TechSpot

@Broni the saver! please save my PC from Sirefef..:(

Solved
By gamesms
Jun 26, 2012
  1. Hey guys.. I searched alot in Google and nothing found to cure my pc.. untill I found this grateful forum..!
    I have the common virus that restarts the computer in 1 mins
    .. and the Microsoft security essential can catch it via services.exe trying to remove it.. but impossible to complete due the restart issue.. please anyhelp? And I read people givr farbar report.. how could they do it??
    Please help :/
     
  2. gamesms

    gamesms TS Rookie Topic Starter Posts: 45

    Will post my 1st farbar report in few hours

    Hope I can find an expert to follow
    .. :/
     
  3. gamesms

    gamesms TS Rookie Topic Starter Posts: 45

    I'm sorry I upload it as a file because it won't let me reply due a "
    The following error occurred:

    Please enter a message with no more than 50000 characters. "

    and here a search for services.exe by farbar in case u want it.

    Farbar Recovery Scan Tool Version: 20-06-2012 01
    Ran by SYSTEM at 2012-06-27 02:03:25
    Running from G:\
    ================== Search: "services.exe" ===================
    C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
    [2009-07-13 15:11] - [2009-07-13 17:14] - 0259072 ____A (Microsoft Corporation) 5F1B6A9C35D3D5CA72D6D6FDEF9747D6
    C:\Windows\System32\services.exe
    [2009-07-13 15:11] - [2009-07-13 17:14] - 0259072 ____A (Microsoft Corporation) 5F1B6A9C35D3D5CA72D6D6FDEF9747D6
    === End Of Search ===
     

    Attached Files:

  4. Broni

    Broni Malware Annihilator Posts: 47,022   +255

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running tools or applying updates other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ============================================

    Please observe forum rules:
     
  5. gamesms

    gamesms TS Rookie Topic Starter Posts: 45

    I'm very sorry I didn't thought that I can continue with the report in second reply..


    Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 20-06-2012 01
    Ran by SYSTEM at 27-06-2012 02:01:27
    Running from G:\
    Windows 7 Ultimate (X86) OS Language: English(US)
    The current controlset is ControlSet001

    ========================== Registry (Whitelisted) =============

    HKLM\...\Run: [Microsoft] taskhost.exe [x]
    HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s [9726568 2010-09-14] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [406992 2010-02-21] (Adobe Systems Incorporated)
    HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-01-21] (Microsoft Corporation)
    HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-10-25] (Adobe Systems Incorporated)
    HKLM\...\Run: [] [x]
    HKLM\...\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [36760 2010-10-25] (Adobe Systems Incorporated)
    HKLM\...\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [821144 2010-10-25] (Adobe Systems Inc.)
    HKLM\...\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [199752 2007-02-20] (Pinnacle Systems GmbH)
    HKLM\...\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN [1159168 2009-05-26] (Brother Industries, Ltd.)
    HKLM\...\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun [114688 2008-12-23] (Brother Industries, Ltd.)
    HKLM\...\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe [801792 2011-10-24] (Yuna Software)
    HKLM\...\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [79192 2011-02-18] (Research In Motion Limited)
    HKLM\...\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [1523360 2011-01-11] (Adobe Systems Incorporated)
    HKLM\...\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.)
    HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421776 2012-06-07] (Apple Inc.)
    HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
    HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [931584 2012-06-04] (Microsoft Corporation)
    HKU\Administrator\...\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [369200 2009-10-30] (DT Soft Ltd)
    HKU\Administrator\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2012-02-24] (Google Inc.)
    HKU\Administrator\...\Run: [] [x]
    HKU\Administrator\...\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2363392 2009-06-17] (Hewlett-Packard Company)
    HKU\Administrator\...\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot [3491264 2012-06-06] (Tonec Inc.)
    HKU\Administrator\...\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [1508408 2011-12-16] (Nokia)
    HKU\Administrator\...\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-06-08] ()
    HKU\Administrator\...\Policies\system: [LogonHoursAction] 2
    HKU\Administrator\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
    HKU\Bisho\...\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [369200 2009-10-30] (DT Soft Ltd)
    HKU\Bisho\...\Run: [] [x]
    HKU\Bisho\...\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-06-08] ()
    HKU\Bisho\...\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [3905408 2012-06-11] (SUPERAntiSpyware.com)
    HKU\Bisho\...\Policies\system: [LogonHoursAction] 2
    HKU\Bisho\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
    HKU\Trial\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2012-02-24] (Google Inc.)
    HKU\Trial\...\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [1508408 2011-12-16] (Nokia)
    HKU\Trial\...\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot [3491264 2012-06-06] (Tonec Inc.)
    HKU\Trial\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]
    HKU\Trial\...\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [369200 2009-10-30] (DT Soft Ltd)
    HKU\Trial\...\Run: [] [x]
    HKU\Trial\...\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2363392 2009-06-17] (Hewlett-Packard Company)
    HKU\Trial\...\Policies\system: [LogonHoursAction] 2
    HKU\Trial\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
    Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [X]
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
    Startup: C:\Users\All Users\Start Menu\Programs\Startup\AVer HID Receiver.lnk
    ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
    Startup: C:\Users\All Users\Start Menu\Programs\Startup\AVerQuick.lnk
    ShortcutTarget: AVerQuick.lnk -> C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
    Startup: C:\Users\Bisho\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
    ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

    ================================ Services (Whitelisted) ==================

    2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE.EXE" [116608 2011-08-11] (SUPERAntiSpyware.com)
    2 AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [344064 2009-04-08] (AVerMedia)
    2 AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [405504 2008-12-10] ()
    2 Capture Device Service; "C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe" [198168 2007-03-06] (InterVideo Inc.)
    4 Crypkey License; crypserv.exe [69632 2006-02-28] (CrypKey (Canada) Ltd.)
    2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
    4 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [217088 2010-12-19] (Teruten)
    4 KMService; C:\Windows\system32\srvany.exe [8192 2011-01-21] ()
    2 MDM; "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe" [335872 2006-10-26] (Microsoft Corporation)
    2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [11552 2012-06-04] (Microsoft Corporation)
    4 NetMsmqActivator; "C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [124240 2010-03-18] (Microsoft Corporation)
    4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation)
    4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation)
    3 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation)
    3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [214952 2012-06-04] (Microsoft Corporation)
    2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2214504 2011-05-24] (NVIDIA Corporation)
    3 osppsvc; "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" [4640000 2010-01-09] (Microsoft Corporation)
    2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2012-04-19] ()
    2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [189248 2012-04-19] ()
    3 Sony PC Companion; "C:\Program Files\Sony\Sony PC Companion\PCCService.exe" [155320 2012-01-18] (Avanquest Software)
    2 Stereo Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [378472 2011-05-20] (NVIDIA Corporation)
    3 SwitchBoard; "C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [517096 2010-02-19] (Adobe Systems Incorporated)
    4 TeamViewer7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2886528 2012-02-23] (TeamViewer GmbH)
    3 wbengine; "C:\Windows\system32\wbengine.exe" [1203200 2010-11-19] (Microsoft Corporation)
    2 Akamai; c:\program files\common files\akamai/netsession_win_80c2ffa.dll [x]
    2 PSI_SVC_2; "c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe" [x]
    3 rpcapd; "C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini" [x]

    ========================== Drivers (Whitelisted) =============

    3 61883; C:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-13] (Microsoft Corporation)
    3 androidusb; C:\Windows\System32\Drivers\ssadadb.sys [30312 2010-12-20] (Google Inc)
    3 Avc; C:\Windows\System32\DRIVERS\avc.sys [40320 2009-07-13] (Microsoft Corporation)
    3 AVerEth; C:\Windows\System32\DRIVERS\AVerEth.sys [19584 2009-05-13] (AVerMedia TECHNOLOGIES, Inc.)
    3 AVerFx2hbtv; C:\Windows\System32\drivers\AVerFx2hbtv.sys [506752 2010-11-09] (AVerMedia TECHNOLOGIES, Inc.)
    3 Bridge; C:\Windows\System32\DRIVERS\bridge.sys [78336 2009-07-13] (Microsoft Corporation)
    3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-12] (CSR, plc)
    3 cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2009-12-18] ()
    3 cpuz134; \??\C:\Program Files\CPUID\PC Wizard 2010\pcwiz_x32.sys [20328 2010-07-09] (Windows (R) Win 7 DDK provider)
    3 DCamUSBEMPIA; C:\Windows\System32\DRIVERS\emDevice.sys [116509 2004-01-23] (eMPIA Technology, Inc.)
    3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [80824 2012-05-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
    3 DM9USB; C:\Windows\System32\DRIVERS\dm9usb.sys [54272 2008-04-24] (DAVICOM Semiconductor, Inc.)
    3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-13] (VIA Technologies, Inc. )
    3 FiltUSBEMPIA; C:\Windows\System32\DRIVERS\emFilter.sys [20352 2004-01-22] (eMPIA Technology Inc.)
    3 FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [36640 2010-12-19] ()
    3 HTCAND32; C:\Windows\System32\Drivers\ANDROIDUSB.sys [24576 2011-07-09] (HTC, Corporation)
    2 IDMWFP; C:\Windows\System32\DRIVERS\idmwfp.sys [96056 2012-04-23] (Tonec Inc.)
    3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
    0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [171064 2012-04-04] (Microsoft Corporation)
    3 MSDV; C:\Windows\System32\DRIVERS\msdv.sys [52608 2009-07-13] (Microsoft Corporation)
    3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [841504 2010-03-25] (Ralink Technology Corp.)
    1 NetworkX; C:\Windows\system32\ckldrv.sys [31846 2006-01-09] ()
    3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137600 2011-10-31] (Nokia)
    3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2011-10-31] (Nokia)
    2 NPF; C:\Windows\System32\drivers\npf.sys [50704 2009-10-20] (CACE Technologies, Inc.)
    3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-08] (Microsoft Corporation)
    3 PRODIGY; C:\Windows\System32\Drivers\PRODIGY.SYS [32377 2006-08-29] (B-phreaks)
    3 PSSDK42; \??\C:\Windows\system32\Drivers\pssdk42.sys [38976 2011-08-03] (microOLAP Technologies LTD)
    3 ROOTMODEM; C:\Windows\System32\Drivers\RootMdm.sys [8192 2009-07-13] (Microsoft Corporation)
    3 RTL8187; C:\Windows\System32\DRIVERS\RTL8187.sys [335872 2008-06-26] (Realtek Semiconductor Corporation )
    3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [379904 2010-03-30] (Realtek Semiconductor Corporation )
    1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    3 ScanUSBEMPIA; C:\Windows\System32\DRIVERS\emScan.sys [4525 2004-01-23] (eMPIA Technology, Inc.)
    3 smbusp; C:\Windows\System32\DRIVERS\intelsmb.sys [22528 2010-01-20] (Intel Corporation)
    0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2009-11-13] (Duplex Secure Ltd.)
    3 ssadbus; C:\Windows\System32\DRIVERS\ssadbus.sys [121064 2011-06-01] (MCCI Corporation)
    3 ssadmdfl; C:\Windows\System32\DRIVERS\ssadmdfl.sys [12776 2011-06-01] (MCCI Corporation)
    3 ssadmdm; C:\Windows\System32\DRIVERS\ssadmdm.sys [136808 2011-06-01] (MCCI Corporation)
    3 ssadserd; C:\Windows\System32\DRIVERS\ssadserd.sys [114280 2011-06-01] (MCCI Corporation)
    3 sscdbus; C:\Windows\System32\DRIVERS\sscdbus.sys [104648 2010-12-20] (MCCI Corporation)
    3 sscdmdfl; C:\Windows\System32\DRIVERS\sscdmdfl.sys [14920 2010-12-20] (MCCI Corporation)
    3 sscdmdm; C:\Windows\System32\DRIVERS\sscdmdm.sys [132424 2010-12-20] (MCCI Corporation)
    3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [181432 2012-05-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
    3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-07-01] (The OpenVPN Project)
    3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-04-06] (AnchorFree Inc)
    3 TELEMANN; C:\Windows\System32\DRIVERS\UX2000.SYS [21237 2001-06-17] (Windows (R) 2000 DDK provider)
    3 VC025x; C:\Windows\System32\Drivers\VC025x.sys [840576 2009-08-28] (VIMICRO)
    3 VC025xHID; C:\Windows\System32\drivers\VC025xHID.sys [17024 2009-03-11] (Vimicro)
    3 vsbus; C:\Windows\System32\DRIVERS\vsb.sys [15264 2008-07-23] ()
    3 vserial; C:\Windows\System32\DRIVERS\vserial.sys [47744 2008-07-23] ()
    3 wbondir; C:\Windows\System32\DRIVERS\wbondir.sys [49664 2007-03-20] (Winbond Electronics Corporation)
    3 ZSMC301b; C:\Windows\System32\Drivers\usbVM31b.sys [90968 2004-03-19] (VM)
    3 AmdLLD; C:\Windows\System32\DRIVERS\AmdLLD.sys [x]
    3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [x]
    2 FLEXnet Licensing Manager; [x]
    3 iBurstu; C:\Windows\System32\DRIVERS\iBurstu.sys [x]
    3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [x]
    3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [x]
    3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]
    3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [x]
    2 {B154377D-700F-42cc-9474-23858FBDF4BD}; \??\C:\Program Files\CyberLink\PowerDVD9\000.fcl [x]

