS\RsFx0105.sys --> C:\Windows\system32\DRIVERS\RsFx0105.sys [?]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464]
.
=============== Created Last 30 ================
.
2012-06-06 02:31:22 -------- d-----w- C:\ProgramData\SecTaskMan
2012-06-06 02:31:14 -------- d-----w- C:\Program Files (x86)\Security Task Manager
2012-06-06 02:13:50 -------- d-----w- C:\Program Files (x86)\ESET
2012-06-06 01:50:30 -------- d-----w- C:\Users\Tm0n31695\AppData\Roaming\Malwarebytes
2012-06-06 01:50:22 -------- d-----w- C:\ProgramData\Malwarebytes
2012-06-06 01:50:21 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-06 01:50:21 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-05 22:54:47 141144 ----a-w- C:\Windows\System32\drivers\aswFW.sys
2012-06-05 22:54:29 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-06-05 22:54:29 258904 ----a-w- C:\Windows\System32\drivers\aswNdis2.sys
2012-06-05 22:54:28 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-06-05 22:54:28 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-06-05 22:54:28 28504 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2012-06-05 22:53:38 12368 ----a-w- C:\Windows\System32\drivers\aswNdis.sys
2012-06-05 22:53:23 41184 ----a-w- C:\Windows\avastSS.scr
2012-06-05 18:41:20 -------- d-----w- C:\ProgramData\AVAST Software
2012-06-05 18:41:20 -------- d-----w- C:\Program Files\AVAST Software
2012-06-05 18:15:08 3993600 ----a-w- C:\Program Files (x86)\GUT5BA7.tmp
2012-06-05 18:15:08 -------- d-----w- C:\Program Files (x86)\GUM5BA6.tmp
2012-06-05 00:01:23 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-06-01 08:20:19 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{116A5254-09FF-4F65-83A3-0CDD9E152C5D}\mpengine.dll
2012-05-31 23:12:18 -------- d-----w- C:\ProgramData\SwiftKit
2012-05-31 23:12:04 -------- d-----w- C:\Program Files (x86)\SwiftKit
2012-05-31 05:11:06 -------- d-----w- C:\ProgramData\VS
2012-05-31 04:35:38 -------- d-----w- C:\Users\Tm0n31695\AppData\Roaming\FreeArc
2012-05-31 04:35:28 -------- d-----w- C:\Program Files (x86)\FreeArc
2012-05-29 20:42:49 -------- d-----w- C:\Users\Tm0n31695\AppData\Local\TVU Networks
2012-05-29 20:42:49 -------- d-----w- C:\ProgramData\TVU Networks
2012-05-28 14:46:24 -------- d-----w- C:\Program Files (x86)\Magic ISO Maker
2012-05-28 14:20:04 83904 ----a-w- C:\Windows\System32\ifsdrives.exe
2012-05-28 14:20:04 80320 ----a-w- C:\Windows\System32\drivers\ifsmount.sys
2012-05-28 14:20:04 281600 ----a-w- C:\Windows\System32\ifsdrives.dll
2012-05-28 14:20:04 270272 ----a-w- C:\Windows\System32\drivers\ext2fs.sys
2012-05-26 14:24:52 226304 ----a-w- C:\Windows\SysWow64\binkw32.dll
2012-05-25 04:53:35 73064 ----a-w- C:\Windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll
2012-05-25 04:53:35 109416 ----a-w- C:\Windows\System32\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll
2012-05-25 04:53:34 105832 ----a-w- C:\Windows\System32\SQSRVRES.DLL
2012-05-25 04:27:00 -------- d-----w- C:\Program Files (x86)\Nmap
2012-05-25 04:00:42 78872 ----a-w- C:\Windows\System32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2012-05-25 04:00:42 50200 ----a-w- C:\Windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2012-05-25 03:59:45 -------- d-----w- C:\Windows\System32\RsFx
2012-05-25 03:59:02 -------- d-----w- C:\Windows\SysWow64\1033
2012-05-25 03:59:02 -------- d-----w- C:\Windows\System32\1033
2012-05-25 03:57:47 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server
2012-05-25 03:57:07 -------- d-----w- C:\Program Files\Microsoft SQL Server
2012-05-25 03:55:35 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
2012-05-25 03:55:35 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2012-05-25 03:55:27 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2012-05-25 03:55:27 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-05-25 03:55:16 136320 ----a-w- C:\ProgramData\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
2012-05-25 03:53:51 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2012-05-25 03:53:51 -------- d-----w- C:\Program Files (x86)\Common Files\Merge Modules
2012-05-25 03:53:15 -------- d-----w- C:\Program Files\Microsoft Visual Studio 10.0
2012-05-25 03:53:14 -------- d-----w- C:\Program Files\Microsoft Help Viewer
2012-05-25 03:52:57 -------- d-----w- C:\Windows\PCHEALTH
2012-05-25 03:36:50 -------- d-----w- C:\Program Files\Apache Software Foundation
2012-05-25 03:34:34 -------- d-----w- C:\Users\Tm0n31695\.m2
2012-05-25 03:33:25 -------- d-----w- C:\Users\Tm0n31695\.netbeans
2012-05-25 03:28:04 -------- d-----w- C:\Program Files (x86)\Oracle
2012-05-25 03:27:52 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-05-25 03:09:18 -------- d-----w- C:\Users\Tm0n31695\.nbi
2012-05-21 06:36:54 -------- d-----w- C:\.jagex_cache_32
2012-05-19 06:20:43 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant
2012-05-18 03:42:09 -------- d-----w- C:\Users\Tm0n31695\AppData\Roaming\Mp3tag
2012-05-18 03:41:50 -------- d-----w- C:\Program Files (x86)\Mp3tag
2012-05-16 20:33:54 -------- d-----w- C:\Users\Tm0n31695\AppData\Roaming\OpenOffice.org
2012-05-16 20:31:11 -------- d-----w- C:\Program Files (x86)\OpenOffice.org 3
2012-05-16 19:21:55 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2012-05-16 19:19:19 -------- d-----w- C:\ProgramData\Battle.net
2012-05-16 19:11:06 -------- d-----w- C:\Program Files (x86)\Games
2012-05-16 04:02:03 -------- d-s---w- C:\Users\Tm0n31695\Google Drive
2012-05-16 03:47:24 -------- d-----w- C:\Users\Tm0n31695\AppData\Roaming\DMCache
2012-05-16 03:41:12 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-16 03:41:12 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-16 03:41:12 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-16 03:41:11 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-16 03:41:11 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-15 03:45:14 1895280 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-15 03:31:59 -------- d-----r- C:\Users\Tm0n31695\Dropbox
2012-05-15 03:29:45 -------- d-----w- C:\Users\Tm0n31695\AppData\Roaming\Dropbox
2012-05-15 03:09:20 -------- d-----w- C:\Program Files\iPod
2012-05-15 03:09:19 -------- d-----w- C:\Program Files (x86)\iTunes
2012-05-15 03:09:18 -------- d-----w- C:\Program Files\iTunes
2012-05-14 23:27:10 2380448 ----a-w- C:\Windows\System32\drivers\athrx.sys
2012-05-14 23:27:09 -------- d-----w- C:\Program Files (x86)\Atheros
2012-05-14 22:51:13 -------- d-----w- C:\Program Files (x86)\Silabs
2012-05-14 22:50:11 -------- d-----w- C:\Windows\SysWow64\Silabs
2012-05-13 21:10:20 -------- d-----w- C:\Users\Tm0n31695\AppData\Local\ElevatedDiagnostics
2012-05-13 16:23:56 -------- d-----w- C:\Users\Tm0n31695\AppData\Roaming\DRPSu
2012-05-13 07:42:11 -------- d-----w- C:\Users\Tm0n31695\AppData\Roaming\TuneUp Software
2012-05-13 07:40:42 -------- d-----w- C:\ProgramData\TuneUp Software
2012-05-13 07:35:49 -------- d-sh--w- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-05-13 07:35:49 -------- d--h--w- C:\ProgramData\Common Files
2012-05-13 07:28:15 203264 ----a-w- C:\Windows\System32\unrar.dll
2012-05-13 07:28:10 92160 ----a-w- C:\Windows\System32\ff_vfw.dll
2012-05-13 07:28:06 -------- d-----w- C:\Program Files\K-Lite Codec Pack x64
2012-05-13 06:33:45 -------- d-----w- C:\Users\Tm0n31695\FrostWire
2012-05-13 06:33:41 -------- d-----w- C:\Users\Tm0n31695\.frostwire5
2012-05-13 05:53:20 21712 ----a-w- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
2012-05-13 05:53:20 -------- d-----w- C:\Users\Tm0n31695\AppData\Local\eSupport.com
2012-05-13 05:46:16 2716768 ----a-w- C:\Windows\System32\drivers\athwx.sys
2012-05-13 05:46:12 557848 ----a-w- C:\Windows\System32\drivers\iaStor.sys
2012-05-13 05:45:40 77936 ----a-w- C:\Windows\System32\drivers\L1C62x64.sys
2012-05-13 05:44:58 317440 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys
2012-05-13 05:44:58 158976 ----a-w- C:\Windows\System32\drivers\Impcd.sys
2012-05-13 05:44:48 14848 ----a-w- C:\Windows\System32\IntcDAuC.dll
2012-05-12 16:57:13 -------- d-----w- C:\Program Files (x86)\GCFExplorer
2012-05-12 16:56:58 -------- d-----w- C:\Program Files (x86)\CFToolbox
2012-05-12 03:56:28 -------- d-----w- C:\Users\Tm0n31695\AppData\Roaming\PFStaticIP
2012-05-12 03:55:39 -------- d-----w- C:\Users\Tm0n31695\AppData\Local\APN
2012-05-12 03:55:37 -------- d-----w- C:\Program Files (x86)\PFStaticIP
2012-05-09 21:29:23 -------- d-----w- C:\Users\Tm0n31695\AppData\Roaming\X-Chat 2
2012-05-09 21:29:23 -------- d-----w- C:\Program Files (x86)\xchat
.
==================== Find3M ====================
.
2012-05-06 11:59:32 230 ----a-w- C:\Windows\SysWow64\HKLM_RunOnce.reg
2012-05-06 11:59:31 228 ----a-w- C:\Windows\SysWow64\HKCU_RunOnce.reg
2012-05-06 11:59:31 1636 ----a-w- C:\Windows\SysWow64\HKLM_Run.reg
2012-05-06 11:59:29 632 ----a-w- C:\Windows\SysWow64\HKCU_Run.reg
2012-05-05 07:11:35 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 07:11:35 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-05 07:11:30 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-04-30 06:33:40 1174979 ----a-w- C:\Windows\apppatch\unins000.exe
2012-04-28 20:22:56 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2012-04-28 19:56:28 560184 ----a-w- C:\Windows\System32\drivers\sptd.sys
2012-04-28 19:25:06 27760640 ----a-w- C:\Windows\System32\imageres.dll
2012-04-22 09:01:40 283416 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-04-22 09:01:40 283416 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-04-22 08:02:51 283416 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-04-21 08:29:04 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll
2012-04-18 06:15:36 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-04-16 19:37:05 419840 ----a-w- C:\Windows\System32\systemcpl.dll
2012-04-16 19:37:05 14848 ----a-w- C:\Windows\System32\slwga.dll
2012-04-16 19:37:05 13824 ----a-w- C:\Windows\SysWow64\slwga.dll
2012-04-16 19:37:03 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2012-04-16 19:37:03 1008640 ----a-w- C:\Windows\System32\user32.dll
2012-04-15 21:29:09 1135104 ----a-w- C:\Windows\System32\FntCache.dll
2012-04-15 15:05:18 833024 ----a-w- C:\Windows\SysWow64\user32.dll.old
2012-04-15 15:05:18 1008640 ----a-w- C:\Windows\System32\user32.dll.old
2012-04-15 14:53:45 925184 ----a-w- C:\Windows\expstart.exe
2012-04-10 06:11:33 525544 ----a-w- C:\Windows\System32\deployJava1.dll
2012-04-10 01:40:20 2297552 ----a-w- C:\Windows\SysWow64\d3dx9_26.dll
2012-04-04 22:47:02 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-04-03 19:27:12 809 ----a-w- C:\Script.vbs
2012-04-02 05:34:04 5504880 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-04-02 04:46:44 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-04-02 04:46:44 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-04-02 03:01:19 3143680 ----a-w- C:\Windows\System32\win32k.sys
2012-03-27 21:03:36 4015592 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2012-03-21 19:55:16 2886656 ----a-w- C:\Windows\System32\RCoRes64.dat
2012-03-20 14:47:20 3608680 ----a-w- C:\Windows\System32\RtkAPO64.dll
2012-03-19 23:01:20 102504 ----a-w- C:\Windows\System32\RCoInstII64.dll
2012-03-17 07:55:58 75632 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-03-16 20:25:58 2670696 ----a-w- C:\Windows\System32\RtPgEx64.dll
2012-03-13 15:21:10 1251432 ----a-w- C:\Windows\System32\RTCOM64.dll
2012-03-08 15:47:24 108640 ----a-w- C:\Windows\System32\AERTAR64.dll
2012-03-08 15:47:08 202336 ----a-w- C:\Windows\System32\AERTAC64.dll
.
============= FINISH: 23:21:54.54 ===============

Attached Files


Edited by Tm0n31695, 05 June 2012 - 11:23 PM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:46 PM

Posted 06 June 2012 - 02:48 AM

Hello and Welcome to Bleeping Computer!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Tm0n31695

Tm0n31695
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:ohio
  • Local time:01:46 PM

Posted 06 June 2012 - 11:12 AM

when i run combofix i get this error opening file for writing: c:\32788r22fwjfw\License\iexplorer.exe. when i retry i keeps happening and if i ignore it finishes and then it closes. also found that when avast isnt running i cant connect to any google page in chrome and it says The site's security certificate is signed using a weak signature algorithm! You attempted to reach www.google.com, but the server presented a certificate signed using a weak signature algorithm. This means that the security credentials the server presented could have been forged, and the server may not be the server you expected (you may be communicating with an attacker).You cannot proceed because the website operator has requested heightened security for this domain. and my start bar has switched to classic view

Edited by Tm0n31695, 06 June 2012 - 11:18 AM.


#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:46 PM

Posted 06 June 2012 - 11:52 AM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Tm0n31695

Tm0n31695
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:ohio
  • Local time:01:46 PM

Posted 06 June 2012 - 12:21 PM

tdsskilller ran fine but while scanning with aswmbr it told me it encountered an error and had to close. also i have the tdsskiller and security check logs if you still want them. and after a little bit my computer blue screened and crashed

Edited by Tm0n31695, 06 June 2012 - 12:57 PM.


#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:46 PM

Posted 06 June 2012 - 01:00 PM

Hello

download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]
Gringo[/b]
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 Tm0n31695

Tm0n31695
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:ohio
  • Local time:01:46 PM

Posted 06 June 2012 - 01:50 PM

Scan result of Farbar Recovery Scan Tool Version: 06-06-2012 03
Ran by SYSTEM at 06-06-2012 14:38:01
Running from G:\
Windows 7 Ultimate (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [167704 2012-01-10] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [392984 2012-01-10] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [417560 2012-01-10] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [499608 2011-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] %programfiles%\synaptics\syntp\syntpenh.exe [2392360 2010-10-08] (Synaptics Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [LManager] c:\program files (x86)\launch manager\lmanager.exe [1070160 2011-02-11] (Dritek System Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-27] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4241512 2012-03-06] (AVAST Software)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462408 2012-04-04] (Malwarebytes Corporation)
HKU\Tm0n31695\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3671872 2012-04-17] (DT Soft Ltd)
HKU\Tm0n31695\...\Run: [DrvUpdater] C:\Users\Tm0n31695\AppData\Roaming\DRPSu\DrvUpdater.exe /hide [195256 2012-05-12] ()
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

==================== Services (Whitelisted) ======

2 AdvancedSystemCareService5; C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [913752 2012-03-14] (IObit)
2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [44768 2012-03-06] (AVAST Software)
2 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [134920 2012-03-06] (AVAST Software)
2 DsiWMIService; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [346704 2011-02-11] (Dritek System Inc.)
2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [873064 2011-02-22] (Acer Incorporated)
2 IAStorDataMgrSvc; "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" [13336 2010-09-13] (Intel Corporation)
2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [821592 2012-01-09] (IObit)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [654408 2012-04-04] (Malwarebytes Corporation)
2 MSSQL$SQLEXPRESS; "C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS [58345832 2011-09-22] (Microsoft Corporation)
4 MSSQLServerADHelper100; "C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE" [61976 2009-07-22] (Microsoft Corporation)
2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-04-17] ()
4 SQLAgent$SQLEXPRESS; "C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE" -i SQLEXPRESS [431464 2011-09-22] (Microsoft Corporation)
4 SQLBrowser; "C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe" [255336 2011-09-22] (Microsoft Corporation)
2 SQLWriter; "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [154984 2011-09-22] (Microsoft Corporation)
3 rpcapd; "C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini" [x]
2 WinDefend; C:\Program Files (x86)\Windows Defender\mpsvc.dll [x]

========================== Drivers (Whitelisted) =============

3 AR5416; C:\Windows\System32\DRIVERS\athwx.sys [2716768 2010-11-05] (Atheros Communications, Inc.)
2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [24408 2012-03-06] (AVAST Software)
1 aswFW; C:\Windows\System32\Drivers\aswFW.sys [141144 2012-03-06] (AVAST Software)
1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [28504 2012-03-06] (AVAST Software)
2 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [69976 2012-03-06] (AVAST Software)
0 aswNdis; C:\Windows\System32\Drivers\aswNdis.sys [12368 2012-03-06] (ALWIL Software)
0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [258904 2012-03-06] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [53080 2012-03-06] (AVAST Software)
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [819032 2012-03-06] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [337240 2012-03-06] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59224 2012-03-06] (AVAST Software)
3 DrvAgent64; C:\Windows\SysWow64\Drivers\DrvAgent64.sys [21712 2012-05-12] (Phoenix Technologies)
3 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [283200 2012-04-28] (DT Soft Ltd)
3 FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [21384 2012-01-05] (IObit)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24904 2012-04-04] (Malwarebytes Corporation)
3 NPF; C:\Windows\System32\Drivers\NPF.sys [35344 2011-02-11] (CACE Technologies, Inc.)
3 NPF; C:\Windows\SysWow64\Drivers\NPF.sys [30336 2003-04-04] (Politecnico di Torino)
3 RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [33184 2012-04-28] (IObit.com)
4 RsFx0105; C:\Windows\System32\Drivers\RsFx0105.sys [311144 2011-09-22] (Microsoft Corporation)
0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2010-11-26] ()
0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-04-28] (Duplex Secure Ltd.)
3 UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [21872 2012-04-28] (IObit.com)
3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
3 X6va005; \??\C:\Users\TM0N31~1\AppData\Local\Temp\0058AD5.tmp [x]
3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-06-06 14:37 - 2012-06-06 14:38 - 00000000 ____D C:\FRST
2012-06-06 09:51 - 2012-06-06 09:51 - 766103216 ____A C:\Windows\MEMORY.DMP
2012-06-06 09:51 - 2012-06-06 09:51 - 00262144 ____A C:\Windows\Minidump\060612-167295-01.dmp
2012-06-06 09:51 - 2012-06-06 09:51 - 00000352 ____A C:\Windows\PFRO.log
2012-06-06 09:51 - 2012-06-06 09:51 - 00000000 ____D C:\Windows\Minidump
2012-06-06 09:10 - 2012-06-06 09:13 - 00263054 ____A C:\TDSSKiller.2.7.36.0_06.06.2012_13.10.23_log.txt
2012-06-06 09:10 - 2012-06-06 09:10 - 04731392 ____A (AVAST Software) C:\Users\Tm0n31695\Desktop\aswMBR.exe
2012-06-06 09:09 - 2012-06-06 09:09 - 02127960 ____A (Kaspersky Lab ZAO) C:\Users\Tm0n31695\Desktop\tdsskiller.exe
2012-06-06 07:57 - 2012-06-06 07:57 - 04536354 ____R (Swearware) C:\Users\Tm0n31695\Desktop\ComboFix.exe
2012-06-06 07:51 - 2012-06-06 08:07 - 00000000 ___SD C:\32788R22FWJFW
2012-06-06 07:51 - 2012-06-06 07:51 - 00001361 ____A C:\Users\Tm0n31695\Desktop\checkup.txt
2012-06-06 07:27 - 2012-06-06 07:27 - 00853862 ____A C:\Users\Tm0n31695\Desktop\SecurityCheck.exe
2012-06-05 19:25 - 2012-06-05 19:25 - 00027367 ____A C:\Users\Tm0n31695\Desktop\DDS.txt
2012-06-05 19:25 - 2012-06-05 19:25 - 00009856 ____A C:\Users\Tm0n31695\Desktop\Attach.txt
2012-06-05 18:47 - 2012-06-05 18:47 - 00607260 ____R (Swearware) C:\Users\Tm0n31695\Desktop\dds.scr
2012-06-05 18:31 - 2012-06-05 19:26 - 00000000 ____D C:\Users\All Users\SecTaskMan
2012-06-05 18:13 - 2012-06-05 18:13 - 00000000 ____D C:\Program Files (x86)\ESET
2012-06-05 18:10 - 2012-06-05 18:11 - 00024642 ____A C:\Users\Tm0n31695\Desktop\Result.txt
2012-06-05 17:50 - 2012-06-05 17:50 - 00001117 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-05 17:50 - 2012-06-05 17:50 - 00000000 ____D C:\Users\Tm0n31695\AppData\Roaming\Malwarebytes
2012-06-05 17:50 - 2012-06-05 17:50 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-06-05 17:50 - 2012-06-05 17:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-05 17:50 - 2012-04-04 11:56 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-06-05 15:14 - 2012-06-06 09:51 - 00000224 ____A C:\Windows\setupact.log
2012-06-05 15:14 - 2012-06-05 15:14 - 00000000 ____A C:\Windows\setuperr.log
2012-06-05 14:54 - 2012-06-05 14:54 - 00001845 ____A C:\Users\Public\Desktop\avast! Internet Security.lnk
2012-06-05 14:54 - 2012-06-05 14:54 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2012-06-05 14:54 - 2012-03-06 15:15 - 00258520 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2012-06-05 14:54 - 2012-03-06 15:04 - 00819032 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2012-06-05 14:54 - 2012-03-06 15:04 - 00337240 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2012-06-05 14:54 - 2012-03-06 15:04 - 00141144 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFW.sys
2012-06-05 14:54 - 2012-03-06 15:03 - 00258904 ____A (AVAST Software) C:\Windows\System32\Drivers\aswNdis2.sys
2012-06-05 14:54 - 2012-03-06 15:02 - 00053080 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2012-06-05 14:54 - 2012-03-06 15:02 - 00028504 ____A (AVAST Software) C:\Windows\System32\Drivers\aswKbd.sys
2012-06-05 14:54 - 2012-03-06 15:01 - 00069976 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2012-06-05 14:54 - 2012-03-06 15:01 - 00059224 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2012-06-05 14:54 - 2012-03-06 15:01 - 00024408 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2012-06-05 14:53 - 2012-03-06 15:15 - 00201352 ____A (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
2012-06-05 14:53 - 2012-03-06 15:15 - 00041184 ____A (AVAST Software) C:\Windows\avastSS.scr
2012-06-05 14:53 - 2012-03-06 14:44 - 00012368 ____A (ALWIL Software) C:\Windows\System32\Drivers\aswNdis.sys
2012-06-05 11:56 - 2012-06-05 11:56 - 00000000 ____D C:\Users\Default\AppData\Roaming\IObit
2012-06-05 11:56 - 2012-06-05 11:56 - 00000000 ____D C:\Users\Default User\AppData\Roaming\IObit
2012-06-05 10:41 - 2012-06-05 14:53 - 00000000 ____D C:\Users\All Users\AVAST Software
2012-06-05 10:41 - 2012-06-05 14:53 - 00000000 ____D C:\Program Files\AVAST Software
2012-06-05 10:15 - 2012-06-05 10:53 - 03993600 ____A C:\Program Files (x86)\GUT5BA7.tmp
2012-06-05 10:15 - 2012-06-05 10:15 - 00000000 ____D C:\Program Files (x86)\GUM5BA6.tmp
2012-06-05 10:05 - 2011-12-22 12:11 - 00000833 ____A C:\Windows\System32\Drivers\etc\hosts
2012-06-04 19:15 - 2012-06-04 19:15 - 17473536 ____A C:\Windows\System32\config\system.iobit
2012-06-04 19:15 - 2012-06-04 19:15 - 121126912 ____A C:\Windows\System32\config\software.iobit
2012-06-04 19:15 - 2012-06-04 19:15 - 01372160 ____A C:\Windows\System32\config\default.iobit
2012-06-04 19:15 - 2012-06-04 19:15 - 00065536 ____A C:\Windows\System32\config\sam.iobit
2012-06-04 19:15 - 2012-06-04 19:15 - 00024576 ____A C:\Windows\System32\config\security.iobit
2012-06-04 16:01 - 2012-06-04 16:01 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-06-03 08:44 - 2012-06-03 08:46 - 00000000 ____D C:\Users\Tm0n31695\Desktop\Highschool DxD 1-12
2012-06-02 17:21 - 2012-06-02 17:21 - 00057425 ____A C:\Users\Tm0n31695\Desktop\1318623172711.png
2012-05-31 19:47 - 2012-05-31 19:47 - 00316216 ____A C:\Windows\Installer\MSIADB2.tmp
2012-05-31 19:47 - 2012-05-31 19:47 - 00014548 ____A C:\Windows\Installer\MSI9476.tmp
2012-05-31 15:16 - 2012-05-31 15:16 - 00000000 ____D C:\Windows\Sun
2012-05-31 15:12 - 2012-06-04 11:35 - 00000000 ____D C:\Program Files (x86)\SwiftKit
2012-05-31 15:12 - 2012-05-31 15:12 - 00001015 ____A C:\Users\Tm0n31695\Desktop\SwiftKit.lnk
2012-05-31 15:12 - 2012-05-31 15:12 - 00000000 ____D C:\Users\All Users\SwiftKit
2012-05-30 21:11 - 2012-05-30 21:11 - 00000000 ____D C:\Users\All Users\VS
2012-05-30 20:35 - 2012-05-30 20:35 - 00001081 ____A C:\Users\Tm0n31695\Desktop\FreeArc.lnk
2012-05-30 20:35 - 2012-05-30 20:35 - 00000000 ____D C:\Users\Tm0n31695\AppData\Roaming\FreeArc
2012-05-30 20:35 - 2012-05-30 20:35 - 00000000 ____D C:\Program Files (x86)\FreeArc
2012-05-30 13:09 - 2012-05-30 13:09 - 00000000 ____D C:\Windows\Installer\{5542B6FC-191D-4D38-A4AF-BED6451A038B}
2012-05-30 13:09 - 2012-05-30 13:09 - 00000000 ____D C:\Users\Default\AppData\LocalGoogle
2012-05-30 13:09 - 2012-05-30 13:09 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2012-05-30 13:09 - 2012-05-30 13:09 - 00000000 ____D C:\Users\Default User\AppData\LocalGoogle
2012-05-30 13:09 - 2012-05-30 13:09 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2012-05-29 12:42 - 2012-05-29 12:42 - 00000000 ____D C:\Users\Tm0n31695\AppData\Local\TVU Networks
2012-05-29 12:42 - 2012-05-29 12:42 - 00000000 ____D C:\Users\All Users\TVU Networks
2012-05-28 12:46 - 2012-05-28 12:46 - 01842439 ____A C:\Users\Tm0n31695\Desktop\1338229856110.jpg
2012-05-28 06:46 - 2012-05-28 06:46 - 00000000 ____D C:\Program Files (x86)\Magic ISO Maker
2012-05-28 06:20 - 2008-09-25 13:39 - 00270272 ____A (Stephan Schreiber) C:\Windows\System32\Drivers\ext2fs.sys
2012-05-28 06:20 - 2008-08-28 18:49 - 00080320 ____A (Stephan Schreiber) C:\Windows\System32\Drivers\ifsmount.sys
2012-05-28 06:20 - 2008-07-26 19:57 - 00281600 ____A (Stephan Schreiber) C:\Windows\System32\ifsdrives.dll
2012-05-28 06:20 - 2007-12-16 14:14 - 00083904 ____A (Stephan Schreiber) C:\Windows\System32\ifsdrives.exe
2012-05-28 06:20 - 2007-08-26 10:11 - 00000724 ____A C:\Windows\System32\ifsdrives_tasks.xml
2012-05-27 20:18 - 2012-04-23 05:19 - 02502608 ____A C:\Users\Tm0n31695\Desktop\wubi.exe
2012-05-26 06:35 - 2012-05-26 06:35 - 00000000 ____D C:\Users\Tm0n31695\Documents\CAPCOM
2012-05-26 06:24 - 2012-05-26 06:24 - 00226304 ____A (RAD Game Tools, Inc.) C:\Windows\SysWOW64\binkw32.dll
2012-05-24 21:17 - 2012-05-24 21:17 - 00179766 ____A C:\Users\Tm0n31695\Desktop\1337922501780.jpg
2012-05-24 21:02 - 2012-05-24 21:02 - 00194115 ____A C:\Users\Tm0n31695\Desktop\1337921091204.jpg
2012-05-24 21:00 - 2012-05-24 21:00 - 00064136 ____A C:\Users\Default\AppData\Local\GDIPFONTCACHEV1.DAT
2012-05-24 21:00 - 2012-05-24 21:00 - 00064136 ____A C:\Users\Default User\AppData\Local\GDIPFONTCACHEV1.DAT
2012-05-24 21:00 - 2012-05-24 21:00 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2012-05-24 21:00 - 2012-05-24 21:00 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2012-05-24 20:53 - 2012-05-24 20:53 - 00000000 ____D C:\Windows\Installer\{C688457E-03FD-4941-923B-A27F4D42A7DD}
2012-05-24 20:53 - 2012-05-24 20:53 - 00000000 ____D C:\Windows\Installer\{ADBD6E65-46CB-4A97-9AFB-64963FEACC40}
2012-05-24 20:53 - 2012-05-24 20:53 - 00000000 ____D C:\Windows\Installer\{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}
2012-05-24 20:53 - 2012-05-24 20:53 - 00000000 ____D C:\Windows\Installer\{0826F9E4-787E-481D-83E0-BC6A57B056D5}
2012-05-24 20:53 - 2012-05-24 20:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2012-05-24 20:53 - 2011-09-22 17:07 - 00105832 ____A (Microsoft Corporation) C:\Windows\System32\SQSRVRES.DLL
2012-05-24 20:53 - 2011-09-22 17:06 - 00109416 ____A (Microsoft Corporation) C:\Windows\System32\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll
2012-05-24 20:53 - 2011-09-22 13:18 - 00073064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll
2012-05-24 20:52 - 2012-05-24 20:52 - 00000000 ____D C:\Windows\Installer\{6292D514-17A4-403F-98F9-E150F10C043D}
2012-05-24 20:52 - 2012-05-24 20:52 - 00000000 ____D C:\Windows\Installer\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}
2012-05-24 20:49 - 2012-05-24 20:49 - 20343808 ___RA C:\Windows\Installer\5a8d1f5.msp
2012-05-24 20:29 - 2012-05-24 20:29 - 00000971 ____A C:\Users\Tm0n31695\Desktop\Nmap - Zenmap GUI.lnk
2012-05-24 20:27 - 2012-05-24 20:27 - 00000000 ____D C:\Program Files (x86)\Nmap
2012-05-24 20:00 - 2009-07-22 00:17 - 00078872 ____A (Microsoft Corporation) C:\Windows\System32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2012-05-24 20:00 - 2009-07-22 00:17 - 00050200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2012-05-24 19:59 - 2012-05-24 19:59 - 00000000 ____D C:\Windows\SysWOW64\1033
2012-05-24 19:59 - 2012-05-24 19:59 - 00000000 ____D C:\Windows\System32\RsFx
2012-05-24 19:59 - 2012-05-24 19:59 - 00000000 ____D C:\Windows\System32\1033
2012-05-24 19:59 - 2012-05-24 19:59 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2012-05-24 19:57 - 2012-05-24 20:52 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2012-05-24 19:57 - 2012-05-24 20:52 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2012-05-24 19:55 - 2012-05-24 20:17 - 00000000 ____D C:\Users\Tm0n31695\Documents\Visual Studio 2010
2012-05-24 19:55 - 2012-05-24 19:55 - 00000000 ____D C:\Windows\Installer\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}
2012-05-24 19:55 - 2012-05-24 19:55 - 00000000 ____D C:\Windows\Installer\{3A9FC03D-C685-4831-94CF-4EDFD3749497}
2012-05-24 19:55 - 2012-05-24 19:55 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2012-05-24 19:55 - 2012-05-24 19:55 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2012-05-24 19:55 - 2012-05-24 19:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2012-05-24 19:55 - 2012-05-24 19:55 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-05-24 19:53 - 2012-05-24 19:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2012-05-24 19:53 - 2012-05-24 19:53 - 00000000 ____D C:\Windows\symbols
2012-05-24 19:53 - 2012-05-24 19:53 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2012-05-24 19:53 - 2012-05-24 19:53 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2012-05-24 19:53 - 2012-05-24 19:53 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2012-05-24 19:52 - 2012-05-24 19:52 - 00000000 ____D C:\Windows\PCHEALTH
2012-05-24 19:36 - 2012-05-30 21:05 - 00000000 ____D C:\Program Files\Apache Software Foundation
2012-05-24 19:34 - 2012-05-24 19:34 - 00000000 ____D C:\Users\Tm0n31695\.m2
2012-05-24 19:33 - 2012-05-30 21:03 - 00000000 ____D C:\Users\Tm0n31695\.netbeans
2012-05-24 19:28 - 2012-05-24 19:28 - 00461312 ____A C:\Windows\Installer\55d3025.msi
2012-05-24 19:28 - 2012-05-24 19:28 - 00440832 ____A C:\Windows\Installer\55d3020.msi
2012-05-24 19:28 - 2012-05-24 19:28 - 00000000 ____D C:\Windows\Installer\{2222706F-666A-4037-7777-210328764D10}
2012-05-24 19:28 - 2012-05-24 19:28 - 00000000 ____D C:\Windows\Installer\{1111706F-666A-4037-7777-210328764D10}
2012-05-24 19:28 - 2012-05-24 19:28 - 00000000 ____D C:\Program Files (x86)\Oracle
2012-05-24 19:27 - 2012-05-24 19:27 - 00439296 ____A C:\Windows\Installer\55d3005.msi
2012-05-24 19:27 - 2012-05-24 19:27 - 00179200 ____A C:\Windows\Installer\55d301b.msi
2012-05-24 19:27 - 2012-04-04 14:47 - 00772504 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-05-24 19:09 - 2012-05-30 21:07 - 00000000 ____D C:\Users\Tm0n31695\.nbi
2012-05-24 18:46 - 2012-05-26 20:37 - 00000000 ____D C:\Users\Tm0n31695\Desktop\herp
2012-05-23 11:00 - 2012-05-23 11:14 - 00000700 ____A C:\Users\Tm0n31695\umbrella0.log
2012-05-20 22:36 - 2012-05-26 18:26 - 00000024 ____A C:\Users\Tm0n31695\jagexappletviewer.preferences
2012-05-20 22:36 - 2012-05-20 22:36 - 00000000 ____D C:\.jagex_cache_32
2012-05-20 20:57 - 2012-05-20 20:57 - 00002084 ____A C:\Users\Tm0n31695\Desktop\RuneScape.lnk
2012-05-20 20:46 - 2012-05-20 20:46 - 23642112 ____A C:\Windows\Installer\4c1c58b.msi
2012-05-20 20:39 - 2012-05-20 20:39 - 00034308 ____A C:\Users\Tm0n31695\Desktop\b1f939a2bd4c885dd386970a33c5c23f.gif
2012-05-20 19:42 - 2012-05-20 19:42 - 00243791 ____A C:\Users\Tm0n31695\Desktop\1337566136960.gif
2012-05-18 22:23 - 2012-05-18 22:23 - 00000000 ____D C:\Users\Tm0n31695\Desktop\Polygon Love 2
2012-05-18 22:20 - 2012-05-18 22:20 - 00022016 ____A C:\Windows\Installer\4d18b3.msi
2012-05-18 22:20 - 2012-05-18 22:20 - 00000000 ____D C:\Program Files (x86)\Adobe Download Assistant
2012-05-17 19:42 - 2012-05-17 19:44 - 00000000 ____D C:\Users\Tm0n31695\AppData\Roaming\Mp3tag
2012-05-17 19:41 - 2012-05-17 19:41 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2012-05-17 16:31 - 2012-05-17 16:31 - 12476928 ____A C:\Windows\Installer\32179d.msi
2012-05-17 14:37 - 2012-05-17 14:37 - 00002279 ____A C:\Users\Tm0n31695\Documents\New Database.odb
2012-05-16 12:33 - 2012-05-16 12:33 - 00000000 ____D C:\Users\Tm0n31695\AppData\Roaming\OpenOffice.org
2012-05-16 12:31 - 2012-05-16 12:31 - 00001168 ____A C:\Users\Public\Desktop\OpenOffice.org 3.4.lnk
2012-05-16 12:31 - 2012-05-16 12:31 - 00000000 ____D C:\Windows\Installer\{51071D66-D034-4239-94E0-723FCA10B6FE}
2012-05-16 12:31 - 2012-05-16 12:31 - 00000000 ____D C:\Program Files (x86)\OpenOffice.org 3
2012-05-16 11:21 - 2012-05-16 11:21 - 00000000 ____D C:\Users\Tm0n31695\Documents\Diablo III
2012-05-16 11:21 - 2012-05-16 11:21 - 00000000 ____D C:\Users\All Users\Blizzard Entertainment
2012-05-16 11:19 - 2012-05-16 11:19 - 00000000 ____D C:\Users\All Users\Battle.net
2012-05-16 11:18 - 2012-05-16 11:18 - 00001282 ____A C:\Users\Tm0n31695\Desktop\Diablo.III.Collectors.Edition.lnk
2012-05-16 11:11 - 2012-05-16 11:11 - 00000000 ____D C:\Program Files (x86)\Games
2012-05-15 20:02 - 2012-05-31 16:44 - 00000000 ___SD C:\Users\Tm0n31695\Google Drive
2012-05-15 19:58 - 2012-05-15 19:58 - 00000000 ____D C:\Users\Tm0n31695\AppData\LocalGoogle
2012-05-15 19:57 - 2012-06-06 10:02 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-05-15 19:57 - 2012-06-06 09:53 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-05-15 19:57 - 2012-05-15 19:58 - 00000000 ____D C:\Program Files (x86)\Google
2012-05-15 19:57 - 2012-05-15 19:57 - 00025600 ____A C:\Windows\Installer\60d5c.msi
2012-05-15 19:47 - 2012-05-15 19:49 - 00000000 ____D C:\Users\Tm0n31695\AppData\Roaming\DMCache
2012-05-15 14:51 - 2012-05-15 14:51 - 08074240 ____A C:\Windows\Installer\239a276.msi
2012-05-14 20:10 - 2012-05-14 20:10 - 00000021 ____A C:\Windows\tpcsd
2012-05-14 19:51 - 2012-04-01 21:34 - 05504880 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-05-14 19:51 - 2012-04-01 20:46 - 03958128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-05-14 19:51 - 2012-04-01 20:46 - 03902320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-05-14 19:51 - 2012-04-01 19:01 - 03143680 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-05-14 19:51 - 2012-03-16 23:55 - 00075632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2012-05-14 19:51 - 2012-03-02 22:29 - 01837568 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2012-05-14 19:51 - 2012-03-02 22:29 - 01541120 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-05-14 19:51 - 2012-03-02 22:29 - 00902656 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2012-05-14 19:51 - 2012-03-02 22:29 - 00320512 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2012-05-14 19:51 - 2012-03-02 22:29 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2012-05-14 19:51 - 2012-03-02 21:40 - 01170944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2012-05-14 19:51 - 2012-03-02 21:40 - 01074176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-05-14 19:51 - 2012-03-02 21:40 - 00739840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2012-05-14 19:51 - 2012-03-02 21:40 - 00218624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2012-05-14 19:51 - 2012-03-02 21:40 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2012-05-14 19:45 - 2012-03-30 03:09 - 01895280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-05-14 19:31 - 2012-05-31 20:04 - 00000000 ___RD C:\Users\Tm0n31695\Dropbox
2012-05-14 19:29 - 2012-05-31 20:06 - 00000000 ____D C:\Users\Tm0n31695\AppData\Roaming\Dropbox
2012-05-14 19:10 - 2012-05-23 11:26 - 00000000 ____D C:\Windows\Installer\{CF8FFD12-602B-422D-AF1D-511B411E7632}
2012-05-14 19:09 - 2012-05-14 19:10 - 00000000 ____D C:\Program Files\iTunes
2012-05-14 19:09 - 2012-05-14 19:10 - 00000000 ____D C:\Program Files (x86)\iTunes
2012-05-14 19:09 - 2012-05-14 19:09 - 00000000 ____D C:\Program Files\iPod
2012-05-14 15:27 - 2012-05-14 15:27 - 00000000 ____D C:\Program Files (x86)\Atheros
2012-05-14 15:27 - 2010-11-02 15:00 - 02380448 ____A (Atheros Communications, Inc.) C:\Windows\System32\Drivers\athrx.sys
2012-05-14 14:52 - 2012-05-14 14:55 - 00000004 ____A C:\Users\Tm0n31695\AppData\Local\ThermaDataLogger.lock
2012-05-14 14:51 - 2012-05-14 14:51 - 00000000 ____D C:\Program Files (x86)\Silabs
2012-05-14 14:50 - 2012-05-14 14:51 - 00000000 ____D C:\Windows\SysWOW64\Silabs
2012-05-13 13:28 - 2012-06-05 19:54 - 00009863 ____A C:\Users\Tm0n31695\AppData\Local\HWVendorDetection.log
2012-05-13 13:10 - 2012-06-06 08:19 - 00000000 ____D C:\Users\Tm0n31695\AppData\Local\ElevatedDiagnostics
2012-05-13 08:23 - 2012-05-13 08:23 - 00000000 ____D C:\Users\Tm0n31695\AppData\Roaming\DRPSu
2012-05-12 23:42 - 2012-05-12 23:42 - 00000000 ____D C:\Users\Tm0n31695\AppData\Roaming\TuneUp Software
2012-05-12 23:40 - 2012-05-13 13:59 - 00000000 ____D C:\Users\All Users\TuneUp Software
2012-05-12 23:40 - 2012-05-12 23:40 - 02822144 ____A C:\Windows\Installer\186537.msi
2012-05-12 23:35 - 2012-05-12 23:35 - 00000000 __SHD C:\Users\All Users\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-05-12 23:28 - 2012-05-12 23:28 - 00000000 ____D C:\Program Files\K-Lite Codec Pack x64
2012-05-12 23:28 - 2012-05-12 23:28 - 00000000 ____D C:\Program Files (x86)\7-Zip
2012-05-12 23:28 - 2012-02-15 10:00 - 00092160 ____A C:\Windows\System32\ff_vfw.dll
2012-05-12 23:28 - 2011-03-02 03:43 - 00203264 ____A C:\Windows\System32\unrar.dll
2012-05-12 23:27 - 2012-05-12 16:50 - 00039656 ____A C:\Windows\System32\OEMLOGO.bmp
2012-05-12 22:33 - 2012-05-12 22:41 - 00000000 ____D C:\Users\Tm0n31695\.frostwire5
2012-05-12 22:33 - 2012-05-12 22:34 - 00000000 ____D C:\Users\Tm0n31695\FrostWire
2012-05-12 21:53 - 2012-05-12 21:53 - 00021712 ____A (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2012-05-12 21:53 - 2012-05-12 21:53 - 00000000 ____D C:\Users\Tm0n31695\AppData\Local\eSupport.com
2012-05-12 21:53 - 2012-05-12 21:51 - 00624672 ____A (Copyright 2010 eSupport.com. All Rights Reserved.) C:\Users\Tm0n31695\Desktop\biosagentplus_1067.exe
2012-05-12 21:46 - 2011-05-20 00:53 - 00557848 ____A (Intel Corporation) C:\Windows\System32\Drivers\iaStor.sys
2012-05-12 21:46 - 2010-11-05 08:50 - 02716768 ____A (Atheros Communications, Inc.) C:\Windows\System32\Drivers\athwx.sys
2012-05-12 21:45 - 2011-03-23 06:20 - 00077936 ____A (Atheros Communications, Inc.) C:\Windows\System32\Drivers\L1C62x64.sys
2012-05-12 21:44 - 2011-08-23 05:12 - 00317440 ____A (Intel® Corporation) C:\Windows\System32\Drivers\IntcDAud.sys
2012-05-12 21:44 - 2011-08-23 05:12 - 00014848 ____A (Intel® Corporation) C:\Windows\System32\IntcDAuC.dll
2012-05-12 21:44 - 2010-02-26 15:32 - 00158976 ____A (Intel Corporation) C:\Windows\System32\Drivers\Impcd.sys
2012-05-12 16:55 - 2012-05-12 16:55 - 01122816 ____A C:\Windows\Installer\1863c7.msi
2012-05-12 08:57 - 2012-05-12 08:58 - 00000000 ____D C:\Program Files (x86)\GCFExplorer
2012-05-12 08:56 - 2012-05-12 09:36 - 00000000 ____D C:\Program Files (x86)\CFToolbox
2012-05-12 07:24 - 2012-05-12 07:24 - 00001690 ____A C:\Users\Tm0n31695\Desktop\Audiosurf.lnk
2012-05-12 07:22 - 2012-05-12 10:50 - 00000000 ___RD C:\Users\Tm0n31695\Desktop\AudioSurf
2012-05-11 20:57 - 2012-05-12 21:58 - 00000000 ____D C:\Users\Tm0n31695\Downloads\Garry's-Mod 11
2012-05-11 19:56 - 2012-05-11 19:57 - 00000000 ____D C:\Users\Tm0n31695\AppData\Roaming\PFStaticIP
2012-05-11 19:55 - 2012-05-11 20:03 - 00000000 ____D C:\Program Files (x86)\PFStaticIP
2012-05-11 19:55 - 2012-05-11 19:55 - 00000000 ____D C:\Users\Tm0n31695\AppData\Local\APN
2012-05-09 13:29 - 2012-05-09 13:33 - 00000000 ____D C:\Users\Tm0n31695\AppData\Roaming\X-Chat 2
2012-05-09 13:29 - 2012-05-09 13:29 - 00001837 ____A C:\Users\Tm0n31695\Desktop\XChat.lnk
2012-05-09 13:29 - 2012-05-09 13:29 - 00000000 ____D C:\Program Files (x86)\xchat