    ========================== NetSvcs (Whitelisted) ===========


    ============ One Month Created Files and Folders ==============

    2012-06-26 01:25 - 2012-06-26 01:25 - 00388096 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\csc.sys
    2012-06-25 14:00 - 2012-06-25 14:00 - 00003400 ____N C:\bootsqm.dat
    2012-06-23 13:58 - 2012-06-26 14:55 - 00000280 ____A C:\Windows\setupact.log
    2012-06-23 13:58 - 2012-06-23 13:58 - 00000000 ____A C:\Windows\setuperr.log
    2012-06-23 13:56 - 2012-06-26 14:55 - 00000133 ____A C:\Windows\errord.log
    2012-06-23 07:04 - 2012-06-23 07:37 - 00000000 ___AD C:\Kaspersky Rescue Disk 10.0
    2012-06-22 16:19 - 2012-02-29 21:46 - 00019824 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
    2012-06-22 16:19 - 2012-02-29 21:37 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
    2012-06-22 16:19 - 2012-02-29 21:33 - 00159232 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
    2012-06-22 16:19 - 2012-02-29 21:29 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
    2012-06-22 15:18 - 2012-02-16 21:34 - 00919040 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
    2012-06-22 15:18 - 2012-02-16 21:34 - 00826880 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
    2012-06-22 15:18 - 2012-02-16 20:14 - 00183808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
    2012-06-22 15:18 - 2012-02-16 20:13 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
    2012-06-22 15:17 - 2012-06-22 15:17 - 00001945 ____A C:\Windows\epplauncher.mif
    2012-06-22 15:16 - 2012-06-22 15:16 - 00000000 ____D C:\Program Files\Microsoft Security Client
    2012-06-22 15:04 - 2012-06-23 14:02 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2012-06-22 15:04 - 2012-06-22 15:04 - 00001925 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    2012-06-22 15:04 - 2012-06-22 15:04 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\SUPERAntiSpyware.com
    2012-06-22 15:04 - 2012-06-22 15:04 - 00000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
    2012-06-22 14:35 - 2012-06-22 14:35 - 00000000 ____D C:\Users\Bisho\AppData\Local\{C43C6127-A7FF-45DC-A5AE-0FF1BFF90976}
    2012-06-22 14:35 - 2012-06-22 14:35 - 00000000 ____D C:\Users\Bisho\AppData\Local\{065076BA-575E-4538-B26B-EDECC5D72429}
    2012-06-22 13:52 - 2012-06-22 13:52 - 00000000 ____D C:\Users\Bisho\AppData\Local\{4DE7BF4B-7E01-4E27-9BB4-88A3753B2917}
    2012-06-21 12:37 - 2012-06-21 12:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{5E801A8A-F905-4E80-AB1F-9EE013BB71F4}
    2012-06-21 12:37 - 2012-06-21 12:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{0678E3D3-422B-40FA-986B-D29BC6A60A2F}
    2012-06-21 03:26 - 2012-06-22 16:35 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Media Player Classic
    2012-06-21 02:45 - 2012-06-21 02:45 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
    2012-06-21 02:45 - 2012-06-21 02:45 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
    2012-06-20 17:29 - 2012-06-20 17:29 - 00000000 ____D C:\Windows\System32\Macromed
    2012-06-20 03:01 - 2012-06-20 03:01 - 00000000 ____D C:\Users\Bisho\AppData\Local\{FDA19AB1-6BD7-4221-81C2-123F701A2044}
    2012-06-20 03:01 - 2012-06-20 03:01 - 00000000 ____D C:\Users\Bisho\AppData\Local\{1339E2F0-0898-4A1A-90EE-45E65370B9E3}
    2012-06-19 14:55 - 2012-06-19 15:00 - 00000000 ____D C:\Users\Bisho\AppData\Local\{E62E5AD8-E86A-4DF4-A627-C8FE355EF0CB}
    2012-06-19 14:55 - 2012-06-19 14:55 - 00000000 ____D C:\Users\Bisho\AppData\Local\{0625B66D-F1EC-49A0-914F-5BB78979A3D5}
    2012-06-17 19:51 - 2012-06-22 16:41 - 00623318 ____A C:\Windows\WindowsUpdate.log
    2012-06-17 19:49 - 2012-06-17 19:49 - 00000000 ____D C:\Samsung Galaxy S3 ToolKit
    2012-06-17 17:10 - 2012-06-17 19:14 - 00000000 ____D C:\Users\Administrator\Documents\SelfMV
    2012-06-17 16:31 - 2012-06-17 16:31 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\DivX
    2012-06-17 16:18 - 2012-06-17 16:17 - 00476936 ____A (Sun Microsystems, Inc.) C:\Windows\System32\npdeployJava1.dll
    2012-06-17 16:18 - 2012-06-17 16:17 - 00157448 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe
    2012-06-17 16:18 - 2012-06-17 16:17 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe
    2012-06-17 16:18 - 2012-06-17 16:17 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe
    2012-06-17 16:02 - 2012-06-17 16:02 - 00000000 ____D C:\Users\Administrator\Documents\samsung
    2012-06-17 16:02 - 2012-06-17 16:02 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Samsung
    2012-06-17 16:02 - 2012-06-17 16:02 - 00000000 ____D C:\Users\Administrator\AppData\Local\Samsung
    2012-06-17 15:37 - 2012-06-17 15:38 - 00000000 ____D C:\Users\Bisho\AppData\Local\{6CAF425C-BE6E-45BE-ABE5-796DE1228AF4}
    2012-06-17 14:12 - 2012-05-20 18:09 - 00181432 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
    2012-06-17 14:12 - 2012-05-20 18:09 - 00080824 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys
    2012-06-17 03:37 - 2012-06-17 03:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{F6ACF6FD-B54D-442F-B19E-9D57CADC5CF6}
    2012-06-16 15:36 - 2012-06-16 15:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{35660FCA-8C88-44DF-A376-E218614A3AB7}
    2012-06-16 03:36 - 2012-06-16 03:36 - 00000000 ____D C:\Users\Bisho\AppData\Local\{775D1AE3-A936-4C11-A317-DBD7222DFE25}
    2012-06-15 13:53 - 2012-06-15 13:53 - 00000000 ____D C:\Users\Bisho\AppData\Local\{AEE7D9F0-F4AC-444E-99AD-96B3911A0B0D}
    2012-06-14 17:59 - 2012-06-15 03:19 - 00000350 ____A C:\Windows\Tasks\At2.job
    2012-06-14 17:59 - 2012-06-14 18:00 - 00000456 ____A C:\Windows\Tasks\At1.job
    2012-06-14 17:59 - 2012-06-14 17:59 - 00000000 ____D C:\Windows\System32\1056
    2012-06-14 13:15 - 2012-06-14 13:15 - 00000000 ____D C:\Users\Bisho\AppData\Local\{8B10F81E-B4C4-48C5-B4AA-B72DF1D31F11}
    2012-06-14 13:15 - 2012-06-14 13:15 - 00000000 ____D C:\Users\Bisho\AppData\Local\{1CBD6B84-781C-40FD-86ED-EA3CFDBF2ECA}
    2012-06-13 03:31 - 2012-06-13 03:31 - 00000000 ____D C:\Users\Bisho\AppData\Local\{88D1BAAD-19F1-4664-AA15-735C170FC220}
    2012-06-13 03:31 - 2012-06-13 03:31 - 00000000 ____D C:\Users\Bisho\AppData\Local\{12C5CCCC-A0FF-4044-B9D6-D445AD0EAB66}
    2012-06-12 11:20 - 2012-06-12 11:20 - 00000000 ____D C:\Users\Bisho\AppData\Local\{398D6AA7-82B4-4126-A37E-9D1C18D1187A}
    2012-06-12 11:20 - 2012-06-12 11:20 - 00000000 ____D C:\Users\Bisho\AppData\Local\{0DC74891-02F3-44B1-B87B-BF0C0EE2693B}
    2012-06-11 16:24 - 2012-06-11 16:25 - 00000000 ____D C:\Users\Bisho\AppData\Local\{EE84F72B-1959-4BD3-ADF2-7B901B90EA72}
    2012-06-11 16:24 - 2012-06-11 16:24 - 00000000 ____D C:\Users\Bisho\AppData\Local\{20003CBF-1B19-44B6-B73C-0CDD87A7A9D5}
    2012-06-11 15:22 - 2012-06-11 15:22 - 00001713 ____A C:\Users\Public\Desktop\iTunes.lnk
    2012-06-11 15:21 - 2012-06-11 15:22 - 00000000 ____D C:\Program Files\iTunes
    2012-06-11 15:21 - 2012-06-11 15:21 - 00000000 ____D C:\Program Files\iPod
    2012-06-11 15:19 - 2012-06-11 15:19 - 00000000 ____D C:\Program Files\Bonjour
    2012-06-10 16:58 - 2012-06-26 14:56 - 00000218 ____A C:\Windows\Tasks\AutoKMSDaily.job
    2012-06-10 16:58 - 2012-06-26 14:55 - 00000216 ____A C:\Windows\Tasks\AutoKMS.job
    2012-06-10 16:57 - 2012-06-26 14:56 - 00151552 ____A C:\Windows\KMSEmulator.exe
    2012-06-10 16:48 - 2012-06-12 04:06 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\IObit
    2012-06-10 16:48 - 2012-06-10 16:48 - 00000000 ____D C:\Program Files\IObit
    2012-06-10 15:32 - 2012-06-10 15:32 - 00000000 ____D C:\Users\Bisho\AppData\Local\Macromedia
    2012-06-09 11:58 - 2012-06-09 11:58 - 00000000 ____D C:\Program Files\fr3nsis
    2012-06-08 16:26 - 2012-06-08 16:26 - 00000000 ____D C:\Users\Bisho\AppData\Local\CRE
    2012-06-08 16:25 - 2012-06-09 14:58 - 00000000 ____D C:\Users\Bisho\AppData\Local\Conduit
    2012-06-08 16:25 - 2012-06-08 16:25 - 00000000 ____D C:\Program Files\Conduit
    2012-06-08 11:03 - 2012-06-08 11:03 - 00000000 ____D C:\Users\Bisho\AppData\Local\{EF5A350C-4A79-4A6F-8A99-DCED60A1AFBC}
    2012-06-08 11:03 - 2012-06-08 11:03 - 00000000 ____D C:\Users\Bisho\AppData\Local\{C2756249-6B3F-421F-98CB-E510DA8713B8}
    2012-06-07 11:37 - 2012-06-07 11:38 - 00000000 ____D C:\Users\Trial\AppData\Local\{7F4CA021-6A8C-4EA2-8B22-4A9ABE12F487}
    2012-06-07 11:37 - 2012-06-07 11:37 - 00000000 ____D C:\Users\Trial\AppData\Local\{309EDD3B-8C8B-4771-BAC7-A4879052E295}
    2012-06-06 22:18 - 2012-04-23 03:26 - 00096056 ____A (Tonec Inc.) C:\Windows\System32\Drivers\idmwfp.sys
    2012-06-06 14:05 - 2012-06-06 14:05 - 00002048 ____A C:\Uninstall.dat
    2012-06-06 08:10 - 2012-06-06 08:10 - 00000000 ____D C:\Users\Bisho\AppData\Local\{9C1F7C7A-8EDA-48F1-8B36-268C28A208CC}
    2012-06-06 08:10 - 2012-06-06 08:10 - 00000000 ____D C:\Users\Bisho\AppData\Local\{4576DBA7-2953-4F36-9FC2-DFD7A164E2AF}
    2012-06-05 10:33 - 2012-06-05 10:33 - 00000000 ____D C:\Users\Bisho\AppData\Local\{C6060028-C0DD-4AED-A7F7-E64E27C02FB0}
    2012-06-05 10:33 - 2012-06-05 10:33 - 00000000 ____D C:\Users\Bisho\AppData\Local\{6A82BB6B-F73A-494E-B2DE-020E2480A8AF}
    2012-06-05 03:05 - 2012-03-05 21:59 - 03968368 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
    2012-06-05 03:05 - 2012-03-05 21:59 - 03913072 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
    2012-06-05 03:02 - 2012-01-04 00:59 - 12872704 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
    2012-06-05 03:02 - 2012-01-04 00:58 - 00442880 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
    2012-06-05 03:02 - 2011-12-29 21:27 - 00478720 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
    2012-06-04 16:40 - 2012-06-14 17:56 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
    2012-06-04 12:15 - 2012-06-04 12:15 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Yahoo!
    2012-06-04 08:14 - 2012-06-04 08:14 - 00000000 ____D C:\Users\Trial\AppData\Local\{2D004930-5A09-461A-BBFF-A98654BE9EC8}
    2012-06-04 08:13 - 2012-06-04 08:14 - 00000000 ____D C:\Users\Trial\AppData\Local\{5DD33D6C-1580-4472-9B2A-9F85F54CA326}
    2012-06-04 05:21 - 2012-06-04 05:22 - 00000000 ____D C:\Users\Bisho\AppData\Local\{EB2BBEFF-FEE9-47F4-818D-5B97F3B913CD}
    2012-06-04 05:21 - 2012-06-04 05:21 - 00000000 ____D C:\Users\Bisho\AppData\Local\{768CBF18-F3F5-414A-9AF7-53C7D1461177}
    2012-06-03 05:10 - 2012-06-03 05:10 - 00000000 ____D C:\Users\Trial\AppData\Local\{A6A9019B-0D93-4C24-9087-9118667E8BC8}
    2012-06-03 05:10 - 2012-06-03 05:10 - 00000000 ____D C:\Users\Trial\AppData\Local\{8099B7FE-A129-4D54-87E4-124B0655CE3F}
    2012-06-03 03:39 - 2012-06-03 03:39 - 00000000 ____D C:\Users\Bisho\AppData\Local\{D0305CEA-6719-4196-9878-625C4EC26E73}
    2012-06-03 03:39 - 2012-06-03 03:39 - 00000000 ____D C:\Users\Bisho\AppData\Local\{85C3E1BE-CBC7-46ED-BB1B-2ED2B096103E}
    2012-06-02 15:42 - 2012-06-02 15:42 - 00000000 ____D C:\Users\Bisho\AppData\Local\ESET
    2012-06-02 09:07 - 2012-06-02 09:07 - 00000000 ____D C:\Users\Bisho\AppData\Local\{06C2CC86-8AF0-4D41-B9A3-A68BE6B4B49E}
    2012-06-02 09:06 - 2012-06-02 09:07 - 00000000 ____D C:\Users\Bisho\AppData\Local\{FB24A4E1-8D9A-424C-A4F5-1482718872A7}
    2012-06-02 06:00 - 2012-06-02 06:00 - 00000000 ____D C:\Users\Trial\AppData\Local\{87EB8656-9A9B-496C-BB21-83E280A311C1}
    2012-06-02 05:59 - 2012-06-02 06:00 - 00000000 ____D C:\Users\Trial\AppData\Local\{5CED5D1E-5698-419F-92E4-843BA69D21CC}
    2012-05-31 15:59 - 2012-05-31 15:59 - 00000000 ____D C:\Program Files\ESET
    2012-05-31 15:34 - 2012-05-31 15:34 - 00000000 ____D C:\Users\Bisho\AppData\Local\http___www.julien-manici
    2012-05-31 10:48 - 2012-05-31 10:48 - 00000000 ____D C:\Users\Trial\AppData\Local\Microsoft Help
    2012-05-31 04:47 - 2012-05-31 04:47 - 00000000 ____D C:\Users\Trial\AppData\Local\{FC9C9319-029E-4BE1-99A1-551C43DA7262}
    2012-05-31 04:47 - 2012-05-31 04:47 - 00000000 ____D C:\Users\Trial\AppData\Local\{654A0ADD-3640-45DC-930D-39EC60AF4A6E}
    2012-05-31 04:17 - 2012-05-31 08:24 - 00000000 ____D C:\Windows\System32\_avast_
    2012-05-31 04:16 - 2012-05-31 09:22 - 00000000 ____D C:\Users\All Users\AVAST Software
    2012-05-31 04:16 - 2012-05-31 04:16 - 00000000 ____D C:\Program Files\AVAST Software
    2012-05-31 03:32 - 2012-05-31 03:32 - 00000000 ____D C:\Users\Bisho\AppData\Local\{FD4595E3-F5B9-442D-9B70-B14BB0CFB72E}
    2012-05-31 03:32 - 2012-05-31 03:32 - 00000000 ____D C:\Users\Bisho\AppData\Local\{3F021DB0-5021-438A-8589-1378DD6C4DE1}
    2012-05-30 13:01 - 2012-05-30 13:01 - 00000000 ____D C:\Users\Trial\AppData\Local\{E23F9E30-DAB2-411B-9072-CD0F0778F62F}
    2012-05-30 12:41 - 2012-05-30 12:41 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
    2012-05-30 11:08 - 2012-05-30 11:08 - 00000000 ____D C:\samsung
    2012-05-30 06:23 - 2012-06-23 15:09 - 00000000 ____D C:\Users\All Users\Windows Codecs
    2012-05-30 05:40 - 2012-05-30 05:40 - 00000000 ____D C:\Users\Bisho\AppData\Local\{A7D4A363-4572-4EC0-9A1F-3CE1EF394B7E}
    2012-05-30 05:39 - 2012-05-30 05:40 - 00000000 ____D C:\Users\Bisho\AppData\Local\{BC2CA819-D853-4146-8782-64ADCD2988D0}
    2012-05-29 09:18 - 2012-05-29 09:18 - 00000000 ____D C:\Users\Trial\AppData\Local\{B454A43C-6316-4746-A315-2810E5E0A734}
    2012-05-29 09:18 - 2012-05-29 09:18 - 00000000 ____D C:\Users\Trial\AppData\Local\{4A521E97-39AF-48A2-BEC3-A1B8F32666BD}
    2012-05-28 09:46 - 2012-05-28 09:47 - 00000000 ____D C:\Users\Trial\AppData\Local\{B570AE20-2634-4678-97BD-8AE6B93E4054}
    2012-05-28 09:46 - 2012-05-28 09:46 - 00000000 ____D C:\Users\Trial\AppData\Local\{A1532312-A1E0-4C57-831D-67756589AA45}
     
  6. gamesms

    gamesms TS Rookie Topic Starter Posts: 45

    ============ 3 Months Modified Files and Folders ===============

    2012-06-27 02:01 - 2012-06-27 02:01 - 00000000 ____D C:\FRST
    2012-06-26 14:56 - 2012-06-10 16:58 - 00000218 ____A C:\Windows\Tasks\AutoKMSDaily.job
    2012-06-26 14:56 - 2012-06-10 16:57 - 00151552 ____A C:\Windows\KMSEmulator.exe
    2012-06-26 14:56 - 2011-09-16 06:08 - 00000000 ____D C:\Program Files\Common Files\Akamai
    2012-06-26 14:55 - 2012-06-23 13:58 - 00000280 ____A C:\Windows\setupact.log
    2012-06-26 14:55 - 2012-06-23 13:56 - 00000133 ____A C:\Windows\errord.log
    2012-06-26 14:55 - 2012-06-10 16:58 - 00000216 ____A C:\Windows\Tasks\AutoKMS.job
    2012-06-26 14:55 - 2009-11-07 10:29 - 00000000 ____D C:\Users\All Users\NVIDIA
    2012-06-26 14:55 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2012-06-26 01:25 - 2012-06-26 01:25 - 00388096 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\csc.sys
    2012-06-25 14:03 - 2009-12-05 13:41 - 00000880 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2012-06-25 14:00 - 2012-06-25 14:00 - 00003400 ____N C:\bootsqm.dat
    2012-06-24 00:54 - 2011-09-20 06:16 - 00000000 ____D C:\Windows\AutoKMS
    2012-06-24 00:54 - 2010-03-02 06:58 - 00000000 ____D C:\users\Administrator
    2012-06-24 00:54 - 2010-01-31 15:11 - 00000000 ____D C:\users\nad
    2012-06-24 00:54 - 2009-11-08 01:14 - 00000000 ____D C:\users\Trial
    2012-06-24 00:54 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\wfp
    2012-06-24 00:54 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\DriverStore
    2012-06-24 00:54 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\registration
    2012-06-23 15:09 - 2012-05-30 06:23 - 00000000 ____D C:\Users\All Users\Windows Codecs
    2012-06-23 14:02 - 2012-06-22 15:04 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2012-06-23 13:59 - 2011-07-06 18:01 - 00000928 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2546657983-1106873551-1639024377-1001UA.job
    2012-06-23 13:59 - 2009-11-07 08:20 - 00000000 ____D C:\users\Bisho
    2012-06-23 13:58 - 2012-06-23 13:58 - 00000000 ____A C:\Windows\setuperr.log
    2012-06-23 07:37 - 2012-06-23 07:04 - 00000000 ___AD C:\Kaspersky Rescue Disk 10.0
    2012-06-23 02:15 - 2012-03-24 02:48 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\DMCache
    2012-06-22 16:41 - 2012-06-17 19:51 - 00623318 ____A C:\Windows\WindowsUpdate.log
    2012-06-22 16:36 - 2009-11-11 05:11 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\DAEMON Tools Lite
    2012-06-22 16:35 - 2012-06-21 03:26 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Media Player Classic
    2012-06-22 16:35 - 2010-07-01 14:39 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Winamp
    2012-06-22 16:34 - 2011-09-20 00:48 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\IDM
    2012-06-22 16:34 - 2009-11-08 02:27 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\uTorrent
    2012-06-22 16:28 - 2011-10-31 23:31 - 00000000 ____D C:\Users\Bisho\AppData\Local\CrashDumps
    2012-06-22 16:23 - 2011-02-07 00:14 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2546657983-1106873551-1639024377-1001UA.job
    2012-06-22 15:17 - 2012-06-22 15:17 - 00001945 ____A C:\Windows\epplauncher.mif
    2012-06-22 15:16 - 2012-06-22 15:16 - 00000000 ____D C:\Program Files\Microsoft Security Client
    2012-06-22 15:16 - 2009-11-07 08:34 - 00007070 ____A C:\Windows\System32\PerfStringBackup.INI
    2012-06-22 15:14 - 2009-11-07 08:46 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\DMCache
    2012-06-22 15:04 - 2012-06-22 15:04 - 00001925 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    2012-06-22 15:04 - 2012-06-22 15:04 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\SUPERAntiSpyware.com
    2012-06-22 15:04 - 2012-06-22 15:04 - 00000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
    2012-06-22 15:00 - 2009-07-13 20:34 - 00028864 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2012-06-22 15:00 - 2009-07-13 20:34 - 00028864 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2012-06-22 14:44 - 2009-12-05 13:41 - 00000884 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2012-06-22 14:35 - 2012-06-22 14:35 - 00000000 ____D C:\Users\Bisho\AppData\Local\{C43C6127-A7FF-45DC-A5AE-0FF1BFF90976}
    2012-06-22 14:35 - 2012-06-22 14:35 - 00000000 ____D C:\Users\Bisho\AppData\Local\{065076BA-575E-4538-B26B-EDECC5D72429}
    2012-06-22 14:35 - 2010-04-12 08:19 - 00000000 ____D C:\Users\Bisho\AppData\Local\Windows Live
    2012-06-22 13:52 - 2012-06-22 13:52 - 00000000 ____D C:\Users\Bisho\AppData\Local\{4DE7BF4B-7E01-4E27-9BB4-88A3753B2917}
    2012-06-22 13:14 - 2010-01-30 10:31 - 00000000 ____D C:\Users\Trial\AppData\Roaming\DMCache
    2012-06-22 13:13 - 2009-11-08 01:19 - 00000000 ____D C:\Users\Trial\AppData\Roaming\Adobe
    2012-06-22 13:13 - 2009-11-08 01:16 - 00664680 ____A C:\Users\Trial\AppData\Local\GDIPFONTCACHEV1.DAT
    2012-06-21 12:37 - 2012-06-21 12:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{5E801A8A-F905-4E80-AB1F-9EE013BB71F4}
    2012-06-21 12:37 - 2012-06-21 12:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{0678E3D3-422B-40FA-986B-D29BC6A60A2F}
    2012-06-21 02:45 - 2012-06-21 02:45 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
    2012-06-21 02:45 - 2012-06-21 02:45 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
    2012-06-20 17:29 - 2012-06-20 17:29 - 00000000 ____D C:\Windows\System32\Macromed
    2012-06-20 17:29 - 2010-04-13 15:50 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
    2012-06-20 16:09 - 2012-04-30 11:12 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\vlc
    2012-06-20 03:01 - 2012-06-20 03:01 - 00000000 ____D C:\Users\Bisho\AppData\Local\{FDA19AB1-6BD7-4221-81C2-123F701A2044}
    2012-06-20 03:01 - 2012-06-20 03:01 - 00000000 ____D C:\Users\Bisho\AppData\Local\{1339E2F0-0898-4A1A-90EE-45E65370B9E3}
    2012-06-20 01:29 - 2011-07-06 18:01 - 00000906 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2546657983-1106873551-1639024377-1001Core.job
    2012-06-19 15:00 - 2012-06-19 14:55 - 00000000 ____D C:\Users\Bisho\AppData\Local\{E62E5AD8-E86A-4DF4-A627-C8FE355EF0CB}
    2012-06-19 14:55 - 2012-06-19 14:55 - 00000000 ____D C:\Users\Bisho\AppData\Local\{0625B66D-F1EC-49A0-914F-5BB78979A3D5}
    2012-06-19 12:23 - 2011-02-07 00:14 - 00000856 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2546657983-1106873551-1639024377-1001Core.job
    2012-06-18 13:56 - 2009-11-07 08:46 - 00000000 ____D C:\Program Files\Internet Download Manager
    2012-06-17 19:49 - 2012-06-17 19:49 - 00000000 ____D C:\Samsung Galaxy S3 ToolKit
    2012-06-17 19:18 - 2011-06-29 05:48 - 00000360 ____A C:\Users\Bisho\AppData\Roaming\Network Meter_Settings.ini
    2012-06-17 19:14 - 2012-06-17 17:10 - 00000000 ____D C:\Users\Administrator\Documents\SelfMV
    2012-06-17 16:31 - 2012-06-17 16:31 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\DivX
    2012-06-17 16:31 - 2011-05-27 15:23 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Media Player Classic
    2012-06-17 16:24 - 2012-03-24 02:48 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\IDM
    2012-06-17 16:17 - 2012-06-17 16:18 - 00476936 ____A (Sun Microsystems, Inc.) C:\Windows\System32\npdeployJava1.dll
    2012-06-17 16:17 - 2012-06-17 16:18 - 00157448 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe
    2012-06-17 16:17 - 2012-06-17 16:18 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe
    2012-06-17 16:17 - 2012-06-17 16:18 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe
    2012-06-17 16:17 - 2011-05-05 19:36 - 00472840 ____A (Sun Microsystems, Inc.) C:\Windows\System32\deployJava1.dll
    2012-06-17 16:02 - 2012-06-17 16:02 - 00000000 ____D C:\Users\Administrator\Documents\samsung
    2012-06-17 16:02 - 2012-06-17 16:02 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Samsung
    2012-06-17 16:02 - 2012-06-17 16:02 - 00000000 ____D C:\Users\Administrator\AppData\Local\Samsung
    2012-06-17 16:01 - 2012-03-22 08:50 - 00000632 _RASH C:\Users\Administrator\ntuser.pol
    2012-06-17 16:01 - 2011-06-04 12:42 - 00664680 ____A C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
    2012-06-17 16:01 - 2011-05-27 14:27 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
    2012-06-17 15:38 - 2012-06-17 15:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{6CAF425C-BE6E-45BE-ABE5-796DE1228AF4}
    2012-06-17 03:37 - 2012-06-17 03:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{F6ACF6FD-B54D-442F-B19E-9D57CADC5CF6}
    2012-06-17 03:06 - 2012-04-21 23:54 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
    2012-06-16 17:30 - 2009-11-07 09:28 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2012-06-16 15:37 - 2012-06-16 15:36 - 00000000 ____D C:\Users\Bisho\AppData\Local\{35660FCA-8C88-44DF-A376-E218614A3AB7}
    2012-06-16 03:36 - 2012-06-16 03:36 - 00000000 ____D C:\Users\Bisho\AppData\Local\{775D1AE3-A936-4C11-A317-DBD7222DFE25}
    2012-06-15 15:43 - 2012-03-23 06:43 - 00000000 ____D C:\Users\Bisho\AppData\Local\Symbian-Toys.com
    2012-06-15 15:35 - 2001-12-18 01:10 - 00000657 ____A C:\Windows\wafi2000.ini
    2012-06-15 14:59 - 2009-11-08 01:24 - 00001555 ____A C:\Windows\ata live update.ini
    2012-06-15 13:53 - 2012-06-15 13:53 - 00000000 ____D C:\Users\Bisho\AppData\Local\{AEE7D9F0-F4AC-444E-99AD-96B3911A0B0D}
    2012-06-15 03:19 - 2012-06-14 17:59 - 00000350 ____A C:\Windows\Tasks\At2.job
    2012-06-14 18:00 - 2012-06-14 17:59 - 00000456 ____A C:\Windows\Tasks\At1.job
    2012-06-14 17:59 - 2012-06-14 17:59 - 00000000 ____D C:\Windows\System32\1056
    2012-06-14 17:56 - 2012-06-04 16:40 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
    2012-06-14 17:56 - 2010-02-28 17:32 - 00000000 ____D C:\Users\All Users\Spybot - Search & Destroy
    2012-06-14 13:15 - 2012-06-14 13:15 - 00000000 ____D C:\Users\Bisho\AppData\Local\{8B10F81E-B4C4-48C5-B4AA-B72DF1D31F11}
    2012-06-14 13:15 - 2012-06-14 13:15 - 00000000 ____D C:\Users\Bisho\AppData\Local\{1CBD6B84-781C-40FD-86ED-EA3CFDBF2ECA}
    2012-06-13 03:31 - 2012-06-13 03:31 - 00000000 ____D C:\Users\Bisho\AppData\Local\{88D1BAAD-19F1-4664-AA15-735C170FC220}
    2012-06-13 03:31 - 2012-06-13 03:31 - 00000000 ____D C:\Users\Bisho\AppData\Local\{12C5CCCC-A0FF-4044-B9D6-D445AD0EAB66}
    2012-06-12 11:20 - 2012-06-12 11:20 - 00000000 ____D C:\Users\Bisho\AppData\Local\{398D6AA7-82B4-4126-A37E-9D1C18D1187A}
    2012-06-12 11:20 - 2012-06-12 11:20 - 00000000 ____D C:\Users\Bisho\AppData\Local\{0DC74891-02F3-44B1-B87B-BF0C0EE2693B}
    2012-06-12 04:09 - 2009-11-07 09:45 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Skype
    2012-06-12 04:06 - 2012-06-10 16:48 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\IObit
    2012-06-11 16:25 - 2012-06-11 16:24 - 00000000 ____D C:\Users\Bisho\AppData\Local\{EE84F72B-1959-4BD3-ADF2-7B901B90EA72}
    2012-06-11 16:24 - 2012-06-11 16:24 - 00000000 ____D C:\Users\Bisho\AppData\Local\{20003CBF-1B19-44B6-B73C-0CDD87A7A9D5}
    2012-06-11 15:56 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\NDF
    2012-06-11 15:48 - 2011-01-02 14:14 - 00998188 ___AH C:\Windows\System32\mlfcache.dat
    2012-06-11 15:22 - 2012-06-11 15:22 - 00001713 ____A C:\Users\Public\Desktop\iTunes.lnk
    2012-06-11 15:22 - 2012-06-11 15:21 - 00000000 ____D C:\Program Files\iTunes
    2012-06-11 15:21 - 2012-06-11 15:21 - 00000000 ____D C:\Program Files\iPod
    2012-06-11 15:21 - 2012-05-27 14:42 - 00000000 ____D C:\Program Files\Common Files\Apple
    2012-06-11 15:19 - 2012-06-11 15:19 - 00000000 ____D C:\Program Files\Bonjour
    2012-06-11 03:54 - 2011-11-10 09:50 - 05169576 ____A C:\Windows\System32\FNTCACHE.DAT
    2012-06-10 16:48 - 2012-06-10 16:48 - 00000000 ____D C:\Program Files\IObit
    2012-06-10 16:13 - 2012-01-23 02:09 - 00034379 ____A C:\swtag.log
    2012-06-10 16:13 - 2011-11-10 09:51 - 00664680 ____A C:\Users\Bisho\AppData\Local\GDIPFONTCACHEV1.DAT
    2012-06-10 16:13 - 2010-12-07 23:15 - 00000000 ____D C:\Users\All Users\regid.1986-12.com.adobe
    2012-06-10 16:13 - 2009-11-07 13:26 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Adobe
    2012-06-10 16:11 - 2009-11-11 05:16 - 00000000 ____D C:\Users\Bisho\AppData\Local\Adobe
    2012-06-10 15:51 - 2009-11-07 12:54 - 00000000 ____D C:\Program Files\Common Files\Adobe
    2012-06-10 15:49 - 2009-11-11 05:11 - 00000000 ____D C:\Program Files\Adobe
    2012-06-10 15:45 - 2009-11-11 05:11 - 00000000 ____D C:\Users\All Users\Adobe
    2012-06-10 15:32 - 2012-06-10 15:32 - 00000000 ____D C:\Users\Bisho\AppData\Local\Macromedia
    2012-06-09 17:41 - 2011-12-19 01:00 - 00000000 ____D C:\Program Files\CCleaner
    2012-06-09 14:58 - 2012-06-08 16:25 - 00000000 ____D C:\Users\Bisho\AppData\Local\Conduit
    2012-06-09 11:58 - 2012-06-09 11:58 - 00000000 ____D C:\Program Files\fr3nsis
    2012-06-09 09:21 - 2009-11-08 05:08 - 00178688 ____A C:\Windows\System32\unrar.dll
    2012-06-08 16:26 - 2012-06-08 16:26 - 00000000 ____D C:\Users\Bisho\AppData\Local\CRE
    2012-06-08 16:25 - 2012-06-08 16:25 - 00000000 ____D C:\Program Files\Conduit
    2012-06-08 13:02 - 2011-12-30 12:47 - 00000824 ____A C:\Users\Bisho\AppData\Roaming\TOMASADISON.MTBF.txt
    2012-06-08 13:02 - 2011-05-11 21:57 - 00000000 ____D C:\Users\Bisho\AppData\Local\Avid
    2012-06-08 13:02 - 2011-05-11 21:50 - 00000349 ____A C:\Users\Public\Documents\PCLECHAL.INI
    2012-06-08 11:03 - 2012-06-08 11:03 - 00000000 ____D C:\Users\Bisho\AppData\Local\{EF5A350C-4A79-4A6F-8A99-DCED60A1AFBC}
    2012-06-08 11:03 - 2012-06-08 11:03 - 00000000 ____D C:\Users\Bisho\AppData\Local\{C2756249-6B3F-421F-98CB-E510DA8713B8}
    2012-06-08 10:08 - 2009-07-13 20:53 - 00032612 ____A C:\Windows\Tasks\SCHEDLGU.TXT
    2012-06-07 11:38 - 2012-06-07 11:37 - 00000000 ____D C:\Users\Trial\AppData\Local\{7F4CA021-6A8C-4EA2-8B22-4A9ABE12F487}
    2012-06-07 11:37 - 2012-06-07 11:37 - 00000000 ____D C:\Users\Trial\AppData\Local\{309EDD3B-8C8B-4771-BAC7-A4879052E295}
    2012-06-07 11:37 - 2011-11-05 11:12 - 00000000 ____D C:\Users\Trial\AppData\Local\Windows Live
    2012-06-06 14:05 - 2012-06-06 14:05 - 00002048 ____A C:\Uninstall.dat
    2012-06-06 08:10 - 2012-06-06 08:10 - 00000000 ____D C:\Users\Bisho\AppData\Local\{9C1F7C7A-8EDA-48F1-8B36-268C28A208CC}
    2012-06-06 08:10 - 2012-06-06 08:10 - 00000000 ____D C:\Users\Bisho\AppData\Local\{4576DBA7-2953-4F36-9FC2-DFD7A164E2AF}
    2012-06-05 10:33 - 2012-06-05 10:33 - 00000000 ____D C:\Users\Bisho\AppData\Local\{C6060028-C0DD-4AED-A7F7-E64E27C02FB0}
    2012-06-05 10:33 - 2012-06-05 10:33 - 00000000 ____D C:\Users\Bisho\AppData\Local\{6A82BB6B-F73A-494E-B2DE-020E2480A8AF}
    2012-06-04 16:34 - 2009-07-13 18:04 - 00000000 ____A C:\Windows\System32\Drivers\etc\hosts.old
    2012-06-04 15:56 - 2012-04-22 03:32 - 00000000 ____D C:\Program Files\SecurityKISS Tunnel
    2012-06-04 12:15 - 2012-06-04 12:15 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Yahoo!
    2012-06-04 08:14 - 2012-06-04 08:14 - 00000000 ____D C:\Users\Trial\AppData\Local\{2D004930-5A09-461A-BBFF-A98654BE9EC8}
    2012-06-04 08:14 - 2012-06-04 08:13 - 00000000 ____D C:\Users\Trial\AppData\Local\{5DD33D6C-1580-4472-9B2A-9F85F54CA326}
    2012-06-04 05:22 - 2012-06-04 05:21 - 00000000 ____D C:\Users\Bisho\AppData\Local\{EB2BBEFF-FEE9-47F4-818D-5B97F3B913CD}
    2012-06-04 05:21 - 2012-06-04 05:21 - 00000000 ____D C:\Users\Bisho\AppData\Local\{768CBF18-F3F5-414A-9AF7-53C7D1461177}
    2012-06-04 03:45 - 2009-11-27 03:40 - 00000000 ____D C:\Windows\Minidump
    2012-06-04 03:28 - 2009-11-07 11:35 - 00000000 ____D C:\Users\Bisho\AppData\Local\Google
    2012-06-04 03:28 - 2009-11-07 09:31 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Mozilla
    2012-06-04 03:26 - 2011-07-10 19:08 - 00000000 ____D C:\Program Files\Real
    2012-06-04 03:26 - 2009-11-08 00:51 - 00000000 ____D C:\Users\All Users\Real
    2012-06-04 03:26 - 2009-11-08 00:47 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Real
    2012-06-03 11:45 - 2012-02-02 08:11 - 00000000 ____D C:\Users\Trial\AppData\Local\CrashDumps
    2012-06-03 05:10 - 2012-06-03 05:10 - 00000000 ____D C:\Users\Trial\AppData\Local\{A6A9019B-0D93-4C24-9087-9118667E8BC8}
    2012-06-03 05:10 - 2012-06-03 05:10 - 00000000 ____D C:\Users\Trial\AppData\Local\{8099B7FE-A129-4D54-87E4-124B0655CE3F}
    2012-06-03 05:10 - 2010-01-30 10:31 - 00000000 ____D C:\Users\Trial\AppData\Roaming\IDM
    2012-06-03 03:39 - 2012-06-03 03:39 - 00000000 ____D C:\Users\Bisho\AppData\Local\{D0305CEA-6719-4196-9878-625C4EC26E73}
    2012-06-03 03:39 - 2012-06-03 03:39 - 00000000 ____D C:\Users\Bisho\AppData\Local\{85C3E1BE-CBC7-46ED-BB1B-2ED2B096103E}
    2012-06-03 03:36 - 2009-11-11 16:34 - 00000418 _RASH C:\Users\All Users\ntuser.pol
    2012-06-02 15:42 - 2012-06-02 15:42 - 00000000 ____D C:\Users\Bisho\AppData\Local\ESET
    2012-06-02 09:07 - 2012-06-02 09:07 - 00000000 ____D C:\Users\Bisho\AppData\Local\{06C2CC86-8AF0-4D41-B9A3-A68BE6B4B49E}
    2012-06-02 09:07 - 2012-06-02 09:06 - 00000000 ____D C:\Users\Bisho\AppData\Local\{FB24A4E1-8D9A-424C-A4F5-1482718872A7}
    2012-06-02 06:00 - 2012-06-02 06:00 - 00000000 ____D C:\Users\Trial\AppData\Local\{87EB8656-9A9B-496C-BB21-83E280A311C1}
    2012-06-02 06:00 - 2012-06-02 05:59 - 00000000 ____D C:\Users\Trial\AppData\Local\{5CED5D1E-5698-419F-92E4-843BA69D21CC}
    2012-06-01 17:56 - 2009-11-07 12:46 - 00000000 ____D C:\Program Files\Google
    2012-06-01 08:31 - 2011-07-15 07:03 - 00000419 ____A C:\Windows\BRWMARK.INI
    2012-05-31 16:04 - 2009-07-13 18:04 - 00000542 ____A C:\Windows\win.ini
    2012-05-31 16:00 - 2009-07-13 18:37 - 00000000 __RHD C:\users\Default
    2012-05-31 15:59 - 2012-05-31 15:59 - 00000000 ____D C:\Program Files\ESET
    2012-05-31 15:34 - 2012-05-31 15:34 - 00000000 ____D C:\Users\Bisho\AppData\Local\http___www.julien-manici
    2012-05-31 13:54 - 2012-05-06 15:10 - 00000000 ____D C:\Flashtool
    2012-05-31 13:53 - 2009-11-07 10:28 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
    2012-05-31 10:48 - 2012-05-31 10:48 - 00000000 ____D C:\Users\Trial\AppData\Local\Microsoft Help
    2012-05-31 10:48 - 2009-11-07 11:01 - 00000000 ____D C:\Users\All Users\Microsoft Help
    2012-05-31 09:22 - 2012-05-31 04:16 - 00000000 ____D C:\Users\All Users\AVAST Software
    2012-05-31 08:24 - 2012-05-31 04:17 - 00000000 ____D C:\Windows\System32\_avast_
    2012-05-31 04:47 - 2012-05-31 04:47 - 00000000 ____D C:\Users\Trial\AppData\Local\{FC9C9319-029E-4BE1-99A1-551C43DA7262}
    2012-05-31 04:47 - 2012-05-31 04:47 - 00000000 ____D C:\Users\Trial\AppData\Local\{654A0ADD-3640-45DC-930D-39EC60AF4A6E}
    2012-05-31 04:39 - 2012-01-04 11:24 - 00000000 ___HD C:\CTF
    2012-05-31 04:17 - 2009-07-13 18:04 - 00002577 ____A C:\Windows\System32\config.nt
    2012-05-31 04:16 - 2012-05-31 04:16 - 00000000 ____D C:\Program Files\AVAST Software
    2012-05-31 03:32 - 2012-05-31 03:32 - 00000000 ____D C:\Users\Bisho\AppData\Local\{FD4595E3-F5B9-442D-9B70-B14BB0CFB72E}
    2012-05-31 03:32 - 2012-05-31 03:32 - 00000000 ____D C:\Users\Bisho\AppData\Local\{3F021DB0-5021-438A-8589-1378DD6C4DE1}
    2012-05-30 18:03 - 2010-02-08 00:02 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\FileZilla
    2012-05-30 13:01 - 2012-05-30 13:01 - 00000000 ____D C:\Users\Trial\AppData\Local\{E23F9E30-DAB2-411B-9072-CD0F0778F62F}
    2012-05-30 12:41 - 2012-05-30 12:41 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
    2012-05-30 12:16 - 2011-05-01 15:50 - 00000000 ____D C:\Users\All Users\AVerTV
    2012-05-30 11:08 - 2012-05-30 11:08 - 00000000 ____D C:\samsung