============ 3 Months Modified Files and Folders =============

2012-06-06 10:35 - 2012-04-09 16:35 - 1929311 ____A C:\Windows\WindowsUpdate.log
2012-06-06 10:18 - 2012-04-09 17:13 - 0000924 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1209137320-2403953631-2894671897-1000UA.job
2012-06-06 10:11 - 2012-04-09 17:16 - 0000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-06-06 10:02 - 2012-05-15 19:57 - 0000904 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-06-06 09:54 - 2012-04-09 19:24 - 0000000 ____D C:\Users\All Users\boost_interprocess
2012-06-06 09:53 - 2012-05-15 19:57 - 0000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-06-06 09:51 - 2012-06-06 09:51 - 766103216 ____A C:\Windows\MEMORY.DMP
2012-06-06 09:51 - 2012-06-06 09:51 - 0262144 ____A C:\Windows\Minidump\060612-167295-01.dmp
2012-06-06 09:51 - 2012-06-06 09:51 - 0000352 ____A C:\Windows\PFRO.log
2012-06-06 09:51 - 2012-06-06 09:51 - 0000000 ____D C:\Windows\Minidump
2012-06-06 09:51 - 2012-06-05 15:14 - 0000224 ____A C:\Windows\setupact.log
2012-06-06 09:51 - 2012-03-28 23:48 - 277987328 __ASH C:\hiberfil.sys
2012-06-06 09:51 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-06-06 09:13 - 2012-06-06 09:10 - 0263054 ____A C:\TDSSKiller.2.7.36.0_06.06.2012_13.10.23_log.txt
2012-06-06 09:10 - 2012-06-06 09:10 - 4731392 ____A (AVAST Software) C:\Users\Tm0n31695\Desktop\aswMBR.exe
2012-06-06 09:09 - 2012-06-06 09:09 - 2127960 ____A (Kaspersky Lab ZAO) C:\Users\Tm0n31695\Desktop\tdsskiller.exe
2012-06-06 09:09 - 2012-04-09 16:20 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\vlc
2012-06-06 08:19 - 2012-05-13 13:10 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\ElevatedDiagnostics
2012-06-06 08:07 - 2012-06-06 07:51 - 0000000 ___SD C:\32788R22FWJFW
2012-06-06 08:07 - 2009-07-13 21:08 - 0030128 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-06-06 07:57 - 2012-06-06 07:57 - 4536354 ____R (Swearware) C:\Users\Tm0n31695\Desktop\ComboFix.exe
2012-06-06 07:51 - 2012-06-06 07:51 - 0001361 ____A C:\Users\Tm0n31695\Desktop\checkup.txt
2012-06-06 07:27 - 2012-06-06 07:27 - 0853862 ____A C:\Users\Tm0n31695\Desktop\SecurityCheck.exe
2012-06-05 19:54 - 2012-05-13 13:28 - 0009863 ____A C:\Users\Tm0n31695\AppData\Local\HWVendorDetection.log
2012-06-05 19:49 - 2009-07-13 20:45 - 0009584 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-06-05 19:49 - 2009-07-13 20:45 - 0009584 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-06-05 19:26 - 2012-06-05 18:31 - 0000000 ____D C:\Users\All Users\SecTaskMan
2012-06-05 19:25 - 2012-06-05 19:25 - 0027367 ____A C:\Users\Tm0n31695\Desktop\DDS.txt
2012-06-05 19:25 - 2012-06-05 19:25 - 0009856 ____A C:\Users\Tm0n31695\Desktop\Attach.txt
2012-06-05 18:47 - 2012-06-05 18:47 - 0607260 ____R (Swearware) C:\Users\Tm0n31695\Desktop\dds.scr
2012-06-05 18:13 - 2012-06-05 18:13 - 0000000 ____D C:\Program Files (x86)\ESET
2012-06-05 18:11 - 2012-06-05 18:10 - 0024642 ____A C:\Users\Tm0n31695\Desktop\Result.txt
2012-06-05 17:50 - 2012-06-05 17:50 - 0001117 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-05 17:50 - 2012-06-05 17:50 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\Malwarebytes
2012-06-05 17:50 - 2012-06-05 17:50 - 0000000 ____D C:\Users\All Users\Malwarebytes
2012-06-05 17:50 - 2012-06-05 17:50 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-05 17:18 - 2012-04-09 17:13 - 0000872 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1209137320-2403953631-2894671897-1000Core.job
2012-06-05 16:59 - 2012-04-09 16:20 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\uTorrent
2012-06-05 16:58 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2012-06-05 15:14 - 2012-06-05 15:14 - 0000000 ____A C:\Windows\setuperr.log
2012-06-05 15:08 - 2012-04-09 15:30 - 0000000 ____D C:\users\Tm0n31695
2012-06-05 14:54 - 2012-06-05 14:54 - 0001845 ____A C:\Users\Public\Desktop\avast! Internet Security.lnk
2012-06-05 14:54 - 2012-06-05 14:54 - 0000000 ____A C:\Windows\SysWOW64\config.nt
2012-06-05 14:53 - 2012-06-05 10:41 - 0000000 ____D C:\Users\All Users\AVAST Software
2012-06-05 14:53 - 2012-06-05 10:41 - 0000000 ____D C:\Program Files\AVAST Software
2012-06-05 13:03 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\config\TxR
2012-06-05 11:56 - 2012-06-05 11:56 - 0000000 ____D C:\Users\Default\AppData\Roaming\IObit
2012-06-05 11:56 - 2012-06-05 11:56 - 0000000 ____D C:\Users\Default User\AppData\Roaming\IObit
2012-06-05 10:53 - 2012-06-05 10:15 - 3993600 ____A C:\Program Files (x86)\GUT5BA7.tmp
2012-06-05 10:15 - 2012-06-05 10:15 - 0000000 ____D C:\Program Files (x86)\GUM5BA6.tmp
2012-06-04 19:43 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\NDF
2012-06-04 19:17 - 2012-04-03 18:26 - 0000000 ____D C:\Program Files (x86)\Steam
2012-06-04 19:15 - 2012-06-04 19:15 - 17473536 ____A C:\Windows\System32\config\system.iobit
2012-06-04 19:15 - 2012-06-04 19:15 - 1372160 ____A C:\Windows\System32\config\default.iobit
2012-06-04 19:15 - 2012-06-04 19:15 - 121126912 ____A C:\Windows\System32\config\software.iobit
2012-06-04 19:15 - 2012-06-04 19:15 - 0065536 ____A C:\Windows\System32\config\sam.iobit
2012-06-04 19:15 - 2012-06-04 19:15 - 0024576 ____A C:\Windows\System32\config\security.iobit
2012-06-04 16:01 - 2012-06-04 16:01 - 0000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-06-04 14:41 - 2012-04-11 21:13 - 0000024 ____A C:\Users\Tm0n31695\random.dat
2012-06-04 11:41 - 2012-04-11 21:13 - 0000048 ____A C:\Users\Tm0n31695\jagex_cl_runescape_LIVE.dat
2012-06-04 11:35 - 2012-05-31 15:12 - 0000000 ____D C:\Program Files (x86)\SwiftKit
2012-06-03 20:13 - 2012-04-10 05:19 - 0466350 ____A C:\Windows\System32\prfh0404.dat
2012-06-03 20:13 - 2012-04-10 05:19 - 0139422 ____A C:\Windows\System32\prfc0404.dat
2012-06-03 20:13 - 2012-04-10 05:03 - 0809442 ____A C:\Windows\System32\perfh00A.dat
2012-06-03 20:13 - 2012-04-10 05:03 - 0182606 ____A C:\Windows\System32\perfc00A.dat
2012-06-03 20:13 - 2012-04-10 04:49 - 0456926 ____A C:\Windows\System32\perfh00D.dat
2012-06-03 20:13 - 2012-04-10 04:49 - 0109182 ____A C:\Windows\System32\perfc00D.dat
2012-06-03 20:13 - 2012-04-10 04:37 - 0720896 ____A C:\Windows\System32\perfh01F.dat
2012-06-03 20:13 - 2012-04-10 04:37 - 0164160 ____A C:\Windows\System32\perfc01F.dat
2012-06-03 20:13 - 2012-04-10 04:25 - 0493518 ____A C:\Windows\System32\perfh012.dat
2012-06-03 20:13 - 2012-04-10 04:25 - 0144764 ____A C:\Windows\System32\perfc012.dat
2012-06-03 20:13 - 2012-04-10 04:13 - 0573440 ____A C:\Windows\System32\perfh006.dat
2012-06-03 20:13 - 2012-04-10 04:13 - 0122754 ____A C:\Windows\System32\perfc006.dat
2012-06-03 20:13 - 2012-04-10 04:03 - 0793134 ____A C:\Windows\System32\prfh0816.dat
2012-06-03 20:13 - 2012-04-10 04:03 - 0177170 ____A C:\Windows\System32\prfc0816.dat
2012-06-03 20:13 - 2012-04-10 03:35 - 0449248 ____A C:\Windows\System32\prfh0804.dat
2012-06-03 20:13 - 2012-04-10 03:35 - 0144336 ____A C:\Windows\System32\prfc0804.dat
2012-06-03 20:13 - 2012-04-10 03:25 - 0807312 ____A C:\Windows\System32\perfh013.dat
2012-06-03 20:13 - 2012-04-10 03:25 - 0177198 ____A C:\Windows\System32\perfc013.dat
2012-06-03 20:13 - 2012-04-10 03:15 - 0727882 ____A C:\Windows\System32\perfh01D.dat
2012-06-03 20:13 - 2012-04-10 03:15 - 0166756 ____A C:\Windows\System32\perfc01D.dat
2012-06-03 20:13 - 2012-04-10 03:05 - 0760882 ____A C:\Windows\System32\perfh007.dat
2012-06-03 20:13 - 2012-04-10 03:05 - 0173064 ____A C:\Windows\System32\perfc007.dat
2012-06-03 20:13 - 2012-04-10 02:55 - 0732638 ____A C:\Windows\System32\perfh005.dat
2012-06-03 20:13 - 2012-04-10 02:55 - 0165378 ____A C:\Windows\System32\perfc005.dat
2012-06-03 20:13 - 2012-04-10 02:21 - 0788666 ____A C:\Windows\System32\perfh019.dat
2012-06-03 20:13 - 2012-04-10 02:21 - 0174762 ____A C:\Windows\System32\perfc019.dat
2012-06-03 20:13 - 2012-04-10 02:03 - 0804134 ____A C:\Windows\System32\perfh010.dat
2012-06-03 20:13 - 2012-04-10 02:03 - 0171070 ____A C:\Windows\System32\perfc010.dat
2012-06-03 20:13 - 2012-04-10 01:52 - 0558716 ____A C:\Windows\System32\perfh014.dat
2012-06-03 20:13 - 2012-04-10 01:52 - 0119564 ____A C:\Windows\System32\perfc014.dat
2012-06-03 20:13 - 2012-04-10 01:32 - 0670818 ____A C:\Windows\System32\perfh008.dat
2012-06-03 20:13 - 2012-04-10 01:32 - 0135274 ____A C:\Windows\System32\perfc008.dat
2012-06-03 20:13 - 2012-04-10 01:15 - 0777922 ____A C:\Windows\System32\prfh0416.dat
2012-06-03 20:13 - 2012-04-10 01:15 - 0171762 ____A C:\Windows\System32\prfc0416.dat
2012-06-03 20:13 - 2012-04-10 00:49 - 0804136 ____A C:\Windows\System32\perfh015.dat
2012-06-03 20:13 - 2012-04-10 00:49 - 0179882 ____A C:\Windows\System32\perfc015.dat
2012-06-03 20:13 - 2012-04-10 00:23 - 0809598 ____A C:\Windows\System32\perfh00C.dat
2012-06-03 20:13 - 2012-04-10 00:23 - 0543360 ____A C:\Windows\System32\perfh001.dat
2012-06-03 20:13 - 2012-04-10 00:23 - 0173574 ____A C:\Windows\System32\perfc00C.dat
2012-06-03 20:13 - 2012-04-10 00:23 - 0119072 ____A C:\Windows\System32\perfc001.dat
2012-06-03 20:13 - 2012-04-10 00:10 - 0747620 ____A C:\Windows\System32\perfh00E.dat
2012-06-03 20:13 - 2012-04-10 00:10 - 0195266 ____A C:\Windows\System32\perfc00E.dat
2012-06-03 20:13 - 2012-04-09 23:39 - 0545580 ____A C:\Windows\System32\perfh00B.dat
2012-06-03 20:13 - 2012-04-09 23:39 - 0125414 ____A C:\Windows\System32\perfc00B.dat
2012-06-03 20:13 - 2012-04-09 21:33 - 0481924 ____A C:\Windows\System32\perfh011.dat
2012-06-03 20:13 - 2012-04-09 21:33 - 0146476 ____A C:\Windows\System32\perfc011.dat
2012-06-03 20:13 - 2009-07-13 21:13 - 19597452 ____A C:\Windows\System32\PerfStringBackup.INI
2012-06-03 18:48 - 2012-04-20 14:32 - 0000000 ____D C:\Users\Tm0n31695\Documents\Vegas Movie Studio HD Platinum 11.0 Projects
2012-06-03 18:48 - 2012-04-14 15:22 - 0000000 ____D C:\Users\Tm0n31695\Desktop\cp
2012-06-03 08:46 - 2012-06-03 08:44 - 0000000 ____D C:\Users\Tm0n31695\Desktop\Highschool DxD 1-12
2012-06-02 17:21 - 2012-06-02 17:21 - 0057425 ____A C:\Users\Tm0n31695\Desktop\1318623172711.png
2012-05-31 20:06 - 2012-05-14 19:29 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\Dropbox
2012-05-31 20:04 - 2012-05-14 19:31 - 0000000 ___RD C:\Users\Tm0n31695\Dropbox
2012-05-31 19:47 - 2012-05-31 19:47 - 0316216 ____A C:\Windows\Installer\MSIADB2.tmp
2012-05-31 19:47 - 2012-05-31 19:47 - 0014548 ____A C:\Windows\Installer\MSI9476.tmp
2012-05-31 16:44 - 2012-05-15 20:02 - 0000000 ___SD C:\Users\Tm0n31695\Google Drive
2012-05-31 15:16 - 2012-05-31 15:16 - 0000000 ____D C:\Windows\Sun
2012-05-31 15:12 - 2012-05-31 15:12 - 0001015 ____A C:\Users\Tm0n31695\Desktop\SwiftKit.lnk
2012-05-31 15:12 - 2012-05-31 15:12 - 0000000 ____D C:\Users\All Users\SwiftKit
2012-05-30 21:19 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\Microsoft Shared
2012-05-30 21:14 - 2012-04-28 16:17 - 0000000 ____D C:\Program Files (x86)\MagicISO
2012-05-30 21:11 - 2012-05-30 21:11 - 0000000 ____D C:\Users\All Users\VS
2012-05-30 21:07 - 2012-05-24 19:09 - 0000000 ____D C:\Users\Tm0n31695\.nbi
2012-05-30 21:05 - 2012-05-24 19:36 - 0000000 ____D C:\Program Files\Apache Software Foundation
2012-05-30 21:03 - 2012-05-24 19:33 - 0000000 ____D C:\Users\Tm0n31695\.netbeans
2012-05-30 21:00 - 2012-04-09 16:20 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\DAEMON Tools Lite
2012-05-30 20:35 - 2012-05-30 20:35 - 0001081 ____A C:\Users\Tm0n31695\Desktop\FreeArc.lnk
2012-05-30 20:35 - 2012-05-30 20:35 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\FreeArc
2012-05-30 20:35 - 2012-05-30 20:35 - 0000000 ____D C:\Program Files (x86)\FreeArc
2012-05-30 13:09 - 2012-05-30 13:09 - 0000000 ____D C:\Windows\Installer\{5542B6FC-191D-4D38-A4AF-BED6451A038B}
2012-05-30 13:09 - 2012-05-30 13:09 - 0000000 ____D C:\Users\Default\AppData\LocalGoogle
2012-05-30 13:09 - 2012-05-30 13:09 - 0000000 ____D C:\Users\Default\AppData\Local\Google
2012-05-30 13:09 - 2012-05-30 13:09 - 0000000 ____D C:\Users\Default User\AppData\LocalGoogle
2012-05-30 13:09 - 2012-05-30 13:09 - 0000000 ____D C:\Users\Default User\AppData\Local\Google
2012-05-29 12:42 - 2012-05-29 12:42 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\TVU Networks
2012-05-29 12:42 - 2012-05-29 12:42 - 0000000 ____D C:\Users\All Users\TVU Networks
2012-05-29 12:42 - 2012-04-09 15:30 - 0000000 ____D C:\Users\Tm0n31695\AppData\LocalLow
2012-05-28 12:46 - 2012-05-28 12:46 - 1842439 ____A C:\Users\Tm0n31695\Desktop\1338229856110.jpg
2012-05-28 06:46 - 2012-05-28 06:46 - 0000000 ____D C:\Program Files (x86)\Magic ISO Maker
2012-05-26 20:37 - 2012-05-24 18:46 - 0000000 ____D C:\Users\Tm0n31695\Desktop\herp
2012-05-26 18:26 - 2012-05-20 22:36 - 0000024 ____A C:\Users\Tm0n31695\jagexappletviewer.preferences
2012-05-26 07:01 - 2012-04-09 16:11 - 0000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-05-26 06:35 - 2012-05-26 06:35 - 0000000 ____D C:\Users\Tm0n31695\Documents\CAPCOM
2012-05-26 06:24 - 2012-05-26 06:24 - 0226304 ____A (RAD Game Tools, Inc.) C:\Windows\SysWOW64\binkw32.dll
2012-05-24 21:35 - 2009-07-13 20:45 - 4857056 ____A C:\Windows\System32\FNTCACHE.DAT
2012-05-24 21:17 - 2012-05-24 21:17 - 0179766 ____A C:\Users\Tm0n31695\Desktop\1337922501780.jpg
2012-05-24 21:04 - 2012-04-09 20:31 - 57848688 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-05-24 21:02 - 2012-05-24 21:02 - 0194115 ____A C:\Users\Tm0n31695\Desktop\1337921091204.jpg
2012-05-24 21:00 - 2012-05-24 21:00 - 0064136 ____A C:\Users\Default\AppData\Local\GDIPFONTCACHEV1.DAT
2012-05-24 21:00 - 2012-05-24 21:00 - 0064136 ____A C:\Users\Default User\AppData\Local\GDIPFONTCACHEV1.DAT
2012-05-24 21:00 - 2012-05-24 21:00 - 0000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2012-05-24 21:00 - 2012-05-24 21:00 - 0000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2012-05-24 20:53 - 2012-05-24 20:53 - 0000000 ____D C:\Windows\Installer\{C688457E-03FD-4941-923B-A27F4D42A7DD}
2012-05-24 20:53 - 2012-05-24 20:53 - 0000000 ____D C:\Windows\Installer\{ADBD6E65-46CB-4A97-9AFB-64963FEACC40}
2012-05-24 20:53 - 2012-05-24 20:53 - 0000000 ____D C:\Windows\Installer\{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}
2012-05-24 20:53 - 2012-05-24 20:53 - 0000000 ____D C:\Windows\Installer\{0826F9E4-787E-481D-83E0-BC6A57B056D5}
2012-05-24 20:53 - 2012-05-24 20:53 - 0000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2012-05-24 20:52 - 2012-05-24 20:52 - 0000000 ____D C:\Windows\Installer\{6292D514-17A4-403F-98F9-E150F10C043D}
2012-05-24 20:52 - 2012-05-24 20:52 - 0000000 ____D C:\Windows\Installer\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}
2012-05-24 20:52 - 2012-05-24 19:57 - 0000000 ____D C:\Program Files\Microsoft SQL Server
2012-05-24 20:52 - 2012-05-24 19:57 - 0000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2012-05-24 20:50 - 2012-04-09 21:36 - 0000000 ____D C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
2012-05-24 20:50 - 2012-04-09 21:36 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-05-24 20:49 - 2012-05-24 20:49 - 20343808 ___RA C:\Windows\Installer\5a8d1f5.msp
2012-05-24 20:49 - 2009-07-13 23:46 - 0000000 ____D C:\Program Files\Windows Journal
2012-05-24 20:32 - 2012-04-09 16:16 - 0000000 ____D C:\Users\Tm0n31695\.zenmap
2012-05-24 20:29 - 2012-05-24 20:29 - 0000971 ____A C:\Users\Tm0n31695\Desktop\Nmap - Zenmap GUI.lnk
2012-05-24 20:27 - 2012-05-24 20:27 - 0000000 ____D C:\Program Files (x86)\Nmap
2012-05-24 20:17 - 2012-05-24 19:55 - 0000000 ____D C:\Users\Tm0n31695\Documents\Visual Studio 2010
2012-05-24 19:59 - 2012-05-24 19:59 - 0000000 ____D C:\Windows\SysWOW64\1033
2012-05-24 19:59 - 2012-05-24 19:59 - 0000000 ____D C:\Windows\System32\RsFx
2012-05-24 19:59 - 2012-05-24 19:59 - 0000000 ____D C:\Windows\System32\1033
2012-05-24 19:59 - 2012-05-24 19:59 - 0000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2012-05-24 19:55 - 2012-05-24 19:55 - 0000000 ____D C:\Windows\Installer\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}
2012-05-24 19:55 - 2012-05-24 19:55 - 0000000 ____D C:\Windows\Installer\{3A9FC03D-C685-4831-94CF-4EDFD3749497}
2012-05-24 19:55 - 2012-05-24 19:55 - 0000000 ____D C:\Program Files\Microsoft Synchronization Services
2012-05-24 19:55 - 2012-05-24 19:55 - 0000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2012-05-24 19:55 - 2012-05-24 19:55 - 0000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2012-05-24 19:55 - 2012-05-24 19:55 - 0000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-05-24 19:54 - 2012-05-24 19:53 - 0000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2012-05-24 19:53 - 2012-05-24 19:53 - 0000000 ____D C:\Windows\symbols
2012-05-24 19:53 - 2012-05-24 19:53 - 0000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2012-05-24 19:53 - 2012-05-24 19:53 - 0000000 ____D C:\Program Files\Microsoft Help Viewer
2012-05-24 19:53 - 2012-05-24 19:53 - 0000000 ____D C:\Program Files (x86)\Microsoft SDKs
2012-05-24 19:53 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files (x86)\MSBuild
2012-05-24 19:52 - 2012-05-24 19:52 - 0000000 ____D C:\Windows\PCHEALTH
2012-05-24 19:34 - 2012-05-24 19:34 - 0000000 ____D C:\Users\Tm0n31695\.m2
2012-05-24 19:28 - 2012-05-24 19:28 - 0461312 ____A C:\Windows\Installer\55d3025.msi
2012-05-24 19:28 - 2012-05-24 19:28 - 0440832 ____A C:\Windows\Installer\55d3020.msi
2012-05-24 19:28 - 2012-05-24 19:28 - 0000000 ____D C:\Windows\Installer\{2222706F-666A-4037-7777-210328764D10}
2012-05-24 19:28 - 2012-05-24 19:28 - 0000000 ____D C:\Windows\Installer\{1111706F-666A-4037-7777-210328764D10}
2012-05-24 19:28 - 2012-05-24 19:28 - 0000000 ____D C:\Program Files (x86)\Oracle
2012-05-24 19:27 - 2012-05-24 19:27 - 0439296 ____A C:\Windows\Installer\55d3005.msi
2012-05-24 19:27 - 2012-05-24 19:27 - 0179200 ____A C:\Windows\Installer\55d301b.msi
2012-05-24 19:27 - 2012-04-11 21:11 - 0174024 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-05-24 19:27 - 2012-04-11 21:11 - 0174024 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-05-24 19:27 - 2012-04-11 21:11 - 0000000 ____D C:\Program Files (x86)\Java
2012-05-23 11:26 - 2012-05-14 19:10 - 0000000 ____D C:\Windows\Installer\{CF8FFD12-602B-422D-AF1D-511B411E7632}
2012-05-23 11:14 - 2012-05-23 11:00 - 0000700 ____A C:\Users\Tm0n31695\umbrella0.log
2012-05-23 11:14 - 2012-04-14 16:44 - 0001506 ____A C:\Windows\System32\Drivers\etc\hosts.umbrella
2012-05-23 11:09 - 2012-04-20 11:51 - 0000000 ____D C:\Users\Tm0n31695\Desktop\Jailbreak
2012-05-23 11:09 - 2012-04-15 08:32 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\redsn0w
2012-05-20 22:36 - 2012-05-20 22:36 - 0000000 ____D C:\.jagex_cache_32
2012-05-20 20:57 - 2012-05-20 20:57 - 0002084 ____A C:\Users\Tm0n31695\Desktop\RuneScape.lnk
2012-05-20 20:57 - 2012-04-11 21:13 - 0000000 ____D C:\Users\Tm0n31695\jagexcache
2012-05-20 20:46 - 2012-05-20 20:46 - 23642112 ____A C:\Windows\Installer\4c1c58b.msi
2012-05-20 20:39 - 2012-05-20 20:39 - 0034308 ____A C:\Users\Tm0n31695\Desktop\b1f939a2bd4c885dd386970a33c5c23f.gif
2012-05-20 19:42 - 2012-05-20 19:42 - 0243791 ____A C:\Users\Tm0n31695\Desktop\1337566136960.gif
2012-05-20 19:10 - 2012-04-20 11:52 - 0000000 ____D C:\Users\Tm0n31695\Desktop\Hack n Mod
2012-05-19 07:18 - 2012-04-15 16:39 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\Mozilla
2012-05-18 23:45 - 2012-04-09 16:16 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\Adobe
2012-05-18 22:23 - 2012-05-18 22:23 - 0000000 ____D C:\Users\Tm0n31695\Desktop\Polygon Love 2
2012-05-18 22:20 - 2012-05-18 22:20 - 0022016 ____A C:\Windows\Installer\4d18b3.msi
2012-05-18 22:20 - 2012-05-18 22:20 - 0000000 ____D C:\Program Files (x86)\Adobe Download Assistant
2012-05-17 19:44 - 2012-05-17 19:42 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\Mp3tag
2012-05-17 19:41 - 2012-05-17 19:41 - 0000000 ____D C:\Program Files (x86)\Mp3tag
2012-05-17 16:31 - 2012-05-17 16:31 - 12476928 ____A C:\Windows\Installer\32179d.msi
2012-05-17 14:41 - 2012-04-26 10:41 - 0192749 ____A C:\Users\Tm0n31695\Desktop\UTU_CoverPhoto_twitter.jpg
2012-05-17 14:37 - 2012-05-17 14:37 - 0002279 ____A C:\Users\Tm0n31695\Documents\New Database.odb
2012-05-17 12:59 - 2012-04-13 13:28 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\4shared Desktop
2012-05-16 18:44 - 2012-04-09 16:16 - 0064136 ____A C:\Users\Tm0n31695\AppData\Local\GDIPFONTCACHEV1.DAT
2012-05-16 12:33 - 2012-05-16 12:33 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\OpenOffice.org
2012-05-16 12:31 - 2012-05-16 12:31 - 0001168 ____A C:\Users\Public\Desktop\OpenOffice.org 3.4.lnk
2012-05-16 12:31 - 2012-05-16 12:31 - 0000000 ____D C:\Windows\Installer\{51071D66-D034-4239-94E0-723FCA10B6FE}
2012-05-16 12:31 - 2012-05-16 12:31 - 0000000 ____D C:\Program Files (x86)\OpenOffice.org 3
2012-05-16 11:21 - 2012-05-16 11:21 - 0000000 ____D C:\Users\Tm0n31695\Documents\Diablo III
2012-05-16 11:21 - 2012-05-16 11:21 - 0000000 ____D C:\Users\All Users\Blizzard Entertainment
2012-05-16 11:19 - 2012-05-16 11:19 - 0000000 ____D C:\Users\All Users\Battle.net
2012-05-16 11:18 - 2012-05-16 11:18 - 0001282 ____A C:\Users\Tm0n31695\Desktop\Diablo.III.Collectors.Edition.lnk
2012-05-16 11:11 - 2012-05-16 11:11 - 0000000 ____D C:\Program Files (x86)\Games
2012-05-15 19:58 - 2012-05-15 19:58 - 0000000 ____D C:\Users\Tm0n31695\AppData\LocalGoogle
2012-05-15 19:58 - 2012-05-15 19:57 - 0000000 ____D C:\Program Files (x86)\Google
2012-05-15 19:58 - 2012-04-09 16:16 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\Google
2012-05-15 19:57 - 2012-05-15 19:57 - 0025600 ____A C:\Windows\Installer\60d5c.msi
2012-05-15 19:49 - 2012-05-15 19:47 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\DMCache
2012-05-15 14:51 - 2012-05-15 14:51 - 8074240 ____A C:\Windows\Installer\239a276.msi
2012-05-15 11:48 - 2012-04-28 01:39 - 0000000 ____D C:\Users\Tm0n31695\Downloads\lovegirl
2012-05-15 11:42 - 2012-04-23 19:15 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\WindSolutions
2012-05-15 11:42 - 2012-04-23 19:15 - 0000000 ____D C:\Users\All Users\WindSolutions
2012-05-14 20:10 - 2012-05-14 20:10 - 0000021 ____A C:\Windows\tpcsd
2012-05-14 19:17 - 2012-04-22 23:09 - 0001181 ____A C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2012-05-14 19:10 - 2012-05-14 19:09 - 0000000 ____D C:\Program Files\iTunes
2012-05-14 19:10 - 2012-05-14 19:09 - 0000000 ____D C:\Program Files (x86)\iTunes
2012-05-14 19:09 - 2012-05-14 19:09 - 0000000 ____D C:\Program Files\iPod
2012-05-14 15:27 - 2012-05-14 15:27 - 0000000 ____D C:\Program Files (x86)\Atheros
2012-05-14 15:27 - 2012-04-09 16:11 - 0000000 ____D C:\Windows\System32\nn-NO
2012-05-14 15:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\zh-TW
2012-05-14 15:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\zh-CN
2012-05-14 15:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\tr-TR
2012-05-14 15:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\sv-SE
2012-05-14 15:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\ru-RU
2012-05-14 15:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\pt-PT
2012-05-14 15:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\pl-PL
2012-05-14 15:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\nl-NL
2012-05-14 15:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\ko-KR
2012-05-14 15:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\ja-JP
2012-05-14 15:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\it-IT
2012-05-14 15:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\hu-HU
2012-05-14 15:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\fr-FR
2012-05-14 15:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\fi-FI
2012-05-14 15:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\es-ES
2012-05-14 15:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\el-GR
2012-05-14 15:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\de-DE
2012-05-14 15:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\da-DK
2012-05-14 15:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\cs-CZ
2012-05-14 14:55 - 2012-05-14 14:52 - 0000004 ____A C:\Users\Tm0n31695\AppData\Local\ThermaDataLogger.lock
2012-05-14 14:51 - 2012-05-14 14:51 - 0000000 ____D C:\Program Files (x86)\Silabs
2012-05-14 14:51 - 2012-05-14 14:50 - 0000000 ____D C:\Windows\SysWOW64\Silabs
2012-05-13 13:59 - 2012-05-12 23:40 - 0000000 ____D C:\Users\All Users\TuneUp Software
2012-05-13 13:32 - 2012-04-09 16:09 - 0000000 ____D C:\Users\All Users\Atheros
2012-05-13 08:25 - 2012-04-09 19:33 - 0000000 ____D C:\Program Files\7-Zip
2012-05-13 08:23 - 2012-05-13 08:23 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\DRPSu
2012-05-12 23:43 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\Windows Sidebar
2012-05-12 23:43 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files (x86)\Windows Sidebar
2012-05-12 23:42 - 2012-05-12 23:42 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\TuneUp Software
2012-05-12 23:40 - 2012-05-12 23:40 - 2822144 ____A C:\Windows\Installer\186537.msi
2012-05-12 23:35 - 2012-05-12 23:35 - 0000000 __SHD C:\Users\All Users\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-05-12 23:28 - 2012-05-12 23:28 - 0000000 ____D C:\Program Files\K-Lite Codec Pack x64
2012-05-12 23:28 - 2012-05-12 23:28 - 0000000 ____D C:\Program Files (x86)\7-Zip
2012-05-12 22:41 - 2012-05-12 22:33 - 0000000 ____D C:\Users\Tm0n31695\.frostwire5
2012-05-12 22:34 - 2012-05-12 22:33 - 0000000 ____D C:\Users\Tm0n31695\FrostWire
2012-05-12 21:58 - 2012-05-11 20:57 - 0000000 ____D C:\Users\Tm0n31695\Downloads\Garry's-Mod 11
2012-05-12 21:53 - 2012-05-12 21:53 - 0021712 ____A (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2012-05-12 21:53 - 2012-05-12 21:53 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\eSupport.com
2012-05-12 21:51 - 2012-05-12 21:53 - 0624672 ____A (Copyright 2010 eSupport.com. All Rights Reserved.) C:\Users\Tm0n31695\Desktop\biosagentplus_1067.exe
2012-05-12 16:55 - 2012-05-12 16:55 - 1122816 ____A C:\Windows\Installer\1863c7.msi
2012-05-12 16:50 - 2012-05-12 23:27 - 0039656 ____A C:\Windows\System32\OEMLOGO.bmp
2012-05-12 10:50 - 2012-05-12 07:22 - 0000000 ___RD C:\Users\Tm0n31695\Desktop\AudioSurf
2012-05-12 09:36 - 2012-05-12 08:56 - 0000000 ____D C:\Program Files (x86)\CFToolbox
2012-05-12 08:58 - 2012-05-12 08:57 - 0000000 ____D C:\Program Files (x86)\GCFExplorer
2012-05-12 07:24 - 2012-05-12 07:24 - 0001690 ____A C:\Users\Tm0n31695\Desktop\Audiosurf.lnk
2012-05-11 20:03 - 2012-05-11 19:55 - 0000000 ____D C:\Program Files (x86)\PFStaticIP
2012-05-11 19:57 - 2012-05-11 19:56 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\PFStaticIP
2012-05-11 19:55 - 2012-05-11 19:55 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\APN
2012-05-11 18:55 - 2012-04-09 16:20 - 0880496 ____A (BitTorrent, Inc.) C:\Users\Tm0n31695\Desktop\uTorrent.exe
2012-05-09 13:33 - 2012-05-09 13:29 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\X-Chat 2
2012-05-09 13:29 - 2012-05-09 13:29 - 0001837 ____A C:\Users\Tm0n31695\Desktop\XChat.lnk
2012-05-09 13:29 - 2012-05-09 13:29 - 0000000 ____D C:\Program Files (x86)\xchat
2012-05-06 13:48 - 2012-05-06 13:48 - 1080221 ____A C:\Users\Tm0n31695\Desktop\1336340848530.jpg
2012-05-06 03:59 - 2012-05-06 03:59 - 0001636 ____A C:\Windows\SysWOW64\HKLM_Run.reg
2012-05-06 03:59 - 2012-05-06 03:59 - 0000632 ____A C:\Windows\SysWOW64\HKCU_Run.reg
2012-05-06 03:59 - 2012-05-06 03:59 - 0000230 ____A C:\Windows\SysWOW64\HKLM_RunOnce.reg
2012-05-06 03:59 - 2012-05-06 03:59 - 0000228 ____A C:\Windows\SysWOW64\HKCU_RunOnce.reg
2012-05-05 21:57 - 2012-05-05 21:57 - 0000221 ____A C:\Users\Tm0n31695\Desktop\Rusty Hearts.url
2012-05-04 23:11 - 2012-04-13 13:11 - 8744608 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2012-05-04 23:11 - 2012-04-09 17:16 - 0419488 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-05-04 23:11 - 2012-04-09 17:16 - 0070304 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-05-03 19:07 - 2012-05-03 19:07 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\Unity
2012-05-03 19:06 - 2012-05-03 19:06 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\Unity
2012-05-02 21:19 - 2012-05-02 21:19 - 18489856 ____A C:\Windows\Installer\55d300d.msi
2012-05-02 17:28 - 2012-05-02 17:28 - 0047605 ____A C:\Users\Tm0n31695\Desktop\GxTensionProjectPitch.pptx
2012-05-02 17:24 - 2012-05-02 17:24 - 3117256 ____A C:\Users\Tm0n31695\Desktop\MASTER.mp3
2012-05-01 14:48 - 2012-05-01 14:48 - 0001949 ____A C:\Users\Tm0n31695\Desktop\LoveGirl.lnk
2012-05-01 14:48 - 2012-04-03 20:39 - 0000000 ____D C:\ILLUSION
2012-05-01 14:43 - 2012-05-01 14:43 - 0000000 ____D C:\Windows\Installer\{A87A837F-413C-4F03-BEF1-6ACC45E20821}
2012-04-29 22:27 - 2012-04-29 21:44 - 0000000 ____D C:\Program Files (x86)\XBMC
2012-04-29 20:48 - 2012-04-09 21:17 - 0001178 ____A C:\Users\Public\Desktop\Game Booster 3.lnk
2012-04-29 01:26 - 2012-04-28 15:58 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\dvdcss
2012-04-28 16:17 - 2012-04-28 16:17 - 0821248 ____A C:\Users\Tm0n31695\Desktop\FreeISOBurner.exe
2012-04-28 14:49 - 2012-04-28 13:23 - 0000000 ____D C:\Program Files (x86)\Unlocker
2012-04-28 12:37 - 2012-04-09 17:28 - 0000000 ____D C:\Users\All Users\DAEMON Tools Lite
2012-04-28 12:22 - 2012-04-28 12:22 - 0283200 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2012-04-28 12:22 - 2012-04-28 11:53 - 0000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2012-04-28 11:57 - 2012-04-28 11:57 - 0001958 ____A C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2012-04-28 11:56 - 2012-04-28 11:56 - 0560184 ____A (Duplex Secure Ltd.) C:\Windows\System32\Drivers\sptd.sys
2012-04-28 11:25 - 2012-04-28 11:25 - 27760640 ____A (Microsoft Corporation) C:\Windows\System32\imageres.dll
2012-04-27 23:03 - 2012-04-25 22:21 - 17202108 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-04-27 19:42 - 2012-04-27 19:42 - 0001074 ____A C:\Users\Public\Desktop\VLC media player.lnk
2012-04-23 20:54 - 2012-04-23 20:53 - 0000000 ____D C:\Users\Tm0n31695\Desktop\Dan Bull - Sharing Is Caring
2012-04-23 19:15 - 2012-04-23 19:15 - 0001380 ____A C:\Users\Tm0n31695\Desktop\CopyTrans Control Center.lnk
2012-04-23 14:34 - 2012-04-21 01:35 - 0000000 ____D C:\Program Files (x86)\VOCALOID2
2012-04-23 12:04 - 2012-04-23 12:04 - 0001911 ____A C:\Users\Public\Desktop\VOCALOID2 Editor.lnk
2012-04-23 11:27 - 2012-04-10 22:08 - 0000000 ____D C:\Program Files (x86)\WinPcap
2012-04-23 11:18 - 2012-04-13 13:27 - 0000000 ____D C:\Program Files (x86)\4shared Desktop
2012-04-23 05:19 - 2012-05-27 20:18 - 2502608 ____A C:\Users\Tm0n31695\Desktop\wubi.exe
2012-04-22 23:59 - 2012-04-22 23:59 - 0026112 ____A C:\Windows\Installer\3a6f7a.msi
2012-04-22 23:59 - 2012-04-22 23:59 - 0000000 ____D C:\Program Files (x86)\Adobe Story
2012-04-22 23:58 - 2012-04-22 23:58 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-04-22 23:09 - 2012-04-22 23:09 - 0001178 ____A C:\Users\Public\Desktop\Smart Defrag 2.lnk
2012-04-22 23:09 - 2012-04-09 21:16 - 0000000 ____D C:\Program Files (x86)\IObit
2012-04-22 23:09 - 2012-04-09 16:20 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\IObit
2012-04-22 18:37 - 2012-04-15 18:35 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\TeamViewer
2012-04-22 15:23 - 2012-04-09 21:17 - 0001280 ____A C:\Users\Public\Desktop\Uninstaller.lnk
2012-04-22 15:23 - 2012-04-09 21:17 - 0001229 ____A C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
2012-04-22 02:38 - 2012-04-22 02:38 - 0081612 ____A C:\Users\Tm0n31695\Downloads\1efa6c2bb1d8572267ae177c15485244a24e9c1a51c3b53d266c254e.jpg
2012-04-22 01:01 - 2012-04-17 22:19 - 0283416 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2012-04-22 01:01 - 2012-04-17 22:15 - 0283416 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2012-04-22 00:10 - 2012-04-22 00:10 - 0000000 ____D C:\Program Files (x86)\Pando Networks
2012-04-22 00:02 - 2012-04-17 22:15 - 0283416 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2012-04-21 16:53 - 2012-04-20 11:50 - 0000000 ____D C:\Users\Tm0n31695\Desktop\Xpadder
2012-04-21 02:17 - 2012-04-09 15:31 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\VirtualStore
2012-04-21 01:48 - 2012-04-21 01:43 - 0001102 ____A C:\Users\Tm0n31695\Desktop\POCALOID2.lnk
2012-04-21 01:48 - 2012-04-21 01:02 - 0001144 ____A C:\Users\Tm0n31695\Desktop\POCALOID2 Manager.lnk
2012-04-21 01:47 - 2012-04-21 01:47 - 0000000 ____D C:\Program Files (x86)\Vstplugins
2012-04-21 01:43 - 2012-04-21 01:02 - 0000000 ____D C:\Program Files (x86)\POCALOID2
2012-04-21 01:36 - 2012-04-21 01:36 - 0000000 ____D C:\Program Files (x86)\Steinberg
2012-04-21 01:01 - 2012-04-09 16:20 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\Adobe
2012-04-21 00:29 - 2012-04-21 00:29 - 1060864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2012-04-20 23:34 - 2012-04-20 23:24 - 0002616 ____A C:\Users\Tm0n31695\Documents\Register DVD Architect Studio.htm
2012-04-20 23:22 - 2012-04-20 14:29 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\Sony
2012-04-20 23:22 - 2012-04-20 14:27 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\Sony
2012-04-20 23:17 - 2012-04-20 21:29 - 0000000 ____D C:\Users\All Users\regid.1986-12.com.adobe
2012-04-20 22:25 - 2012-04-20 16:54 - 0000000 ____D C:\Program Files (x86)\Adobe
2012-04-20 22:23 - 2012-04-20 21:03 - 0000000 ____D C:\Program Files\Common Files\Adobe
2012-04-20 22:22 - 2012-04-20 21:03 - 0000000 ____D C:\Program Files\Adobe
2012-04-20 22:21 - 2012-04-20 22:21 - 0000000 ____D C:\Windows\Installer\{925D058B-564A-443A-B4B2-7E90C6432E55}
2012-04-20 22:21 - 2012-04-20 22:21 - 0000000 ____D C:\Windows\Installer\{90BF0360-A1DB-4599-A643-95AB90A52C1E}
2012-04-20 22:18 - 2012-04-20 22:18 - 0000000 ____D C:\Windows\Installer\{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
2012-04-20 22:18 - 2012-04-20 22:18 - 0000000 ____D C:\Windows\Installer\{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
2012-04-20 22:18 - 2012-04-20 22:18 - 0000000 ____D C:\Windows\Installer\{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
2012-04-20 22:16 - 2012-04-20 22:16 - 0000000 ____D C:\Windows\Installer\{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
2012-04-20 22:16 - 2012-04-20 22:16 - 0000000 ____D C:\Windows\Installer\{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
2012-04-20 22:16 - 2012-04-20 22:16 - 0000000 ____D C:\Windows\Installer\{8557397C-A42D-486F-97B3-A2CBC2372593}
2012-04-20 22:16 - 2012-04-20 22:16 - 0000000 ____D C:\Windows\Installer\{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
2012-04-20 22:14 - 2012-04-20 22:14 - 0000000 ____D C:\Windows\Installer\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
2012-04-20 22:14 - 2012-04-20 22:14 - 0000000 ____D C:\Windows\Installer\{D1A19B02-817E-4296-A45B-07853FD74D57}
2012-04-20 22:14 - 2012-04-20 22:14 - 0000000 ____D C:\Windows\Installer\{B6D38690-755E-4F40-A35A-23F8BC2B86AC}
2012-04-20 22:14 - 2012-04-20 22:14 - 0000000 ____D C:\Windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
2012-04-20 22:14 - 2012-04-20 22:14 - 0000000 ____D C:\Windows\Installer\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
2012-04-20 22:14 - 2012-04-20 22:14 - 0000000 ____D C:\Windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}
2012-04-20 22:14 - 2012-04-20 22:14 - 0000000 ____D C:\Windows\Installer\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
2012-04-20 22:00 - 2012-04-20 16:54 - 0000000 ____D C:\Users\All Users\Adobe
2012-04-20 21:50 - 2012-04-20 21:49 - 0000000 ____D C:\Program Files (x86)\QuickTime
2012-04-20 21:49 - 2012-04-20 21:49 - 26820096 ____A C:\Windows\Installer\5bb6b1b.msi
2012-04-20 21:49 - 2012-04-20 21:49 - 0000000 ____D C:\Windows\Installer\{7BE15435-2D3E-4B58-867F-9C75BED0208C}
2012-04-20 21:31 - 2012-04-20 21:31 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\Akamai
2012-04-20 21:21 - 2012-04-20 21:21 - 0000000 ____D C:\Users\All Users\ALM
2012-04-20 21:15 - 2012-04-20 21:15 - 0000000 ____D C:\Users\Tm0n31695\Adobe Flash Builder 4.5
2012-04-20 21:14 - 2012-04-20 21:14 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\com.adobe.dmp.contentviewer
2012-04-20 21:11 - 2012-04-20 21:11 - 0026112 ____A C:\Windows\Installer\59cac7b.msi
2012-04-20 21:11 - 2012-04-20 21:11 - 0023040 ____A C:\Windows\Installer\59cac80.msi
2012-04-20 21:08 - 2012-04-20 20:00 - 0000000 ____D C:\Users\Tm0n31695\Desktop\Adobe CS5.5 Master Collection
2012-04-20 21:02 - 2012-04-20 21:02 - 0029184 ____A C:\Windows\Installer\59cac4a.msi
2012-04-20 20:55 - 2012-04-20 20:55 - 0000000 ____D C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AA1000000001}
2012-04-20 19:26 - 2012-04-20 19:21 - 0000000 ____D C:\Users\Tm0n31695\Desktop\Adobe CS5_5
2012-04-20 17:40 - 2012-04-20 17:15 - 2616507006 ____A C:\Users\Tm0n31695\Desktop\ADOBE CS5 32 BIT SUPPORT PACKAGE.exe
2012-04-20 17:32 - 2012-04-20 17:31 - 0001756 ____A C:\Users\Tm0n31695\Desktop\Adobe Creative Suite Master Collection CS5.5 Crack Only by -HacKrisH-.rar
2012-04-20 17:12 - 2012-04-20 17:12 - 0000000 ____D C:\Program Files (x86)\Windows Installer Clean Up
2012-04-20 17:11 - 2012-04-20 17:11 - 0000000 ____D C:\Program Files (x86)\MSECACHE
2012-04-20 16:54 - 2012-04-20 16:54 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-04-20 16:54 - 2012-04-20 16:54 - 0000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2012-04-20 16:54 - 2012-04-20 16:54 - 0000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2012-04-20 16:53 - 2012-04-20 16:53 - 0032256 ____A C:\Windows\Installer\4bfe6f1.msi
2012-04-20 15:24 - 2012-04-20 15:24 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\Publish Providers
2012-04-20 15:21 - 2012-04-20 15:21 - 3178496 ____A C:\Windows\Installer\468f9fc.msi
2012-04-20 15:21 - 2012-04-20 15:20 - 0000000 ____D C:\Windows\Installer\{0A013EA1-A1D3-11E0-8DCF-005056C00008}
2012-04-20 15:21 - 2012-04-20 14:33 - 0000000 ____D C:\Windows\Installer\{443B23A1-42F6-11E1-8AA5-F04DA23A5C58}
2012-04-20 15:20 - 2012-04-20 15:20 - 0000000 ____D C:\Windows\Installer\{0489621E-DE2A-11E0-93EA-F04DA23A5C58}
2012-04-20 15:20 - 2012-04-20 15:19 - 0000000 ____D C:\Program Files (x86)\Sony
2012-04-20 15:20 - 2012-04-20 14:29 - 0000000 ____D C:\Windows\Installer\{81BBE880-5409-11E1-BF7F-F04DA23A5C58}
2012-04-20 15:19 - 2012-04-20 15:19 - 2863104 ____A C:\Windows\Installer\468f902.msi
2012-04-20 15:19 - 2012-04-20 15:19 - 2490368 ____A C:\Windows\Installer\468f90d.msi
2012-04-20 15:07 - 2012-04-20 15:04 - 0002648 ____A C:\Users\Tm0n31695\Documents\Register Vegas Movie Studio HD Platinum.htm
2012-04-20 14:29 - 2012-04-20 14:29 - 0000000 ____D C:\Windows\SysWOW64\spool
2012-04-20 14:29 - 2012-04-20 14:29 - 0000000 ____D C:\Users\All Users\Sony
2012-04-20 14:18 - 2012-04-20 14:17 - 0000000 ____D C:\Users\Tm0n31695\Downloads\Sony Vegas Movie Studio HD Platinum v11.0.295 Production Suite
2012-04-18 22:53 - 2012-04-18 22:53 - 3121152 ____A C:\Windows\Installer\38fa058.msi
2012-04-17 22:19 - 2012-04-17 22:19 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\PunkBuster
2012-04-17 22:15 - 2012-04-17 22:15 - 0076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe
2012-04-17 22:13 - 2012-04-17 22:13 - 27089408 ____A C:\Windows\Installer\c2bed3.msi
2012-04-17 22:13 - 2012-04-17 22:13 - 0000000 ____D C:\Windows\Installer\{DEA314C4-0929-4250-BC92-98E4C105F28D}
2012-04-17 22:13 - 2012-04-17 22:13 - 0000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2012-04-17 21:12 - 2012-04-17 21:12 - 0000000 ____D C:\Down
2012-04-17 21:11 - 2012-04-17 21:11 - 0000000 ____D C:\Perfect World Entertainment
2012-04-16 16:15 - 2012-04-16 16:15 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\Mael
2012-04-16 15:58 - 2012-04-16 15:58 - 0000000 ____D C:\Program Files (x86)\HxD
2012-04-16 15:32 - 2012-04-16 15:32 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\Party Buffalo Drive Explorer
2012-04-16 14:27 - 2012-04-16 14:27 - 0000000 ____D C:\Windows\XSxS
2012-04-16 14:27 - 2012-04-16 14:27 - 0000000 ____D C:\Program Files (x86)\Xenocode
2012-04-16 11:37 - 2012-04-09 17:15 - 0014848 ____A (Microsoft Corporation) C:\Windows\System32\slwga.dll
2012-04-16 11:37 - 2012-04-09 17:15 - 0013824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2012-04-16 11:37 - 2009-07-13 15:56 - 0419840 ____A (Microsoft Corporation) C:\Windows\System32\systemcpl.dll
2012-04-16 11:37 - 2009-07-13 15:38 - 1008640 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
2012-04-16 11:37 - 2009-07-13 15:24 - 0833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2012-04-15 22:26 - 2012-04-15 22:26 - 0000000 ____D C:\Users\Tm0n31695\Documents\Amnesia
2012-04-15 22:19 - 2012-04-15 22:19 - 0002184 ____A C:\Users\Tm0n31695\Desktop\Amnesia.lnk
2012-04-15 22:19 - 2012-04-15 22:13 - 0000000 ____D C:\Program Files (x86)\Amnesia - The Dark Descent
2012-04-15 18:19 - 2012-04-15 18:19 - 0001170 ____A C:\Users\Public\Desktop\TeamViewer 7.lnk
2012-04-15 18:19 - 2012-04-15 18:19 - 0000000 ____D C:\Program Files (x86)\TeamViewer
2012-04-15 13:39 - 2012-04-09 16:23 - 0000000 ____D C:\Users\Tm0n31695\Documents\PCSX2
2012-04-15 13:39 - 2012-04-04 15:06 - 0000000 ____D C:\Program Files (x86)\PCSX2 0.9.8
2012-04-15 13:32 - 2012-04-10 22:07 - 0000000 ____D C:\Program Files (x86)\Net Tools
2012-04-15 13:32 - 2009-07-13 19:20 - 0000000 __RHD C:\users\Default
2012-04-15 13:29 - 2012-04-15 13:29 - 1135104 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2012-04-15 07:43 - 2012-04-15 03:26 - 0000000 ____D C:\d389c4717dc370984c2acc53
2012-04-15 07:43 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\AppCompat
2012-04-15 07:05 - 2009-07-13 15:38 - 1008640 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll.old
2012-04-15 07:05 - 2009-07-13 15:24 - 0833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll.old
2012-04-15 06:54 - 2012-04-09 16:38 - 0000000 ____D C:\Windows\W7SOC
2012-04-15 06:53 - 2012-04-09 16:40 - 0925184 ____A C:\Windows\expstart.exe