    2012-05-30 05:40 - 2012-05-30 05:40 - 00000000 ____D C:\Users\Bisho\AppData\Local\{A7D4A363-4572-4EC0-9A1F-3CE1EF394B7E}
    2012-05-30 05:40 - 2012-05-30 05:39 - 00000000 ____D C:\Users\Bisho\AppData\Local\{BC2CA819-D853-4146-8782-64ADCD2988D0}
    2012-05-30 03:06 - 2006-07-11 08:35 - 00348160 ____A (Microsoft Corporation) C:\Windows\System32\msvcr71.dll
    2012-05-29 09:18 - 2012-05-29 09:18 - 00000000 ____D C:\Users\Trial\AppData\Local\{B454A43C-6316-4746-A315-2810E5E0A734}
    2012-05-29 09:18 - 2012-05-29 09:18 - 00000000 ____D C:\Users\Trial\AppData\Local\{4A521E97-39AF-48A2-BEC3-A1B8F32666BD}
    2012-05-28 23:38 - 2012-03-28 11:11 - 00330240 ____A ((?)????) C:\Windows\MASetupCaller.dll
    2012-05-28 09:47 - 2012-05-28 09:46 - 00000000 ____D C:\Users\Trial\AppData\Local\{B570AE20-2634-4678-97BD-8AE6B93E4054}
    2012-05-28 09:46 - 2012-05-28 09:46 - 00000000 ____D C:\Users\Trial\AppData\Local\{A1532312-A1E0-4C57-831D-67756589AA45}
    2012-05-27 15:16 - 2012-03-29 13:11 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\redsn0w
    2012-05-27 14:43 - 2011-01-12 19:03 - 00000000 ____D C:\Users\All Users\Apple Computer
    2012-05-27 11:40 - 2012-05-27 11:39 - 00000000 ____D C:\Users\Trial\AppData\Local\{723E762F-2DF3-4ED8-B729-455682FCB38A}
    2012-05-27 11:39 - 2012-05-27 11:39 - 00000000 ____D C:\Users\Trial\AppData\Local\{FA78BCE5-2AC7-4BF6-B7D7-8F92A8D180E3}
    2012-05-27 11:39 - 2012-05-27 11:39 - 00000000 ____D C:\Users\Trial\AppData\Local\{E743C357-9EB9-4CC2-A451-FBAFE8D639D3}
    2012-05-27 11:39 - 2012-05-27 11:39 - 00000000 ____D C:\Users\Trial\AppData\Local\{C274FCEE-3A44-43AD-A766-519EF68DED78}
    2012-05-27 11:39 - 2012-05-27 11:39 - 00000000 ____D C:\Users\Trial\AppData\Local\{898F0074-B468-4D23-8D83-0F2312E6FFB3}
    2012-05-27 00:06 - 2012-05-27 00:02 - 00008103 ____A C:\Windows\System32\Drivers\etc\hosts.umbrella
    2012-05-27 00:02 - 2012-05-27 00:01 - 00000000 ____D C:\Users\Bisho\.shsh
    2012-05-26 23:38 - 2012-05-26 23:38 - 00000000 ____D C:\Users\Trial\AppData\Local\{7D066CC3-5963-4B52-9A99-DF2833115CFA}
    2012-05-26 23:38 - 2012-05-26 23:38 - 00000000 ____D C:\Users\Trial\AppData\Local\{741BB85A-8317-462B-90A6-E9C2FF355E98}
    2012-05-26 11:42 - 2012-05-20 12:12 - 00000000 ____D C:\Users\Bisho\AppData\Local\libimobiledevice
    2012-05-26 07:01 - 2012-05-26 07:01 - 00000000 ____D C:\Users\Trial\AppData\Local\{B83AE3FD-1083-470D-B3FB-B415CCE9F847}
    2012-05-26 07:01 - 2012-05-26 07:01 - 00000000 ____D C:\Users\Trial\AppData\Local\{3958A0C9-8E73-43AD-A0C5-2ECDF618556F}
    2012-05-26 07:00 - 2012-02-23 13:26 - 00000000 ____D C:\Users\Trial\AppData\Roaming\Apple Computer
    2012-05-26 06:59 - 2012-05-26 06:59 - 00000000 ____D C:\Users\Trial\AppData\Local\Apple Computer
    2012-05-25 09:44 - 2012-05-25 09:43 - 00000000 ____D C:\Users\Trial\AppData\Local\{067F3F28-213A-4636-9B19-62C407B6D0AB}
    2012-05-25 09:43 - 2012-05-25 09:43 - 00000000 ____D C:\Users\Trial\AppData\Local\{8C212CA0-4857-4B99-BFB1-4FB4EEC4BF45}
    2012-05-24 09:51 - 2012-05-24 09:51 - 00000000 ____D C:\Users\Trial\AppData\Local\{D395134E-9AA9-4C8F-A1F8-CD07867EB7F5}
    2012-05-24 09:51 - 2012-05-24 09:51 - 00000000 ____D C:\Users\Trial\AppData\Local\{9008271E-15F3-428D-AD46-B224C3598D8D}
    2012-05-23 13:09 - 2012-05-23 13:09 - 00000000 ____D C:\Users\Trial\AppData\Local\{7F71E053-9C60-4868-9474-7818E24539CB}
    2012-05-23 08:28 - 2012-05-23 08:28 - 00000000 ____D C:\Users\Trial\AppData\Local\{A9A485A7-FE4F-42B1-BDB8-FD229D798248}
    2012-05-22 11:27 - 2012-05-22 11:27 - 00000000 ____D C:\Users\Trial\AppData\Local\{A9F35C19-BDA9-4437-8A0B-029FA770DA36}
    2012-05-22 11:27 - 2012-05-22 11:27 - 00000000 ____D C:\Users\Trial\AppData\Local\{27988716-885F-40F2-B394-71F193AB51E2}
    2012-05-22 01:34 - 2010-06-11 02:01 - 00000632 _RASH C:\Users\Bisho\ntuser.pol
    2012-05-21 16:06 - 2012-05-21 16:06 - 00000000 ____D C:\Users\Trial\AppData\Local\{50DD0A74-3A1F-4D15-817C-65149FB8BCDC}
    2012-05-21 16:06 - 2012-05-21 16:06 - 00000000 ____D C:\Users\Trial\AppData\Local\{3EEA2542-359E-44FF-8F7F-58DD79A37132}
    2012-05-21 12:24 - 2011-07-17 02:58 - 00000000 ____D C:\Program Files\ProgDVB
    2012-05-21 10:57 - 2010-06-16 01:58 - 00000632 _RASH C:\Users\Trial\ntuser.pol
    2012-05-21 08:47 - 2010-06-13 16:29 - 00000000 ____D C:\Users\All Users\2DBoy
    2012-05-21 04:06 - 2012-05-21 04:06 - 00000000 ____D C:\Users\Trial\AppData\Local\{6265BB00-5445-4270-BA6B-830295E27949}
    2012-05-21 04:05 - 2012-05-21 04:05 - 00000000 ____D C:\Users\Trial\AppData\Local\{B954B72F-CE94-4FBF-96C5-3B67FF098349}
    2012-05-20 18:09 - 2012-06-17 14:12 - 00181432 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
    2012-05-20 18:09 - 2012-06-17 14:12 - 00080824 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys
    2012-05-20 13:54 - 2012-05-20 13:54 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Sun
    2012-05-20 11:39 - 2012-05-20 11:39 - 00000000 ____D C:\Users\Bisho\AppData\Local\{9F093341-98D0-4230-AB95-C2BC75289C14}
    2012-05-20 11:39 - 2012-05-20 11:39 - 00000000 ____D C:\Users\Bisho\AppData\Local\{09E467C6-351F-4008-8241-9EBBD1379D1F}
    2012-05-20 10:54 - 2012-05-20 10:54 - 00000000 ____D C:\Users\Trial\AppData\Local\{4E0D0F98-7BF5-483D-A094-930D4C2682CA}
    2012-05-20 10:54 - 2012-05-20 10:54 - 00000000 ____D C:\Users\Trial\AppData\Local\{22EEC186-B0AF-4EA3-8E63-8558ABACB737}
    2012-05-20 09:26 - 2012-05-20 09:26 - 00000000 ____D C:\Users\Bisho\AppData\Local\{A3F50570-4FF2-4C81-849A-22403F3CB0A0}
    2012-05-19 12:44 - 2012-05-19 12:44 - 00000000 ____D C:\Users\Bisho\AppData\Local\{5B14566F-C311-4766-83D3-0EE0F8C027BC}
    2012-05-19 12:44 - 2012-05-19 12:44 - 00000000 ____D C:\Users\Bisho\AppData\Local\{362EF2B4-17BA-44D9-9BC4-C6977A09D17A}
    2012-05-19 02:05 - 2012-05-19 02:05 - 00000000 ____D C:\Users\Trial\AppData\Local\{11DB7EFD-B0EB-461B-838D-FCE959E8AFD9}
    2012-05-19 02:05 - 2012-05-19 02:04 - 00000000 ____D C:\Users\Trial\AppData\Local\{864C8293-5D38-4333-B2A8-7C1A082D45EE}
    2012-05-18 14:09 - 2012-02-07 17:57 - 00005023 ____A C:\Users\All Users\mxnhytee.feu
    2012-05-18 11:23 - 2012-05-18 11:23 - 00000000 ____D C:\Users\Bisho\AppData\Local\{E8E4E546-AB42-4D91-85DA-9C1CBD284C79}
    2012-05-18 11:23 - 2012-05-18 11:23 - 00000000 ____D C:\Users\Bisho\AppData\Local\{2ADE39D9-AB8F-4E16-89F0-EB2962885F26}
    2012-05-18 08:15 - 2012-05-18 08:15 - 00000000 ____A C:\Windows\System32\debug.log
    2012-05-17 12:55 - 2012-04-09 07:19 - 00000000 ____D C:\Users\Bisho\AppData\Local\Htc
    2012-05-17 04:22 - 2009-11-07 10:32 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
    2012-05-06 16:20 - 2012-05-06 16:20 - 00000218 ____A C:\Users\Bisho\.recently-used.xbel
    2012-05-06 15:53 - 2012-02-07 19:37 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\gtk-2.0
    2012-05-06 15:50 - 2012-05-06 15:50 - 00000000 ____D C:\Users\Bisho\.Virtualbox.sav
    2012-05-06 05:21 - 2012-05-06 05:21 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Need for Speed World
    2012-05-05 08:36 - 2012-05-05 08:36 - 00000000 ____D C:\Users\Bisho\AppData\Local\{69132A0E-4AE2-4B21-8888-5F34E08265C9}
    2012-05-05 08:36 - 2012-05-05 08:36 - 00000000 ____D C:\Users\Bisho\AppData\Local\{2B393701-9B22-448D-8FFF-E1A40A8093EA}
    2012-05-03 16:49 - 2012-05-03 16:49 - 00000000 ____D C:\Users\Default\AppData\LocalGoogle
    2012-05-03 16:49 - 2012-05-03 16:49 - 00000000 ____D C:\Users\Default\AppData\Local\Google
    2012-05-03 16:49 - 2012-05-03 16:49 - 00000000 ____D C:\Users\Default User\AppData\LocalGoogle
    2012-05-03 16:49 - 2012-05-03 16:49 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
    2012-05-03 05:45 - 2011-05-27 14:32 - 00001001 ____A C:\Users\Administrator\AppData\Roaming\Rim.Desktop.Exception.log
    2012-05-03 05:31 - 2012-04-14 10:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\Htc
    2012-05-03 04:18 - 2012-05-03 04:07 - 127469288 ____A (Research In Motion Ltd. ) C:\Users\Administrator\Downloads\8520wifiM_PBr5.0.0_rel1168_PL5.2.0.67_A5.0.0.681_MTC_Touch.exe
    2012-05-03 04:17 - 2012-05-03 04:17 - 00003043 ____A C:\Users\Administrator\Desktop\BBSAK.lnk
    2012-05-03 04:17 - 2012-05-03 04:17 - 00000000 ____D C:\Program Files\BBSAK
    2012-05-03 03:34 - 2012-05-03 03:34 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Acapela Group
    2012-05-03 03:33 - 2012-05-03 03:33 - 00000000 ____D C:\Users\Administrator\AppData\LocalGoogle
    2012-05-03 03:33 - 2010-03-02 07:00 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
    2012-05-01 08:55 - 2012-05-01 08:55 - 00000000 ____D C:\Users\Trial\AppData\Local\{E5BC8329-1C3A-46E7-BE2F-97F0180AEFAE}
    2012-05-01 08:52 - 2012-05-01 08:52 - 00000000 ____D C:\Users\Trial\AppData\Local\{E47AB045-61C6-4B22-BB70-88088AA90B89}
    2012-05-01 08:51 - 2012-04-25 01:52 - 00000000 ____D C:\Users\Trial\AppData\Local\Htc
    2012-04-30 01:57 - 2012-04-30 01:56 - 00000000 ____D C:\Users\Trial\AppData\Local\{77D2391E-9DDD-4D39-8F2F-20A406F0DF2C}
    2012-04-30 01:56 - 2012-04-30 01:56 - 00000000 ____D C:\Users\Trial\AppData\Local\{BAA18330-3547-4C2C-AAAA-B393ED001807}
    2012-04-30 01:39 - 2011-06-04 20:51 - 00000000 ____D C:\Program Files\CyberLink
    2012-04-30 01:39 - 2011-06-04 20:48 - 00000000 ____D C:\Users\All Users\CyberLink
    2012-04-29 13:57 - 2011-06-04 20:49 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\CyberLink
    2012-04-29 13:56 - 2011-06-04 20:48 - 00000000 ____D C:\Users\Bisho\AppData\Local\Cyberlink
    2012-04-29 13:56 - 2010-02-06 17:55 - 00000000 ____D C:\Users\Public\CyberLink
    2012-04-29 13:46 - 2011-10-25 02:08 - 00000000 ____D C:\Users\All Users\install_clap
    2012-04-29 08:19 - 2012-04-29 08:19 - 00000000 ____D C:\Users\Trial\AppData\Local\{A88E26BD-F3C9-44B4-97DF-AC98B670EDD3}
    2012-04-29 05:14 - 2012-04-29 05:14 - 00000000 ____D C:\Users\Trial\AppData\Roaming\Acapela Group
    2012-04-29 01:29 - 2012-04-29 01:29 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Acapela Group
    2012-04-28 06:10 - 2009-12-05 04:39 - 00000000 ____D C:\Program Files\DIFX
    2012-04-27 07:41 - 2012-04-27 07:41 - 00000000 ____D C:\Users\Bisho\AppData\Local\{8689EC5D-BB26-45CC-B4B0-1691159D0DE1}
    2012-04-27 07:41 - 2012-04-27 07:41 - 00000000 ____D C:\Users\Bisho\AppData\Local\{2653F3B9-23CD-43E8-B943-11601E463A8D}
    2012-04-26 09:08 - 2009-11-07 11:24 - 55656824 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2012-04-25 14:03 - 2010-11-02 18:19 - 00000000 ____D C:\Users\Bisho\AppData\Local\SKIDROW
    2012-04-25 14:00 - 2012-04-25 14:00 - 00000000 ____D C:\Program Files\GFI Software
    2012-04-25 13:59 - 2012-04-25 13:59 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\GFI Software
    2012-04-25 01:59 - 2012-04-25 01:59 - 00000000 ____D C:\Users\Trial\AppData\Local\{33486AAC-8192-4CF2-8DAE-402D15C9700D}
    2012-04-25 01:52 - 2012-04-25 01:51 - 00000000 ____D C:\Users\Trial\AppData\Roaming\HTC
    2012-04-25 01:50 - 2012-04-25 01:50 - 00000000 ____D C:\Users\Trial\AppData\LocalGoogle
    2012-04-25 01:50 - 2009-11-08 01:15 - 00000000 ____D C:\Users\Trial\AppData\Local\Google
    2012-04-24 23:19 - 2009-11-12 04:59 - 00000000 ____D C:\Program Files\Common Files\Blizzard Entertainment
    2012-04-24 12:44 - 2012-04-24 12:44 - 00000000 ____D C:\Users\Bisho\AppData\LocalGoogle
    2012-04-24 11:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Microsoft.NET
    2012-04-24 05:56 - 2009-11-08 05:12 - 00094720 ____A C:\Users\Bisho\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2012-04-24 04:34 - 2009-11-12 08:11 - 00000000 ____D C:\Users\All Users\Blizzard Entertainment
    2012-04-24 04:34 - 2009-07-13 18:37 - 00000000 ___RD C:\users\Public
    2012-04-24 04:19 - 2009-11-08 01:26 - 00000000 ____D C:\Users\All Users\Yahoo!
    2012-04-24 04:19 - 2009-11-08 01:26 - 00000000 ____D C:\Program Files\Yahoo!
    2012-04-24 04:18 - 2012-03-24 10:28 - 00000000 ____D C:\Program Files\NSS
    2012-04-24 04:18 - 2012-02-27 10:10 - 00000000 ____D C:\Program Files\EAABot
    2012-04-24 04:17 - 2012-03-26 05:13 - 00000000 ____D C:\Program Files\Trademanager
    2012-04-23 03:26 - 2012-06-06 22:18 - 00096056 ____A (Tonec Inc.) C:\Windows\System32\Drivers\idmwfp.sys
    2012-04-22 11:03 - 2012-04-22 10:23 - 00000000 ____D C:\Users\Bisho\AppData\Local\{E62C3CB2-8A6E-47B8-8924-220E6DD3B1E8}
    2012-04-22 03:32 - 2012-04-22 03:32 - 00003770 ____A C:\Windows\System32\ipconfig_results.txt
    2012-04-21 23:54 - 2012-04-21 23:54 - 00000000 ____D C:\Users\All Users\Mozilla
    2012-04-21 14:51 - 2012-01-31 07:50 - 00000000 ____D C:\Program Files\Fiddler2
    2012-04-21 05:47 - 2012-04-21 05:47 - 00000000 ____D C:\Users\Bisho\AppData\Local\visi_coupon
    2012-04-21 03:45 - 2012-04-21 03:45 - 00000000 ____D C:\Users\Bisho\AppData\Local\{7F55E8A3-E09F-4B48-BF31-177124A1BBCE}
    2012-04-21 03:45 - 2012-04-21 03:44 - 00000000 ____D C:\Users\Bisho\AppData\Local\{7D6B848B-3C58-415E-A2F9-9BC36FBBE2F0}
    2012-04-20 15:53 - 2012-04-09 09:57 - 00000000 ____D C:\Android
    2012-04-20 10:27 - 2012-04-20 10:27 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Mael
    2012-04-20 10:21 - 2012-04-20 10:21 - 00000000 ____D C:\Program Files\HxD
    2012-04-19 20:54 - 2012-04-19 20:35 - 00189248 ____A C:\Windows\System32\PnkBstrB.exe
    2012-04-19 20:54 - 2012-04-19 20:35 - 00138056 ____A C:\Windows\System32\Drivers\PnkBstrK.sys
    2012-04-19 20:54 - 2009-11-14 07:25 - 00138056 ____A C:\Users\Bisho\AppData\Roaming\PnkBstrK.sys
    2012-04-19 20:54 - 2009-11-14 07:25 - 00075136 ____A C:\Windows\System32\PnkBstrA.exe
    2012-04-19 20:33 - 2012-04-19 20:54 - 02484592 ____A C:\Windows\System32\pbsvc_p4f.exe
    2012-04-19 19:29 - 2011-07-19 01:42 - 00000000 ____D C:\Users\Bisho\AppData\Local\Samsung
    2012-04-19 19:25 - 2011-07-18 15:21 - 00000000 ____D C:\Users\All Users\Samsung
    2012-04-19 19:23 - 2011-07-18 15:21 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Samsung
    2012-04-19 19:21 - 2010-04-06 06:44 - 00000000 ____D C:\Users\Bisho\AppData\Local\Downloaded Installations
    2012-04-17 16:29 - 2009-11-07 09:45 - 00000000 ___RD C:\Program Files\Skype
    2012-04-17 16:29 - 2009-11-07 09:45 - 00000000 ____D C:\Users\All Users\Skype
    2012-04-17 08:49 - 2012-04-17 08:49 - 00000000 ____D C:\Users\Bisho\AppData\Local\{C2EB642D-6EB0-4EB1-99E4-B6BA58A1F3E3}
    2012-04-17 08:49 - 2012-04-17 08:48 - 00000000 ____D C:\Users\Bisho\AppData\Local\{FF69C875-D38B-4196-9FCB-34E55E12C173}
    2012-04-16 14:36 - 2009-11-17 22:58 - 00000129 ____A C:\Users\Bisho\jagex_runescape_preferences2.dat
    2012-04-16 14:18 - 2012-04-16 14:18 - 00000040 ____A C:\Users\Bisho\jagex_cl_runescape_LIVE.dat
    2012-04-16 14:18 - 2009-11-17 22:53 - 00000042 ____A C:\Users\Bisho\jagex_runescape_preferences.dat
    2012-04-15 17:40 - 2012-04-15 17:40 - 00000211 ____A C:\Users\Bisho\.swfinfo
    2012-04-15 14:53 - 2012-04-15 14:53 - 00000000 ____D C:\Program Files\EA Games
    2012-04-15 14:27 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Help
    2012-04-14 14:47 - 2012-04-14 14:37 - 00001695 ____A C:\Users\All Users\SystemInformation.txt
    2012-04-14 14:32 - 2010-04-04 16:53 - 00000000 ____D C:\Program Files\Nokia
    2012-04-14 14:30 - 2011-03-03 00:06 - 00000000 ____D C:\Program Files\Common Files\Nokia
    2012-04-14 10:25 - 2012-04-14 10:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\NokiaAccount
    2012-04-14 10:25 - 2012-04-14 10:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\Nokia
    2012-04-14 10:25 - 2012-04-14 10:24 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\HTC
    2012-04-14 10:25 - 2012-03-27 03:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Nokia
    2012-04-14 10:00 - 2009-12-05 04:39 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\PC Suite
    2012-04-11 10:38 - 2012-04-11 10:38 - 00000000 ____D C:\Users\Bisho\AppData\Local\{2023B410-C7E2-461C-A31E-1F3DA77CCDD7}
    2012-04-11 10:38 - 2012-04-11 10:38 - 00000000 ____D C:\Users\Bisho\AppData\Local\{001949DC-EE82-458D-B99B-A5686D5F8017}
    2012-04-10 22:38 - 2012-04-10 22:38 - 00000000 ____D C:\Users\Bisho\AppData\Local\{E0A68289-5991-47A1-83D4-8E981F8C061E}
    2012-04-10 22:38 - 2012-04-10 22:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{2C4D4D8B-627E-42CC-9456-A602D8F64ABD}
    2012-04-09 15:29 - 2012-04-09 06:11 - 00000000 ____D C:\Program Files\Unlockroot
    2012-04-09 12:46 - 2012-04-09 12:46 - 00000000 ____D C:\Users\Bisho\AppData\Local\{E87C0939-1581-43A3-B7B9-452EAC5F81C7}
    2012-04-09 12:46 - 2012-04-09 12:45 - 00000000 ____D C:\Users\Bisho\AppData\Local\{01CF0483-77D7-4803-BBD4-469D358800C9}
    2012-04-09 07:21 - 2012-04-09 07:21 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
    2012-04-09 07:19 - 2012-04-09 07:18 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\HTC
    2012-04-09 07:18 - 2012-04-09 07:05 - 00000000 ____D C:\Program Files\HTC
    2012-04-09 06:20 - 2012-04-09 06:20 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
    2012-04-08 04:28 - 2010-12-07 23:12 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
    2012-04-08 04:28 - 2009-11-11 15:31 - 00000000 ____D C:\Program Files\MSXML 4.0
    2012-04-07 18:41 - 2012-04-07 18:41 - 00001908 ____A C:\Windows\diagwrn.xml
    2012-04-07 18:41 - 2012-04-07 18:41 - 00001908 ____A C:\Windows\diagerr.xml
    2012-04-07 12:37 - 2012-04-07 12:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{E62E57E7-15CF-4B48-B0C3-23EF822843C9}
    2012-04-07 12:37 - 2012-04-07 12:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{4FAFF0E1-AE21-4965-8DE6-D289DF0CE22E}
    2012-04-06 10:15 - 2012-04-06 10:15 - 00033512 ____A (AnchorFree Inc) C:\Windows\System32\Drivers\taphss.sys
    2012-04-04 06:52 - 2012-04-04 06:52 - 00171064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\MpFilter.sys
    2012-04-04 06:52 - 2012-04-04 06:52 - 00074112 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\NisDrvWFP.sys
    2012-04-04 05:57 - 2012-04-04 05:57 - 00000000 ____D C:\Users\Bisho\AppData\Local\{83BD00DE-C475-42B6-83EB-59D4CD8094E9}
    2012-04-04 05:57 - 2012-04-04 05:57 - 00000000 ____D C:\Users\Bisho\AppData\Local\{12F03746-6B84-4FD5-AF67-3EE0FCFD74B6}
    2012-04-04 04:54 - 2009-11-07 09:15 - 00000000 ____D C:\Program Files\Windows Live
    2012-04-04 04:36 - 2012-04-04 04:36 - 00000000 ____D C:\Users\Bisho\AppData\Local\{F478B097-5DCF-4CDB-9FDD-E1D3B6A4EC54}
    2012-04-03 06:44 - 2012-04-03 06:43 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Winamp
    2012-04-03 06:32 - 2012-04-03 06:32 - 00000000 ____D C:\Users\Bisho\AppData\Local\{5CE3BD50-9967-4AEC-9D7D-1DC9CF4019E3}
    2012-04-02 14:50 - 2012-04-02 14:48 - 00000000 ____D C:\Users\Bisho\AppData\Local\{E8D198EA-E128-4DCF-86DD-30F8742B6C71}
    2012-04-02 02:50 - 2012-04-02 02:50 - 00000000 ____D C:\Users\Bisho\AppData\Local\{19FEEFA3-502A-4BFD-8663-1F293BB761E8}
    2012-04-02 02:50 - 2012-04-02 02:50 - 00000000 ____D C:\Users\Bisho\AppData\Local\{09E4E821-05CD-4DC2-A9AD-2DD88F7A8C84}
    2012-04-01 16:12 - 2012-04-01 16:12 - 00000000 ____D C:\Users\Bisho\AppData\Local\{9DDD7DB5-7231-483B-A733-5195138ADE67}
    2012-04-01 16:12 - 2012-04-01 16:12 - 00000000 ____D C:\Users\Bisho\AppData\Local\{3F0588DB-2DF5-42DB-8EA0-591E57AFA3CC}
    2012-03-30 13:47 - 2012-03-30 13:47 - 00000000 __SHD C:\Users\Bisho\Phone Browser
    2012-03-30 12:59 - 2012-03-30 12:59 - 00000000 ____D C:\Users\Bisho\AppData\Local\{6EB851B8-F6F8-4496-947B-1A21CE212251}
    2012-03-30 06:20 - 2010-04-21 04:00 - 00000000 ____D C:\Users\Bisho\AppData\Local\NokiaAccount
    2012-03-30 05:07 - 2010-04-08 01:57 - 00000000 ____D C:\Users\All Users\Nokia
    2012-03-30 04:32 - 2012-03-30 04:32 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf

    ZeroAccess:
    C:\Windows\Installer\{798cd11c-152b-b665-09cf-90678ce7b577}
    C:\Windows\Installer\{798cd11c-152b-b665-09cf-90678ce7b577}\@
    C:\Windows\Installer\{798cd11c-152b-b665-09cf-90678ce7b577}\L
    C:\Windows\Installer\{798cd11c-152b-b665-09cf-90678ce7b577}\U
    C:\Windows\Installer\{798cd11c-152b-b665-09cf-90678ce7b577}\L\00000004.@
    C:\Windows\Installer\{798cd11c-152b-b665-09cf-90678ce7b577}\L\00000008.@
    C:\Windows\Installer\{798cd11c-152b-b665-09cf-90678ce7b577}\U\00000004.@
    C:\Windows\Installer\{798cd11c-152b-b665-09cf-90678ce7b577}\U\00000008.@
    C:\Windows\Installer\{798cd11c-152b-b665-09cf-90678ce7b577}\U\000000cb.@
    C:\Windows\Installer\{798cd11c-152b-b665-09cf-90678ce7b577}\U\80000032.@

    ZeroAccess:
    C:\Users\Bisho\AppData\Local\{798cd11c-152b-b665-09cf-90678ce7b577}
    C:\Users\Bisho\AppData\Local\{798cd11c-152b-b665-09cf-90678ce7b577}\@
    C:\Users\Bisho\AppData\Local\{798cd11c-152b-b665-09cf-90678ce7b577}\L
    C:\Users\Bisho\AppData\Local\{798cd11c-152b-b665-09cf-90678ce7b577}\U

    ========================= Known DLLs (Whitelisted) ============


    ========================= Bamital & volsnap Check ============

    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK

    ========================= Memory info ======================

    Percentage of memory in use: 13%
    Total physical RAM: 4085.95 MB
    Available physical RAM: 3530.65 MB
    Total Pagefile: 4084.23 MB
    Available Pagefile: 3530.39 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1960.7 MB

    ======================= Partitions =========================

    1 Drive c: () (Fixed) (Total:97.8 GB) (Free:24.19 GB) NTFS
    2 Drive e: () (Fixed) (Total:200.19 GB) (Free:8.92 GB) NTFS
    4 Drive g: (FLASH DRIVE) (Removable) (Total:3.73 GB) (Free:2.29 GB) FAT32
    5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
    6 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 298 GB 0 B
    Disk 1 Online 3830 MB 0 B

    Partitions of Disk 0:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 100 MB 1024 KB
    Partition 2 Primary 97 GB 101 MB
    Partition 3 Primary 200 GB 97 GB

    ======================================================================================================

    Disk: 0
    Partition 1
    Type : 07
    Hidden: No
    Active: Yes

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 1 Y System Rese NTFS Partition 100 MB Healthy

    ======================================================================================================

    Disk: 0
    Partition 2
    Type : 07
    Hidden: No
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 C NTFS Partition 97 GB Healthy

    ======================================================================================================

    Disk: 0
    Partition 3
    Type : 07
    Hidden: No
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 E NTFS Partition 200 GB Healthy

    ======================================================================================================

    Partitions of Disk 1:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 3829 MB 32 KB

    ======================================================================================================

    Disk: 1
    Partition 1
    Type : 0B
    Hidden: No
    Active: Yes

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 4 G FLASH DRIVE FAT32 Removable 3829 MB Healthy

    ======================================================================================================

    ==========================================================

    Last Boot: 2012-06-21 02:17

    ======================= End Of Log ==========================
     
  7. gamesms

    gamesms TS Rookie Topic Starter Posts: 45

    duplicate
     
  8. gamesms

    gamesms TS Rookie Topic Starter Posts: 45

    duplicate
     
  9. Broni

    Broni Malware Annihilator Posts: 47,022   +255

    Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    On Vista or Windows 7: Now please enter System Recovery Options.
    On Windows XP: Now please boot into the UBCD.
    Run FRST64 and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

    Next....