2012-04-14 19:18 - 2012-04-14 18:59 - 0000000 ____D C:\Program Files\MotioninJoy
2012-04-14 19:00 - 2012-04-14 19:00 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\MotioninJoy
2012-04-14 18:55 - 2012-04-14 18:55 - 0000543 ____A C:\Windows\NGO.cer
2012-04-14 16:44 - 2012-04-14 16:44 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2012-04-14 16:44 - 2012-04-14 16:44 - 0000000 ____D C:\Users\Tm0n31695\.shsh
2012-04-14 16:44 - 2012-04-13 13:46 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\Apple Computer
2012-04-13 23:17 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\rescache
2012-04-13 19:58 - 2012-04-13 19:58 - 0000218 ____A C:\Users\Tm0n31695\.recently-used.xbel
2012-04-13 19:58 - 2012-04-13 19:58 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\gtk-2.0
2012-04-13 13:46 - 2012-04-13 13:46 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\Apple Computer
2012-04-13 13:43 - 2012-04-13 13:42 - 0000000 ____D C:\Users\All Users\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-04-13 13:42 - 2012-04-13 13:42 - 0000000 ____D C:\Users\All Users\Apple Computer
2012-04-13 13:37 - 2012-04-13 13:37 - 0000000 ____D C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
2012-04-13 13:37 - 2012-04-13 13:37 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\Apple
2012-04-13 13:37 - 2012-04-13 13:37 - 0000000 ____D C:\Program Files (x86)\Apple Software Update
2012-04-13 13:36 - 2012-04-13 13:36 - 0000000 ____D C:\Windows\Installer\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}
2012-04-13 13:36 - 2012-04-13 13:36 - 0000000 ____D C:\Windows\Installer\{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}
2012-04-13 13:36 - 2012-04-13 13:36 - 0000000 ____D C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
2012-04-13 13:36 - 2012-04-13 13:36 - 0000000 ____D C:\Users\All Users\Apple
2012-04-13 13:36 - 2012-04-13 13:36 - 0000000 ____D C:\Program Files\Common Files\Apple
2012-04-13 13:36 - 2012-04-13 13:36 - 0000000 ____D C:\Program Files\Bonjour
2012-04-13 13:36 - 2012-04-13 13:36 - 0000000 ____D C:\Program Files (x86)\Bonjour
2012-04-13 13:36 - 2012-04-13 13:36 - 0000000 ____A C:\Windows\Installer\wix{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}.SchedServiceConfig.rmi
2012-04-13 12:46 - 2012-04-13 12:46 - 0000000 ____D C:\Users\Tm0n31695\Desktop\google_music_desktop_player_by_vhanla-d46usa1
2012-04-11 21:12 - 2012-04-11 21:12 - 0000000 ____D C:\Users\All Users\Sun
2012-04-11 21:11 - 2012-04-11 21:11 - 0000000 ____D C:\Windows\Installer\{26A24AE4-039D-4CA4-87B4-2F83216031FF}
2012-04-11 21:04 - 2012-04-11 21:04 - 12938752 ____A C:\Windows\Installer\9f4cd.msi
2012-04-10 23:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\ja-JP
2012-04-10 23:26 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\sr-Latn-CS
2012-04-10 23:26 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\sk-SK
2012-04-10 23:26 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\sr-Latn-CS
2012-04-10 23:26 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\sk-SK
2012-04-10 23:25 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\lv-LV
2012-04-10 23:25 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\lt-LT
2012-04-10 23:25 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\lv-LV
2012-04-10 23:25 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\lt-LT
2012-04-10 23:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\hr-HR
2012-04-10 23:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\et-EE
2012-04-10 23:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\hr-HR
2012-04-10 23:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\et-EE
2012-04-10 23:23 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\uk-UA
2012-04-10 23:23 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\tr-TR
2012-04-10 23:23 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\uk-UA
2012-04-10 23:22 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\th-TH
2012-04-10 23:22 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\sv-SE
2012-04-10 23:22 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\th-TH
2012-04-10 23:21 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\sl-SI
2012-04-10 23:21 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\es-ES
2012-04-10 23:21 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\sl-SI
2012-04-10 23:20 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\ru-RU
2012-04-10 23:20 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\ro-RO
2012-04-10 23:20 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\ro-RO
2012-04-10 22:25 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\pt-PT
2012-04-10 22:25 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\pt-BR
2012-04-10 22:25 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\pl-PL
2012-04-10 22:25 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\nb-NO
2012-04-10 22:25 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\ko-KR
2012-04-10 22:25 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\pt-BR
2012-04-10 22:25 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\nb-NO
2012-04-10 22:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\zh-HK
2012-04-10 22:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\zh-CN
2012-04-10 22:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\nl-NL
2012-04-10 22:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\it-IT
2012-04-10 22:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\hu-HU
2012-04-10 22:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\he-IL
2012-04-10 22:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\fr-FR
2012-04-10 22:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\fi-FI
2012-04-10 22:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\el-GR
2012-04-10 22:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\de-DE
2012-04-10 22:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\da-DK
2012-04-10 22:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\cs-CZ
2012-04-10 22:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\bg-BG
2012-04-10 22:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\ar-SA
2012-04-10 22:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\zh-HK
2012-04-10 22:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\he-IL
2012-04-10 22:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\bg-BG
2012-04-10 22:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\ar-SA
2012-04-10 22:07 - 2012-04-10 22:07 - 0001027 ____A C:\Users\Tm0n31695\Desktop\NetTools.lnk
2012-04-10 22:03 - 2012-04-10 22:03 - 0000000 ____D C:\Program Files\WinPcap
2012-04-10 21:40 - 2012-04-10 21:28 - 0000000 ____D C:\Windows\SysWOW64\directx
2012-04-10 21:32 - 2012-04-10 21:28 - 0000000 ___HD C:\Windows\msdownld.tmp
2012-04-10 21:13 - 2012-04-10 21:13 - 0001913 ____A C:\Users\Tm0n31695\Desktop\Magic DVD Ripper.lnk
2012-04-10 21:13 - 2012-04-10 21:13 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\MagicSoftware
2012-04-10 21:13 - 2012-04-10 21:13 - 0000000 ____D C:\Users\All Users\MagicSoftware
2012-04-10 21:13 - 2012-04-10 21:13 - 0000000 ____D C:\Program Files (x86)\MagicDVDRipper
2012-04-10 09:59 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\zh-TW
2012-04-10 05:39 - 2012-04-10 05:39 - 0000000 ____D C:\Windows\uk-UA
2012-04-10 05:39 - 2012-04-10 05:39 - 0000000 ____D C:\Windows\SysWOW64\Drivers\uk-UA
2012-04-10 05:39 - 2012-04-10 05:39 - 0000000 ____D C:\Windows\System32\Drivers\uk-UA
2012-04-10 05:39 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\SysWOW64\WCN
2012-04-10 05:39 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\System32\WCN
2012-04-10 05:39 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\Windows Photo Viewer
2012-04-10 05:39 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\Windows Defender
2012-04-10 05:39 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\DVD Maker
2012-04-10 05:39 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2012-04-10 05:39 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files (x86)\Windows Defender
2012-04-10 05:39 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\migwiz
2012-04-10 05:39 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\sysprep
2012-04-10 05:39 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\oobe
2012-04-10 05:39 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\migwiz
2012-04-10 05:39 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\servicing
2012-04-10 05:39 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\PolicyDefinitions
2012-04-10 05:39 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\System
2012-04-10 05:30 - 2012-04-10 05:30 - 0000000 ____D C:\Windows\lv-LV
2012-04-10 05:29 - 2012-04-10 05:29 - 0000000 ____D C:\Windows\SysWOW64\Drivers\lv-LV
2012-04-10 05:29 - 2012-04-10 05:29 - 0000000 ____D C:\Windows\System32\Drivers\lv-LV
2012-04-10 05:18 - 2012-04-10 05:19 - 0117840 ____A C:\Windows\System32\prfi0404.dat
2012-04-10 05:18 - 2012-04-10 05:19 - 0031548 ____A C:\Windows\System32\prfd0404.dat
2012-04-10 05:18 - 2012-04-10 05:18 - 0000000 ____D C:\Windows\zh-TW
2012-04-10 05:18 - 2012-04-10 05:18 - 0000000 ____D C:\Windows\SysWOW64\zh-CHT
2012-04-10 05:18 - 2012-04-10 05:18 - 0000000 ____D C:\Windows\SysWOW64\Drivers\zh-TW
2012-04-10 05:18 - 2012-04-10 05:18 - 0000000 ____D C:\Windows\System32\zh-CHT
2012-04-10 05:18 - 2012-04-10 05:18 - 0000000 ____D C:\Windows\System32\Drivers\zh-TW
2012-04-10 05:18 - 2012-04-10 05:18 - 0000000 ____D C:\Windows\System32\Drivers\zh-HK
2012-04-10 05:18 - 2012-04-09 21:29 - 0000000 ____D C:\Windows\SysWOW64\XPSViewer
2012-04-10 05:18 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\SysWOW64\winrm
2012-04-10 05:18 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\SysWOW64\slmgr
2012-04-10 05:18 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2012-04-10 05:18 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\System32\winrm
2012-04-10 05:18 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\System32\slmgr
2012-04-10 05:18 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\System32\Printing_Admin_Scripts
2012-04-10 05:18 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\MUI
2012-04-10 05:18 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\Dism
2012-04-10 05:18 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\com
2012-04-10 05:18 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\MUI
2012-04-10 05:18 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\Dism
2012-04-10 05:18 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\com
2012-04-10 05:18 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\IME
2012-04-10 05:02 - 2012-04-10 05:02 - 0000000 ____D C:\Windows\SysWOW64\es
2012-04-10 05:02 - 2012-04-10 05:02 - 0000000 ____D C:\Windows\SysWOW64\Drivers\es-ES
2012-04-10 05:02 - 2012-04-10 05:02 - 0000000 ____D C:\Windows\SysWOW64\0C0A
2012-04-10 05:02 - 2012-04-10 05:02 - 0000000 ____D C:\Windows\System32\es
2012-04-10 05:02 - 2012-04-10 05:02 - 0000000 ____D C:\Windows\System32\Drivers\es-ES
2012-04-10 05:02 - 2012-04-10 05:02 - 0000000 ____D C:\Windows\System32\0C0A
2012-04-10 05:02 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\SysWOW64\sysprep
2012-04-10 05:02 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\DigitalLocker
2012-04-10 05:02 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\System32\WinBioPlugIns
2012-04-10 05:02 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\Setup
2012-04-10 05:02 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\oobe
2012-04-10 05:02 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\Setup
2012-04-10 05:01 - 2012-04-10 05:03 - 0341432 ____A C:\Windows\System32\perfi00A.dat
2012-04-10 05:01 - 2012-04-10 05:03 - 0041390 ____A C:\Windows\System32\perfd00A.dat
2012-04-10 05:01 - 2012-04-10 05:01 - 0000000 ____D C:\Windows\es-ES
2012-04-10 04:49 - 2012-04-09 21:36 - 0002324 ____A C:\Windows\epplauncher.mif
2012-04-10 04:48 - 2012-04-10 04:48 - 0000000 ____D C:\Windows\SysWOW64\he
2012-04-10 04:48 - 2012-04-10 04:48 - 0000000 ____D C:\Windows\SysWOW64\Drivers\he-IL
2012-04-10 04:48 - 2012-04-10 04:48 - 0000000 ____D C:\Windows\System32\he
2012-04-10 04:48 - 2012-04-10 04:48 - 0000000 ____D C:\Windows\System32\Drivers\he-IL
2012-04-10 04:47 - 2012-04-10 04:49 - 0229316 ____A C:\Windows\System32\perfi00D.dat
2012-04-10 04:47 - 2012-04-10 04:49 - 0032166 ____A C:\Windows\System32\perfd00D.dat
2012-04-10 04:47 - 2012-04-10 04:47 - 0000000 ____D C:\Windows\he-IL
2012-04-10 04:36 - 2012-04-10 04:36 - 0000000 ____D C:\Windows\tr-TR
2012-04-10 04:36 - 2012-04-10 04:36 - 0000000 ____D C:\Windows\SysWOW64\tr
2012-04-10 04:36 - 2012-04-10 04:36 - 0000000 ____D C:\Windows\SysWOW64\Drivers\tr-TR
2012-04-10 04:36 - 2012-04-10 04:36 - 0000000 ____D C:\Windows\System32\tr
2012-04-10 04:36 - 2012-04-10 04:36 - 0000000 ____D C:\Windows\System32\Drivers\tr-TR
2012-04-10 04:35 - 2012-04-10 04:37 - 0285034 ____A C:\Windows\System32\perfi01F.dat
2012-04-10 04:35 - 2012-04-10 04:37 - 0037160 ____A C:\Windows\System32\perfd01F.dat
2012-04-10 04:24 - 2012-04-10 04:25 - 0157694 ____A C:\Windows\System32\perfi012.dat
2012-04-10 04:24 - 2012-04-10 04:25 - 0031548 ____A C:\Windows\System32\perfd012.dat
2012-04-10 04:24 - 2012-04-10 04:24 - 0000000 ____D C:\Windows\SysWOW64\ko
2012-04-10 04:24 - 2012-04-10 04:24 - 0000000 ____D C:\Windows\SysWOW64\Drivers\ko-KR
2012-04-10 04:24 - 2012-04-10 04:24 - 0000000 ____D C:\Windows\System32\ko
2012-04-10 04:24 - 2012-04-10 04:24 - 0000000 ____D C:\Windows\System32\Drivers\ko-KR
2012-04-10 04:24 - 2012-04-10 04:24 - 0000000 ____D C:\Windows\ko-KR
2012-04-10 04:12 - 2012-04-10 04:13 - 0306636 ____A C:\Windows\System32\perfi006.dat
2012-04-10 04:12 - 2012-04-10 04:13 - 0039236 ____A C:\Windows\System32\perfd006.dat
2012-04-10 04:12 - 2012-04-10 04:12 - 0000000 ____D C:\Windows\SysWOW64\Drivers\da-DK
2012-04-10 04:12 - 2012-04-10 04:12 - 0000000 ____D C:\Windows\SysWOW64\da
2012-04-10 04:12 - 2012-04-10 04:12 - 0000000 ____D C:\Windows\System32\Drivers\da-DK
2012-04-10 04:12 - 2012-04-10 04:12 - 0000000 ____D C:\Windows\System32\da
2012-04-10 04:12 - 2012-04-10 04:12 - 0000000 ____D C:\Windows\da-DK
2012-04-10 04:02 - 2012-04-10 04:02 - 0000000 ____D C:\Windows\pt-PT
2012-04-10 04:01 - 2012-04-10 04:03 - 0336656 ____A C:\Windows\System32\prfi0816.dat
2012-04-10 04:01 - 2012-04-10 04:03 - 0040548 ____A C:\Windows\System32\prfd0816.dat
2012-04-10 04:01 - 2012-04-10 04:01 - 0000000 ____D C:\Windows\SysWOW64\pt
2012-04-10 04:01 - 2012-04-10 04:01 - 0000000 ____D C:\Windows\SysWOW64\Drivers\pt-PT
2012-04-10 04:01 - 2012-04-10 04:01 - 0000000 ____D C:\Windows\System32\pt
2012-04-10 04:01 - 2012-04-10 04:01 - 0000000 ____D C:\Windows\System32\Drivers\pt-PT
2012-04-10 03:51 - 2012-04-10 03:51 - 0000000 ____D C:\Windows\SysWOW64\Drivers\et-EE
2012-04-10 03:51 - 2012-04-10 03:51 - 0000000 ____D C:\Windows\System32\Drivers\et-EE
2012-04-10 03:51 - 2012-04-10 03:51 - 0000000 ____D C:\Windows\et-EE
2012-04-10 03:43 - 2012-04-10 03:43 - 0000000 ____D C:\Windows\SysWOW64\Drivers\bg-BG
2012-04-10 03:43 - 2012-04-10 03:43 - 0000000 ____D C:\Windows\System32\Drivers\bg-BG
2012-04-10 03:43 - 2012-04-10 03:43 - 0000000 ____D C:\Windows\bg-BG
2012-04-10 03:34 - 2012-04-10 03:35 - 0111310 ____A C:\Windows\System32\prfi0804.dat
2012-04-10 03:34 - 2012-04-10 03:35 - 0031548 ____A C:\Windows\System32\prfd0804.dat
2012-04-10 03:34 - 2012-04-10 03:34 - 0000000 ____D C:\Windows\zh-CN
2012-04-10 03:34 - 2012-04-10 03:34 - 0000000 ____D C:\Windows\SysWOW64\zh-CHS
2012-04-10 03:34 - 2012-04-10 03:34 - 0000000 ____D C:\Windows\SysWOW64\Drivers\zh-CN
2012-04-10 03:34 - 2012-04-10 03:34 - 0000000 ____D C:\Windows\System32\zh-CHS
2012-04-10 03:34 - 2012-04-10 03:34 - 0000000 ____D C:\Windows\System32\Drivers\zh-CN
2012-04-10 03:23 - 2012-04-10 03:25 - 0341322 ____A C:\Windows\System32\perfi013.dat
2012-04-10 03:23 - 2012-04-10 03:25 - 0043068 ____A C:\Windows\System32\perfd013.dat
2012-04-10 03:23 - 2012-04-10 03:23 - 0000000 ____D C:\Windows\SysWOW64\nl
2012-04-10 03:23 - 2012-04-10 03:23 - 0000000 ____D C:\Windows\SysWOW64\Drivers\nl-NL
2012-04-10 03:23 - 2012-04-10 03:23 - 0000000 ____D C:\Windows\SysWOW64\0413
2012-04-10 03:23 - 2012-04-10 03:23 - 0000000 ____D C:\Windows\System32\nl
2012-04-10 03:23 - 2012-04-10 03:23 - 0000000 ____D C:\Windows\System32\Drivers\nl-NL
2012-04-10 03:23 - 2012-04-10 03:23 - 0000000 ____D C:\Windows\System32\0413
2012-04-10 03:23 - 2012-04-10 03:23 - 0000000 ____D C:\Windows\nl-NL
2012-04-10 03:14 - 2012-04-10 03:15 - 0294764 ____A C:\Windows\System32\perfi01D.dat
2012-04-10 03:14 - 2012-04-10 03:15 - 0037052 ____A C:\Windows\System32\perfd01D.dat
2012-04-10 03:14 - 2012-04-10 03:14 - 0000000 ____D C:\Windows\SysWOW64\sv
2012-04-10 03:14 - 2012-04-10 03:14 - 0000000 ____D C:\Windows\SysWOW64\Drivers\sv-SE
2012-04-10 03:14 - 2012-04-10 03:14 - 0000000 ____D C:\Windows\System32\sv
2012-04-10 03:14 - 2012-04-10 03:14 - 0000000 ____D C:\Windows\System32\Drivers\sv-SE
2012-04-10 03:14 - 2012-04-10 03:14 - 0000000 ____D C:\Windows\sv-SE
2012-04-10 03:04 - 2012-04-10 03:05 - 0295922 ____A C:\Windows\System32\perfi007.dat
2012-04-10 03:04 - 2012-04-10 03:05 - 0038104 ____A C:\Windows\System32\perfd007.dat
2012-04-10 03:04 - 2012-04-10 03:04 - 0000000 ____D C:\Windows\SysWOW64\Drivers\de-DE
2012-04-10 03:04 - 2012-04-10 03:04 - 0000000 ____D C:\Windows\SysWOW64\de
2012-04-10 03:04 - 2012-04-10 03:04 - 0000000 ____D C:\Windows\SysWOW64\0407
2012-04-10 03:04 - 2012-04-10 03:04 - 0000000 ____D C:\Windows\System32\Drivers\de-DE
2012-04-10 03:04 - 2012-04-10 03:04 - 0000000 ____D C:\Windows\System32\de
2012-04-10 03:04 - 2012-04-10 03:04 - 0000000 ____D C:\Windows\System32\0407
2012-04-10 03:04 - 2012-04-10 03:04 - 0000000 ____D C:\Windows\de-DE
2012-04-10 02:54 - 2012-04-10 02:55 - 0292004 ____A C:\Windows\System32\perfi005.dat
2012-04-10 02:54 - 2012-04-10 02:55 - 0036232 ____A C:\Windows\System32\perfd005.dat
2012-04-10 02:54 - 2012-04-10 02:54 - 0000000 ____D C:\Windows\SysWOW64\Drivers\cs-CZ
2012-04-10 02:54 - 2012-04-10 02:54 - 0000000 ____D C:\Windows\SysWOW64\cs
2012-04-10 02:54 - 2012-04-10 02:54 - 0000000 ____D C:\Windows\System32\Drivers\cs-CZ
2012-04-10 02:54 - 2012-04-10 02:54 - 0000000 ____D C:\Windows\System32\cs
2012-04-10 02:54 - 2012-04-10 02:54 - 0000000 ____D C:\Windows\cs-CZ
2012-04-10 02:43 - 2012-04-10 02:43 - 0000000 ____D C:\Windows\SysWOW64\Drivers\lt-LT
2012-04-10 02:43 - 2012-04-10 02:43 - 0000000 ____D C:\Windows\System32\Drivers\lt-LT
2012-04-10 02:43 - 2012-04-10 02:43 - 0000000 ____D C:\Windows\lt-LT
2012-04-10 02:31 - 2012-04-10 02:31 - 0000000 ____D C:\Windows\SysWOW64\Drivers\hr-HR
2012-04-10 02:31 - 2012-04-10 02:31 - 0000000 ____D C:\Windows\System32\Drivers\hr-HR
2012-04-10 02:31 - 2012-04-10 02:31 - 0000000 ____D C:\Windows\hr-HR
2012-04-10 02:18 - 2012-04-10 02:18 - 0000000 ____D C:\Windows\SysWOW64\ru
2012-04-10 02:18 - 2012-04-10 02:18 - 0000000 ____D C:\Windows\SysWOW64\Drivers\ru-RU
2012-04-10 02:18 - 2012-04-10 02:18 - 0000000 ____D C:\Windows\System32\ru
2012-04-10 02:18 - 2012-04-10 02:18 - 0000000 ____D C:\Windows\System32\Drivers\ru-RU
2012-04-10 02:18 - 2012-04-10 02:18 - 0000000 ____D C:\Windows\ru-RU
2012-04-10 02:17 - 2012-04-10 02:21 - 0336704 ____A C:\Windows\System32\perfi019.dat
2012-04-10 02:17 - 2012-04-10 02:21 - 0039446 ____A C:\Windows\System32\perfd019.dat
2012-04-10 02:01 - 2012-04-10 02:01 - 0000000 ____D C:\Windows\SysWOW64\it
2012-04-10 02:01 - 2012-04-10 02:01 - 0000000 ____D C:\Windows\SysWOW64\Drivers\it-IT
2012-04-10 02:01 - 2012-04-10 02:01 - 0000000 ____D C:\Windows\SysWOW64\0410
2012-04-10 02:01 - 2012-04-10 02:01 - 0000000 ____D C:\Windows\System32\it
2012-04-10 02:01 - 2012-04-10 02:01 - 0000000 ____D C:\Windows\System32\Drivers\it-IT
2012-04-10 02:01 - 2012-04-10 02:01 - 0000000 ____D C:\Windows\System32\0410
2012-04-10 02:01 - 2012-04-10 02:01 - 0000000 ____D C:\Windows\it-IT
2012-04-10 02:00 - 2012-04-10 02:03 - 0335478 ____A C:\Windows\System32\perfi010.dat
2012-04-10 02:00 - 2012-04-10 02:03 - 0037534 ____A C:\Windows\System32\perfd010.dat
2012-04-10 01:50 - 2012-04-10 01:52 - 0298300 ____A C:\Windows\System32\perfi014.dat
2012-04-10 01:50 - 2012-04-10 01:52 - 0036156 ____A C:\Windows\System32\perfd014.dat
2012-04-10 01:50 - 2012-04-10 01:50 - 0000000 ____D C:\Windows\SysWOW64\no
2012-04-10 01:50 - 2012-04-10 01:50 - 0000000 ____D C:\Windows\SysWOW64\Drivers\nb-NO
2012-04-10 01:50 - 2012-04-10 01:50 - 0000000 ____D C:\Windows\System32\no
2012-04-10 01:50 - 2012-04-10 01:50 - 0000000 ____D C:\Windows\System32\Drivers\nb-NO
2012-04-10 01:50 - 2012-04-10 01:50 - 0000000 ____D C:\Windows\nb-NO
2012-04-10 01:40 - 2012-04-10 01:40 - 0000000 ____D C:\Windows\SysWOW64\Drivers\sl-SI
2012-04-10 01:40 - 2012-04-10 01:40 - 0000000 ____D C:\Windows\System32\Drivers\sl-SI
2012-04-10 01:40 - 2012-04-10 01:40 - 0000000 ____D C:\Windows\sl-SI
2012-04-10 01:29 - 2012-04-10 01:29 - 0000000 ____D C:\Windows\SysWOW64\el
2012-04-10 01:29 - 2012-04-10 01:29 - 0000000 ____D C:\Windows\SysWOW64\Drivers\el-GR
2012-04-10 01:29 - 2012-04-10 01:29 - 0000000 ____D C:\Windows\System32\el
2012-04-10 01:29 - 2012-04-10 01:29 - 0000000 ____D C:\Windows\System32\Drivers\el-GR
2012-04-10 01:29 - 2012-04-10 01:29 - 0000000 ____D C:\Windows\el-GR
2012-04-10 01:28 - 2012-04-10 01:32 - 0369984 ____A C:\Windows\System32\perfi008.dat
2012-04-10 01:28 - 2012-04-10 01:32 - 0045182 ____A C:\Windows\System32\perfd008.dat
2012-04-10 01:12 - 2012-04-10 01:12 - 0000000 ____D C:\Windows\SysWOW64\Drivers\pt-BR
2012-04-10 01:12 - 2012-04-10 01:12 - 0000000 ____D C:\Windows\pt-BR
2012-04-10 01:11 - 2012-04-10 01:15 - 0323154 ____A C:\Windows\System32\prfi0416.dat
2012-04-10 01:11 - 2012-04-10 01:15 - 0038536 ____A C:\Windows\System32\prfd0416.dat
2012-04-10 01:11 - 2012-04-10 01:11 - 0000000 ____D C:\Windows\System32\Drivers\pt-BR
2012-04-10 00:58 - 2012-04-10 00:58 - 0000000 ____D C:\Windows\SysWOW64\Drivers\ro-RO
2012-04-10 00:58 - 2012-04-10 00:58 - 0000000 ____D C:\Windows\System32\Drivers\ro-RO
2012-04-10 00:58 - 2012-04-10 00:58 - 0000000 ____D C:\Windows\ro-RO
2012-04-10 00:47 - 2012-04-10 00:47 - 0000000 ____D C:\Windows\SysWOW64\Drivers\pl-PL
2012-04-10 00:46 - 2012-04-10 00:46 - 0000000 ____D C:\Windows\SysWOW64\pl
2012-04-10 00:46 - 2012-04-10 00:46 - 0000000 ____D C:\Windows\System32\pl
2012-04-10 00:46 - 2012-04-10 00:46 - 0000000 ____D C:\Windows\System32\Drivers\pl-PL
2012-04-10 00:46 - 2012-04-10 00:46 - 0000000 ____D C:\Windows\pl-PL
2012-04-10 00:45 - 2012-04-10 00:49 - 0337158 ____A C:\Windows\System32\perfi015.dat
2012-04-10 00:45 - 2012-04-10 00:49 - 0038710 ____A C:\Windows\System32\perfd015.dat
2012-04-10 00:33 - 2012-04-10 00:21 - 0000000 ____D C:\Windows\SysWOW64\fr
2012-04-10 00:33 - 2012-04-10 00:21 - 0000000 ____D C:\Windows\SysWOW64\Drivers\fr-FR
2012-04-10 00:33 - 2012-04-10 00:21 - 0000000 ____D C:\Windows\System32\Drivers\fr-FR
2012-04-10 00:33 - 2012-04-10 00:21 - 0000000 ____D C:\Windows\fr-FR
2012-04-10 00:33 - 2012-04-10 00:20 - 0000000 ____D C:\Windows\System32\fr
2012-04-10 00:21 - 2012-04-10 00:21 - 0000000 ____D C:\Windows\SysWOW64\Drivers\ar-SA
2012-04-10 00:21 - 2012-04-10 00:21 - 0000000 ____D C:\Windows\SysWOW64\ar
2012-04-10 00:21 - 2012-04-10 00:21 - 0000000 ____D C:\Windows\SysWOW64\040C
2012-04-10 00:21 - 2012-04-10 00:21 - 0000000 ____D C:\Windows\System32\ar
2012-04-10 00:21 - 2012-04-10 00:21 - 0000000 ____D C:\Windows\System32\040C
2012-04-10 00:21 - 2012-04-10 00:21 - 0000000 ____D C:\Windows\ar-SA
2012-04-10 00:21 - 2012-04-10 00:20 - 0000000 ____D C:\Windows\System32\Drivers\ar-SA
2012-04-10 00:20 - 2012-04-10 00:23 - 0344522 ____A C:\Windows\System32\perfi00C.dat
2012-04-10 00:20 - 2012-04-10 00:23 - 0289060 ____A C:\Windows\System32\perfi001.dat
2012-04-10 00:20 - 2012-04-10 00:23 - 0042056 ____A C:\Windows\System32\perfd001.dat
2012-04-10 00:20 - 2012-04-10 00:23 - 0038160 ____A C:\Windows\System32\perfd00C.dat
2012-04-10 00:09 - 2012-04-10 00:10 - 0287518 ____A C:\Windows\System32\perfi00E.dat
2012-04-10 00:09 - 2012-04-10 00:10 - 0048094 ____A C:\Windows\System32\perfd00E.dat
2012-04-10 00:09 - 2012-04-10 00:09 - 0000000 ____D C:\Windows\SysWOW64\hu
2012-04-10 00:09 - 2012-04-10 00:09 - 0000000 ____D C:\Windows\SysWOW64\Drivers\hu-HU
2012-04-10 00:09 - 2012-04-10 00:09 - 0000000 ____D C:\Windows\System32\hu
2012-04-10 00:09 - 2012-04-10 00:09 - 0000000 ____D C:\Windows\System32\Drivers\hu-HU
2012-04-10 00:09 - 2012-04-10 00:09 - 0000000 ____D C:\Windows\hu-HU
2012-04-10 00:02 - 2012-04-10 00:02 - 0000000 ____D C:\Windows\SysWOW64\Drivers\sr-Latn-CS
2012-04-10 00:02 - 2012-04-10 00:02 - 0000000 ____D C:\Windows\System32\Drivers\sr-Latn-CS
2012-04-10 00:02 - 2012-04-10 00:02 - 0000000 ____D C:\Windows\sr-Latn-CS
2012-04-09 23:56 - 2012-04-09 23:56 - 0000000 ____D C:\Windows\SysWOW64\Drivers\sk-SK
2012-04-09 23:56 - 2012-04-09 23:56 - 0000000 ____D C:\Windows\System32\Drivers\sk-SK
2012-04-09 23:56 - 2012-04-09 23:56 - 0000000 ____D C:\Windows\sk-SK
2012-04-09 23:47 - 2012-04-09 23:47 - 0000000 ____D C:\Windows\SysWOW64\Drivers\th-TH
2012-04-09 23:46 - 2012-04-09 23:46 - 0000000 ____D C:\Windows\th-TH
2012-04-09 23:46 - 2012-04-09 23:46 - 0000000 ____D C:\Windows\System32\Drivers\th-TH
2012-04-09 23:36 - 2012-04-09 23:36 - 0000000 ____D C:\Windows\SysWOW64\fi
2012-04-09 23:36 - 2012-04-09 23:36 - 0000000 ____D C:\Windows\SysWOW64\Drivers\fi-FI
2012-04-09 23:36 - 2012-04-09 23:36 - 0000000 ____D C:\Windows\fi-FI
2012-04-09 23:35 - 2012-04-09 23:35 - 0000000 ____D C:\Windows\System32\fi
2012-04-09 23:35 - 2012-04-09 23:35 - 0000000 ____D C:\Windows\System32\Drivers\fi-FI
2012-04-09 23:34 - 2012-04-09 23:39 - 0279790 ____A C:\Windows\System32\perfi00B.dat
2012-04-09 23:34 - 2012-04-09 23:39 - 0038258 ____A C:\Windows\System32\perfd00B.dat
2012-04-09 22:11 - 2012-04-09 22:11 - 0908800 ____A C:\Windows\Installer\11bd1a.msi
2012-04-09 22:11 - 2012-04-09 22:11 - 0525544 ____A (Sun Microsystems, Inc.) C:\Windows\System32\deployJava1.dll
2012-04-09 22:11 - 2012-04-09 22:11 - 0191264 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe
2012-04-09 22:11 - 2012-04-09 22:11 - 0172320 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe
2012-04-09 22:11 - 2012-04-09 22:11 - 0172320 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe
2012-04-09 22:11 - 2012-04-09 22:11 - 0001053 ____A C:\Users\Tm0n31695\Desktop\pcsx2-r4600 - Shortcut.lnk
2012-04-09 22:11 - 2012-04-09 22:11 - 0000931 ____A C:\Users\Tm0n31695\Desktop\psxfin - Shortcut.lnk
2012-04-09 22:11 - 2012-04-09 22:11 - 0000000 ____D C:\Program Files\Java
2012-04-09 22:11 - 2012-04-09 16:22 - 0000000 ____D C:\Program Files (x86)\pSX_1_13
2012-04-09 21:51 - 2012-04-09 21:51 - 0000000 ____D C:\Windows\SysWOW64\RTCOM
2012-04-09 21:51 - 2012-04-09 21:51 - 0000000 ____D C:\Program Files\Realtek
2012-04-09 21:36 - 2012-04-09 21:36 - 20333056 ___RA C:\Windows\Installer\281f1e.msp
2012-04-09 21:30 - 2012-04-09 21:30 - 0000000 ____D C:\Windows\ja-JP
2012-04-09 21:29 - 2012-04-09 21:29 - 0000000 ____D C:\Windows\SysWOW64\ja
2012-04-09 21:29 - 2012-04-09 21:29 - 0000000 ____D C:\Windows\SysWOW64\Drivers\ja-JP
2012-04-09 21:29 - 2012-04-09 21:29 - 0000000 ____D C:\Windows\SysWOW64\0411
2012-04-09 21:29 - 2012-04-09 21:29 - 0000000 ____D C:\Windows\System32\ja
2012-04-09 21:29 - 2012-04-09 21:29 - 0000000 ____D C:\Windows\System32\Drivers\ja-JP
2012-04-09 21:29 - 2012-04-09 21:29 - 0000000 ____D C:\Windows\System32\0411
2012-04-09 21:28 - 2012-04-09 21:33 - 0141988 ____A C:\Windows\System32\perfi011.dat
2012-04-09 21:28 - 2012-04-09 21:33 - 0031548 ____A C:\Windows\System32\perfd011.dat
2012-04-09 21:17 - 2012-04-09 21:17 - 0000000 ____D C:\Users\All Users\IObit
2012-04-09 20:45 - 2012-04-09 20:45 - 0000000 ____D C:\Users\All Users\Stardock
2012-04-09 20:23 - 2012-04-09 20:23 - 0000000 __SHD C:\Windows\Installer\$PatchCache$
2012-04-09 19:47 - 2012-04-09 19:47 - 0000000 ____D C:\Windows\SysWOW64\xlive
2012-04-09 19:47 - 2012-04-09 19:47 - 0000000 ____D C:\Windows\Installer\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}
2012-04-09 19:47 - 2012-04-09 19:47 - 0000000 ____D C:\Windows\Installer\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}
2012-04-09 19:47 - 2012-04-09 19:47 - 0000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2012-04-09 19:45 - 2012-04-09 19:45 - 0001374 ____A C:\Users\Tm0n31695\Desktop\Steam - Shortcut.lnk
2012-04-09 19:33 - 2012-04-09 19:33 - 1376768 ____A C:\Windows\Installer\957d2.msi
2012-04-09 18:20 - 2012-04-09 18:20 - 3695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2012-04-09 18:20 - 2012-04-09 18:20 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-04-09 18:20 - 2012-04-09 18:20 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-04-09 18:20 - 2012-04-09 18:20 - 0434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-04-09 18:20 - 2012-04-09 18:20 - 0353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-04-09 18:20 - 2012-04-09 18:20 - 0165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-04-09 18:20 - 2012-04-09 18:20 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-04-09 18:20 - 2012-04-09 18:20 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2012-04-09 18:20 - 2012-04-09 18:20 - 0150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2012-04-09 18:20 - 2012-04-09 18:20 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-04-09 18:20 - 2012-04-09 18:20 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-04-09 18:20 - 2012-04-09 18:20 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-04-09 18:20 - 2012-04-09 18:20 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-04-09 18:20 - 2012-04-09 18:20 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-04-09 18:20 - 2012-04-09 18:20 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-04-09 18:20 - 2012-04-09 18:20 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-04-09 18:20 - 2012-04-09 18:20 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2012-04-09 18:20 - 2012-04-09 18:20 - 0072822 ____A C:\Windows\SysWOW64\ieuinit.inf
2012-04-09 18:20 - 2012-04-09 18:20 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2012-04-09 18:20 - 2012-04-09 18:20 - 0066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2012-04-09 18:20 - 2012-04-09 18:20 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-04-09 18:20 - 2012-04-09 18:20 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-04-09 18:20 - 2012-04-09 18:20 - 0011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2012-04-09 18:20 - 2012-04-09 18:20 - 0010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-04-09 18:20 - 2012-04-09 18:20 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-04-09 18:02 - 2012-04-09 18:02 - 0000184 ____A C:\Windows\LMv4.UNI
2012-04-09 18:02 - 2012-04-09 18:02 - 0000000 ____D C:\Program Files (x86)\Launch Manager
2012-04-09 18:01 - 2012-04-09 18:01 - 0000000 ____D C:\Windows\Installer\{01FB4998-33C4-4431-85ED-079E3EEFE75D}
2012-04-09 18:01 - 2012-04-09 18:01 - 0000000 ____D C:\Program Files (x86)\Acer
2012-04-09 17:59 - 2012-04-09 17:59 - 0000000 ____D C:\Users\All Users\OEM
2012-04-09 17:59 - 2012-04-09 17:59 - 0000000 ____D C:\Program Files\Acer
2012-04-09 17:56 - 2012-04-09 17:56 - 0000000 ____D C:\Program Files (x86)\Realtek
2012-04-09 17:54 - 2012-04-09 16:45 - 0000000 ____D C:\Program Files (x86)\Intel
2012-04-09 17:51 - 2012-04-09 17:51 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2012-04-09 17:51 - 2012-04-09 17:51 - 0000000 ____D C:\Program Files\Synaptics
2012-04-09 17:49 - 2012-04-09 17:49 - 0000000 ____D C:\Windows\SysWOW64\Atheros_L1e
2012-04-09 17:47 - 2012-04-09 17:47 - 0000000 ____D C:\Windows\Installer\{AB398DDB-0E7B-400B-A940-7E61FB91A531}
2012-04-09 17:47 - 2012-04-09 17:47 - 0000000 ____D C:\Users\All Users\AmUStor
2012-04-09 17:47 - 2012-04-09 17:47 - 0000000 ____D C:\Program Files (x86)\AmIcoSingLun
2012-04-09 17:40 - 2012-04-09 17:40 - 2297552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2012-04-09 17:32 - 2012-04-09 17:32 - 0000767 ____A C:\Users\Tm0n31695\Desktop\RapeLay.lnk
2012-04-09 17:30 - 2009-07-13 21:38 - 0025600 __ASH C:\Windows\System32\config\BCD-Template.LOG
2012-04-09 17:30 - 2009-07-13 21:32 - 0028672 ____A C:\Windows\System32\config\BCD-Template
2012-04-09 17:16 - 2012-04-09 17:16 - 0000000 ____D C:\Windows\SysWOW64\Macromed
2012-04-09 17:16 - 2012-04-09 17:16 - 0000000 ____D C:\Windows\System32\Macromed
2012-04-09 17:08 - 2012-04-09 17:05 - 0000000 ____D C:\Users\All Users\SpeedyPC Software
2012-04-09 17:06 - 2012-04-09 17:06 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\SpeedyPC Software
2012-04-09 17:06 - 2012-04-09 17:06 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\DriverCure
2012-04-09 17:03 - 2012-04-09 16:16 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\Deployment
2012-04-09 17:02 - 2012-04-09 16:16 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\Apps\2.0
2012-04-09 16:37 - 2009-07-13 21:01 - 0042045 ____A C:\Windows\SysWOW64\license.rtf
2012-04-09 16:37 - 2009-07-13 21:01 - 0042045 ____A C:\Windows\System32\license.rtf
2012-04-09 16:35 - 2012-04-09 16:35 - 0000000 ____D C:\Windows\System32\W7TIC
2012-04-09 16:32 - 2009-07-13 23:46 - 0000000 ____D C:\Windows\CSC
2012-04-09 16:23 - 2012-04-09 16:23 - 0000000 ___RD C:\Users\Tm0n31695\Documents\Notes
2012-04-09 16:22 - 2012-04-09 16:22 - 0000000 ____D C:\Users\Tm0n31695\Desktop\logon screen pics
2012-04-09 16:22 - 2012-04-09 16:22 - 0000000 ____D C:\Users\Tm0n31695\Desktop\evaicon1
2012-04-09 16:22 - 2012-04-09 16:22 - 0000000 ____D C:\Users\Tm0n31695\Desktop\Custimization Tools
2012-04-09 16:20 - 2012-04-09 16:20 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\RotMG.Production
2012-04-09 16:20 - 2012-04-09 16:20 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\Macromedia
2012-04-09 16:20 - 2012-04-09 16:20 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\Intel Corporation
2012-04-09 16:20 - 2012-04-09 16:20 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\InstallShield
2012-04-09 16:20 - 2012-04-09 16:20 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\CyberLink
2012-04-09 16:20 - 2012-04-09 16:20 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\.minecraft
2012-04-09 16:20 - 2012-04-09 16:20 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\Xenocode
2012-04-09 16:20 - 2012-04-09 16:20 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\XboxMB
2012-04-09 16:20 - 2012-04-09 16:20 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\Revolt
2012-04-09 16:20 - 2012-04-09 16:20 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\Microsoft Games
2012-04-09 16:16 - 2012-04-09 16:16 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\EgisTec IPS
2012-04-09 16:16 - 2012-04-09 16:16 - 0000000 ____D C:\Users\Tm0n31695\AppData\Local\Coma
2012-04-09 16:16 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\System32\restore
2012-04-09 16:06 - 2012-04-09 16:06 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2012-04-09 15:31 - 2009-07-13 19:18 - 0000000 __SHD C:\$Recycle.Bin
2012-04-09 15:30 - 2012-04-09 15:30 - 0000000 __SHD C:\Users\Tm0n31695\Templates
2012-04-09 15:30 - 2012-04-09 15:30 - 0000000 __SHD C:\Users\Tm0n31695\Start Menu
2012-04-09 15:30 - 2012-04-09 15:30 - 0000000 __SHD C:\Users\Tm0n31695\PrintHood
2012-04-09 15:30 - 2012-04-09 15:30 - 0000000 __SHD C:\Users\Tm0n31695\NetHood
2012-04-09 15:30 - 2012-04-09 15:30 - 0000000 __SHD C:\Users\Tm0n31695\My Documents
2012-04-09 15:30 - 2012-04-09 15:30 - 0000000 __SHD C:\Users\Tm0n31695\Documents\My Videos
2012-04-09 15:30 - 2012-04-09 15:30 - 0000000 __SHD C:\Users\Tm0n31695\Documents\My Pictures
2012-04-09 15:30 - 2012-04-09 15:30 - 0000000 __SHD C:\Users\Tm0n31695\Documents\My Music
2012-04-09 15:30 - 2012-04-09 15:30 - 0000000 __SHD C:\Users\Tm0n31695\AppData\Local\Temporary Internet Files
2012-04-09 15:30 - 2012-04-09 15:30 - 0000000 __SHD C:\Users\Tm0n31695\AppData\Local\History
2012-04-09 15:29 - 2012-04-09 17:31 - 0000000 ____D C:\Windows\Panther
2012-04-09 15:29 - 2009-07-13 20:45 - 0000000 ____D C:\Windows\Setup
2012-04-09 15:27 - 2011-08-13 13:51 - 0000000 __SHD C:\Recovery
2012-04-08 10:32 - 2012-04-09 16:27 - 0198606 ____A C:\Users\Tm0n31695\Downloads\zipyaru-20090611-5-0166.jpg
2012-04-08 10:32 - 2012-04-09 16:27 - 0153870 ____A C:\Users\Tm0n31695\Downloads\zipyaru-20090611-5-0177.jpg
2012-04-08 10:31 - 2012-04-09 16:27 - 0114093 ____A C:\Users\Tm0n31695\Downloads\zipyaru-20090611-5-0159.jpg
2012-04-08 10:31 - 2012-04-09 16:27 - 0081874 ____A C:\Users\Tm0n31695\Downloads\zipyaru-20090611-5-0021.jpg
2012-04-08 10:31 - 2012-04-09 16:27 - 0081851 ____A C:\Users\Tm0n31695\Downloads\zipyaru-20090611-5-0116.jpg
2012-04-08 10:31 - 2012-04-09 16:27 - 0078392 ____A C:\Users\Tm0n31695\Downloads\zipyaru-20090611-5-0042.jpg
2012-04-08 10:31 - 2012-04-09 16:27 - 0076451 ____A C:\Users\Tm0n31695\Downloads\zipyaru-20090611-5-0041.jpg
2012-04-08 10:31 - 2012-04-09 16:27 - 0038179 ____A C:\Users\Tm0n31695\Downloads\zipyaru-20090710-16-0016.jpg
2012-04-08 10:31 - 2012-04-09 16:27 - 0030033 ____A C:\Users\Tm0n31695\Downloads\zipyaru-20090707-13-0027.jpg
2012-04-08 10:30 - 2012-04-09 16:27 - 0193707 ____A C:\Users\Tm0n31695\Downloads\zipyaru-20090611-5-0005.jpg
2012-04-08 10:30 - 2012-04-09 16:27 - 0125767 ____A C:\Users\Tm0n31695\Downloads\navig1015-3.jpg
2012-04-08 10:30 - 2012-04-09 16:24 - 0507815 ____A C:\Users\Tm0n31695\Downloads\20110403230006626.jpg
2012-04-08 10:30 - 2012-04-09 16:24 - 0471907 ____A C:\Users\Tm0n31695\Downloads\2011040322590916e.jpg
2012-04-08 10:29 - 2012-04-09 16:24 - 0503605 ____A C:\Users\Tm0n31695\Downloads\2011040322590834f.jpg
2012-04-08 10:29 - 2012-04-09 16:24 - 0472291 ____A C:\Users\Tm0n31695\Downloads\20110403225823338.jpg
2012-04-08 10:29 - 2012-04-09 16:24 - 0436562 ____A C:\Users\Tm0n31695\Downloads\20110403225907cc1.jpg
2012-04-08 10:29 - 2012-04-09 16:24 - 0261279 ____A C:\Users\Tm0n31695\Downloads\2011040322590904e.jpg
2012-04-08 10:28 - 2012-04-09 16:24 - 0496676 ____A C:\Users\Tm0n31695\Downloads\2011040322581918f.jpg
2012-04-08 10:28 - 2012-04-09 16:24 - 0492598 ____A C:\Users\Tm0n31695\Downloads\201104032258201ab.jpg
2012-04-08 10:26 - 2012-04-09 16:24 - 0147796 ____A C:\Users\Tm0n31695\Downloads\201104032256394ec.jpg
2012-04-08 10:26 - 2012-04-09 16:24 - 0081232 ____A C:\Users\Tm0n31695\Downloads\b201011208.jpg
2012-04-08 10:25 - 2012-04-09 16:23 - 0122391 ____A C:\Users\Tm0n31695\Downloads\106.jpg
2012-04-08 10:24 - 2012-04-09 16:24 - 0155014 ____A C:\Users\Tm0n31695\Downloads\8e4abb15.jpg
2012-04-08 10:24 - 2012-04-09 16:23 - 0507577 ____A C:\Users\Tm0n31695\Downloads\1008_0617.jpg
2012-04-08 10:23 - 2012-04-09 16:24 - 0255132 ____A C:\Users\Tm0n31695\Downloads\1bb48b42.jpg
2012-04-08 08:45 - 2012-04-09 16:22 - 0000000 ___HD C:\Users\Tm0n31695\Desktop\old
2012-04-08 08:05 - 2012-04-08 08:04 - 0000000 ____D C:\5bb1f4bfa6c3c7cd8d424648
2012-04-07 23:12 - 2012-04-09 16:20 - 0974077 ____A C:\Users\Tm0n31695\Desktop\1333869090948.gif
2012-04-07 16:54 - 2012-04-09 16:20 - 0287585 ____A C:\Users\Tm0n31695\Desktop\1333813615315.jpg
2012-04-06 21:41 - 2012-04-09 16:23 - 0000000 ___AH C:\Users\Tm0n31695\Documents\Default.rdp
2012-04-04 14:47 - 2012-05-24 19:27 - 0772504 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-04-04 14:47 - 2012-04-11 21:11 - 0687504 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-04-04 14:47 - 2012-04-11 21:11 - 0227720 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-04-04 11:56 - 2012-06-05 17:50 - 0024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-04-04 03:17 - 2012-04-04 03:17 - 16613376 ___RA C:\Windows\Installer\59cac0e.msp
2012-04-03 19:56 - 2012-04-09 16:20 - 0000000 ____D C:\Users\Tm0n31695\AppData\Roaming\Intel
2012-04-03 18:25 - 2012-04-03 18:25 - 0000000 ____D C:\Program Files (x86)\Stardock
2012-04-03 11:27 - 2012-04-03 15:55 - 0000809 ____A C:\Script.vbs
2012-04-01 21:34 - 2012-05-14 19:51 - 5504880 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-04-01 20:46 - 2012-05-14 19:51 - 3958128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-04-01 20:46 - 2012-05-14 19:51 - 3902320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-04-01 19:01 - 2012-05-14 19:51 - 3143680 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-03-31 22:55 - 2012-04-09 16:20 - 0147962 ____A C:\Users\Tm0n31695\Desktop\1333259011812.jpg
2012-03-31 22:02 - 2012-04-09 16:20 - 1560001 ____A C:\Users\Tm0n31695\Desktop\1333260056942.gif
2012-03-31 14:54 - 2012-04-09 16:20 - 0414961 ____A C:\Users\Tm0n31695\Desktop\1333234250003.jpg
2012-03-31 08:55 - 2012-04-09 16:20 - 0278561 ____A C:\Users\Tm0n31695\Desktop\Minecraft.exe
2012-03-30 03:09 - 2012-05-14 19:45 - 1895280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-03-28 21:16 - 2012-04-09 15:30 - 0000020 ___SH C:\Users\Tm0n31695\ntuser.ini
2012-03-27 15:16 - 2012-04-09 21:50 - 0272629 ____A C:\Windows\System32\Drivers\RTAIODAT.DAT
2012-03-27 13:03 - 2012-04-09 21:50 - 4015592 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHD64.sys
2012-03-27 03:59 - 2012-03-27 03:59 - 49125888 ____A C:\Windows\Installer\23d1e.msi
2012-03-26 08:18 - 2012-03-26 08:18 - 20396032 ____A C:\Windows\Installer\47a02a.msi
2012-03-21 11:55 - 2012-04-09 21:50 - 2886656 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoRes64.dat
2012-03-20 06:47 - 2012-04-09 21:50 - 3608680 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO64.dll
2012-03-19 15:01 - 2012-04-09 21:50 - 0102504 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoInstII64.dll
2012-03-16 23:55 - 2012-05-14 19:51 - 0075632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2012-03-16 12:25 - 2012-04-09 21:50 - 2670696 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtPgEx64.dll
2012-03-13 07:21 - 2012-04-09 21:50 - 1251432 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTCOM64.dll