    Restart normally.

    Please download ComboFix from Here, Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    • Never rename Combofix unless instructed.
    • Close any open browsers.
    • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    • Double click on combofix.exe & follow the prompts.

    • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
    • When finished, it will produce a report for you.
    • Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try one of the following:

    1. Run Combofix from Safe Mode.

    2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.
    Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
    There are 4 different versions. If one of them won't run then download and try to run the other one.
    Vista and Win7 users need to right click Rkill and choose Run as Administrator
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    * Rkill.com
    * Rkill.scr
    * Rkill.exe
    • Double-click on the Rkill icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.
    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    If normal mode still doesn't work, run BOTH tools from safe mode.

    In case #2, please post BOTH logs, rKill and Combofix.

    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
     

    Attached Files:

  10. gamesms

    gamesms TS Rookie Topic Starter Posts: 45

    Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 20-06-2012 01
    Ran by SYSTEM at 2012-06-27 03:08:00 Run:1
    Running from G:\

    ==============================================

    HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\SubSystems\\Windows Value was restored successfully .
    C:\Windows\System32\consrv.dll not found.
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Microsoft Value deleted successfully.
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ Default Value restored successfully.
    HKEY_USERS\Administrator\Software\Microsoft\Windows\CurrentVersion\Run\\HKU\Administrator\...\Run: [] [x] Value not found.
    HKEY_USERS\Bisho\Software\Microsoft\Windows\CurrentVersion\Run\\HKU\Bisho\...\Run: [] [x] Value not found.
    HKEY_USERS\Trial\Software\Microsoft\Windows\CurrentVersion\Run\\HKU\Trial\...\Run: [] [x] Value not found.
    C:\Windows\Tasks\At2.job moved successfully.
    C:\Windows\Tasks\At1.job moved successfully.
    C:\Windows\Installer\{798cd11c-152b-b665-09cf-90678ce7b577} moved successfully.
    C:\Users\Bisho\AppData\Local\{798cd11c-152b-b665-09cf-90678ce7b577} moved successfully.

    ==== End of Fixlog ====
     
  11. gamesms

    gamesms TS Rookie Topic Starter Posts: 45

    Hey Broni.. when I double clicks on Combofix.exe I got installation request I press next and files are being copied.. then registry backup then suddenly a blue screen appear .. dumping memory then I restarted the machine manually in boot screen "starting windows" a registry shows files and numbers are being copied.. and also it's restarted again..

    And the windows boot up regularly after configuring windows update..
    What shall I do now? Will I attempt to run combofix.exe again?
     
     
  12. gamesms

    gamesms TS Rookie Topic Starter Posts: 45

  13. Broni

    Broni Malware Annihilator Posts: 47,022   +255

    Try to run Combofix from safe mode.
     
  14. gamesms

    gamesms TS Rookie Topic Starter Posts: 45

    Still not working... same bluescreen appears :(
     
  15. Broni

    Broni Malware Annihilator Posts: 47,022   +255

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.
     
  16. gamesms

    gamesms TS Rookie Topic Starter Posts: 45

    Thank you for all your help! will post logs asap.
     
  17. gamesms

    gamesms TS Rookie Topic Starter Posts: 45

    Malwarebytes Anti-Malware 1.61.0.1400
    www.malwarebytes.org

    Database version: v2012.06.27.01

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 9.0.8112.16421
    Bisho :: TOMASADISON [administrator]

    6/27/2012 4:54:25 AM
    mbam-log-2012-06-27 (04-54-25).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 329580
    Time elapsed: 16 minute(s), 53 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 5
    HKCR\CLSID\{5F906952-72AE-2CD6-3D6C-4AE1678418BE} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5F906952-72AE-2CD6-3D6C-4AE1678418BE} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5F906952-72AE-2CD6-3D6C-4AE1678418BE} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5F906952-72AE-2CD6-3D6C-4AE1678418BE} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Quarantined and deleted successfully.

    Registry Values Detected: 1
    HKCU\SOFTWARE\CLASSES\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Data: C:\Users\Bisho\AppData\Local\{798cd11c-152b-b665-09cf-90678ce7b577}\n. -> Quarantined and deleted successfully.

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 2
    C:\Windows\System32\comrepll.dll (Trojan.BHO) -> Quarantined and deleted successfully.
    C:\Windows\System32\cscuii.dll (Trojan.Dropper) -> Quarantined and deleted successfully.

    (end)
    GMER didn't not found anything to log on.. the log is empty.. and dds.EXE at first goes fine and showed me progress on scanning but suddenly the DOS window close without any log files.. I tried it several time with no luck
     
  18. Broni

    Broni Malware Annihilator Posts: 47,022   +255

    Download Bootkit Remover to your desktop.

    • Unzip downloaded file to your Desktop.
    • Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
    • It will show a Black screen with some data on it.
    • Right click on the screen and click Select All.
    • Press CTRL+C
    • Open a Notepad and press CTRL+V
    • Post the output back here.

    ===========================================

    Download aswMBR to your desktop.
    Double click the aswMBR.exe to run it.
    If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
    Click the "Scan" button to start scan.
    On completion of the scan click "Save log", save it to your desktop and post in your next reply.

    NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
     
  19. gamesms

    gamesms TS Rookie Topic Starter Posts: 45

    Bootkit Remover
    (c) 2009 Esage Lab
    www.esagelab.com

    Program version: 1.2.0.1
    OS Version: Microsoft Windows 7 Ultimate Edition Service Pack 1 (build 7601), 32
    -bit

    System volume is \\.\C:
    \\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`06500000
    Boot sector MD5 is: bb4f1627d8b9beda49ac0d010229f3ff

    Size Device Name MBR Status
    --------------------------------------------
    298 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)


    Done;
    Press any key to quit...

    After downloading a 56MB of defs and pressed Scan it return me "scan error" here a picture show u what happened:
    [​IMG]
     
  20. Broni

    Broni Malware Annihilator Posts: 47,022   +255

    Download TDSSKiller and save it to your desktop.
    • Extract (unzip) its contents to your desktop.
    • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
     
  21. gamesms

    gamesms TS Rookie Topic Starter Posts: 45

    13:34:45.0750 2284TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
    13:34:46.0046 2284============================================================
    13:34:46.0046 2284Current date / time: 2012/06/27 13:34:46.0046
    13:34:46.0046 2284SystemInfo:
    13:34:46.0046 2284
    13:34:46.0046 2284OS Version: 6.1.7601 ServicePack: 1.0
    13:34:46.0046 2284Product type: Workstation
    13:34:46.0046 2284ComputerName: TOMASADISON
    13:34:46.0046 2284UserName: Bisho
    13:34:46.0046 2284Windows directory: C:\Windows
    13:34:46.0046 2284System windows directory: C:\Windows
    13:34:46.0046 2284Processor architecture: Intel x86
    13:34:46.0046 2284Number of processors: 8
    13:34:46.0046 2284Page size: 0x1000
    13:34:46.0046 2284Boot type: Normal boot
    13:34:46.0046 2284============================================================
    13:34:47.0824 2284Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    13:34:47.0827 2284============================================================
    13:34:47.0827 2284\Device\Harddisk0\DR0:
    13:34:47.0827 2284MBR partitions:
    13:34:47.0827 2284\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
    13:34:47.0827 2284\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC398000
    13:34:47.0827 2284\Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC3CA800, BlocksNum 0x19063800
    13:34:47.0827 2284============================================================
    13:34:47.0841 2284C: <-> \Device\Harddisk0\DR0\Partition1
    13:34:48.0106 2284D: <-> \Device\Harddisk0\DR0\Partition2
    13:34:48.0106 2284============================================================
    13:34:48.0106 2284Initialize success
    13:34:48.0106 2284============================================================
    13:34:51.0357 2664============================================================
    13:34:51.0357 2664Scan started
    13:34:51.0357 2664Mode: Manual;
    13:34:51.0357 2664============================================================
    13:34:54.0107 26641394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
    13:34:54.0107 26641394ohci - ok
    13:34:54.0153 266461883 (beb5e6a8c17c3c7485563281e0f9e77e) C:\Windows\system32\DRIVERS\61883.sys
    13:34:54.0169 266461883 - ok
    13:34:54.0216 2664ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
    13:34:54.0231 2664ACPI - ok
    13:34:54.0263 2664AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
    13:34:54.0263 2664AcpiPmi - ok
    13:34:54.0325 2664adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
    13:34:54.0325 2664adp94xx - ok
    13:34:54.0341 2664adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
    13:34:54.0341 2664adpahci - ok
    13:34:54.0356 2664adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
    13:34:54.0356 2664adpu320 - ok
    13:34:54.0372 2664AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
    13:34:54.0372 2664AeLookupSvc - ok
    13:34:54.0434 2664AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
    13:34:54.0450 2664AFD - ok
    13:34:54.0902 2664agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
    13:34:54.0902 2664agp440 - ok
    13:34:54.0933 2664aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
    13:34:54.0933 2664aic78xx - ok
    13:34:58.0290 2664Akamai (c775d704feb2b600a5bf7b0b088546af) c:\program files\common files\akamai/netsession_win_80c2ffa.dll
    13:34:58.0290 2664Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af
    13:34:58.0292 2664Akamai ( HiddenFile.Multi.Generic ) - warning
    13:34:58.0293 2664Akamai - detected HiddenFile.Multi.Generic (1)
    13:34:58.0885 2664ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
    13:34:58.0887 2664ALG - ok
    13:34:58.0969 2664aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
    13:34:58.0970 2664aliide - ok
    13:34:58.0987 2664amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
    13:34:58.0989 2664amdagp - ok
    13:34:59.0005 2664amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
    13:34:59.0006 2664amdide - ok
    13:34:59.0099 2664AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
    13:34:59.0103 2664AmdK8 - ok
    13:34:59.0143 2664AmdLLD - ok
    13:34:59.0170 2664AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
    13:34:59.0172 2664AmdPPM - ok
    13:34:59.0214 2664amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
    13:34:59.0215 2664amdsata - ok
    13:34:59.0232 2664amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
    13:34:59.0235 2664amdsbs - ok
    13:34:59.0272 2664amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
    13:34:59.0273 2664amdxata - ok
    13:34:59.0334 2664androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\Windows\system32\Drivers\ssadadb.sys
    13:34:59.0381 2664androidusb - ok
    13:34:59.0426 2664AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
    13:34:59.0428 2664AppID - ok
    13:34:59.0470 2664AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
    13:34:59.0472 2664AppIDSvc - ok
    13:34:59.0519 2664Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
    13:34:59.0520 2664Appinfo - ok
    13:34:59.0704 2664Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    13:34:59.0706 2664Apple Mobile Device - ok
    13:34:59.0761 2664AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
    13:34:59.0764 2664AppMgmt - ok
    13:34:59.0814 2664arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
    13:34:59.0816 2664arc - ok
    13:34:59.0822 2664arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
    13:34:59.0823 2664arcsas - ok
    13:35:00.0323 2664aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
    13:35:00.0395 2664aspnet_state - ok
    13:35:00.0439 2664AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
    13:35:00.0440 2664AsyncMac - ok
    13:35:00.0486 2664atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
    13:35:00.0486 2664atapi - ok
    13:35:00.0557 2664AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
    13:35:00.0563 2664AudioEndpointBuilder - ok
    13:35:00.0569 2664Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
    13:35:00.0572 2664Audiosrv - ok
    13:35:00.0608 2664Avc (c44bdd77e06053cf5afe046f3a47c16b) C:\Windows\system32\DRIVERS\avc.sys
    13:35:00.0609 2664Avc - ok
    13:35:00.0667 2664AVerEth (ddf9b826dd19333069869c0847f4e0af) C:\Windows\system32\DRIVERS\AVerEth.sys
    13:35:00.0668 2664AVerEth - ok
    13:35:00.0744 2664AVerFx2hbtv (bdaef6bfc9aadd4e34e351f3b75a3e14) C:\Windows\system32\drivers\AVerFx2hbtv.sys
    13:35:00.0749 2664AVerFx2hbtv - ok
    13:35:01.0047 2664AVerRemote (a33c07f7527fc4cbc664c3137eb7d744) C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
    13:35:01.0049 2664AVerRemote - ok
    13:35:01.0141 2664AVerScheduleService (b873add766cc4a3cc58eff159861e649) C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
    13:35:01.0144 2664AVerScheduleService - ok
    13:35:01.0320 2664AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
    13:35:01.0322 2664AxInstSV - ok
    13:35:01.0394 2664b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
    13:35:01.0399 2664b06bdrv - ok
    13:35:01.0445 2664b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
    13:35:01.0448 2664b57nd60x - ok
    13:35:01.0496 2664BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
    13:35:01.0499 2664BDESVC - ok
    13:35:01.0531 2664Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
    13:35:01.0532 2664Beep - ok
    13:35:01.0576 2664BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
    13:35:01.0582 2664BFE - ok
    13:35:01.0630 2664BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
    13:35:01.0639 2664BITS - ok
    13:35:01.0661 2664blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
    13:35:01.0662 2664blbdrive - ok
    13:35:01.0964 2664Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
    13:35:01.0970 2664Bonjour Service - ok
    13:35:02.0014 2664bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
    13:35:02.0016 2664bowser - ok
    13:35:02.0047 2664BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    13:35:02.0048 2664BrFiltLo - ok
    13:35:02.0062 2664BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    13:35:02.0064 2664BrFiltUp - ok
    13:35:02.0095 2664Bridge (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
    13:35:02.0097 2664Bridge - ok
    13:35:02.0114 2664BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
    13:35:02.0115 2664BridgeMP - ok
    13:35:02.0265 2664Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
    13:35:02.0268 2664Browser - ok
    13:35:02.0295 2664Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
    13:35:02.0299 2664Brserid - ok
    13:35:02.0308 2664BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
    13:35:02.0310 2664BrSerWdm - ok
    13:35:02.0319 2664BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
    13:35:02.0320 2664BrUsbMdm - ok
    13:35:02.0324 2664BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
    13:35:02.0325 2664BrUsbSer - ok
    13:35:02.0375 2664BthAvrcp (db99076533ffb38cbec8ac88e4535850) C:\Windows\system32\DRIVERS\BthAvrcp.sys
    13:35:02.0376 2664BthAvrcp - ok
    13:35:02.0455 2664BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
    13:35:02.0457 2664BthEnum - ok
    13:35:02.0473 2664BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
    13:35:02.0475 2664BTHMODEM - ok
    13:35:02.0531 2664BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
    13:35:02.0533 2664BthPan - ok
    13:35:02.0864 2664BTHPORT (195c41cc67e9e1cedd960ccb74925920) C:\Windows\System32\Drivers\BTHport.sys
    13:35:02.0871 2664BTHPORT - ok
    13:35:02.0911 2664bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
    13:35:02.0913 2664bthserv - ok
    13:35:02.0959 2664BTHUSB (43b3206dd654e783aa7e4ead340a43b8) C:\Windows\System32\Drivers\BTHUSB.sys
    13:35:02.0960 2664BTHUSB - ok
    13:35:03.0084 2664Capture Device Service (1778eba872274c1226d869cd9486847e) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
    13:35:03.0087 2664Capture Device Service - ok
    13:35:03.0142 2664cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
    13:35:03.0143 2664cdfs - ok
    13:35:03.0211 2664cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
    13:35:03.0213 2664cdrom - ok
    13:35:03.0259 2664CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
    13:35:03.0260 2664CertPropSvc - ok
    13:35:03.0302 2664circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
    13:35:03.0303 2664circlass - ok
    13:35:03.0353 2664CISVC (3e2afafa158c9ed670c106842bdcc81e) C:\Windows\system32\CISVC.EXE
    13:35:03.0354 2664CISVC - ok
    13:35:03.0694 2664CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
    13:35:03.0700 2664CLFS - ok
    13:35:03.0771 2664clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    13:35:03.0773 2664clr_optimization_v2.0.50727_32 - ok
    13:35:03.0888 2664clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    13:35:03.0962 2664clr_optimization_v4.0.30319_32 - ok
    13:35:03.0978 2664CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
    13:35:03.0979 2664CmBatt - ok
    13:35:04.0006 2664cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
    13:35:04.0007 2664cmdide - ok
    13:35:04.0026 2664CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
    13:35:04.0031 2664CNG - ok
    13:35:04.0044 2664Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
    13:35:04.0047 2664Compbatt - ok
    13:35:04.0088 2664CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
    13:35:04.0089 2664CompositeBus - ok
    13:35:04.0108 2664COMSysApp - ok
    13:35:04.0287 2664cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
    13:35:04.0320 2664cpudrv - ok
    13:35:04.0422 2664cpuz134 (75fa19142531cbf490770c2988a7db64) C:\Program Files\CPUID\PC Wizard 2010\pcwiz_x32.sys
    13:35:04.0423 2664cpuz134 - ok
    13:35:04.0448 2664crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
    13:35:04.0449 2664crcdisk - ok
    13:35:04.0467 2664Crypkey License - ok
    13:35:04.0536 2664CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
    13:35:04.0539 2664CryptSvc - ok
    13:35:04.0575 2664CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
    13:35:04.0579 2664CSC - ok
    13:35:04.0625 2664CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
    13:35:04.0632 2664CscService - ok
    13:35:04.0675 2664DCamUSBEMPIA (f350fde3a204d0d4e0b6b5114f9e9ea4) C:\Windows\system32\DRIVERS\emDevice.sys
    13:35:04.0715 2664DCamUSBEMPIA - ok
    13:35:05.0012 2664DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
    13:35:05.0038 2664DcomLaunch - ok
    13:35:05.0101 2664defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
    13:35:05.0107 2664defragsvc - ok
    13:35:05.0167 2664DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
    13:35:05.0169 2664DfsC - ok
    13:35:05.0191 2664dgderdrv - ok
    13:35:05.0227 2664dg_ssudbus (f9f31a9f2a8c0dd0ceb6e380bf0985d4) C:\Windows\system32\DRIVERS\ssudbus.sys
    13:35:05.0229 2664dg_ssudbus - ok
    13:35:05.0286 2664Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
    13:35:05.0290 2664Dhcp - ok
    13:35:05.0352 2664discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
    13:35:05.0353 2664discache - ok
    13:35:05.0389 2664Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
    13:35:05.0390 2664Disk - ok
    13:35:05.0446 2664DM9USB (cba7ec7d2cd6082d934ee40038c45d4d) C:\Windows\system32\DRIVERS\dm9usb.sys
    13:35:05.0475 2664DM9USB - ok
    13:35:05.0664 2664Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
    13:35:05.0667 2664Dnscache - ok
    13:35:05.0723 2664dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
    13:35:05.0726 2664dot3svc - ok
    13:35:05.0818 2664DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
    13:35:05.0820 2664DPS - ok
    13:35:05.0865 2664drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
    13:35:05.0868 2664drmkaud - ok
    13:35:05.0910 2664DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
    13:35:05.0915 2664DXGKrnl - ok
    13:35:06.0349 2664e1yexpress (8eef52ad831471e323ee7364a8656d35) C:\Windows\system32\DRIVERS\e1y6032.sys
    13:35:06.0353 2664e1yexpress - ok
    13:35:06.0396 2664EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
    13:35:06.0399 2664EapHost - ok
    13:35:06.0607 2664ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
    13:35:06.0670 2664ebdrv - ok
    13:35:06.0795 2664EFS (f42309c4191c506b71db5d1126d26318) C:\Windows\System32\lsass.exe
    13:35:06.0795 2664EFS - ok
    13:35:06.0904 2664elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
    13:35:06.0904 2664elxstor - ok
    13:35:06.0966 2664ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
    13:35:06.0966 2664ErrDev - ok
    13:35:07.0060 2664EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
    13:35:07.0060 2664EventSystem - ok
    13:35:07.0091 2664exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
    13:35:07.0091 2664exfat - ok
    13:35:07.0091 2664fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
    13:35:07.0107 2664fastfat - ok
    13:35:07.0153 2664Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
    13:35:07.0169 2664Fax - ok
    13:35:07.0185 2664fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
    13:35:07.0185 2664fdc - ok
    13:35:07.0216 2664fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
    13:35:07.0216 2664fdPHost - ok
    13:35:07.0231 2664FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
    13:35:07.0231 2664FDResPub - ok
    13:35:07.0278 2664FETNDIS (f5cb6cb6d12f495516be27cffccde4bf) C:\Windows\system32\DRIVERS\fetnd6.sys
    13:35:07.0278 2664FETNDIS - ok
    13:35:07.0294 2664FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
    13:35:07.0294 2664FileInfo - ok
    13:35:07.0309 2664Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
    13:35:07.0309 2664Filetrace - ok
    13:35:07.0341 2664FiltUSBEMPIA (27e53c9df39d674a2f3f0bb55d3bc7cf) C:\Windows\system32\DRIVERS\emFilter.sys
    13:35:07.0356 2664FiltUSBEMPIA - ok
    13:35:07.0403 2664flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
    13:35:07.0403 2664flpydisk - ok
    13:35:07.0469 2664FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
    13:35:07.0473 2664FltMgr - ok
    13:35:07.0531 2664FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
    13:35:07.0542 2664FontCache - ok
    13:35:07.0627 2664FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    13:35:07.0630 2664FontCache3.0.0.0 - ok
    13:35:07.0654 2664FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
    13:35:07.0655 2664FsDepends - ok
    13:35:07.0713 2664FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) C:\Windows\system32\FsUsbExDisk.SYS
    13:35:07.0715 2664FsUsbExDisk - ok
    13:35:07.0747 2664FsUsbExService (f96c429788350db4ba6771c3034dfd88) C:\Windows\system32\FsUsbExService.Exe
    13:35:07.0751 2664FsUsbExService - ok
    13:35:07.0790 2664Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
    13:35:07.0791 2664Fs_Rec - ok
    13:35:07.0841 2664fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
    13:35:07.0844 2664fvevol - ok
    13:35:07.0911 2664gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
    13:35:07.0913 2664gagp30kx - ok
    13:35:07.0962 2664GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    13:35:07.0963 2664GEARAspiWDM - ok
    13:35:08.0060 2664gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
    13:35:08.0071 2664gpsvc - ok
    13:35:08.0486 2664gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
    13:35:08.0501 2664gupdate - ok
    13:35:08.0548 2664gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
    13:35:08.0548 2664gupdatem - ok
    13:35:08.0595 2664gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    13:35:08.0595 2664gusvc - ok
    13:35:08.0611 2664hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
    13:35:08.0611 2664hcw85cir - ok
    13:35:08.0704 2664HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
    13:35:08.0704 2664HdAudAddService - ok
    13:35:08.0782 2664HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
    13:35:08.0782 2664HDAudBus - ok
    13:35:08.0782 2664HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
    13:35:08.0782 2664HidBatt - ok
    13:35:08.0813 2664HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
    13:35:08.0813 2664HidBth - ok
    13:35:08.0860 2664HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
    13:35:08.0860 2664HidIr - ok
    13:35:08.0876 2664hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
    13:35:08.0891 2664hidserv - ok
    13:35:08.0938 2664HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
    13:35:08.0938 2664HidUsb - ok
    13:35:09.0032 2664hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
    13:35:09.0032 2664hkmsvc - ok
    13:35:09.0063 2664HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
    13:35:09.0079 2664HomeGroupListener - ok
    13:35:09.0110 2664HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
    13:35:09.0110 2664HomeGroupProvider - ok
    13:35:09.0157 2664HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
    13:35:09.0157 2664HpSAMD - ok
    13:35:09.0250 2664HTCAND32 (cbd09ed9cf6822177ee85aea4d8816a2) C:\Windows\system32\Drivers\ANDROIDUSB.sys
    13:35:09.0250 2664HTCAND32 - ok
    13:35:09.0607 2664HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
    13:35:09.0642 2664HTTP - ok
    13:35:09.0678 2664hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
    13:35:09.0679 2664hwpolicy - ok
    13:35:09.0705 2664i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
    13:35:09.0707 2664i8042prt - ok
    13:35:09.0768 2664iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
    13:35:09.0772 2664iaStorV - ok
    13:35:09.0801 2664iBurstu - ok
    13:35:09.0905 2664IDMWFP (8dc6f8a868b06f7b21c5683053509c8f) C:\Windows\system32\DRIVERS\idmwfp.sys
    13:35:09.0906 2664IDMWFP - ok
    13:35:11.0097 2664idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    13:35:11.0128 2664idsvc - ok
    13:35:11.0409 2664iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
    13:35:11.0425 2664iirsp - ok
    13:35:11.0492 2664IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
    13:35:11.0501 2664IKEEXT - ok
    13:35:15.0180 2664IntcAzAudAddService (c4a01e7f7aa61256a153a1d8b463f89f) C:\Windows\system32\drivers\RTKVHDA.sys
    13:35:15.0196 2664IntcAzAudAddService - ok
    13:35:17.0167 2664intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
    13:35:17.0167 2664intelide - ok
    13:35:17.0214 2664intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
    13:35:17.0214 2664intelppm - ok
    13:35:17.0401 2664IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
    13:35:17.0416 2664IPBusEnum - ok
    13:35:17.0455 2664IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    13:35:17.0457 2664IpFilterDriver - ok
    13:35:17.0479 2664IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
    13:35:17.0481 2664IPMIDRV - ok
    13:35:17.0500 2664IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
    13:35:17.0502 2664IPNAT - ok
    13:35:17.0929 2664iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Program Files\iPod\bin\iPodService.exe
    13:35:17.0947 2664iPod Service - ok
    13:35:17.0997 2664IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
    13:35:17.0998 2664IRENUM - ok
    13:35:18.0049 2664isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
    13:35:18.0051 2664isapnp - ok
    13:35:18.0083 2664iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
    13:35:18.0101 2664iScsiPrt - ok
    13:35:18.0139 2664kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
    13:35:18.0140 2664kbdclass - ok
    13:35:18.0177 2664kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
    13:35:18.0178 2664kbdhid - ok
    13:35:18.0222 2664KeyIso (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
    13:35:18.0224 2664KeyIso - ok
    13:35:18.0277 2664KMService (4635935fc972c582632bf45c26bfcb0e) C:\Windows\system32\srvany.exe
    13:35:18.0281 2664KMService - ok
    13:35:18.0499 2664KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
    13:35:18.0515 2664KSecDD - ok
    13:35:18.0951 2664KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
    13:35:18.0967 2664KSecPkg - ok
    13:35:18.0983 2664KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
    13:35:18.0998 2664KtmRm - ok
    13:35:19.0061 2664LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
    13:35:19.0061 2664LanmanServer - ok
    13:35:19.0092 2664LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
    13:35:19.0107 2664LanmanWorkstation - ok
    13:35:19.0435 2664LightScribeService (83d8be94e1cbcbe2ea8372db1a95a159) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    13:35:19.0495 2664LightScribeService - ok
    13:35:19.0545 2664lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
    13:35:19.0546 2664lltdio - ok
    13:35:19.0577 2664lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
    13:35:19.0582 2664lltdsvc - ok
    13:35:19.0600 2664lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
    13:35:19.0603 2664lmhosts - ok
    13:35:19.0645 2664LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
    13:35:19.0647 2664LSI_FC - ok
    13:35:19.0653 2664LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
    13:35:19.0655 2664LSI_SAS - ok
    13:35:19.0667 2664LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    13:35:19.0669 2664LSI_SAS2 - ok
    13:35:19.0678 2664LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    13:35:19.0680 2664LSI_SCSI - ok
    13:35:19.0773 2664luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
    13:35:19.0775 2664luafv - ok
    13:35:19.0831 2664MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\Windows\system32\DRIVERS\MarvinBus.sys
    13:35:19.0833 2664MarvinBus - ok
    13:35:20.0099 2664MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    13:35:20.0102 2664MDM - ok
    13:35:20.0154 2664megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
    13:35:20.0179 2664megasas - ok
    13:35:20.0330 2664MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
    13:35:20.0342 2664MegaSR - ok
    13:35:20.0403 2664MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
    13:35:20.0411 2664MMCSS - ok
    13:35:20.0438 2664Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
    13:35:20.0453 2664Modem - ok
    13:35:20.0500 2664monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
    13:35:20.0500 2664monitor - ok
    13:35:20.0578 2664mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
    13:35:20.0594 2664mouclass - ok
    13:35:20.0640 2664mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
    13:35:20.0640 2664mouhid - ok
    13:35:20.0734 2664mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
    13:35:20.0734 2664mountmgr - ok
    13:35:20.0921 2664MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    13:35:20.0921 2664MozillaMaintenance - ok
    13:35:20.0999 2664MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
    13:35:20.0999 2664MpFilter - ok
    13:35:21.0062 2664mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
    13:35:21.0062 2664mpio - ok
    13:35:21.0327 2664MpKsl6d125d3f (a69630d039c38018689190234f866d77) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{558A0B87-665A-4623-A50B-BD1E1A836BB0}\MpKsl6d125d3f.sys
    13:35:21.0327 2664MpKsl6d125d3f - ok
     