C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\@
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\L
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\U
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\L\00000004.@
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\L\1afb2d56
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\L\201d3dde
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\U\00000004.@
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\U\00000008.@
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\U\000000cb.@
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\U\80000000.@

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0329216 ____A (Microsoft Corporation) 50BEA589F7D7958BDD2528A8F69D05CC

C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 12%
Total physical RAM: 5814.81 MB
Available physical RAM: 5060.32 MB
Total Pagefile: 5812.96 MB
Available Pagefile: 5052.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (Acer) (Fixed) (Total:282.99 GB) (Free:103.5 GB) NTFS
2 Drive e: (PQSERVICE) (Fixed) (Total:15 GB) (Free:4.37 GB) NTFS
4 Drive g: (TM0N31695) (Removable) (Total:29.8 GB) (Free:12.75 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 298 GB 1024 KB
Disk 1 Online 29 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 15 GB 1024 KB
Partition 2 Primary 100 MB 15 GB
Partition 3 Primary 282 GB 15 GB

======================================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E PQSERVICE NTFS Partition 15 GB Healthy Hidden

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM RESE NTFS Partition 100 MB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C Acer NTFS Partition 282 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 29 GB 16 KB

======================================================================================================

Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G TM0N31695 FAT32 Removable 29 GB Healthy

======================================================================================================

==========================================================

Last Boot: 2012-05-28 22:16

======================= End Of Log ==========================

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:46 PM

Posted 06 June 2012 - 10:11 PM

Hello

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt

C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\@
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\L
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\U
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\L\00000004.@
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\L\1afb2d56
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\L\201d3dde
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\U\00000004.@
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\U\00000008.@
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\U\000000cb.@
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\U\80000000.@ 


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the BartPE CD.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Gringo[/b]
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 Tm0n31695

Tm0n31695
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:ohio
  • Local time:01:46 PM

Posted 06 June 2012 - 10:42 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 06-06-2012 03
Ran by SYSTEM at 2012-06-06 23:32:39 Run:1
Running from G:\

==============================================

C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f} moved successfully.
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\@ not found.
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\L not found.
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\U not found.
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\L\00000004.@ not found.
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\L\1afb2d56 not found.
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\L\201d3dde not found.
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\U\00000004.@ not found.
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\U\00000008.@ not found.
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\U\000000cb.@ not found.
C:\Windows\Installer\{843d93c5-0dac-8a8a-c524-4fc08385026f}\U\80000000.@ not found.

==== End of Fixlog ====

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:46 PM

Posted 06 June 2012 - 11:26 PM

Greetings,

I would like for you to try and run combofix for me now


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 Tm0n31695

Tm0n31695
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:ohio
  • Local time:01:46 PM

Posted 07 June 2012 - 05:04 PM

it worked now here's the log.


ComboFix 12-06-07.03 - Tm0n31695 06/07/2012 13:38:04.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.5815.4122 [GMT -4:00]
Running from: c:\users\Tm0n31695\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\WinPCap
c:\program files (x86)\WinPCap\daemon_mgm.exe
c:\program files (x86)\WinPCap\npf_mgm.exe
c:\program files (x86)\WinPCap\rpcapd.exe
c:\windows\apppatch\AppLoc.exe
c:\windows\apppatch\AppLocA.exe
c:\windows\apppatch\unins000.dat
c:\windows\apppatch\unins000.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
c:\windows\XSxS
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2012-05-07 to 2012-06-07 )))))))))))))))))))))))))))))))
.
.
2012-06-07 17:55 . 2012-06-07 17:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-06 22:37 . 2012-06-06 22:39 -------- d-----w- C:\FRST
2012-06-06 02:31 . 2012-06-06 03:26 -------- d-----w- c:\programdata\SecTaskMan
2012-06-06 02:13 . 2012-06-06 02:13 -------- d-----w- c:\program files (x86)\ESET
2012-06-06 01:50 . 2012-06-06 01:50 -------- d-----w- c:\users\Tm0n31695\AppData\Roaming\Malwarebytes
2012-06-06 01:50 . 2012-06-06 01:50 -------- d-----w- c:\programdata\Malwarebytes
2012-06-06 01:50 . 2012-06-06 01:50 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-06 01:50 . 2012-04-04 19:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-05 22:54 . 2012-03-06 23:04 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-06-05 22:54 . 2012-03-06 23:01 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-06-05 22:54 . 2012-03-06 23:04 141144 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-06-05 22:54 . 2012-03-06 23:03 258904 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-06-05 22:54 . 2012-03-06 23:02 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-06-05 22:54 . 2012-03-06 23:01 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-06-05 22:54 . 2012-03-06 23:04 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-06-05 22:54 . 2012-03-06 23:02 28504 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-06-05 22:54 . 2012-03-06 23:01 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-06-05 22:54 . 2012-03-06 23:15 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-05 22:53 . 2012-03-06 22:44 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2012-06-05 22:53 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr
2012-06-05 22:53 . 2012-03-06 23:15 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-06-05 19:56 . 2012-06-05 19:56 -------- d-----w- c:\users\Default\AppData\Roaming\IObit
2012-06-05 18:41 . 2012-06-05 22:53 -------- d-----w- c:\programdata\AVAST Software
2012-06-05 18:41 . 2012-06-05 22:53 -------- d-----w- c:\program files\AVAST Software
2012-06-05 18:15 . 2012-06-05 18:53 3993600 ----a-w- c:\program files (x86)\GUT5BA7.tmp
2012-06-05 18:15 . 2012-06-05 18:15 -------- d-----w- c:\program files (x86)\GUM5BA6.tmp
2012-06-05 00:01 . 2012-06-05 00:01 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-05-31 23:16 . 2012-05-31 23:16 -------- d-----w- c:\windows\Sun
2012-05-31 23:12 . 2012-05-31 23:12 -------- d-----w- c:\programdata\SwiftKit
2012-05-31 23:12 . 2012-06-04 19:35 -------- d-----w- c:\program files (x86)\SwiftKit
2012-05-31 05:11 . 2012-05-31 05:11 -------- d-----w- c:\programdata\VS
2012-05-31 04:35 . 2012-05-31 04:35 -------- d-----w- c:\users\Tm0n31695\AppData\Roaming\FreeArc
2012-05-31 04:35 . 2012-05-31 04:35 -------- d-----w- c:\program files (x86)\FreeArc
2012-05-30 21:09 . 2012-05-30 21:09 -------- d-----w- c:\users\Default\AppData\Local\Google
2012-05-29 20:42 . 2012-05-29 20:42 -------- d-----w- c:\users\Tm0n31695\AppData\Local\TVU Networks
2012-05-29 20:42 . 2012-05-29 20:42 -------- d-----w- c:\programdata\TVU Networks
2012-05-28 14:46 . 2012-05-28 14:46 -------- d-----w- c:\program files (x86)\Magic ISO Maker
2012-05-28 14:20 . 2008-09-25 21:39 270272 ----a-w- c:\windows\system32\drivers\ext2fs.sys
2012-05-28 14:20 . 2008-08-29 02:49 80320 ----a-w- c:\windows\system32\drivers\ifsmount.sys
2012-05-28 14:20 . 2008-07-27 03:57 281600 ----a-w- c:\windows\system32\ifsdrives.dll
2012-05-28 14:20 . 2007-12-16 22:14 83904 ----a-w- c:\windows\system32\ifsdrives.exe
2012-05-26 14:24 . 2012-05-26 14:24 226304 ----a-w- c:\windows\SysWow64\binkw32.dll
2012-05-25 04:53 . 2011-09-23 01:06 109416 ----a-w- c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll
2012-05-25 04:53 . 2011-09-22 21:18 73064 ----a-w- c:\windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll
2012-05-25 04:53 . 2011-09-23 01:07 105832 ----a-w- c:\windows\system32\SQSRVRES.DLL
2012-05-25 04:53 . 2012-05-25 04:53 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 9.0
2012-05-25 04:52 . 2012-05-25 04:52 -------- d-----w- c:\program files\Microsoft.NET
2012-05-25 04:27 . 2012-05-25 04:27 -------- d-----w- c:\program files (x86)\Nmap
2012-05-25 04:00 . 2009-07-22 08:17 78872 ----a-w- c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2012-05-25 04:00 . 2009-07-22 08:17 50200 ----a-w- c:\windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2012-05-25 03:59 . 2012-05-25 03:59 -------- d-----w- c:\windows\system32\RsFx
2012-05-25 03:59 . 2012-05-25 03:59 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2012-05-25 03:59 . 2012-05-25 03:59 -------- d-----w- c:\windows\SysWow64\1033
2012-05-25 03:59 . 2012-05-25 03:59 -------- d-----w- c:\windows\system32\1033
2012-05-25 03:57 . 2012-05-25 04:52 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2012-05-25 03:57 . 2012-05-25 04:52 -------- d-----w- c:\program files\Microsoft SQL Server
2012-05-25 03:55 . 2012-05-25 03:55 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-05-25 03:55 . 2012-05-25 03:55 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-05-25 03:55 . 2012-05-25 03:55 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2012-05-25 03:55 . 2012-05-25 03:55 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2012-05-25 03:55 . 2012-06-05 03:19 136320 ----a-w- c:\programdata\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
2012-05-25 03:53 . 2012-05-25 03:54 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0
2012-05-25 03:53 . 2012-05-25 03:53 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules
2012-05-25 03:53 . 2012-05-25 03:53 -------- d-----w- c:\windows\symbols
2012-05-25 03:53 . 2012-05-25 03:53 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2012-05-25 03:53 . 2012-05-25 03:53 -------- d-----w- c:\program files\Microsoft Help Viewer
2012-05-25 03:53 . 2012-05-25 03:53 -------- d-----w- c:\program files (x86)\Microsoft SDKs
2012-05-25 03:52 . 2012-05-25 03:52 -------- d-----w- c:\windows\PCHEALTH
2012-05-25 03:36 . 2012-05-31 05:05 -------- d-----w- c:\program files\Apache Software Foundation
2012-05-25 03:34 . 2012-05-25 03:34 -------- d-----w- c:\users\Tm0n31695\.m2
2012-05-25 03:33 . 2012-05-31 05:03 -------- d-----w- c:\users\Tm0n31695\.netbeans
2012-05-25 03:28 . 2012-05-25 03:28 -------- d-----w- c:\program files (x86)\Oracle
2012-05-25 03:27 . 2012-05-25 03:27 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-05-25 03:27 . 2012-04-04 22:47 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-05-25 03:09 . 2012-05-31 05:07 -------- d-----w- c:\users\Tm0n31695\.nbi
2012-05-21 06:36 . 2012-05-21 06:36 -------- d-----w- C:\.jagex_cache_32
2012-05-19 06:20 . 2012-05-19 06:20 -------- d-----w- c:\program files (x86)\Adobe Download Assistant
2012-05-18 03:42 . 2012-05-18 03:44 -------- d-----w- c:\users\Tm0n31695\AppData\Roaming\Mp3tag
2012-05-18 03:41 . 2012-05-18 03:41 -------- d-----w- c:\program files (x86)\Mp3tag
2012-05-16 20:33 . 2012-05-16 20:33 -------- d-----w- c:\users\Tm0n31695\AppData\Roaming\OpenOffice.org
2012-05-16 20:31 . 2012-05-16 20:31 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2012-05-16 19:21 . 2012-05-16 19:21 -------- d-----w- c:\programdata\Blizzard Entertainment
2012-05-16 19:19 . 2012-05-16 19:19 -------- d-----w- c:\programdata\Battle.net
2012-05-16 19:11 . 2012-05-16 19:11 -------- d-----w- c:\program files (x86)\Games
2012-05-16 04:02 . 2012-06-01 00:44 -------- d-s---w- c:\users\Tm0n31695\Google Drive
2012-05-16 03:57 . 2012-05-16 03:58 -------- d-----w- c:\program files (x86)\Google
2012-05-16 03:47 . 2012-05-16 03:49 -------- d-----w- c:\users\Tm0n31695\AppData\Roaming\DMCache
2012-05-16 03:41 . 2012-04-02 05:26 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-16 03:41 . 2012-04-02 05:24 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-16 03:41 . 2012-04-02 04:40 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-16 03:41 . 2012-04-02 05:24 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-16 03:41 . 2012-04-02 05:24 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-15 03:45 . 2012-03-30 11:09 1895280 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-15 03:31 . 2012-06-01 04:04 -------- d-----r- c:\users\Tm0n31695\Dropbox
2012-05-15 03:29 . 2012-06-01 04:06 -------- d-----w- c:\users\Tm0n31695\AppData\Roaming\Dropbox
2012-05-15 03:09 . 2012-05-15 03:09 -------- d-----w- c:\program files\iPod
2012-05-15 03:09 . 2012-05-15 03:10 -------- d-----w- c:\program files (x86)\iTunes
2012-05-15 03:09 . 2012-05-15 03:10 -------- d-----w- c:\program files\iTunes
2012-05-14 23:27 . 2010-11-02 23:00 2380448 ----a-w- c:\windows\system32\drivers\athrx.sys
2012-05-14 23:27 . 2012-05-14 23:27 -------- d-----w- c:\program files (x86)\Atheros
2012-05-14 22:51 . 2012-05-14 22:51 -------- d-----w- c:\program files (x86)\Silabs
2012-05-14 22:50 . 2012-05-14 22:51 -------- d-----w- c:\windows\SysWow64\Silabs
2012-05-13 21:10 . 2012-06-06 16:19 -------- d-----w- c:\users\Tm0n31695\AppData\Local\ElevatedDiagnostics
2012-05-13 16:23 . 2012-05-13 16:23 -------- d-----w- c:\users\Tm0n31695\AppData\Roaming\DRPSu
2012-05-13 07:42 . 2012-05-13 07:42 -------- d-----w- c:\users\Tm0n31695\AppData\Roaming\TuneUp Software
2012-05-13 07:40 . 2012-05-13 21:59 -------- d-----w- c:\programdata\TuneUp Software
2012-05-13 07:35 . 2012-05-13 07:35 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-05-13 07:35 . 2012-05-13 07:35 -------- d--h--w- c:\programdata\Common Files
2012-05-13 07:28 . 2012-05-13 07:28 -------- d-----w- c:\program files (x86)\7-Zip
2012-05-13 07:28 . 2011-03-02 11:43 203264 ----a-w- c:\windows\system32\unrar.dll
2012-05-13 07:28 . 2012-02-15 18:00 92160 ----a-w- c:\windows\system32\ff_vfw.dll
2012-05-13 07:28 . 2012-05-13 07:28 -------- d-----w- c:\program files\K-Lite Codec Pack x64
2012-05-13 06:33 . 2012-05-13 06:34 -------- d-----w- c:\users\Tm0n31695\FrostWire
2012-05-13 06:33 . 2012-05-13 06:41 -------- d-----w- c:\users\Tm0n31695\.frostwire5
2012-05-13 05:53 . 2012-05-13 05:53 -------- d-----w- c:\users\Tm0n31695\AppData\Local\eSupport.com
2012-05-13 05:53 . 2012-05-13 05:53 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2012-05-13 05:46 . 2010-11-05 16:50 2716768 ----a-w- c:\windows\system32\drivers\athwx.sys
2012-05-13 05:46 . 2011-05-20 08:53 557848 ----a-w- c:\windows\system32\drivers\iaStor.sys
2012-05-13 05:45 . 2011-03-23 14:20 77936 ----a-w- c:\windows\system32\drivers\L1C62x64.sys
2012-05-13 05:44 . 2011-08-23 13:12 317440 ----a-w- c:\windows\system32\drivers\IntcDAud.sys
2012-05-13 05:44 . 2010-02-26 23:32 158976 ----a-w- c:\windows\system32\drivers\Impcd.sys
2012-05-13 05:44 . 2011-08-23 13:12 14848 ----a-w- c:\windows\system32\IntcDAuC.dll
2012-05-12 16:57 . 2012-05-12 16:58 -------- d-----w- c:\program files (x86)\GCFExplorer
2012-05-12 16:56 . 2012-05-12 17:36 -------- d-----w- c:\program files (x86)\CFToolbox
2012-05-12 03:56 . 2012-05-12 03:57 -------- d-----w- c:\users\Tm0n31695\AppData\Roaming\PFStaticIP
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-08 17:02 . 2012-06-01 08:20 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{116A5254-09FF-4F65-83A3-0CDD9E152C5D}\mpengine.dll
2012-05-06 11:59 . 2012-05-06 11:59 230 ----a-w- c:\windows\SysWow64\HKLM_RunOnce.reg
2012-05-06 11:59 . 2012-05-06 11:59 228 ----a-w- c:\windows\SysWow64\HKCU_RunOnce.reg
2012-05-06 11:59 . 2012-05-06 11:59 1636 ----a-w- c:\windows\SysWow64\HKLM_Run.reg
2012-05-06 11:59 . 2012-05-06 11:59 632 ----a-w- c:\windows\SysWow64\HKCU_Run.reg
2012-05-05 07:11 . 2012-04-10 01:16 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 07:11 . 2012-04-10 01:16 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-05 07:11 . 2012-04-13 21:11 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-28 20:22 . 2012-04-28 20:22 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-04-28 19:56 . 2012-04-28 19:56 560184 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-04-28 19:25 . 2012-04-28 19:25 27760640 ----a-w- c:\windows\system32\imageres.dll
2012-04-22 09:01 . 2012-04-18 06:19 283416 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-04-22 09:01 . 2012-04-18 06:15 283416 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-04-22 08:02 . 2012-04-18 06:15 283416 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-04-21 08:29 . 2012-04-21 08:29 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2012-04-21 01:12 . 2012-04-21 01:12 3584 ----a-r- c:\users\Tm0n31695\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2012-04-18 06:15 . 2012-04-18 06:15 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-04-16 19:37 . 2012-04-10 01:15 14848 ----a-w- c:\windows\system32\slwga.dll
2012-04-16 19:37 . 2012-04-10 01:15 13824 ----a-w- c:\windows\SysWow64\slwga.dll
2012-04-16 19:37 . 2009-07-13 23:56 419840 ----a-w- c:\windows\system32\systemcpl.dll
2012-04-16 19:37 . 2009-07-13 23:38 1008640 ----a-w- c:\windows\system32\user32.dll
2012-04-16 19:37 . 2009-07-13 23:24 833024 ----a-w- c:\windows\SysWow64\user32.dll
2012-04-15 21:29 . 2012-04-15 21:29 1135104 ----a-w- c:\windows\system32\FntCache.dll
2012-04-15 15:05 . 2009-07-13 23:38 1008640 ----a-w- c:\windows\system32\user32.dll.old
2012-04-15 15:05 . 2009-07-13 23:24 833024 ----a-w- c:\windows\SysWow64\user32.dll.old
2012-04-15 14:53 . 2012-04-10 00:40 925184 ----a-w- c:\windows\expstart.exe
2012-04-10 06:11 . 2012-04-10 06:11 525544 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-10 02:20 . 2012-04-10 02:20 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-04-10 02:20 . 2012-04-10 02:20 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-04-10 02:20 . 2012-04-10 02:20 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-04-10 02:20 . 2012-04-10 02:20 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-04-10 02:20 . 2012-04-10 02:20 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-04-10 02:20 . 2012-04-10 02:20 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-04-10 02:20 . 2012-04-10 02:20 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-04-10 02:20 . 2012-04-10 02:20 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-04-10 02:20 . 2012-04-10 02:20 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-04-10 02:20 . 2012-04-10 02:20 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-04-10 02:20 . 2012-04-10 02:20 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-04-10 02:20 . 2012-04-10 02:20 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-04-10 02:20 . 2012-04-10 02:20 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-04-10 02:20 . 2012-04-10 02:20 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-04-10 02:20 . 2012-04-10 02:20 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-04-10 02:20 . 2012-04-10 02:20 448512 ----a-w- c:\windows\system32\html.iec
2012-04-10 02:20 . 2012-04-10 02:20 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-04-10 02:20 . 2012-04-10 02:20 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-04-10 02:20 . 2012-04-10 02:20 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-04-10 02:20 . 2012-04-10 02:20 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-04-10 02:20 . 2012-04-10 02:20 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-04-10 02:20 . 2012-04-10 02:20 222208 ----a-w- c:\windows\system32\msls31.dll
2012-04-10 02:20 . 2012-04-10 02:20 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-04-10 02:20 . 2012-04-10 02:20 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-04-10 02:20 . 2012-04-10 02:20 160256 ----a-w- c:\windows\system32\wextract.exe
2012-04-10 02:20 . 2012-04-10 02:20 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-04-10 02:20 . 2012-04-10 02:20 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-04-10 02:20 . 2012-04-10 02:20 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-04-10 02:20 . 2012-04-10 02:20 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-04-10 02:20 . 2012-04-10 02:20 12288 ----a-w- c:\windows\system32\mshta.exe
2012-04-10 02:20 . 2012-04-10 02:20 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-04-10 02:20 . 2012-04-10 02:20 114176 ----a-w- c:\windows\system32\admparse.dll
2012-04-10 02:20 . 2012-04-10 02:20 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-04-10 02:20 . 2012-04-10 02:20 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-04-10 01:40 . 2012-04-10 01:40 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll
2012-04-04 22:47 . 2012-04-12 05:11 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-03 19:27 . 2012-04-03 23:55 809 ----a-w- C:\Script.vbs
2012-03-27 21:03 . 2012-04-10 05:50 4015592 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2012-03-21 19:55 . 2012-04-10 05:50 2886656 ----a-w- c:\windows\system32\RCoRes64.dat
2012-03-20 14:47 . 2012-04-10 05:50 3608680 ----a-w- c:\windows\system32\RtkAPO64.dll
2012-03-19 23:01 . 2012-04-10 05:50 102504 ----a-w- c:\windows\system32\RCoInstII64.dll
2012-03-16 20:25 . 2012-04-10 05:50 2670696 ----a-w- c:\windows\system32\RtPgEx64.dll
2012-03-13 15:21 . 2012-04-10 05:50 1251432 ----a-w- c:\windows\system32\RTCOM64.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-07-14 . 50BEA589F7D7958BDD2528A8F69D05CC . 329216 . . [6.1.7600.16385] .. c:\windows\system32\services.exe
.
[-] 2012-04-16 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Tm0n31695\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Tm0n31695\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Tm0n31695\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"DrvUpdater"="c:\users\Tm0n31695\AppData\Roaming\DRPSu\DrvUpdater.exe" [2012-05-13 195256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"IAStorIcon"="c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe" [2010-09-13 283160]
"LManager"="c:\program files (x86)\launch manager\lmanager.exe" [2011-02-12 1070160]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-16 116648]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-05-13 21712]
R3 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-16 116648]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2012-04-28 33184]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2012-04-28 21872]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-11-01 14544]
R3 X6va005;X6va005;c:\users\TM0N31~1\AppData\Local\Temp\0058AD5.tmp [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-09-23 431464]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-03-14 913752]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2012-03-06 134920]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-02-12 346704]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-02-23 873064]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-10 821592]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - BEEP
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 07:11]
.
2012-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-16 03:57]
.
2012-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-16 03:57]
.
2012-06-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1209137320-2403953631-2894671897-1000Core.job
- c:\users\Tm0n31695\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-10 01:13]
.
2012-06-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1209137320-2403953631-2894671897-1000UA.job
- c:\users\Tm0n31695\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-10 01:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Tm0n31695\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Tm0n31695\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Tm0n31695\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Tm0n31695\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-05-16 21:53 754712 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-05-16 21:53 754712 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-05-16 21:53 754712 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-05-16 21:53 754712 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-11 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-11 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-11 417560]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-30 499608]
"combofix"="c:\combofix\CF15482.3XE" [2009-07-14 344576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
IE: &Download All using 4shared Desktop - c:\program files (x86)\4shared Desktop\Desktop.32/D_ALL_LINK
IE: &Download using 4shared Desktop - c:\program files (x86)\4shared Desktop\Desktop.32/D_ONE_LINK
LSP: mswsock.dll
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\synaptics\syntp\syntpenh.exe
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\CP210x\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
AddRemove-{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1 - c:\windows\AppPatch\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\TM0N31~1\AppData\Local\Temp\0058AD5.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Launch Manager\LMworker.exe
.
**************************************************************************
.
Completion time: 2012-06-07 14:19:49 - machine was rebooted
ComboFix-quarantined-files.txt 2012-06-07 18:19
.
Pre-Run: 110,539,296,768 bytes free
Post-Run: 110,061,592,576 bytes free
.
- - End Of File - - B16E585C6AC65AC7A39CEE534430AA22

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:46 PM

Posted 07 June 2012 - 05:09 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 Tm0n31695

Tm0n31695
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:ohio
  • Local time:01:46 PM