  22. gamesms

    gamesms TS Rookie Topic Starter Posts: 45

    13:35:21.0342 2664mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
    13:35:21.0342 2664mpsdrv - ok
    13:35:21.0374 2664MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
    13:35:21.0405 2664MRxDAV - ok
    13:35:21.0533 2664mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
    13:35:21.0535 2664mrxsmb - ok
    13:35:21.0572 2664mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    13:35:21.0575 2664mrxsmb10 - ok
    13:35:21.0615 2664mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    13:35:21.0617 2664mrxsmb20 - ok
    13:35:21.0680 2664msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
    13:35:21.0681 2664msahci - ok
    13:35:21.0707 2664msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
    13:35:21.0709 2664msdsm - ok
    13:35:21.0739 2664MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
    13:35:21.0742 2664MSDTC - ok
    13:35:21.0850 2664MSDV (114b67c324d64c8195fd3bf93b4df02a) C:\Windows\system32\DRIVERS\msdv.sys
    13:35:21.0859 2664MSDV - ok
    13:35:21.0902 2664Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
    13:35:21.0910 2664Msfs - ok
    13:35:21.0932 2664mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
    13:35:21.0951 2664mshidkmdf - ok
    13:35:22.0002 2664msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
    13:35:22.0004 2664msisadrv - ok
    13:35:22.0136 2664MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
    13:35:22.0141 2664MSiSCSI - ok
    13:35:22.0144 2664msiserver - ok
    13:35:22.0219 2664MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
    13:35:22.0221 2664MSKSSRV - ok
    13:35:22.0487 2664MsMpSvc (e4b91e3e5ce22641ba63fc1d5e94ac90) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    13:35:22.0502 2664MsMpSvc - ok
    13:35:22.0565 2664MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
    13:35:22.0565 2664MSPCLOCK - ok
    13:35:22.0611 2664MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
    13:35:22.0611 2664MSPQM - ok
    13:35:22.0643 2664MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
    13:35:22.0658 2664MsRPC - ok
    13:35:22.0721 2664mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
    13:35:22.0721 2664mssmbios - ok
    13:35:22.0752 2664MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
    13:35:22.0752 2664MSTEE - ok
    13:35:22.0767 2664MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
    13:35:22.0767 2664MTConfig - ok
    13:35:22.0814 2664Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
    13:35:22.0814 2664Mup - ok
    13:35:22.0970 2664napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
    13:35:22.0986 2664napagent - ok
    13:35:23.0048 2664NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
    13:35:23.0048 2664NativeWifiP - ok
    13:35:23.0360 2664NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
    13:35:23.0391 2664NDIS - ok
    13:35:23.0502 2664NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
    13:35:23.0503 2664NdisCap - ok
    13:35:23.0574 2664NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
    13:35:23.0575 2664NdisTapi - ok
    13:35:23.0656 2664Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
    13:35:23.0657 2664Ndisuio - ok
    13:35:23.0717 2664NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
    13:35:23.0719 2664NdisWan - ok
    13:35:23.0749 2664NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
    13:35:23.0750 2664NDProxy - ok
    13:35:23.0813 2664NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
    13:35:23.0814 2664NetBIOS - ok
    13:35:23.0886 2664NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
    13:35:23.0889 2664NetBT - ok
    13:35:23.0922 2664Netlogon (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
    13:35:23.0924 2664Netlogon - ok
    13:35:23.0974 2664Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
    13:35:23.0979 2664Netman - ok
    13:35:24.0285 2664NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    13:35:24.0303 2664NetMsmqActivator - ok
    13:35:24.0321 2664NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    13:35:24.0323 2664NetPipeActivator - ok
    13:35:24.0489 2664netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
    13:35:24.0520 2664netprofm - ok
    13:35:25.0159 2664netr28u (9067a7689d108c4f15ed2fcf2c572b5c) C:\Windows\system32\DRIVERS\netr28u.sys
    13:35:25.0175 2664netr28u - ok
    13:35:25.0315 2664NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    13:35:25.0315 2664NetTcpActivator - ok
    13:35:25.0315 2664NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    13:35:25.0315 2664NetTcpPortSharing - ok
    13:35:25.0393 2664NetworkX (598d2f0176b169118f025f3ed6444d16) C:\Windows\system32\ckldrv.sys
    13:35:25.0393 2664NetworkX - ok
    13:35:25.0499 2664nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
    13:35:25.0500 2664nfrd960 - ok
    13:35:25.0628 2664NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    13:35:25.0635 2664NisDrv - ok
    13:35:25.0911 2664NisSrv (eb911d68beaaf28ad59adbd94595d0cc) C:\Program Files\Microsoft Security Client\NisSrv.exe
    13:35:25.0914 2664NisSrv - ok
    13:35:26.0186 2664NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
    13:35:26.0191 2664NlaSvc - ok
    13:35:26.0292 2664nmwcd (f6c40e0a565ee3ce5aeeb325e10054f2) C:\Windows\system32\drivers\ccdcmb.sys
    13:35:26.0303 2664nmwcd - ok
    13:35:26.0374 2664nmwcdc (2a394e9e1fa3565e4b2fea470ffe4d6b) C:\Windows\system32\drivers\ccdcmbo.sys
    13:35:26.0384 2664nmwcdc - ok
    13:35:26.0536 2664nmwcdnsu (99b224f8026cb534724aa3c408561e45) C:\Windows\system32\drivers\nmwcdnsu.sys
    13:35:26.0536 2664nmwcdnsu - ok
    13:35:26.0614 2664nmwcdnsuc (d23257682d349a5e2e4507ed33decc16) C:\Windows\system32\drivers\nmwcdnsuc.sys
    13:35:26.0614 2664nmwcdnsuc - ok
    13:35:26.0739 2664NPF (b9730495e0cf674680121e34bd95a73b) C:\Windows\system32\drivers\npf.sys
    13:35:26.0739 2664NPF - ok
    13:35:26.0770 2664Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
    13:35:26.0770 2664Npfs - ok
    13:35:26.0817 2664nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
    13:35:26.0833 2664nsi - ok
    13:35:26.0895 2664nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
    13:35:26.0895 2664nsiproxy - ok
    13:35:27.0507 2664Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
    13:35:27.0536 2664Ntfs - ok
    13:35:29.0332 2664NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
    13:35:29.0332 2664NuidFltr - ok
    13:35:29.0395 2664Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
    13:35:29.0395 2664Null - ok
    13:35:32.0090 2664nvlddmkm (847b1755f7757f825305a1ffe6dac3e9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
    13:35:32.0132 2664nvlddmkm - ok
    13:35:32.0741 2664nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
    13:35:32.0741 2664nvraid - ok
    13:35:32.0772 2664nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
    13:35:32.0787 2664nvstor - ok
    13:35:32.0850 2664nvsvc (7c732aff202dcd06c3d262966d71604c) C:\Windows\system32\nvvsvc.exe
    13:35:32.0865 2664nvsvc - ok
    13:35:33.0486 2664nvUpdatusService (262d2fbf211a88dcb84249df0f6ef6e7) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    13:35:33.0519 2664nvUpdatusService - ok
    13:35:34.0508 2664nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
    13:35:34.0508 2664nv_agp - ok
    13:35:34.0524 2664ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
    13:35:34.0524 2664ohci1394 - ok
    13:35:34.0664 2664ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    13:35:34.0664 2664ose - ok
    13:35:37.0400 2664osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    13:35:37.0509 2664osppsvc - ok
    13:35:38.0825 2664p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
    13:35:38.0841 2664p2pimsvc - ok
    13:35:38.0888 2664p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
    13:35:38.0903 2664p2psvc - ok
    13:35:39.0059 2664Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
    13:35:39.0075 2664Parport - ok
    13:35:39.0122 2664partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
    13:35:39.0122 2664partmgr - ok
    13:35:39.0137 2664Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
    13:35:39.0153 2664Parvdm - ok
    13:35:39.0168 2664PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
    13:35:39.0168 2664PcaSvc - ok
    13:35:39.0231 2664pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
    13:35:39.0231 2664pccsmcfd - ok
    13:35:39.0262 2664pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
    13:35:39.0262 2664pci - ok
    13:35:39.0402 2664pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
    13:35:39.0402 2664pciide - ok
    13:35:39.0418 2664pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
    13:35:39.0434 2664pcmcia - ok
    13:35:39.0434 2664pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
    13:35:39.0434 2664pcw - ok
    13:35:39.0542 2664PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
    13:35:39.0550 2664PEAUTH - ok
    13:35:39.0741 2664PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
    13:35:39.0776 2664PeerDistSvc - ok
    13:35:40.0215 2664pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
    13:35:40.0257 2664pla - ok
    13:35:41.0093 2664PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
    13:35:41.0108 2664PlugPlay - ok
    13:35:41.0202 2664PnkBstrA (1713d9de407313138118d501b0e3c05b) C:\Windows\system32\PnkBstrA.exe
    13:35:41.0202 2664PnkBstrA - ok
    13:35:41.0879 2664PnkBstrB (27f1be4a53441c9f1f48b9adc145b0a5) C:\Windows\system32\PnkBstrB.exe
    13:35:41.0928 2664PnkBstrB - ok
    13:35:41.0950 2664PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
    13:35:41.0954 2664PNRPAutoReg - ok
    13:35:41.0970 2664PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
    13:35:41.0974 2664PNRPsvc - ok
    13:35:42.0026 2664PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
    13:35:42.0032 2664PolicyAgent - ok
    13:35:42.0058 2664Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
    13:35:42.0071 2664Power - ok
    13:35:42.0334 2664PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
    13:35:42.0357 2664PptpMiniport - ok
    13:35:42.0371 2664Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
    13:35:42.0372 2664Processor - ok
    13:35:42.0453 2664PRODIGY (65937a34c9a5741e3030a86905400d91) C:\Windows\system32\Drivers\PRODIGY.SYS
    13:35:42.0455 2664PRODIGY - ok
    13:35:42.0501 2664ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
    13:35:42.0501 2664ProfSvc - ok
    13:35:42.0548 2664ProtectedStorage (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
    13:35:42.0548 2664ProtectedStorage - ok
    13:35:42.0642 2664PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    13:35:42.0642 2664PSI_SVC_2 - ok
    13:35:42.0704 2664PSSDK42 (c8eb36910d3bd582891977e80925e21e) C:\Windows\system32\Drivers\pssdk42.sys
    13:35:42.0720 2664PSSDK42 - ok
    13:35:42.0767 2664PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
    13:35:42.0767 2664PxHelp20 - ok
    13:35:42.0954 2664ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
    13:35:42.0969 2664ql2300 - ok
    13:35:43.0437 2664ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
    13:35:43.0453 2664ql40xx - ok
    13:35:43.0508 2664QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
    13:35:43.0514 2664QWAVE - ok
    13:35:43.0520 2664QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
    13:35:43.0521 2664QWAVEdrv - ok
    13:35:43.0535 2664RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
    13:35:43.0536 2664RasAcd - ok
    13:35:43.0589 2664RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
    13:35:43.0590 2664RasAgileVpn - ok
    13:35:43.0603 2664RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
    13:35:43.0608 2664RasAuto - ok
    13:35:43.0617 2664Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
    13:35:43.0618 2664Rasl2tp - ok
    13:35:43.0684 2664RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
    13:35:43.0690 2664RasMan - ok
    13:35:43.0699 2664RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
    13:35:43.0700 2664RasPppoe - ok
    13:35:43.0712 2664RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
    13:35:43.0714 2664RasSstp - ok
    13:35:43.0750 2664rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
    13:35:43.0753 2664rdbss - ok
    13:35:43.0758 2664rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
    13:35:43.0759 2664rdpbus - ok
    13:35:43.0790 2664RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
    13:35:43.0791 2664RDPCDD - ok
    13:35:43.0813 2664RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
    13:35:43.0816 2664RDPDR - ok
    13:35:43.0848 2664RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
    13:35:43.0849 2664RDPENCDD - ok
    13:35:43.0854 2664RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
    13:35:43.0855 2664RDPREFMP - ok
    13:35:43.0935 2664RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
    13:35:43.0936 2664RdpVideoMiniport - ok
    13:35:43.0970 2664RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
    13:35:43.0985 2664RDPWD - ok
    13:35:44.0017 2664rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
    13:35:44.0020 2664rdyboost - ok
    13:35:44.0060 2664RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
    13:35:44.0063 2664RemoteAccess - ok
    13:35:44.0091 2664RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
    13:35:44.0095 2664RemoteRegistry - ok
    13:35:44.0144 2664RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
    13:35:44.0147 2664RFCOMM - ok
    13:35:44.0186 2664RimUsb (616eac1b0e48b236a5a9b8ae07fdb81c) C:\Windows\system32\Drivers\RimUsb.sys
    13:35:44.0188 2664RimUsb - ok
    13:35:44.0227 2664RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
    13:35:44.0229 2664RimVSerPort - ok
    13:35:44.0256 2664ROOTMODEM (564297827d213f52c7a3a2ff749568ca) C:\Windows\system32\Drivers\RootMdm.sys
    13:35:44.0258 2664ROOTMODEM - ok
    13:35:44.0909 2664rpcapd (a780d3eaa74582ea1deb6bd9c7a3d9c9) C:\Program Files\WinPcap\rpcapd.exe
    13:35:44.0940 2664rpcapd - ok
    13:35:44.0987 2664RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
    13:35:44.0987 2664RpcEptMapper - ok
    13:35:45.0002 2664RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
    13:35:45.0002 2664RpcLocator - ok
    13:35:45.0049 2664RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
    13:35:45.0049 2664RpcSs - ok
    13:35:45.0112 2664rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
    13:35:45.0127 2664rspndr - ok
    13:35:45.0174 2664RTL8187 (25c91ee1be0c0cfa79696a2d0b47aa43) C:\Windows\system32\DRIVERS\RTL8187.sys
    13:35:45.0174 2664RTL8187 - ok
    13:35:45.0221 2664RTL8187B (949f74cb383a1d5da67aea9ccd4a8b87) C:\Windows\system32\DRIVERS\RTL8187B.sys
    13:35:45.0252 2664RTL8187B - ok
    13:35:45.0283 2664s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
    13:35:45.0283 2664s3cap - ok
    13:35:45.0314 2664SamSs (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
    13:35:45.0314 2664SamSs - ok
    13:35:45.0346 2664sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
    13:35:45.0346 2664sbp2port - ok
    13:35:45.0408 2664ScanUSBEMPIA (6648793386a2be25ef69768d60ddc7d7) C:\Windows\system32\DRIVERS\emScan.sys
    13:35:45.0439 2664ScanUSBEMPIA - ok
    13:35:45.0470 2664SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
    13:35:45.0470 2664SCardSvr - ok
    13:35:45.0516 2664scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
    13:35:45.0517 2664scfilter - ok
    13:35:45.0576 2664Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
    13:35:45.0585 2664Schedule - ok
    13:35:45.0637 2664SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
    13:35:45.0638 2664SCPolicySvc - ok
    13:35:45.0669 2664SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
    13:35:45.0672 2664SDRSVC - ok
    13:35:45.0709 2664secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    13:35:45.0710 2664secdrv - ok
    13:35:45.0736 2664seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
    13:35:45.0738 2664seclogon - ok
    13:35:45.0772 2664SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
    13:35:45.0774 2664SENS - ok
    13:35:45.0797 2664SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
    13:35:45.0799 2664SensrSvc - ok
    13:35:45.0813 2664Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
    13:35:45.0814 2664Serenum - ok
    13:35:45.0827 2664Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
    13:35:45.0829 2664Serial - ok
    13:35:45.0879 2664sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
    13:35:45.0880 2664sermouse - ok
    13:35:47.0038 2664ServiceLayer (f31e9531af225ca25350d5e87e999b31) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    13:35:47.0054 2664ServiceLayer - ok
    13:35:47.0444 2664SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
    13:35:47.0459 2664SessionEnv - ok
    13:35:47.0498 2664sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
    13:35:47.0499 2664sffdisk - ok
    13:35:47.0509 2664sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
    13:35:47.0511 2664sffp_mmc - ok
    13:35:47.0521 2664sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
    13:35:47.0522 2664sffp_sd - ok
    13:35:47.0544 2664sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
    13:35:47.0545 2664sfloppy - ok
    13:35:47.0591 2664ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
    13:35:47.0597 2664ShellHWDetection - ok
    13:35:47.0642 2664sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
    13:35:47.0644 2664sisagp - ok
    13:35:47.0772 2664SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    13:35:47.0790 2664SiSRaid2 - ok
    13:35:47.0812 2664SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
    13:35:47.0814 2664SiSRaid4 - ok
    13:35:47.0856 2664Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
    13:35:47.0858 2664Smb - ok
    13:35:47.0910 2664smbusp (64dce11279fde28f0abf6f04aa6a073a) C:\Windows\system32\DRIVERS\intelsmb.sys
    13:35:47.0911 2664smbusp - ok
    13:35:47.0969 2664SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
    13:35:47.0972 2664SNMPTRAP - ok
    13:35:48.0635 2664Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files\Sony\Sony PC Companion\PCCService.exe
    13:35:48.0666 2664Sony PC Companion - ok
    13:35:48.0698 2664spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
    13:35:48.0698 2664spldr - ok
    13:35:48.0776 2664Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
    13:35:48.0776 2664Spooler - ok
    13:35:50.0363 2664sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
    13:35:50.0411 2664sppsvc - ok
    13:35:51.0993 2664sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
    13:35:52.0118 2664sppuinotify - ok
    13:35:53.0132 2664sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
    13:35:53.0132 2664Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
    13:35:53.0132 2664sptd ( LockedFile.Multi.Generic ) - warning
    13:35:53.0132 2664sptd - detected LockedFile.Multi.Generic (1)
    13:35:54.0879 2664srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
    13:35:54.0879 2664srv - ok
    13:35:54.0926 2664srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
    13:35:54.0926 2664srv2 - ok
    13:35:54.0973 2664srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
    13:35:54.0988 2664srvnet - ok
    13:35:55.0035 2664ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\Windows\system32\DRIVERS\ssadbus.sys
    13:35:55.0035 2664ssadbus - ok
    13:35:55.0051 2664ssadmdfl (bb2c84a15c765da89fd832b0e73f26ce) C:\Windows\system32\DRIVERS\ssadmdfl.sys
    13:35:55.0066 2664ssadmdfl - ok
    13:35:55.0097 2664ssadmdm (6d0d132ddc6f43eda00dced6d8b1ca31) C:\Windows\system32\DRIVERS\ssadmdm.sys
    13:35:55.0097 2664ssadmdm - ok
    13:35:55.0129 2664ssadserd (1a5a397bc459f346ab56492b61ef79f6) C:\Windows\system32\DRIVERS\ssadserd.sys
    13:35:55.0129 2664ssadserd - ok
    13:35:55.0550 2664sscdbus (069351a1d7d291013177a90ae6edccbc) C:\Windows\system32\DRIVERS\sscdbus.sys
    13:35:55.0550 2664sscdbus - ok
    13:35:55.0597 2664sscdmdfl (1c925be223a5c0f9f469252292a48df6) C:\Windows\system32\DRIVERS\sscdmdfl.sys
    13:35:55.0612 2664sscdmdfl - ok
    13:35:55.0628 2664sscdmdm (ae3e77ae0fbdb07eb1ac3fed74a0695e) C:\Windows\system32\DRIVERS\sscdmdm.sys
    13:35:55.0643 2664sscdmdm - ok
    13:35:55.0659 2664SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
    13:35:55.0675 2664SSDPSRV - ok
    13:35:55.0690 2664SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
    13:35:55.0690 2664SstpSvc - ok
    13:35:55.0768 2664ssudmdm (07318149e102fd9197ab444c27774372) C:\Windows\system32\DRIVERS\ssudmdm.sys
    13:35:55.0768 2664ssudmdm - ok
    13:35:55.0924 2664Steam Client Service - ok
    13:35:56.0985 2664Stereo Service (6086b60f2e36d06a063cb07ed0524332) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    13:35:56.0985 2664Stereo Service - ok
    13:35:57.0032 2664stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
    13:35:57.0032 2664stexstor - ok
    13:35:57.0079 2664StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
    13:35:57.0094 2664StiSvc - ok
    13:35:57.0266 2664storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
    13:35:57.0266 2664storflt - ok
    13:35:57.0297 2664storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
    13:35:57.0297 2664storvsc - ok
    13:35:57.0328 2664swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
    13:35:57.0328 2664swenum - ok
    13:35:57.0609 2664SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    13:35:57.0609 2664SwitchBoard - ok
    13:35:57.0656 2664swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
    13:35:57.0656 2664swprv - ok
    13:35:57.0656 2664Synth3dVsc - ok
    13:35:57.0738 2664SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
    13:35:57.0767 2664SysMain - ok
    13:35:57.0786 2664TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
    13:35:57.0790 2664TabletInputService - ok
    13:35:57.0865 2664tap0901 (98a1e6bc9f766b0b0a5bf00af847ef20) C:\Windows\system32\DRIVERS\tap0901.sys
    13:35:57.0886 2664tap0901 - ok
    13:35:57.0944 2664taphss (fd90a16ceb10d4fdaa00aaf39b8ff58f) C:\Windows\system32\DRIVERS\taphss.sys
    13:35:57.0946 2664taphss - ok
    13:35:57.0983 2664TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
    13:35:57.0989 2664TapiSrv - ok
    13:35:58.0015 2664TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
    13:35:58.0019 2664TBS - ok
    13:35:58.0076 2664Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
    13:35:58.0103 2664Tcpip - ok
    13:35:58.0276 2664TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
    13:35:58.0285 2664TCPIP6 - ok
    13:35:58.0425 2664tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
    13:35:58.0426 2664tcpipreg - ok
    13:35:58.0461 2664TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
    13:35:58.0462 2664TDPIPE - ok
    13:35:58.0494 2664TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
    13:35:58.0496 2664TDTCP - ok
    13:35:58.0543 2664tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
    13:35:58.0545 2664tdx - ok
    13:35:58.0930 2664TeamViewer7 (74fc70ae64a7b7dabec9697ce0a1f4fa) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
    13:35:59.0091 2664TeamViewer7 - ok
    13:35:59.0322 2664TELEMANN (ea8c2399afb7449824ef51f89d8c99d9) C:\Windows\system32\DRIVERS\UX2000.SYS
    13:35:59.0335 2664TELEMANN - ok
    13:35:59.0370 2664TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
    13:35:59.0370 2664TermDD - ok
    13:35:59.0414 2664TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
    13:35:59.0423 2664TermService - ok
    13:35:59.0461 2664Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
    13:35:59.0463 2664Themes - ok
    13:35:59.0487 2664THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
    13:35:59.0489 2664THREADORDER - ok
    13:35:59.0534 2664TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
    13:35:59.0538 2664TrkWks - ok
    13:35:59.0696 2664TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
    13:35:59.0715 2664TrustedInstaller - ok
    13:35:59.0742 2664tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
    13:35:59.0743 2664tssecsrv - ok
    13:35:59.0762 2664TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
    13:35:59.0763 2664TsUsbFlt - ok
    13:35:59.0781 2664tsusbhub - ok
    13:35:59.0822 2664tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
    13:35:59.0824 2664tunnel - ok
    13:35:59.0856 2664uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
    13:35:59.0858 2664uagp35 - ok
    13:35:59.0884 2664udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
    13:35:59.0888 2664udfs - ok
    13:35:59.0919 2664UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
    13:35:59.0923 2664UI0Detect - ok
    13:35:59.0960 2664uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
    13:35:59.0962 2664uliagpkx - ok
    13:35:59.0979 2664umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
    13:35:59.0980 2664umbus - ok
    13:35:59.0989 2664UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
    13:35:59.0990 2664UmPass - ok
    13:36:00.0039 2664UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
    13:36:00.0045 2664UmRdpService - ok
    13:36:00.0070 2664upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
    13:36:00.0077 2664upnphost - ok
    13:36:00.0133 2664upperdev (47f5f9d837d80ffd5882a14db9da0a67) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
    13:36:00.0134 2664upperdev - ok
    13:36:00.0190 2664USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
    13:36:00.0192 2664USBAAPL - ok
    13:36:00.0230 2664usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
    13:36:00.0232 2664usbaudio - ok
    13:36:00.0318 2664usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
    13:36:00.0320 2664usbccgp - ok
    13:36:00.0336 2664usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
    13:36:00.0338 2664usbcir - ok
    13:36:00.0358 2664usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
    13:36:00.0359 2664usbehci - ok
    13:36:00.0404 2664usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
    13:36:00.0408 2664usbhub - ok
    13:36:00.0426 2664usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
    13:36:00.0428 2664usbohci - ok
    13:36:00.0467 2664usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
    13:36:00.0468 2664usbprint - ok
    13:36:00.0553 2664usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
    13:36:00.0555 2664usbscan - ok
    13:36:00.0601 2664usbser (31181de6190b39fc8007dffd1a48ffd6) C:\Windows\system32\drivers\usbser.sys
    13:36:00.0603 2664usbser - ok
    13:36:00.0668 2664UsbserFilt (e44f0d17be0908b58dcc99ccb99c6c32) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
    13:36:00.0670 2664UsbserFilt - ok
    13:36:00.0697 2664USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    13:36:00.0699 2664USBSTOR - ok
    13:36:00.0719 2664usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
    13:36:00.0720 2664usbuhci - ok
    13:36:00.0744 2664UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
    13:36:00.0748 2664UxSms - ok
    13:36:00.0774 2664VaultSvc (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
    13:36:00.0776 2664VaultSvc - ok
    13:36:00.0910 2664VC025x (a7e1bd83fcf49753cd7d1e17895a6216) C:\Windows\system32\Drivers\VC025x.sys
    13:36:00.0942 2664VC025x - ok
    13:36:00.0975 2664VC025xHID (b19120540d2435c6ebbc8f1856c13a81) C:\Windows\system32\drivers\VC025xHID.sys
    13:36:01.0001 2664VC025xHID - ok
    13:36:01.0042 2664vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
    13:36:01.0043 2664vdrvroot - ok
    13:36:01.0090 2664vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
    13:36:01.0099 2664vds - ok
    13:36:01.0150 2664vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
    13:36:01.0152 2664vga - ok
    13:36:01.0171 2664VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
    13:36:01.0172 2664VgaSave - ok
    13:36:01.0175 2664VGPU - ok
    13:36:01.0201 2664vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
    13:36:01.0203 2664vhdmp - ok
    13:36:01.0221 2664viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
    13:36:01.0223 2664viaagp - ok
    13:36:01.0238 2664ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
    13:36:01.0240 2664ViaC7 - ok
    13:36:01.0251 2664viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
    13:36:01.0252 2664viaide - ok
    13:36:01.0274 2664vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
    13:36:01.0277 2664vmbus - ok
    13:36:01.0292 2664VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
    13:36:01.0293 2664VMBusHID - ok
    13:36:01.0315 2664VMnetAdapter - ok
    13:36:01.0349 2664volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
    13:36:01.0351 2664volmgr - ok
    13:36:01.0373 2664volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
    13:36:01.0377 2664volmgrx - ok
    13:36:01.0400 2664volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
    13:36:01.0403 2664volsnap - ok
    13:36:01.0447 2664vsbus (1c8a783e90c34d205596f1ab4a97e261) C:\Windows\system32\DRIVERS\vsb.sys
    13:36:01.0448 2664vsbus - ok
    13:36:01.0509 2664vserial (3377daa1cb8cac46a538c236f5f3d58f) C:\Windows\system32\DRIVERS\vserial.sys
    13:36:01.0512 2664vserial - ok
    13:36:01.0556 2664vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
    13:36:01.0559 2664vsmraid - ok
    13:36:01.0686 2664VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
    13:36:01.0708 2664VSS - ok
    13:36:01.0725 2664vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
    13:36:01.0727 2664vwifibus - ok
    13:36:01.0744 2664vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
    13:36:01.0746 2664vwififlt - ok
    13:36:01.0783 2664vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
    13:36:01.0784 2664vwifimp - ok
    13:36:01.0813 2664W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
    13:36:01.0820 2664W32Time - ok
    13:36:01.0838 2664WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
    13:36:01.0840 2664WacomPen - ok
    13:36:01.0901 2664WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
    13:36:01.0904 2664WANARP - ok
    13:36:01.0906 2664Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
    13:36:01.0907 2664Wanarpv6 - ok
    13:36:02.0004 2664WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
    13:36:02.0031 2664WatAdminSvc - ok
    13:36:02.0168 2664wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
    13:36:02.0198 2664wbengine - ok
    13:36:02.0247 2664WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
    13:36:02.0253 2664WbioSrvc - ok
    13:36:02.0323 2664wbondir (342beec3aab93d59af36707511b5ebc6) C:\Windows\system32\DRIVERS\wbondir.sys
    13:36:02.0324 2664wbondir - ok
    13:36:02.0368 2664wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
    13:36:02.0374 2664wcncsvc - ok
    13:36:02.0390 2664WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
    13:36:02.0394 2664WcsPlugInService - ok
    13:36:02.0413 2664Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
    13:36:02.0415 2664Wd - ok
    13:36:02.0438 2664Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
    13:36:02.0443 2664Wdf01000 - ok
    13:36:02.0456 2664WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
    13:36:02.0461 2664WdiServiceHost - ok
    13:36:02.0464 2664WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
    13:36:02.0467 2664WdiSystemHost - ok
    13:36:02.0481 2664WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
    13:36:02.0486 2664WebClient - ok
    13:36:02.0505 2664Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
    13:36:02.0509 2664Wecsvc - ok
    13:36:02.0522 2664wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
    13:36:02.0525 2664wercplsupport - ok
    13:36:02.0562 2664WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
    13:36:02.0566 2664WerSvc - ok
    13:36:02.0617 2664WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
    13:36:02.0618 2664WfpLwf - ok
    13:36:02.0633 2664WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
    13:36:02.0635 2664WIMMount - ok
    13:36:02.0643 2664WinHttpAutoProxySvc - ok
    13:36:02.0685 2664Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
    13:36:02.0687 2664Winmgmt - ok
    13:36:02.0757 2664WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
    13:36:02.0785 2664WinRM - ok
    13:36:02.0853 2664WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
    13:36:02.0854 2664WinUsb - ok
    13:36:02.0902 2664Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
    13:36:02.0915 2664Wlansvc - ok
    13:36:03.0068 2664wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    13:36:03.0069 2664wlcrasvc - ok
    13:36:03.0387 2664wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    13:36:03.0416 2664wlidsvc - ok
    13:36:03.0580 2664WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
    13:36:03.0581 2664WmiAcpi - ok
    13:36:03.0617 2664wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
    13:36:03.0640 2664wmiApSrv - ok
    13:36:03.0664 2664WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
    13:36:03.0667 2664WPCSvc - ok
    13:36:03.0699 2664WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
    13:36:03.0703 2664WPDBusEnum - ok
    13:36:03.0733 2664ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
    13:36:03.0734 2664ws2ifsl - ok
    13:36:03.0737 2664WSearch - ok
    13:36:03.0825 2664wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
    13:36:03.0862 2664wuauserv - ok
    13:36:03.0974 2664WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
    13:36:03.0976 2664WudfPf - ok
    13:36:04.0019 2664WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
    13:36:04.0022 2664WUDFRd - ok
    13:36:04.0060 2664wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
    13:36:04.0064 2664wudfsvc - ok
    13:36:04.0095 2664WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
    13:36:04.0101 2664WwanSvc - ok
    13:36:04.0142 2664ZSMC301b (1e41295eac56589efd9dc3ca14bf3fec) C:\Windows\system32\Drivers\usbVM31b.sys
    13:36:04.0144 2664ZSMC301b - ok
    13:36:04.0350 2664{B154377D-700F-42cc-9474-23858FBDF4BD} - ok
    13:36:04.0418 2664MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    13:36:04.0795 2664\Device\Harddisk0\DR0 - ok
    13:36:04.0797 2664Boot (0x1200) (d44dc46fbdf9e729c45eb8ed83d15957) \Device\Harddisk0\DR0\Partition0
    13:36:04.0798 2664\Device\Harddisk0\DR0\Partition0 - ok
    13:36:04.0809 2664Boot (0x1200) (38b043c6390920e5f77c6b45ff7c007f) \Device\Harddisk0\DR0\Partition1
    13:36:04.0810 2664\Device\Harddisk0\DR0\Partition1 - ok
    13:36:04.0832 2664Boot (0x1200) (07592b3f337535c8890d1543f70ed597) \Device\Harddisk0\DR0\Partition2
    13:36:04.0833 2664\Device\Harddisk0\DR0\Partition2 - ok
    13:36:04.0833 2664============================================================
    13:36:04.0833 2664Scan finished
    13:36:04.0833 2664============================================================
    13:36:04.0839 1816Detected object count: 2
    13:36:04.0839 1816Actual detected object count: 2
    13:36:59.0915 1816Akamai ( HiddenFile.Multi.Generic ) - skipped by user
    13:36:59.0915 1816Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
    13:36:59.0915 1816sptd ( LockedFile.Multi.Generic ) - skipped by user
    13:36:59.0915 1816sptd ( LockedFile.Multi.Generic ) - User select action: Skip
     
  23. Broni

    Broni Malware Annihilator Posts: 47,022   +255

    Please post new FRST log.
     