Posted 07 June 2012 - 05:31 PM

i got the same issues from last time when running aswmbr but tdsskiller ran fine


18:21:26.0123 4352 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
18:21:26.0444 4352 ============================================================
18:21:26.0444 4352 Current date / time: 2012/06/07 18:21:26.0444
18:21:26.0444 4352 SystemInfo:
18:21:26.0444 4352
18:21:26.0444 4352 OS Version: 6.1.7600 ServicePack: 0.0
18:21:26.0444 4352 Product type: Workstation
18:21:26.0444 4352 ComputerName: TM0N31695-PC
18:21:26.0445 4352 UserName: Tm0n31695
18:21:26.0445 4352 Windows directory: C:\Windows
18:21:26.0445 4352 System windows directory: C:\Windows
18:21:26.0445 4352 Running under WOW64
18:21:26.0445 4352 Processor architecture: Intel x64
18:21:26.0445 4352 Number of processors: 2
18:21:26.0445 4352 Page size: 0x1000
18:21:26.0445 4352 Boot type: Normal boot
18:21:26.0445 4352 ============================================================
18:21:26.0974 4352 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:21:26.0981 4352 ============================================================
18:21:26.0981 4352 \Device\Harddisk0\DR0:
18:21:26.0981 4352 MBR partitions:
18:21:26.0981 4352 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
18:21:26.0981 4352 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x235FAEB7
18:21:26.0981 4352 ============================================================
18:21:27.0006 4352 C: <-> \Device\Harddisk0\DR0\Partition1
18:21:27.0006 4352 ============================================================
18:21:27.0006 4352 Initialize success
18:21:27.0006 4352 ============================================================
18:22:13.0735 4268 ============================================================
18:22:13.0735 4268 Scan started
18:22:13.0735 4268 Mode: Manual;
18:22:13.0735 4268 ============================================================
18:22:15.0005 4268 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
18:22:15.0034 4268 1394ohci - ok
18:22:15.0106 4268 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
18:22:15.0116 4268 ACPI - ok
18:22:15.0166 4268 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
18:22:15.0171 4268 AcpiPmi - ok
18:22:15.0316 4268 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:22:15.0321 4268 AdobeARMservice - ok
18:22:15.0541 4268 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:22:15.0541 4268 AdobeFlashPlayerUpdateSvc - ok
18:22:15.0641 4268 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:22:15.0651 4268 adp94xx - ok
18:22:15.0701 4268 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:22:15.0706 4268 adpahci - ok
18:22:15.0786 4268 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:22:15.0806 4268 adpu320 - ok
18:22:16.0033 4268 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
18:22:16.0045 4268 AdvancedSystemCareService5 - ok
18:22:16.0098 4268 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
18:22:16.0100 4268 AeLookupSvc - ok
18:22:16.0213 4268 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
18:22:16.0223 4268 AFD - ok
18:22:16.0270 4268 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
18:22:16.0273 4268 agp440 - ok
18:22:16.0284 4268 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
18:22:16.0286 4268 ALG - ok
18:22:16.0293 4268 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
18:22:16.0295 4268 aliide - ok
18:22:16.0301 4268 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
18:22:16.0303 4268 amdide - ok
18:22:16.0329 4268 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:22:16.0331 4268 AmdK8 - ok
18:22:16.0350 4268 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:22:16.0353 4268 AmdPPM - ok
18:22:16.0408 4268 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
18:22:16.0412 4268 amdsata - ok
18:22:16.0437 4268 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:22:16.0442 4268 amdsbs - ok
18:22:16.0449 4268 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
18:22:16.0451 4268 amdxata - ok
18:22:16.0528 4268 AmUStor (92a848f962da91c631147d566414bb7e) C:\Windows\system32\drivers\AmUStor.SYS
18:22:16.0531 4268 AmUStor - ok
18:22:16.0559 4268 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
18:22:16.0561 4268 AppID - ok
18:22:16.0597 4268 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
18:22:16.0599 4268 AppIDSvc - ok
18:22:16.0617 4268 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
18:22:16.0619 4268 Appinfo - ok
18:22:16.0731 4268 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:22:16.0734 4268 Apple Mobile Device - ok
18:22:16.0758 4268 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
18:22:16.0763 4268 AppMgmt - ok
18:22:17.0045 4268 AR5416 (d00a39e9da389fb522d3b58d4bf4addb) C:\Windows\system32\DRIVERS\athwx.sys
18:22:17.0112 4268 AR5416 - ok
18:22:17.0286 4268 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:22:17.0289 4268 arc - ok
18:22:17.0301 4268 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:22:17.0304 4268 arcsas - ok
18:22:17.0422 4268 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:22:17.0423 4268 aspnet_state - ok
18:22:17.0497 4268 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
18:22:17.0499 4268 aswFsBlk - ok
18:22:17.0581 4268 aswFW (ffe56ac75a257141561daf42c3f7d16b) C:\Windows\system32\drivers\aswFW.sys
18:22:17.0593 4268 aswFW - ok
18:22:17.0668 4268 aswKbd (316271cc32fdfffcdb30677684906d5e) C:\Windows\system32\drivers\aswKbd.sys
18:22:17.0670 4268 aswKbd - ok
18:22:17.0741 4268 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
18:22:17.0744 4268 aswMonFlt - ok
18:22:17.0753 4268 aswNdis (518b8d447a1975ab46da093a2e743256) C:\Windows\system32\DRIVERS\aswNdis.sys
18:22:17.0755 4268 aswNdis - ok
18:22:17.0787 4268 aswNdis2 (36dbcb80e0af1dc228f495faf00a4bc8) C:\Windows\system32\drivers\aswNdis2.sys
18:22:17.0792 4268 aswNdis2 - ok
18:22:17.0871 4268 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
18:22:17.0874 4268 aswRdr - ok
18:22:17.0957 4268 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
18:22:17.0981 4268 aswSnx - ok
18:22:18.0051 4268 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
18:22:18.0058 4268 aswSP - ok
18:22:18.0068 4268 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
18:22:18.0070 4268 aswTdi - ok
18:22:18.0115 4268 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:22:18.0117 4268 AsyncMac - ok
18:22:18.0124 4268 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
18:22:18.0127 4268 atapi - ok
18:22:18.0357 4268 athr (524d0e30104137870a6b9d637e8b210c) C:\Windows\system32\DRIVERS\athrx.sys
18:22:18.0424 4268 athr - ok
18:22:18.0624 4268 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
18:22:18.0660 4268 AudioEndpointBuilder - ok
18:22:18.0673 4268 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
18:22:18.0682 4268 AudioSrv - ok
18:22:18.0800 4268 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:22:18.0802 4268 avast! Antivirus - ok
18:22:18.0828 4268 avast! Firewall (7d465549dfb0eca6601e9609c72cd20a) C:\Program Files\AVAST Software\Avast\afwServ.exe
18:22:18.0830 4268 avast! Firewall - ok
18:22:18.0859 4268 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
18:22:18.0862 4268 AxInstSV - ok
18:22:18.0953 4268 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:22:18.0965 4268 b06bdrv - ok
18:22:19.0025 4268 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:22:19.0038 4268 b57nd60a - ok
18:22:19.0093 4268 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
18:22:19.0097 4268 BDESVC - ok
18:22:19.0117 4268 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:22:19.0119 4268 Beep - ok
18:22:19.0204 4268 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
18:22:19.0233 4268 BFE - ok
18:22:19.0346 4268 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
18:22:19.0376 4268 BITS - ok
18:22:19.0433 4268 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:22:19.0435 4268 blbdrive - ok
18:22:19.0540 4268 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
18:22:19.0547 4268 Bonjour Service - ok
18:22:19.0598 4268 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
18:22:19.0601 4268 bowser - ok
18:22:19.0626 4268 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:22:19.0628 4268 BrFiltLo - ok
18:22:19.0642 4268 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:22:19.0644 4268 BrFiltUp - ok
18:22:19.0675 4268 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
18:22:19.0679 4268 BridgeMP - ok
18:22:19.0733 4268 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
18:22:19.0745 4268 Browser - ok
18:22:19.0818 4268 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:22:19.0863 4268 Brserid - ok
18:22:19.0880 4268 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:22:19.0883 4268 BrSerWdm - ok
18:22:19.0889 4268 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:22:19.0891 4268 BrUsbMdm - ok
18:22:19.0899 4268 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:22:19.0901 4268 BrUsbSer - ok
18:22:19.0927 4268 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:22:19.0930 4268 BTHMODEM - ok
18:22:19.0946 4268 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
18:22:19.0950 4268 bthserv - ok
18:22:19.0982 4268 catchme - ok
18:22:19.0995 4268 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:22:19.0998 4268 cdfs - ok
18:22:20.0013 4268 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
18:22:20.0016 4268 cdrom - ok
18:22:20.0041 4268 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
18:22:20.0043 4268 CertPropSvc - ok
18:22:20.0065 4268 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:22:20.0067 4268 circlass - ok
18:22:20.0117 4268 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:22:20.0136 4268 CLFS - ok
18:22:20.0210 4268 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:22:20.0214 4268 clr_optimization_v2.0.50727_32 - ok
18:22:20.0284 4268 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:22:20.0288 4268 clr_optimization_v2.0.50727_64 - ok
18:22:20.0378 4268 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:22:20.0403 4268 clr_optimization_v4.0.30319_32 - ok
18:22:20.0488 4268 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:22:20.0493 4268 clr_optimization_v4.0.30319_64 - ok
18:22:20.0568 4268 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:22:20.0573 4268 CmBatt - ok
18:22:20.0578 4268 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
18:22:20.0578 4268 cmdide - ok
18:22:20.0668 4268 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
18:22:20.0678 4268 CNG - ok
18:22:20.0683 4268 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:22:20.0688 4268 Compbatt - ok
18:22:20.0698 4268 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
18:22:20.0698 4268 CompositeBus - ok
18:22:20.0703 4268 COMSysApp - ok
18:22:20.0728 4268 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:22:20.0728 4268 crcdisk - ok
18:22:20.0793 4268 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
18:22:20.0803 4268 CryptSvc - ok
18:22:20.0848 4268 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
18:22:20.0858 4268 CSC - ok
18:22:20.0928 4268 CscService (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll
18:22:20.0943 4268 CscService - ok
18:22:21.0033 4268 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
18:22:21.0048 4268 DcomLaunch - ok
18:22:21.0088 4268 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
18:22:21.0093 4268 defragsvc - ok
18:22:21.0153 4268 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
18:22:21.0157 4268 DfsC - ok
18:22:21.0207 4268 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
18:22:21.0218 4268 Dhcp - ok
18:22:21.0227 4268 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:22:21.0229 4268 discache - ok
18:22:21.0278 4268 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:22:21.0281 4268 Disk - ok
18:22:21.0350 4268 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
18:22:21.0360 4268 Dnscache - ok
18:22:21.0417 4268 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
18:22:21.0433 4268 dot3svc - ok
18:22:21.0448 4268 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
18:22:21.0454 4268 DPS - ok
18:22:21.0485 4268 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:22:21.0487 4268 drmkaud - ok
18:22:21.0642 4268 DrvAgent64 (1ed08a6264c5c92099d6d1dae5e8f530) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
18:22:21.0645 4268 DrvAgent64 - ok
18:22:21.0784 4268 DsiWMIService (3083efb8bafef49cc7c73aca9ebdf185) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
18:22:21.0789 4268 DsiWMIService - ok
18:22:21.0870 4268 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:22:21.0876 4268 dtsoftbus01 - ok
18:22:22.0001 4268 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
18:22:22.0024 4268 DXGKrnl - ok
18:22:22.0074 4268 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
18:22:22.0098 4268 EapHost - ok
18:22:22.0389 4268 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:22:22.0493 4268 ebdrv - ok
18:22:22.0669 4268 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
18:22:22.0675 4268 EFS - ok
18:22:22.0786 4268 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
18:22:22.0798 4268 ehRecvr - ok
18:22:22.0853 4268 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
18:22:22.0877 4268 ehSched - ok
18:22:23.0002 4268 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:22:23.0011 4268 elxstor - ok
18:22:23.0184 4268 ePowerSvc (eb1c213a8550f066b2ccc29c9f41e2ae) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
18:22:23.0196 4268 ePowerSvc - ok
18:22:23.0323 4268 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
18:22:23.0325 4268 ErrDev - ok
18:22:23.0432 4268 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
18:22:23.0449 4268 EventSystem - ok
18:22:23.0483 4268 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:22:23.0490 4268 exfat - ok
18:22:23.0528 4268 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:22:23.0535 4268 fastfat - ok
18:22:23.0653 4268 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
18:22:23.0690 4268 Fax - ok
18:22:23.0698 4268 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:22:23.0700 4268 fdc - ok
18:22:23.0741 4268 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
18:22:23.0745 4268 fdPHost - ok
18:22:23.0774 4268 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
18:22:23.0778 4268 FDResPub - ok
18:22:23.0815 4268 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:22:23.0818 4268 FileInfo - ok
18:22:23.0983 4268 FileMonitor (060cc45cecae2feaff9c8c52d8fafaa8) C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
18:22:23.0985 4268 FileMonitor - ok
18:22:23.0993 4268 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:22:23.0995 4268 Filetrace - ok
18:22:24.0053 4268 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:22:24.0056 4268 flpydisk - ok
18:22:24.0088 4268 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
18:22:24.0095 4268 FltMgr - ok
18:22:24.0281 4268 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
18:22:24.0312 4268 FontCache - ok
18:22:24.0413 4268 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:22:24.0418 4268 FontCache3.0.0.0 - ok
18:22:24.0468 4268 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:22:24.0473 4268 FsDepends - ok
18:22:24.0523 4268 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
18:22:24.0528 4268 Fs_Rec - ok
18:22:24.0598 4268 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:22:24.0687 4268 fvevol - ok
18:22:24.0697 4268 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:22:24.0700 4268 gagp30kx - ok
18:22:24.0744 4268 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:22:24.0747 4268 GEARAspiWDM - ok
18:22:24.0856 4268 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
18:22:24.0879 4268 gpsvc - ok
18:22:25.0006 4268 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:22:25.0009 4268 gupdate - ok
18:22:25.0020 4268 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:22:25.0022 4268 gupdatem - ok
18:22:25.0030 4268 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:22:25.0034 4268 hcw85cir - ok
18:22:25.0112 4268 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
18:22:25.0132 4268 HdAudAddService - ok
18:22:25.0154 4268 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:22:25.0158 4268 HDAudBus - ok
18:22:25.0208 4268 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
18:22:25.0211 4268 HECIx64 - ok
18:22:25.0219 4268 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:22:25.0221 4268 HidBatt - ok
18:22:25.0234 4268 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:22:25.0237 4268 HidBth - ok
18:22:25.0246 4268 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:22:25.0249 4268 HidIr - ok
18:22:25.0268 4268 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
18:22:25.0272 4268 hidserv - ok
18:22:25.0329 4268 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
18:22:25.0332 4268 HidUsb - ok
18:22:25.0386 4268 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
18:22:25.0413 4268 hkmsvc - ok
18:22:25.0436 4268 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
18:22:25.0445 4268 HomeGroupListener - ok
18:22:25.0505 4268 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
18:22:25.0525 4268 HomeGroupProvider - ok
18:22:25.0536 4268 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
18:22:25.0539 4268 HpSAMD - ok
18:22:25.0618 4268 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
18:22:25.0632 4268 HTTP - ok
18:22:25.0638 4268 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
18:22:25.0641 4268 hwpolicy - ok
18:22:25.0677 4268 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
18:22:25.0681 4268 i8042prt - ok
18:22:25.0771 4268 iaStor (2fdaec4b02729c48c0fd1b0b4695995b) C:\Windows\system32\DRIVERS\iaStor.sys
18:22:25.0776 4268 iaStor - ok
18:22:25.0896 4268 IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:22:25.0901 4268 IAStorDataMgrSvc - ok
18:22:25.0981 4268 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
18:22:26.0001 4268 iaStorV - ok
18:22:26.0182 4268 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:22:26.0201 4268 idsvc - ok
18:22:27.0244 4268 igfx (f4f91789c7c7a159ce8215c1f69f2a85) C:\Windows\system32\DRIVERS\igdkmd64.sys
18:22:27.0524 4268 igfx - ok
18:22:27.0684 4268 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:22:27.0687 4268 iirsp - ok
18:22:27.0796 4268 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
18:22:27.0817 4268 IKEEXT - ok
18:22:28.0007 4268 IMFservice (8ae99ebe30e8338907361018d9030835) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
18:22:28.0017 4268 IMFservice - ok
18:22:28.0154 4268 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
18:22:28.0164 4268 Impcd - ok
18:22:28.0512 4268 IntcAzAudAddService (5f6a3ea5bd7ca861863a3a06cecc115c) C:\Windows\system32\drivers\RTKVHD64.sys
18:22:28.0611 4268 IntcAzAudAddService - ok
18:22:28.0742 4268 IntcDAud (ae594cc17c33ac146739494615e14851) C:\Windows\system32\DRIVERS\IntcDAud.sys
18:22:28.0753 4268 IntcDAud - ok
18:22:28.0795 4268 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
18:22:28.0797 4268 intelide - ok
18:22:28.0819 4268 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:22:28.0822 4268 intelppm - ok
18:22:28.0873 4268 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
18:22:28.0899 4268 IPBusEnum - ok
18:22:28.0932 4268 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:22:28.0936 4268 IpFilterDriver - ok
18:22:29.0024 4268 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
18:22:29.0037 4268 iphlpsvc - ok
18:22:29.0048 4268 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
18:22:29.0051 4268 IPMIDRV - ok
18:22:29.0067 4268 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:22:29.0071 4268 IPNAT - ok
18:22:29.0222 4268 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
18:22:29.0238 4268 iPod Service - ok
18:22:29.0246 4268 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:22:29.0248 4268 IRENUM - ok
18:22:29.0256 4268 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
18:22:29.0258 4268 isapnp - ok
18:22:29.0301 4268 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
18:22:29.0319 4268 iScsiPrt - ok
18:22:29.0370 4268 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
18:22:29.0373 4268 kbdclass - ok
18:22:29.0390 4268 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
18:22:29.0392 4268 kbdhid - ok
18:22:29.0446 4268 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
18:22:29.0451 4268 KeyIso - ok
18:22:29.0503 4268 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
18:22:29.0506 4268 KSecDD - ok
18:22:29.0563 4268 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
18:22:29.0602 4268 KSecPkg - ok
18:22:29.0674 4268 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:22:29.0676 4268 ksthunk - ok
18:22:29.0750 4268 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
18:22:29.0770 4268 KtmRm - ok
18:22:29.0820 4268 L1C (173666119d217e3739205c169e2bf0e5) C:\Windows\system32\DRIVERS\L1C62x64.sys
18:22:29.0824 4268 L1C - ok
18:22:29.0895 4268 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
18:22:29.0911 4268 LanmanServer - ok
18:22:29.0973 4268 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
18:22:29.0987 4268 LanmanWorkstation - ok
18:22:30.0001 4268 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:22:30.0004 4268 lltdio - ok
18:22:30.0076 4268 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
18:22:30.0088 4268 lltdsvc - ok
18:22:30.0115 4268 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
18:22:30.0120 4268 lmhosts - ok
18:22:30.0138 4268 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:22:30.0142 4268 LSI_FC - ok
18:22:30.0155 4268 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:22:30.0158 4268 LSI_SAS - ok
18:22:30.0168 4268 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:22:30.0171 4268 LSI_SAS2 - ok
18:22:30.0185 4268 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:22:30.0189 4268 LSI_SCSI - ok
18:22:30.0202 4268 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:22:30.0205 4268 luafv - ok
18:22:30.0260 4268 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
18:22:30.0262 4268 MBAMProtector - ok
18:22:30.0405 4268 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:22:30.0414 4268 MBAMService - ok
18:22:30.0451 4268 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
18:22:30.0458 4268 Mcx2Svc - ok
18:22:30.0466 4268 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:22:30.0469 4268 megasas - ok
18:22:30.0519 4268 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:22:30.0526 4268 MegaSR - ok
18:22:30.0561 4268 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:22:30.0568 4268 MMCSS - ok
18:22:30.0638 4268 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:22:30.0641 4268 Modem - ok
18:22:30.0648 4268 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:22:30.0651 4268 monitor - ok
18:22:30.0703 4268 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:22:30.0706 4268 mouclass - ok
18:22:30.0718 4268 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:22:30.0721 4268 mouhid - ok
18:22:30.0733 4268 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
18:22:30.0737 4268 mountmgr - ok
18:22:30.0754 4268 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
18:22:30.0758 4268 mpio - ok
18:22:30.0768 4268 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:22:30.0772 4268 mpsdrv - ok
18:22:30.0915 4268 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
18:22:30.0934 4268 MpsSvc - ok
18:22:30.0976 4268 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
18:22:30.0988 4268 MRxDAV - ok
18:22:31.0044 4268 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:22:31.0056 4268 mrxsmb - ok
18:22:31.0082 4268 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:22:31.0089 4268 mrxsmb10 - ok
18:22:31.0112 4268 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:22:31.0137 4268 mrxsmb20 - ok
18:22:31.0144 4268 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
18:22:31.0147 4268 msahci - ok
18:22:31.0164 4268 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
18:22:31.0168 4268 msdsm - ok
18:22:31.0225 4268 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
18:22:31.0237 4268 MSDTC - ok
18:22:31.0252 4268 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:22:31.0256 4268 Msfs - ok
18:22:31.0273 4268 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:22:31.0276 4268 mshidkmdf - ok
18:22:31.0290 4268 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
18:22:31.0292 4268 msisadrv - ok
18:22:31.0345 4268 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
18:22:31.0357 4268 MSiSCSI - ok
18:22:31.0363 4268 msiserver - ok
18:22:31.0393 4268 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:22:31.0393 4268 MSKSSRV - ok
18:22:31.0422 4268 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:22:31.0424 4268 MSPCLOCK - ok
18:22:31.0443 4268 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:22:31.0445 4268 MSPQM - ok
18:22:31.0481 4268 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
18:22:31.0489 4268 MsRPC - ok
18:22:31.0501 4268 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
18:22:31.0504 4268 mssmbios - ok
18:22:31.0654 4268 MSSQL$SQLEXPRESS - ok
18:22:31.0704 4268 MSSQLServerADHelper100 (7a2a8c975356858eb38466a6b1592e8d) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
18:22:31.0707 4268 MSSQLServerADHelper100 - ok
18:22:31.0737 4268 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:22:31.0739 4268 MSTEE - ok
18:22:31.0757 4268 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:22:31.0759 4268 MTConfig - ok
18:22:31.0769 4268 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:22:31.0773 4268 Mup - ok
18:22:31.0882 4268 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
18:22:31.0954 4268 napagent - ok
18:22:31.0997 4268 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:22:32.0007 4268 NativeWifiP - ok
18:22:32.0088 4268 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
18:22:32.0105 4268 NDIS - ok
18:22:32.0113 4268 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:22:32.0116 4268 NdisCap - ok
18:22:32.0124 4268 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:22:32.0127 4268 NdisTapi - ok
18:22:32.0135 4268 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
18:22:32.0137 4268 Ndisuio - ok
18:22:32.0158 4268 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
18:22:32.0162 4268 NdisWan - ok
18:22:32.0169 4268 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
18:22:32.0171 4268 NDProxy - ok
18:22:32.0178 4268 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:22:32.0180 4268 NetBIOS - ok
18:22:32.0203 4268 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
18:22:32.0207 4268 NetBT - ok
18:22:32.0257 4268 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
18:22:32.0262 4268 Netlogon - ok
18:22:32.0342 4268 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
18:22:32.0361 4268 Netman - ok
18:22:32.0495 4268 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:22:32.0508 4268 NetMsmqActivator - ok
18:22:32.0514 4268 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:22:32.0517 4268 NetPipeActivator - ok
18:22:32.0570 4268 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
18:22:32.0583 4268 netprofm - ok
18:22:32.0590 4268 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:22:32.0593 4268 NetTcpActivator - ok
18:22:32.0599 4268 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:22:32.0602 4268 NetTcpPortSharing - ok
18:22:32.0658 4268 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:22:32.0661 4268 nfrd960 - ok
18:22:32.0705 4268 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
18:22:32.0728 4268 NlaSvc - ok
18:22:32.0736 4268 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:22:32.0739 4268 Npfs - ok
18:22:32.0785 4268 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
18:22:32.0793 4268 nsi - ok
18:22:32.0800 4268 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:22:32.0802 4268 nsiproxy - ok
18:22:32.0990 4268 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
18:22:33.0041 4268 Ntfs - ok
18:22:33.0172 4268 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:22:33.0175 4268 Null - ok
18:22:33.0240 4268 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
18:22:33.0250 4268 nvraid - ok
18:22:33.0325 4268 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
18:22:33.0329 4268 nvstor - ok
18:22:33.0366 4268 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
18:22:33.0370 4268 nv_agp - ok
18:22:33.0392 4268 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
18:22:33.0395 4268 ohci1394 - ok
18:22:33.0463 4268 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:22:33.0474 4268 p2pimsvc - ok
18:22:33.0552 4268 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
18:22:33.0643 4268 p2psvc - ok
18:22:33.0700 4268 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:22:33.0703 4268 Parport - ok
18:22:33.0753 4268 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
18:22:33.0757 4268 partmgr - ok
18:22:33.0778 4268 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
18:22:33.0787 4268 PcaSvc - ok
18:22:33.0824 4268 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
18:22:33.0833 4268 pci - ok
18:22:33.0863 4268 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
18:22:33.0866 4268 pciide - ok
18:22:33.0916 4268 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:22:33.0967 4268 pcmcia - ok
18:22:33.0977 4268 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:22:33.0980 4268 pcw - ok
18:22:34.0047 4268 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:22:34.0059 4268 PEAUTH - ok
18:22:34.0204 4268 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
18:22:34.0245 4268 PeerDistSvc - ok
18:22:34.0391 4268 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
18:22:34.0398 4268 PerfHost - ok
18:22:34.0650 4268 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
18:22:34.0688 4268 pla - ok
18:22:34.0840 4268 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
18:22:34.0858 4268 PlugPlay - ok
18:22:34.0864 4268 PnkBstrA - ok
18:22:34.0909 4268 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
18:22:34.0917 4268 PNRPAutoReg - ok
18:22:34.0950 4268 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:22:34.0961 4268 PNRPsvc - ok
18:22:35.0052 4268 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
18:22:35.0072 4268 PolicyAgent - ok
18:22:35.0140 4268 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
18:22:35.0151 4268 Power - ok
18:22:35.0227 4268 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
18:22:35.0231 4268 PptpMiniport - ok
18:22:35.0271 4268 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:22:35.0274 4268 Processor - ok
18:22:35.0322 4268 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
18:22:35.0341 4268 ProfSvc - ok
18:22:35.0390 4268 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
18:22:35.0396 4268 ProtectedStorage - ok
18:22:35.0451 4268 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
18:22:35.0455 4268 Psched - ok
18:22:35.0505 4268 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
18:22:35.0509 4268 PxHlpa64 - ok
18:22:35.0718 4268 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:22:35.0758 4268 ql2300 - ok
18:22:35.0887 4268 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:22:35.0891 4268 ql40xx - ok
18:22:35.0952 4268 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
18:22:35.0969 4268 QWAVE - ok
18:22:35.0978 4268 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:22:35.0981 4268 QWAVEdrv - ok
18:22:36.0013 4268 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:22:36.0016 4268 RasAcd - ok
18:22:36.0068 4268 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:22:36.0071 4268 RasAgileVpn - ok
18:22:36.0099 4268 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
18:22:36.0126 4268 RasAuto - ok
18:22:36.0141 4268 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:22:36.0145 4268 Rasl2tp - ok
18:22:36.0191 4268 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
18:22:36.0212 4268 RasMan - ok
18:22:36.0243 4268 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:22:36.0246 4268 RasPppoe - ok
18:22:36.0281 4268 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:22:36.0284 4268 RasSstp - ok
18:22:36.0312 4268 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
18:22:36.0319 4268 rdbss - ok
18:22:36.0328 4268 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:22:36.0330 4268 rdpbus - ok
18:22:36.0343 4268 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:22:36.0345 4268 RDPCDD - ok
18:22:36.0394 4268 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
18:22:36.0404 4268 RDPDR - ok
18:22:36.0425 4268 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:22:36.0428 4268 RDPENCDD - ok
18:22:36.0445 4268 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:22:36.0448 4268 RDPREFMP - ok
18:22:36.0512 4268 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
18:22:36.0531 4268 RDPWD - ok
18:22:36.0559 4268 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
18:22:36.0565 4268 rdyboost - ok
18:22:36.0788 4268 RegFilter (c3b79061634fbc3ba3379f557ad952c7) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
18:22:36.0790 4268 RegFilter - ok
18:22:36.0851 4268 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
18:22:36.0857 4268 RemoteAccess - ok
18:22:36.0927 4268 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
18:22:36.0960 4268 RemoteRegistry - ok
18:22:36.0992 4268 RMCAST (77b3b747eb2413072b8e4306018d0c9b) C:\Windows\system32\DRIVERS\RMCAST.sys
18:22:36.0997 4268 RMCAST - ok
18:22:37.0002 4268 rpcapd - ok
18:22:37.0016 4268 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
18:22:37.0025 4268 RpcEptMapper - ok
18:22:37.0065 4268 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
18:22:37.0071 4268 RpcLocator - ok
18:22:37.0134 4268 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
18:22:37.0147 4268 RpcSs - ok
18:22:37.0222 4268 RsFx0105 (c9fe05a63c500abe3afa5786504c4d36) C:\Windows\system32\DRIVERS\RsFx0105.sys
18:22:37.0233 4268 RsFx0105 - ok
18:22:37.0244 4268 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:22:37.0248 4268 rspndr - ok
18:22:37.0275 4268 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
18:22:37.0278 4268 s3cap - ok
18:22:37.0323 4268 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
18:22:37.0329 4268 SamSs - ok
18:22:37.0342 4268 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
18:22:37.0346 4268 sbp2port - ok
18:22:37.0413 4268 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
18:22:37.0433 4268 SCardSvr - ok
18:22:37.0441 4268 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
18:22:37.0444 4268 scfilter - ok
18:22:37.0605 4268 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
18:22:37.0647 4268 Schedule - ok
18:22:37.0707 4268 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
18:22:37.0710 4268 SCPolicySvc - ok
18:22:37.0740 4268 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
18:22:37.0760 4268 SDRSVC - ok
18:22:37.0815 4268 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:22:37.0818 4268 secdrv - ok
18:22:37.0828 4268 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
18:22:37.0836 4268 seclogon - ok
18:22:37.0866 4268 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
18:22:37.0875 4268 SENS - ok
18:22:37.0884 4268 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
18:22:37.0894 4268 SensrSvc - ok
18:22:37.0915 4268 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:22:37.0918 4268 Serenum - ok
18:22:37.0932 4268 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:22:37.0936 4268 Serial - ok
18:22:37.0944 4268 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:22:37.0947 4268 sermouse - ok
18:22:37.0972 4268 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
18:22:37.0981 4268 SessionEnv - ok
18:22:38.0013 4268 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:22:38.0015 4268 sffdisk - ok
18:22:38.0046 4268 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:22:38.0048 4268 sffp_mmc - ok
18:22:38.0055 4268 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys
18:22:38.0058 4268 sffp_sd - ok
18:22:38.0067 4268 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:22:38.0069 4268 sfloppy - ok
18:22:38.0159 4268 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
18:22:38.0178 4268 SharedAccess - ok
18:22:38.0244 4268 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
18:22:38.0262 4268 ShellHWDetection - ok
18:22:38.0281 4268 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:22:38.0284 4268 SiSRaid2 - ok
18:22:38.0298 4268 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:22:38.0302 4268 SiSRaid4 - ok
18:22:38.0348 4268 SmartDefragDriver (dd0443bc6cc78a19fd399817f8c51401) C:\Windows\system32\Drivers\SmartDefragDriver.sys
18:22:38.0350 4268 SmartDefragDriver - ok
18:22:38.0391 4268 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:22:38.0394 4268 Smb - ok
18:22:38.0430 4268 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
18:22:38.0438 4268 SNMPTRAP - ok
18:22:38.0446 4268 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:22:38.0449 4268 spldr - ok
18:22:38.0539 4268 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
18:22:38.0567 4268 Spooler - ok
18:22:38.0900 4268 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
18:22:38.0992 4268 sppsvc - ok
18:22:39.0098 4268 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
18:22:39.0114 4268 sppuinotify - ok
18:22:39.0211 4268 sptd (a15860e920b02c9a7ce8f3a6c2ff1e3a) C:\Windows\System32\Drivers\sptd.sys
18:22:39.0229 4268 sptd - ok
18:22:39.0430 4268 SQLAgent$SQLEXPRESS (45e65fb17a4cd5facbd3ca16c8334c82) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
18:22:39.0446 4268 SQLAgent$SQLEXPRESS - ok
18:22:39.0577 4268 SQLBrowser (10d936dced9eacd1a1b3fcdda6d7a4eb) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:22:39.0650 4268 SQLBrowser - ok
18:22:39.0700 4268 SQLWriter (f92e5f93be572b512da3c016b675ede0) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:22:39.0702 4268 SQLWriter - ok
18:22:39.0902 4268 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
18:22:39.0916 4268 srv - ok
18:22:39.0991 4268 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
18:22:40.0000 4268 srv2 - ok
18:22:40.0060 4268 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
18:22:40.0070 4268 srvnet - ok
18:22:40.0154 4268 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
18:22:40.0173 4268 SSDPSRV - ok
18:22:40.0185 4268 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
18:22:40.0195 4268 SstpSvc - ok
18:22:40.0251 4268 Steam Client Service - ok
18:22:40.0300 4268 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:22:40.0302 4268 stexstor - ok
18:22:40.0395 4268 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
18:22:40.0423 4268 stisvc - ok
18:22:40.0473 4268 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
18:22:40.0476 4268 storflt - ok
18:22:40.0485 4268 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
18:22:40.0488 4268 storvsc - ok
18:22:40.0496 4268 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
18:22:40.0499 4268 swenum - ok
18:22:40.0666 4268 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:22:40.0673 4268 SwitchBoard - ok
18:22:40.0772 4268 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
18:22:40.0798 4268 swprv - ok
18:22:40.0957 4268 SynTP (bc642d540aedf9a253c74d10c848ebd2) C:\Windows\system32\DRIVERS\SynTP.sys
18:22:40.0996 4268 SynTP - ok
18:22:41.0253 4268 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
18:22:41.0309 4268 SysMain - ok
18:22:41.0398 4268 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
18:22:41.0425 4268 TabletInputService - ok
18:22:41.0473 4268 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
18:22:41.0486 4268 TapiSrv - ok
18:22:41.0504 4268 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
18:22:41.0513 4268 TBS - ok
18:22:41.0750 4268 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
18:22:41.0802 4268 Tcpip - ok
18:22:42.0090 4268 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
18:22:42.0113 4268 TCPIP6 - ok
18:22:42.0246 4268 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
18:22:42.0249 4268 tcpipreg - ok
18:22:42.0278 4268 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:22:42.0281 4268 TDPIPE - ok
18:22:42.0322 4268 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
18:22:42.0324 4268 TDTCP - ok
18:22:42.0339 4268 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
18:22:42.0342 4268 tdx - ok
18:22:42.0656 4268 TeamViewer7 (a4d2ce94b028ef1e437cf4ac3d8ff26c) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
18:22:42.0679 4268 TeamViewer7 - ok
18:22:42.0818 4268 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
18:22:42.0821 4268 TermDD - ok
18:22:42.0944 4268 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
18:22:42.0973 4268 TermService - ok
18:22:42.0989 4268 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
18:22:42.0999 4268 Themes - ok
18:22:43.0048 4268 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:22:43.0054 4268 THREADORDER - ok
18:22:43.0074 4268 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
18:22:43.0099 4268 TrkWks - ok
18:22:43.0179 4268 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
18:22:43.0183 4268 TrustedInstaller - ok
18:22:43.0238 4268 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:22:43.0241 4268 tssecsrv - ok
18:22:43.0259 4268 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
18:22:43.0263 4268 tunnel - ok
18:22:43.0286 4268 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:22:43.0289 4268 uagp35 - ok
18:22:43.0320 4268 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
18:22:43.0327 4268 udfs - ok
18:22:43.0355 4268 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
18:22:43.0366 4268 UI0Detect - ok
18:22:43.0395 4268 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
18:22:43.0398 4268 uliagpkx - ok
18:22:43.0408 4268 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
18:22:43.0412 4268 umbus - ok
18:22:43.0433 4268 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:22:43.0435 4268 UmPass - ok
18:22:43.0456 4268 UmRdpService (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll
18:22:43.0468 4268 UmRdpService - ok
18:22:43.0521 4268 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
18:22:43.0534 4268 upnphost - ok
18:22:43.0709 4268 UrlFilter (401984715693b87fdf4f600fbbebd366) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
18:22:43.0711 4268 UrlFilter - ok
18:22:43.0764 4268 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
18:22:43.0768 4268 USBAAPL64 - ok
18:22:43.0819 4268 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
18:22:43.0822 4268 usbccgp - ok
18:22:43.0918 4268 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
18:22:43.0923 4268 usbcir - ok
18:22:43.0937 4268 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
18:22:43.0940 4268 usbehci - ok
18:22:43.0975 4268 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
18:22:43.0983 4268 usbhub - ok
18:22:44.0029 4268 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
18:22:44.0032 4268 usbohci - ok
18:22:44.0055 4268 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:22:44.0058 4268 usbprint - ok
18:22:44.0113 4268 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:22:44.0117 4268 USBSTOR - ok
18:22:44.0147 4268 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
18:22:44.0150 4268 usbuhci - ok
18:22:44.0215 4268 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
18:22:44.0224 4268 usbvideo - ok
18:22:44.0279 4268 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
18:22:44.0289 4268 UxSms - ok
18:22:44.0345 4268 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
18:22:44.0351 4268 VaultSvc - ok
18:22:44.0369 4268 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
18:22:44.0372 4268 vdrvroot - ok
18:22:44.0437 4268 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
18:22:44.0457 4268 vds - ok
18:22:44.0466 4268 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:22:44.0469 4268 vga - ok
18:22:44.0478 4268 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:22:44.0481 4268 VgaSave - ok
18:22:44.0529 4268 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
18:22:44.0546 4268 vhdmp - ok
18:22:44.0556 4268 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
18:22:44.0559 4268 viaide - ok
18:22:44.0630 4268 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
18:22:44.0694 4268 vmbus - ok
18:22:44.0710 4268 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
18:22:44.0713 4268 VMBusHID - ok
18:22:44.0726 4268 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
18:22:44.0729 4268 volmgr - ok
18:22:44.0765 4268 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
18:22:44.0773 4268 volmgrx - ok
18:22:44.0844 4268 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
18:22:44.0851 4268 volsnap - ok
18:22:44.0870 4268 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:22:44.0875 4268 vsmraid - ok
18:22:45.0016 4268 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
18:22:45.0069 4268 VSS - ok
18:22:45.0190 4268 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:22:45.0193 4268 vwifibus - ok
18:22:45.0204 4268 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:22:45.0208 4268 vwififlt - ok
18:22:45.0235 4268 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
18:22:45.0238 4268 vwifimp - ok
18:22:45.0276 4268 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
18:22:45.0315 4268 W32Time - ok
18:22:45.0345 4268 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:22:45.0348 4268 WacomPen - ok
18:22:45.0362 4268 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
18:22:45.0366 4268 WANARP - ok
18:22:45.0372 4268 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
18:22:45.0375 4268 Wanarpv6 - ok
18:22:45.0532 4268 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
18:22:45.0569 4268 WatAdminSvc - ok
18:22:45.0852 4268 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
18:22:45.0899 4268 wbengine - ok
18:22:46.0035 4268 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
18:22:46.0047 4268 WbioSrvc - ok
18:22:46.0125 4268 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
18:22:46.0145 4268 wcncsvc - ok
18:22:46.0179 4268 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
18:22:46.0190 4268 WcsPlugInService - ok
18:22:46.0259 4268 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:22:46.0262 4268 Wd - ok
18:22:46.0320 4268 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:22:46.0333 4268 Wdf01000 - ok
18:22:46.0346 4268 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:22:46.0358 4268 WdiServiceHost - ok
18:22:46.0364 4268 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:22:46.0375 4268 WdiSystemHost - ok
18:22:46.0446 4268 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
18:22:46.0461 4268 WebClient - ok
18:22:46.0503 4268 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
18:22:46.0518 4268 Wecsvc - ok
18:22:46.0531 4268 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
18:22:46.0541 4268 wercplsupport - ok
18:22:46.0568 4268 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
18:22:46.0595 4268 WerSvc - ok
18:22:46.0722 4268 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:22:46.0725 4268 WfpLwf - ok
18:22:46.0761 4268 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:22:46.0764 4268 WIMMount - ok
18:22:46.0818 4268 WinDefend - ok
18:22:46.0833 4268 WinHttpAutoProxySvc - ok
18:22:46.0926 4268 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
18:22:46.0943 4268 Winmgmt - ok
18:22:47.0052 4268 WinRing0_1_2_0 (0c0195c48b6b8582fa6f6373032118da) C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
18:22:47.0054 4268 WinRing0_1_2_0 - ok
18:22:47.0271 4268 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
18:22:47.0340 4268 WinRM - ok
18:22:47.0524 4268 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
18:22:47.0527 4268 WinUsb - ok
18:22:47.0658 4268 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
18:22:47.0742 4268 Wlansvc - ok
18:22:47.0800 4268 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
18:22:47.0803 4268 WmiAcpi - ok
18:22:47.0889 4268 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
18:22:47.0893 4268 wmiApSrv - ok
18:22:47.0933 4268 WMPNetworkSvc - ok
18:22:47.0959 4268 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
18:22:47.0970 4268 WPCSvc - ok
18:22:47.0995 4268 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
18:22:48.0022 4268 WPDBusEnum - ok
18:22:48.0052 4268 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:22:48.0055 4268 ws2ifsl - ok
18:22:48.0155 4268 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
18:22:48.0181 4268 wscsvc - ok
18:22:48.0191 4268 WSearch - ok
18:22:48.0433 4268 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
18:22:48.0510 4268 wuauserv - ok
18:22:48.0732 4268 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
18:22:48.0736 4268 WudfPf - ok
18:22:48.0775 4268 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:22:48.0786 4268 WUDFRd - ok
18:22:48.0835 4268 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
18:22:48.0863 4268 wudfsvc - ok
18:22:48.0926 4268 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
18:22:48.0942 4268 WwanSvc - ok
18:22:49.0028 4268 X6va005 - ok
18:22:49.0115 4268 X6va008 - ok
18:22:49.0149 4268 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:22:49.0439 4268 \Device\Harddisk0\DR0 - ok
18:22:49.0449 4268 Boot (0x1200) (7e63136db06a636586ed6ce3f2d6c17a) \Device\Harddisk0\DR0\Partition0
18:22:49.0452 4268 \Device\Harddisk0\DR0\Partition0 - ok
18:22:49.0469 4268 Boot (0x1200) (0a825e09de31fd81c73463ec64c9510c) \Device\Harddisk0\DR0\Partition1
18:22:49.0471 4268 \Device\Harddisk0\DR0\Partition1 - ok
18:22:49.0472 4268 ============================================================
18:22:49.0472 4268 Scan finished
18:22:49.0472 4268 ============================================================
18:22:49.0542 3476 Detected object count: 0
18:22:49.0542 3476 Actual detected object count: 0

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:46 PM

Posted 07 June 2012 - 08:54 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 Tm0n31695

Tm0n31695
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:ohio
  • Local time:01:46 PM

Posted 07 June 2012 - 09:29 PM

the computer is running smoother and im not getting those alerts anymore


ComboFix 12-06-07.04 - Tm0n31695 06/07/2012 22:03:43.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.5815.4178 [GMT -4:00]
Running from: c:\users\Tm0n31695\Desktop\ComboFix.exe
Command switches used :: c:\users\Tm0n31695\Desktop\CFScript.txt
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\SysWow64\drivers\npf.sys
.
.
((((((((((((((((((((((((( Files Created from 2012-05-08 to 2012-06-08 )))))))))))))))))))))))))))))))
.
.
2012-06-08 02:16 . 2012-06-08 02:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-06 22:37 . 2012-06-06 22:39 -------- d-----w- C:\FRST
2012-06-06 02:31 . 2012-06-06 03:26 -------- d-----w- c:\programdata\SecTaskMan
2012-06-06 02:13 . 2012-06-06 02:13 -------- d-----w- c:\program files (x86)\ESET
2012-06-06 01:50 . 2012-06-06 01:50 -------- d-----w- c:\users\Tm0n31695\AppData\Roaming\Malwarebytes
2012-06-06 01:50 . 2012-06-06 01:50 -------- d-----w- c:\programdata\Malwarebytes
2012-06-06 01:50 . 2012-06-06 01:50 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-06 01:50 . 2012-04-04 19:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-05 22:54 . 2012-03-06 23:04 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-06-05 22:54 . 2012-03-06 23:01 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-06-05 22:54 . 2012-03-06 23:04 141144 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-06-05 22:54 . 2012-03-06 23:03 258904 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-06-05 22:54 . 2012-03-06 23:02 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-06-05 22:54 . 2012-03-06 23:01 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-06-05 22:54 . 2012-03-06 23:04 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-06-05 22:54 . 2012-03-06 23:02 28504 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-06-05 22:54 . 2012-03-06 23:01 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-06-05 22:54 . 2012-03-06 23:15 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-05 22:53 . 2012-03-06 22:44 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2012-06-05 22:53 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr
2012-06-05 22:53 . 2012-03-06 23:15 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-06-05 19:56 . 2012-06-05 19:56 -------- d-----w- c:\users\Default\AppData\Roaming\IObit
2012-06-05 18:41 . 2012-06-05 22:53 -------- d-----w- c:\programdata\AVAST Software
2012-06-05 18:41 . 2012-06-05 22:53 -------- d-----w- c:\program files\AVAST Software
2012-06-05 18:15 . 2012-06-05 18:53 3993600 ----a-w- c:\program files (x86)\GUT5BA7.tmp
2012-06-05 18:15 . 2012-06-05 18:15 -------- d-----w- c:\program files (x86)\GUM5BA6.tmp
2012-06-05 00:01 . 2012-06-05 00:01 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-06-01 08:20 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{116A5254-09FF-4F65-83A3-0CDD9E152C5D}\mpengine.dll
2012-05-31 23:16 . 2012-05-31 23:16 -------- d-----w- c:\windows\Sun
2012-05-31 23:12 . 2012-05-31 23:12 -------- d-----w- c:\programdata\SwiftKit
2012-05-31 23:12 . 2012-06-08 00:20 -------- d-----w- c:\program files (x86)\SwiftKit
2012-05-31 05:11 . 2012-05-31 05:11 -------- d-----w- c:\programdata\VS
2012-05-31 04:35 . 2012-05-31 04:35 -------- d-----w- c:\users\Tm0n31695\AppData\Roaming\FreeArc
2012-05-31 04:35 . 2012-05-31 04:35 -------- d-----w- c:\program files (x86)\FreeArc
2012-05-30 21:09 . 2012-05-30 21:09 -------- d-----w- c:\users\Default\AppData\Local\Google
2012-05-29 20:42 . 2012-05-29 20:42 -------- d-----w- c:\users\Tm0n31695\AppData\Local\TVU Networks
2012-05-29 20:42 . 2012-05-29 20:42 -------- d-----w- c:\programdata\TVU Networks
2012-05-28 14:46 . 2012-05-28 14:46 -------- d-----w- c:\program files (x86)\Magic ISO Maker
2012-05-28 14:20 . 2008-09-25 21:39 270272 ----a-w- c:\windows\system32\drivers\ext2fs.sys
2012-05-28 14:20 . 2008-08-29 02:49 80320 ----a-w- c:\windows\system32\drivers\ifsmount.sys
2012-05-28 14:20 . 2008-07-27 03:57 281600 ----a-w- c:\windows\system32\ifsdrives.dll
2012-05-28 14:20 . 2007-12-16 22:14 83904 ----a-w- c:\windows\system32\ifsdrives.exe
2012-05-26 14:24 . 2012-05-26 14:24 226304 ----a-w- c:\windows\SysWow64\binkw32.dll
2012-05-25 04:53 . 2011-09-23 01:06 109416 ----a-w- c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll
2012-05-25 04:53 . 2011-09-22 21:18 73064 ----a-w- c:\windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll
2012-05-25 04:53 . 2011-09-23 01:07 105832 ----a-w- c:\windows\system32\SQSRVRES.DLL
2012-05-25 04:53 . 2012-05-25 04:53 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 9.0
2012-05-25 04:52 . 2012-05-25 04:52 -------- d-----w- c:\program files\Microsoft.NET
2012-05-25 04:27 . 2012-05-25 04:27 -------- d-----w- c:\program files (x86)\Nmap
2012-05-25 04:00 . 2009-07-22 08:17 78872 ----a-w- c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2012-05-25 04:00 . 2009-07-22 08:17 50200 ----a-w- c:\windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2012-05-25 03:59 . 2012-05-25 03:59 -------- d-----w- c:\windows\system32\RsFx
2012-05-25 03:59 . 2012-05-25 03:59 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2012-05-25 03:59 . 2012-05-25 03:59 -------- d-----w- c:\windows\SysWow64\1033
2012-05-25 03:59 . 2012-05-25 03:59 -------- d-----w- c:\windows\system32\1033
2012-05-25 03:57 . 2012-05-25 04:52 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2012-05-25 03:57 . 2012-05-25 04:52 -------- d-----w- c:\program files\Microsoft SQL Server
2012-05-25 03:55 . 2012-05-25 03:55 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-05-25 03:55 . 2012-05-25 03:55 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-05-25 03:55 . 2012-05-25 03:55 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2012-05-25 03:55 . 2012-05-25 03:55 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2012-05-25 03:55 . 2012-06-05 03:19 136320 ----a-w- c:\programdata\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
2012-05-25 03:53 . 2012-05-25 03:54 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0
2012-05-25 03:53 . 2012-05-25 03:53 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules
2012-05-25 03:53 . 2012-05-25 03:53 -------- d-----w- c:\windows\symbols
2012-05-25 03:53 . 2012-05-25 03:53 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2012-05-25 03:53 . 2012-05-25 03:53 -------- d-----w- c:\program files\Microsoft Help Viewer
2012-05-25 03:53 . 2012-05-25 03:53 -------- d-----w- c:\program files (x86)\Microsoft SDKs
2012-05-25 03:52 . 2012-05-25 03:52 -------- d-----w- c:\windows\PCHEALTH
2012-05-25 03:36 . 2012-05-31 05:05 -------- d-----w- c:\program files\Apache Software Foundation
2012-05-25 03:34 . 2012-05-25 03:34 -------- d-----w- c:\users\Tm0n31695\.m2
2012-05-25 03:33 . 2012-05-31 05:03 -------- d-----w- c:\users\Tm0n31695\.netbeans
2012-05-25 03:28 . 2012-05-25 03:28 -------- d-----w- c:\program files (x86)\Oracle
2012-05-25 03:27 . 2012-05-25 03:27 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-05-25 03:27 . 2012-04-04 22:47 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-05-25 03:09 . 2012-05-31 05:07 -------- d-----w- c:\users\Tm0n31695\.nbi
2012-05-21 06:36 . 2012-05-21 06:36 -------- d-----w- C:\.jagex_cache_32
2012-05-19 06:20 . 2012-05-19 06:20 -------- d-----w- c:\program files (x86)\Adobe Download Assistant
2012-05-18 03:42 . 2012-05-18 03:44 -------- d-----w- c:\users\Tm0n31695\AppData\Roaming\Mp3tag
2012-05-18 03:41 . 2012-05-18 03:41 -------- d-----w- c:\program files (x86)\Mp3tag
2012-05-16 20:33 . 2012-05-16 20:33 -------- d-----w- c:\users\Tm0n31695\AppData\Roaming\OpenOffice.org
2012-05-16 20:31 . 2012-05-16 20:31 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2012-05-16 19:21 . 2012-05-16 19:21 -------- d-----w- c:\programdata\Blizzard Entertainment
2012-05-16 19:19 . 2012-05-16 19:19 -------- d-----w- c:\programdata\Battle.net
2012-05-16 19:11 . 2012-05-16 19:11 -------- d-----w- c:\program files (x86)\Games
2012-05-16 04:02 . 2012-06-01 00:44 -------- d-s---w- c:\users\Tm0n31695\Google Drive
2012-05-16 03:57 . 2012-05-16 03:58 -------- d-----w- c:\program files (x86)\Google
2012-05-16 03:47 . 2012-05-16 03:49 -------- d-----w- c:\users\Tm0n31695\AppData\Roaming\DMCache
2012-05-16 03:41 . 2012-04-02 05:26 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-16 03:41 . 2012-04-02 05:24 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-16 03:41 . 2012-04-02 04:40 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-16 03:41 . 2012-04-02 05:24 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-16 03:41 . 2012-04-02 05:24 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-15 03:45 . 2012-03-30 11:09 1895280 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-15 03:31 . 2012-06-01 04:04 -------- d-----r- c:\users\Tm0n31695\Dropbox
2012-05-15 03:29 . 2012-06-01 04:06 -------- d-----w- c:\users\Tm0n31695\AppData\Roaming\Dropbox
2012-05-15 03:09 . 2012-05-15 03:09 -------- d-----w- c:\program files\iPod
2012-05-15 03:09 . 2012-05-15 03:10 -------- d-----w- c:\program files (x86)\iTunes
2012-05-15 03:09 . 2012-05-15 03:10 -------- d-----w- c:\program files\iTunes
2012-05-14 23:27 . 2010-11-02 23:00 2380448 ----a-w- c:\windows\system32\drivers\athrx.sys
2012-05-14 23:27 . 2012-05-14 23:27 -------- d-----w- c:\program files (x86)\Atheros
2012-05-14 22:51 . 2012-05-14 22:51 -------- d-----w- c:\program files (x86)\Silabs
2012-05-14 22:50 . 2012-05-14 22:51 -------- d-----w- c:\windows\SysWow64\Silabs
2012-05-13 21:10 . 2012-06-06 16:19 -------- d-----w- c:\users\Tm0n31695\AppData\Local\ElevatedDiagnostics
2012-05-13 16:23 . 2012-05-13 16:23 -------- d-----w- c:\users\Tm0n31695\AppData\Roaming\DRPSu
2012-05-13 07:42 . 2012-05-13 07:42 -------- d-----w- c:\users\Tm0n31695\AppData\Roaming\TuneUp Software
2012-05-13 07:40 . 2012-05-13 21:59 -------- d-----w- c:\programdata\TuneUp Software
2012-05-13 07:35 . 2012-05-13 07:35 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-05-13 07:35 . 2012-05-13 07:35 -------- d--h--w- c:\programdata\Common Files
2012-05-13 07:28 . 2012-05-13 07:28 -------- d-----w- c:\program files (x86)\7-Zip
2012-05-13 07:28 . 2011-03-02 11:43 203264 ----a-w- c:\windows\system32\unrar.dll
2012-05-13 07:28 . 2012-02-15 18:00 92160 ----a-w- c:\windows\system32\ff_vfw.dll
2012-05-13 07:28 . 2012-05-13 07:28 -------- d-----w- c:\program files\K-Lite Codec Pack x64
2012-05-13 06:33 . 2012-05-13 06:34 -------- d-----w- c:\users\Tm0n31695\FrostWire
2012-05-13 06:33 . 2012-05-13 06:41 -------- d-----w- c:\users\Tm0n31695\.frostwire5
2012-05-13 05:53 . 2012-05-13 05:53 -------- d-----w- c:\users\Tm0n31695\AppData\Local\eSupport.com
2012-05-13 05:53 . 2012-05-13 05:53 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2012-05-13 05:46 . 2010-11-05 16:50 2716768 ----a-w- c:\windows\system32\drivers\athwx.sys
2012-05-13 05:46 . 2011-05-20 08:53 557848 ----a-w- c:\windows\system32\drivers\iaStor.sys
2012-05-13 05:45 . 2011-03-23 14:20 77936 ----a-w- c:\windows\system32\drivers\L1C62x64.sys
2012-05-13 05:44 . 2011-08-23 13:12 317440 ----a-w- c:\windows\system32\drivers\IntcDAud.sys
2012-05-13 05:44 . 2010-02-26 23:32 158976 ----a-w- c:\windows\system32\drivers\Impcd.sys
2012-05-13 05:44 . 2011-08-23 13:12 14848 ----a-w- c:\windows\system32\IntcDAuC.dll
2012-05-12 16:57 . 2012-05-12 16:58 -------- d-----w- c:\program files (x86)\GCFExplorer
2012-05-12 16:56 . 2012-05-12 17:36 -------- d-----w- c:\program files (x86)\CFToolbox
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-06 11:59 . 2012-05-06 11:59 230 ----a-w- c:\windows\SysWow64\HKLM_RunOnce.reg
2012-05-06 11:59 . 2012-05-06 11:59 228 ----a-w- c:\windows\SysWow64\HKCU_RunOnce.reg
2012-05-06 11:59 . 2012-05-06 11:59 1636 ----a-w- c:\windows\SysWow64\HKLM_Run.reg
2012-05-06 11:59 . 2012-05-06 11:59 632 ----a-w- c:\windows\SysWow64\HKCU_Run.reg
2012-05-05 07:11 . 2012-04-10 01:16 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 07:11 . 2012-04-10 01:16 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-05 07:11 . 2012-04-13 21:11 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-28 20:22 . 2012-04-28 20:22 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-04-28 19:56 . 2012-04-28 19:56 560184 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-04-28 19:25 . 2012-04-28 19:25 27760640 ----a-w- c:\windows\system32\imageres.dll
2012-04-22 09:01 . 2012-04-18 06:19 283416 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-04-22 09:01 . 2012-04-18 06:15 283416 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-04-22 08:02 . 2012-04-18 06:15 283416 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-04-21 08:29 . 2012-04-21 08:29 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2012-04-21 01:12 . 2012-04-21 01:12 3584 ----a-r- c:\users\Tm0n31695\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2012-04-18 06:15 . 2012-04-18 06:15 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-04-16 19:37 . 2012-04-10 01:15 14848 ----a-w- c:\windows\system32\slwga.dll
2012-04-16 19:37 . 2012-04-10 01:15 13824 ----a-w- c:\windows\SysWow64\slwga.dll
2012-04-16 19:37 . 2009-07-13 23:56 419840 ----a-w- c:\windows\system32\systemcpl.dll
2012-04-16 19:37 . 2009-07-13 23:38 1008640 ----a-w- c:\windows\system32\user32.dll
2012-04-16 19:37 . 2009-07-13 23:24 833024 ----a-w- c:\windows\SysWow64\user32.dll
2012-04-15 21:29 . 2012-04-15 21:29 1135104 ----a-w- c:\windows\system32\FntCache.dll
2012-04-15 15:05 . 2009-07-13 23:38 1008640 ----a-w- c:\windows\system32\user32.dll.old
2012-04-15 15:05 . 2009-07-13 23:24 833024 ----a-w- c:\windows\SysWow64\user32.dll.old
2012-04-15 14:53 . 2012-04-10 00:40 925184 ----a-w- c:\windows\expstart.exe
2012-04-10 06:11 . 2012-04-10 06:11 525544 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-10 02:20 . 2012-04-10 02:20 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-04-10 02:20 . 2012-04-10 02:20 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-04-10 02:20 . 2012-04-10 02:20 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-04-10 02:20 . 2012-04-10 02:20 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-04-10 02:20 . 2012-04-10 02:20 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-04-10 02:20 . 2012-04-10 02:20 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-04-10 02:20 . 2012-04-10 02:20 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-04-10 02:20 . 2012-04-10 02:20 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-04-10 02:20 . 2012-04-10 02:20 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-04-10 02:20 . 2012-04-10 02:20 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-04-10 02:20 . 2012-04-10 02:20 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-04-10 02:20 . 2012-04-10 02:20 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-04-10 02:20 . 2012-04-10 02:20 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-04-10 02:20 . 2012-04-10 02:20 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-04-10 02:20 . 2012-04-10 02:20 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-04-10 02:20 . 2012-04-10 02:20 448512 ----a-w- c:\windows\system32\html.iec
2012-04-10 02:20 . 2012-04-10 02:20 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-04-10 02:20 . 2012-04-10 02:20 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-04-10 02:20 . 2012-04-10 02:20 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-04-10 02:20 . 2012-04-10 02:20 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-04-10 02:20 . 2012-04-10 02:20 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-04-10 02:20 . 2012-04-10 02:20 222208 ----a-w- c:\windows\system32\msls31.dll
2012-04-10 02:20 . 2012-04-10 02:20 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-04-10 02:20 . 2012-04-10 02:20 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-04-10 02:20 . 2012-04-10 02:20 160256 ----a-w- c:\windows\system32\wextract.exe
2012-04-10 02:20 . 2012-04-10 02:20 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-04-10 02:20 . 2012-04-10 02:20 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-04-10 02:20 . 2012-04-10 02:20 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-04-10 02:20 . 2012-04-10 02:20 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-04-10 02:20 . 2012-04-10 02:20 12288 ----a-w- c:\windows\system32\mshta.exe
2012-04-10 02:20 . 2012-04-10 02:20 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-04-10 02:20 . 2012-04-10 02:20 114176 ----a-w- c:\windows\system32\admparse.dll
2012-04-10 02:20 . 2012-04-10 02:20 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-04-10 02:20 . 2012-04-10 02:20 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-04-10 01:40 . 2012-04-10 01:40 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll
2012-04-04 22:47 . 2012-04-12 05:11 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-03 19:27 . 2012-04-03 23:55 809 ----a-w- C:\Script.vbs
2012-03-27 21:03 . 2012-04-10 05:50 4015592 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2012-03-21 19:55 . 2012-04-10 05:50 2886656 ----a-w- c:\windows\system32\RCoRes64.dat
2012-03-20 14:47 . 2012-04-10 05:50 3608680 ----a-w- c:\windows\system32\RtkAPO64.dll
2012-03-19 23:01 . 2012-04-10 05:50 102504 ----a-w- c:\windows\system32\RCoInstII64.dll
2012-03-16 20:25 . 2012-04-10 05:50 2670696 ----a-w- c:\windows\system32\RtPgEx64.dll
2012-03-13 15:21 . 2012-04-10 05:50 1251432 ----a-w- c:\windows\system32\RTCOM64.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-07-14 . 50BEA589F7D7958BDD2528A8F69D05CC . 329216 . . [6.1.7600.16385] .. c:\windows\system32\services.exe
.
[-] 2012-04-16 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-06-07_18.01.36 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-06-07 17:59 196608 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-06-08 01:04 196608 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-04-13 22:47 . 2012-06-07 23:42 264096 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 05:01 . 2012-06-07 17:56 363632 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-06-08 00:11 363632 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 04:54 . 2012-06-07 17:59 2850816 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-06-08 01:04 2850816 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-06-07 17:59 10846208 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-06-08 01:04 10846208 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-05-31 21:45 . 2012-06-07 19:16 10428416 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2012-05-31 21:45 . 2012-06-05 22:54 10428416 c:\windows\system32\SMI\Store\Machine\schema.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Tm0n31695\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Tm0n31695\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Tm0n31695\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"DrvUpdater"="c:\users\Tm0n31695\AppData\Roaming\DRPSu\DrvUpdater.exe" [2012-05-13 195256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"IAStorIcon"="c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe" [2010-09-13 283160]
"LManager"="c:\program files (x86)\launch manager\lmanager.exe" [2011-02-12 1070160]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-16 116648]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-05-13 21712]
R3 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-16 116648]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2012-04-28 33184]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2012-04-28 21872]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 X6va005;X6va005;c:\users\TM0N31~1\AppData\Local\Temp\0058AD5.tmp [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-09-23 431464]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-03-14 913752]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2012-03-06 134920]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-02-12 346704]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-02-23 873064]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-10 821592]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-11-01 14544]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 45835786
*NewlyCreated* - BEEP
*NewlyCreated* - WINRING0_1_2_0
*Deregistered* - 45835786
*Deregistered* - aswMBR
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 07:11]
.
2012-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-16 03:57]
.
2012-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-16 03:57]
.
2012-06-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1209137320-2403953631-2894671897-1000Core.job
- c:\users\Tm0n31695\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-10 01:13]
.
2012-06-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1209137320-2403953631-2894671897-1000UA.job
- c:\users\Tm0n31695\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-10 01:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Tm0n31695\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Tm0n31695\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Tm0n31695\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Tm0n31695\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-05-16 21:53 754712 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-05-16 21:53 754712 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-05-16 21:53 754712 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-05-16 21:53 754712 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-11 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-11 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-11 417560]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-30 499608]
"SynTPEnh"="c:\program files (x86)\synaptics\syntp\syntpenh.exe" [BU]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
IE: &Download All using 4shared Desktop - c:\program files (x86)\4shared Desktop\Desktop.32/D_ALL_LINK
IE: &Download using 4shared Desktop - c:\program files (x86)\4shared Desktop\Desktop.32/D_ONE_LINK
TCP: DhcpNameServer = 192.168.1.1
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\TM0N31~1\AppData\Local\Temp\0058AD5.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-06-07 22:25:38
ComboFix-quarantined-files.txt 2012-06-08 02:25
ComboFix2.txt 2012-06-07 18:19
.
Pre-Run: 105,637,191,680 bytes free
Post-Run: 105,373,720,576 bytes free
.
- - End Of File - - 2BD427D38ACAD652A13FAB9823BC3475




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users