  24. gamesms

    gamesms TS Rookie Topic Starter Posts: 45

    Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 20-06-2012 01
    Ran by SYSTEM at 27-06-2012 23:00:38
    Running from G:\
    Windows 7 Ultimate (X86) OS Language: English(US)
    The current controlset is ControlSet001

    ========================== Registry (Whitelisted) =============

    HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s [9726568 2010-09-14] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [406992 2010-02-21] (Adobe Systems Incorporated)
    HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-01-21] (Microsoft Corporation)
    HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-10-25] (Adobe Systems Incorporated)
    HKLM\...\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [36760 2010-10-25] (Adobe Systems Incorporated)
    HKLM\...\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [821144 2010-10-25] (Adobe Systems Inc.)
    HKLM\...\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [199752 2007-02-20] (Pinnacle Systems GmbH)
    HKLM\...\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN [1159168 2009-05-26] (Brother Industries, Ltd.)
    HKLM\...\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun [114688 2008-12-23] (Brother Industries, Ltd.)
    HKLM\...\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe [801792 2011-10-24] (Yuna Software)
    HKLM\...\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [79192 2011-02-18] (Research In Motion Limited)
    HKLM\...\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [1523360 2011-01-11] (Adobe Systems Incorporated)
    HKLM\...\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.)
    HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421776 2012-06-07] (Apple Inc.)
    HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
    HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [931584 2012-06-04] (Microsoft Corporation)
    HKU\Administrator\...\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [369200 2009-10-30] (DT Soft Ltd)
    HKU\Administrator\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2012-02-24] (Google Inc.)
    HKU\Administrator\...\Run: [] [x]
    HKU\Administrator\...\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2363392 2009-06-17] (Hewlett-Packard Company)
    HKU\Administrator\...\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot [3491264 2012-06-06] (Tonec Inc.)
    HKU\Administrator\...\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [1508408 2011-12-16] (Nokia)
    HKU\Administrator\...\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-06-08] ()
    HKU\Administrator\...\Policies\system: [LogonHoursAction] 2
    HKU\Administrator\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
    HKU\Bisho\...\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [369200 2009-10-30] (DT Soft Ltd)
    HKU\Bisho\...\Run: [] [x]
    HKU\Bisho\...\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-06-08] ()
    HKU\Bisho\...\Policies\system: [LogonHoursAction] 2
    HKU\Bisho\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
    HKU\Trial\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2012-02-24] (Google Inc.)
    HKU\Trial\...\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [1508408 2011-12-16] (Nokia)
    HKU\Trial\...\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot [3491264 2012-06-06] (Tonec Inc.)
    HKU\Trial\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]
    HKU\Trial\...\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [369200 2009-10-30] (DT Soft Ltd)
    HKU\Trial\...\Run: [] [x]
    HKU\Trial\...\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2363392 2009-06-17] (Hewlett-Packard Company)
    HKU\Trial\...\Policies\system: [LogonHoursAction] 2
    HKU\Trial\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
    Startup: C:\Users\All Users\Start Menu\Programs\Startup\AVer HID Receiver.lnk
    ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
    Startup: C:\Users\All Users\Start Menu\Programs\Startup\AVerQuick.lnk
    ShortcutTarget: AVerQuick.lnk -> C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
    Startup: C:\Users\Bisho\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
    ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

    ================================ Services (Whitelisted) ==================

    2 AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [344064 2009-04-08] (AVerMedia)
    2 AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [405504 2008-12-10] ()
    2 Capture Device Service; "C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe" [198168 2007-03-06] (InterVideo Inc.)
    4 Crypkey License; crypserv.exe [69632 2006-02-28] (CrypKey (Canada) Ltd.)
    2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
    4 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [217088 2010-12-19] (Teruten)
    4 KMService; C:\Windows\system32\srvany.exe [8192 2011-01-21] ()
    2 MDM; "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe" [335872 2006-10-26] (Microsoft Corporation)
    2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [11552 2012-06-04] (Microsoft Corporation)
    4 NetMsmqActivator; "C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [124240 2010-03-18] (Microsoft Corporation)
    4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation)
    4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation)
    3 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation)
    3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [214952 2012-06-04] (Microsoft Corporation)
    2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2214504 2011-05-24] (NVIDIA Corporation)
    3 osppsvc; "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" [4640000 2010-01-09] (Microsoft Corporation)
    2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2012-04-19] ()
    2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [189248 2012-04-19] ()
    3 Sony PC Companion; "C:\Program Files\Sony\Sony PC Companion\PCCService.exe" [155320 2012-01-18] (Avanquest Software)
    2 Stereo Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [378472 2011-05-20] (NVIDIA Corporation)
    3 SwitchBoard; "C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [517096 2010-02-19] (Adobe Systems Incorporated)
    4 TeamViewer7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2886528 2012-02-23] (TeamViewer GmbH)
    3 wbengine; "C:\Windows\system32\wbengine.exe" [1203200 2010-11-19] (Microsoft Corporation)
    2 Akamai; c:\program files\common files\akamai/netsession_win_80c2ffa.dll [x]
    2 PSI_SVC_2; "c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe" [x]
    3 rpcapd; "C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini" [x]

    ========================== Drivers (Whitelisted) =============

    3 61883; C:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-13] (Microsoft Corporation)
    3 androidusb; C:\Windows\System32\Drivers\ssadadb.sys [30312 2010-12-20] (Google Inc)
    3 Avc; C:\Windows\System32\DRIVERS\avc.sys [40320 2009-07-13] (Microsoft Corporation)
    3 AVerEth; C:\Windows\System32\DRIVERS\AVerEth.sys [19584 2009-05-13] (AVerMedia TECHNOLOGIES, Inc.)
    3 AVerFx2hbtv; C:\Windows\System32\drivers\AVerFx2hbtv.sys [506752 2010-11-09] (AVerMedia TECHNOLOGIES, Inc.)
    3 Bridge; C:\Windows\System32\DRIVERS\bridge.sys [78336 2009-07-13] (Microsoft Corporation)
    3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-12] (CSR, plc)
    3 cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2009-12-18] ()
    3 cpuz134; \??\C:\Program Files\CPUID\PC Wizard 2010\pcwiz_x32.sys [20328 2010-07-09] (Windows (R) Win 7 DDK provider)
    3 DCamUSBEMPIA; C:\Windows\System32\DRIVERS\emDevice.sys [116509 2004-01-23] (eMPIA Technology, Inc.)
    3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [80824 2012-05-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
    3 DM9USB; C:\Windows\System32\DRIVERS\dm9usb.sys [54272 2008-04-24] (DAVICOM Semiconductor, Inc.)
    3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-13] (VIA Technologies, Inc. )
    3 FiltUSBEMPIA; C:\Windows\System32\DRIVERS\emFilter.sys [20352 2004-01-22] (eMPIA Technology Inc.)
    3 FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [36640 2010-12-19] ()
    3 HTCAND32; C:\Windows\System32\Drivers\ANDROIDUSB.sys [24576 2011-07-09] (HTC, Corporation)
    2 IDMWFP; C:\Windows\System32\DRIVERS\idmwfp.sys [96056 2012-04-23] (Tonec Inc.)
    3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
    0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [171064 2012-04-04] (Microsoft Corporation)
    3 MSDV; C:\Windows\System32\DRIVERS\msdv.sys [52608 2009-07-13] (Microsoft Corporation)
    3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [841504 2010-03-25] (Ralink Technology Corp.)
    1 NetworkX; C:\Windows\system32\ckldrv.sys [31846 2006-01-09] ()
    3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137600 2011-10-31] (Nokia)
    3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2011-10-31] (Nokia)
    2 NPF; C:\Windows\System32\drivers\npf.sys [50704 2009-10-20] (CACE Technologies, Inc.)
    3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-08] (Microsoft Corporation)
    3 PRODIGY; C:\Windows\System32\Drivers\PRODIGY.SYS [32377 2006-08-29] (B-phreaks)
    3 PSSDK42; \??\C:\Windows\system32\Drivers\pssdk42.sys [38976 2011-08-03] (microOLAP Technologies LTD)
    3 ROOTMODEM; C:\Windows\System32\Drivers\RootMdm.sys [8192 2009-07-13] (Microsoft Corporation)
    3 RTL8187; C:\Windows\System32\DRIVERS\RTL8187.sys [335872 2008-06-26] (Realtek Semiconductor Corporation )
    3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [379904 2010-03-30] (Realtek Semiconductor Corporation )
    3 ScanUSBEMPIA; C:\Windows\System32\DRIVERS\emScan.sys [4525 2004-01-23] (eMPIA Technology, Inc.)
    3 smbusp; C:\Windows\System32\DRIVERS\intelsmb.sys [22528 2010-01-20] (Intel Corporation)
    0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2009-11-13] (Duplex Secure Ltd.)
    3 ssadbus; C:\Windows\System32\DRIVERS\ssadbus.sys [121064 2011-06-01] (MCCI Corporation)
    3 ssadmdfl; C:\Windows\System32\DRIVERS\ssadmdfl.sys [12776 2011-06-01] (MCCI Corporation)
    3 ssadmdm; C:\Windows\System32\DRIVERS\ssadmdm.sys [136808 2011-06-01] (MCCI Corporation)
    3 ssadserd; C:\Windows\System32\DRIVERS\ssadserd.sys [114280 2011-06-01] (MCCI Corporation)
    3 sscdbus; C:\Windows\System32\DRIVERS\sscdbus.sys [104648 2010-12-20] (MCCI Corporation)
    3 sscdmdfl; C:\Windows\System32\DRIVERS\sscdmdfl.sys [14920 2010-12-20] (MCCI Corporation)
    3 sscdmdm; C:\Windows\System32\DRIVERS\sscdmdm.sys [132424 2010-12-20] (MCCI Corporation)
    3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [181432 2012-05-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
    3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-07-01] (The OpenVPN Project)
    3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-04-06] (AnchorFree Inc)
    3 TELEMANN; C:\Windows\System32\DRIVERS\UX2000.SYS [21237 2001-06-17] (Windows (R) 2000 DDK provider)
    3 VC025x; C:\Windows\System32\Drivers\VC025x.sys [840576 2009-08-28] (VIMICRO)
    3 VC025xHID; C:\Windows\System32\drivers\VC025xHID.sys [17024 2009-03-11] (Vimicro)
    3 vsbus; C:\Windows\System32\DRIVERS\vsb.sys [15264 2008-07-23] ()
    3 vserial; C:\Windows\System32\DRIVERS\vserial.sys [47744 2008-07-23] ()
    3 wbondir; C:\Windows\System32\DRIVERS\wbondir.sys [49664 2007-03-20] (Winbond Electronics Corporation)
    3 ZSMC301b; C:\Windows\System32\Drivers\usbVM31b.sys [90968 2004-03-19] (VM)
    3 AmdLLD; C:\Windows\System32\DRIVERS\AmdLLD.sys [x]
    3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [x]
    2 FLEXnet Licensing Manager; [x]
    3 iBurstu; C:\Windows\System32\DRIVERS\iBurstu.sys [x]
    3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [x]
    3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [x]
    3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]
    3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [x]
    2 {B154377D-700F-42cc-9474-23858FBDF4BD}; \??\C:\Program Files\CyberLink\PowerDVD9\000.fcl [x]

    ========================== NetSvcs (Whitelisted) ===========


    ============ One Month Created Files and Folders ==============

    2012-06-27 11:39 - 2012-06-27 11:39 - 00882250 ____A C:\Users\Administrator\Downloads\FRST.exe
    2012-06-27 02:01 - 2012-06-27 23:00 - 00000000 ____D C:\FRST
    2012-06-26 18:14 - 2012-06-26 18:14 - 00000508 ____A C:\Windows\PFRO.log
    2012-06-26 17:51 - 2012-06-26 17:51 - 00001031 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2012-06-26 17:51 - 2012-06-26 17:51 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
    2012-06-26 17:51 - 2012-04-04 04:56 - 00022344 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
    2012-06-26 17:41 - 2012-06-26 17:41 - 00139664 ____A C:\Windows\Minidump\062712-30139-01.dmp
    2012-06-26 17:26 - 2012-06-26 17:26 - 00151936 ____A C:\Windows\Minidump\062712-42915-01.dmp
    2012-06-26 16:41 - 2012-06-26 16:41 - 00152352 ____A C:\Windows\Minidump\062712-54381-01.dmp
    2012-06-26 16:27 - 2012-06-26 17:28 - 00000000 ___SD C:\32788R22FWJFW
    2012-06-26 16:27 - 2012-06-26 16:27 - 00000000 ____D C:\Windows\erdnt
    2012-06-26 16:22 - 2012-06-02 14:19 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
    2012-06-26 16:22 - 2012-06-02 14:19 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
    2012-06-26 16:22 - 2012-06-02 14:19 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
    2012-06-26 16:22 - 2012-06-02 14:12 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
    2012-06-26 16:21 - 2012-06-02 14:19 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
    2012-06-26 16:21 - 2012-06-02 14:19 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
    2012-06-26 16:21 - 2012-06-02 14:12 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
    2012-06-26 16:21 - 2012-06-02 04:19 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
    2012-06-26 16:21 - 2012-06-02 04:12 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
    2012-06-26 01:25 - 2012-06-26 01:25 - 00388096 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\csc.sys
    2012-06-25 14:00 - 2012-06-25 14:00 - 00003400 ____N C:\bootsqm.dat
    2012-06-23 13:58 - 2012-06-27 11:45 - 00000952 ____A C:\Windows\setupact.log
    2012-06-23 13:58 - 2012-06-23 13:58 - 00000000 ____A C:\Windows\setuperr.log
    2012-06-23 13:56 - 2012-06-27 11:45 - 00000380 ____A C:\Windows\errord.log
    2012-06-23 07:04 - 2012-06-23 07:37 - 00000000 ___AD C:\Kaspersky Rescue Disk 10.0
    2012-06-22 16:27 - 2012-04-25 20:45 - 00129536 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
    2012-06-22 16:27 - 2012-04-25 20:45 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
    2012-06-22 16:27 - 2012-04-25 20:41 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
    2012-06-22 16:27 - 2011-12-15 23:52 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
    2012-06-22 16:26 - 2012-03-16 23:27 - 00056176 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
    2012-06-22 16:26 - 2012-03-02 21:31 - 01077248 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
    2012-06-22 16:19 - 2012-02-29 21:46 - 00019824 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
    2012-06-22 16:19 - 2012-02-29 21:37 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
    2012-06-22 16:19 - 2012-02-29 21:33 - 00159232 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
    2012-06-22 16:19 - 2012-02-29 21:29 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
    2012-06-22 15:18 - 2012-02-16 21:34 - 00919040 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
    2012-06-22 15:18 - 2012-02-16 21:34 - 00826880 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
    2012-06-22 15:18 - 2012-02-16 20:14 - 00183808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
    2012-06-22 15:18 - 2012-02-16 20:13 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
    2012-06-22 15:17 - 2012-06-22 15:17 - 00001945 ____A C:\Windows\epplauncher.mif
    2012-06-22 15:16 - 2012-06-22 15:16 - 00000000 ____D C:\Program Files\Microsoft Security Client
    2012-06-22 14:35 - 2012-06-22 14:35 - 00000000 ____D C:\Users\Bisho\AppData\Local\{C43C6127-A7FF-45DC-A5AE-0FF1BFF90976}
    2012-06-22 14:35 - 2012-06-22 14:35 - 00000000 ____D C:\Users\Bisho\AppData\Local\{065076BA-575E-4538-B26B-EDECC5D72429}
    2012-06-22 13:52 - 2012-06-22 13:52 - 00000000 ____D C:\Users\Bisho\AppData\Local\{4DE7BF4B-7E01-4E27-9BB4-88A3753B2917}
    2012-06-21 12:37 - 2012-06-21 12:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{5E801A8A-F905-4E80-AB1F-9EE013BB71F4}
    2012-06-21 12:37 - 2012-06-21 12:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{0678E3D3-422B-40FA-986B-D29BC6A60A2F}
    2012-06-21 03:26 - 2012-06-22 16:35 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Media Player Classic
    2012-06-21 02:45 - 2012-06-21 02:45 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
    2012-06-21 02:45 - 2012-06-21 02:45 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
    2012-06-20 17:29 - 2012-06-20 17:29 - 00000000 ____D C:\Windows\System32\Macromed
    2012-06-20 03:01 - 2012-06-20 03:01 - 00000000 ____D C:\Users\Bisho\AppData\Local\{FDA19AB1-6BD7-4221-81C2-123F701A2044}
    2012-06-20 03:01 - 2012-06-20 03:01 - 00000000 ____D C:\Users\Bisho\AppData\Local\{1339E2F0-0898-4A1A-90EE-45E65370B9E3}
    2012-06-19 14:55 - 2012-06-19 15:00 - 00000000 ____D C:\Users\Bisho\AppData\Local\{E62E5AD8-E86A-4DF4-A627-C8FE355EF0CB}
    2012-06-19 14:55 - 2012-06-19 14:55 - 00000000 ____D C:\Users\Bisho\AppData\Local\{0625B66D-F1EC-49A0-914F-5BB78979A3D5}
    2012-06-17 19:51 - 2012-06-27 11:40 - 00887828 ____A C:\Windows\WindowsUpdate.log
    2012-06-17 19:49 - 2012-06-17 19:49 - 00000000 ____D C:\Samsung Galaxy S3 ToolKit
    2012-06-17 17:10 - 2012-06-17 19:14 - 00000000 ____D C:\Users\Administrator\Documents\SelfMV
    2012-06-17 16:31 - 2012-06-17 16:31 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\DivX
    2012-06-17 16:18 - 2012-06-17 16:17 - 00476936 ____A (Sun Microsystems, Inc.) C:\Windows\System32\npdeployJava1.dll
    2012-06-17 16:18 - 2012-06-17 16:17 - 00157448 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe
    2012-06-17 16:18 - 2012-06-17 16:17 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe
    2012-06-17 16:18 - 2012-06-17 16:17 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe
    2012-06-17 16:02 - 2012-06-17 16:02 - 00000000 ____D C:\Users\Administrator\Documents\samsung
    2012-06-17 16:02 - 2012-06-17 16:02 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Samsung
    2012-06-17 16:02 - 2012-06-17 16:02 - 00000000 ____D C:\Users\Administrator\AppData\Local\Samsung
    2012-06-17 15:37 - 2012-06-17 15:38 - 00000000 ____D C:\Users\Bisho\AppData\Local\{6CAF425C-BE6E-45BE-ABE5-796DE1228AF4}
    2012-06-17 14:12 - 2012-05-20 18:09 - 00181432 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
    2012-06-17 14:12 - 2012-05-20 18:09 - 00080824 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys
    2012-06-17 03:37 - 2012-06-17 03:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{F6ACF6FD-B54D-442F-B19E-9D57CADC5CF6}
    2012-06-16 15:36 - 2012-06-16 15:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{35660FCA-8C88-44DF-A376-E218614A3AB7}
    2012-06-16 03:36 - 2012-06-16 03:36 - 00000000 ____D C:\Users\Bisho\AppData\Local\{775D1AE3-A936-4C11-A317-DBD7222DFE25}
    2012-06-15 13:53 - 2012-06-15 13:53 - 00000000 ____D C:\Users\Bisho\AppData\Local\{AEE7D9F0-F4AC-444E-99AD-96B3911A0B0D}
    2012-06-14 17:59 - 2012-06-14 17:59 - 00000000 ____D C:\Windows\System32\1056
    2012-06-14 13:15 - 2012-06-14 13:15 - 00000000 ____D C:\Users\Bisho\AppData\Local\{8B10F81E-B4C4-48C5-B4AA-B72DF1D31F11}
    2012-06-14 13:15 - 2012-06-14 13:15 - 00000000 ____D C:\Users\Bisho\AppData\Local\{1CBD6B84-781C-40FD-86ED-EA3CFDBF2ECA}
    2012-06-13 03:31 - 2012-06-13 03:31 - 00000000 ____D C:\Users\Bisho\AppData\Local\{88D1BAAD-19F1-4664-AA15-735C170FC220}
    2012-06-13 03:31 - 2012-06-13 03:31 - 00000000 ____D C:\Users\Bisho\AppData\Local\{12C5CCCC-A0FF-4044-B9D6-D445AD0EAB66}
    2012-06-12 11:20 - 2012-06-12 11:20 - 00000000 ____D C:\Users\Bisho\AppData\Local\{398D6AA7-82B4-4126-A37E-9D1C18D1187A}
    2012-06-12 11:20 - 2012-06-12 11:20 - 00000000 ____D C:\Users\Bisho\AppData\Local\{0DC74891-02F3-44B1-B87B-BF0C0EE2693B}
    2012-06-11 16:24 - 2012-06-11 16:25 - 00000000 ____D C:\Users\Bisho\AppData\Local\{EE84F72B-1959-4BD3-ADF2-7B901B90EA72}
    2012-06-11 16:24 - 2012-06-11 16:24 - 00000000 ____D C:\Users\Bisho\AppData\Local\{20003CBF-1B19-44B6-B73C-0CDD87A7A9D5}
    2012-06-11 15:22 - 2012-06-11 15:22 - 00001713 ____A C:\Users\Public\Desktop\iTunes.lnk
    2012-06-11 15:21 - 2012-06-11 15:22 - 00000000 ____D C:\Program Files\iTunes
    2012-06-11 15:21 - 2012-06-11 15:21 - 00000000 ____D C:\Program Files\iPod
    2012-06-11 15:19 - 2012-06-11 15:19 - 00000000 ____D C:\Program Files\Bonjour
    2012-06-10 16:58 - 2012-06-27 11:46 - 00000218 ____A C:\Windows\Tasks\AutoKMSDaily.job
    2012-06-10 16:58 - 2012-06-27 11:46 - 00000216 ____A C:\Windows\Tasks\AutoKMS.job
    2012-06-10 16:57 - 2012-06-27 11:46 - 00151552 ____A C:\Windows\KMSEmulator.exe
    2012-06-10 16:48 - 2012-06-12 04:06 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\IObit
    2012-06-10 16:48 - 2012-06-10 16:48 - 00000000 ____D C:\Program Files\IObit
    2012-06-10 15:32 - 2012-06-10 15:32 - 00000000 ____D C:\Users\Bisho\AppData\Local\Macromedia
    2012-06-09 11:58 - 2012-06-09 11:58 - 00000000 ____D C:\Program Files\fr3nsis
    2012-06-08 16:26 - 2012-06-08 16:26 - 00000000 ____D C:\Users\Bisho\AppData\Local\CRE
    2012-06-08 16:25 - 2012-06-09 14:58 - 00000000 ____D C:\Users\Bisho\AppData\Local\Conduit
    2012-06-08 16:25 - 2012-06-08 16:25 - 00000000 ____D C:\Program Files\Conduit
    2012-06-08 11:03 - 2012-06-08 11:03 - 00000000 ____D C:\Users\Bisho\AppData\Local\{EF5A350C-4A79-4A6F-8A99-DCED60A1AFBC}
    2012-06-08 11:03 - 2012-06-08 11:03 - 00000000 ____D C:\Users\Bisho\AppData\Local\{C2756249-6B3F-421F-98CB-E510DA8713B8}
    2012-06-07 11:37 - 2012-06-07 11:38 - 00000000 ____D C:\Users\Trial\AppData\Local\{7F4CA021-6A8C-4EA2-8B22-4A9ABE12F487}
    2012-06-07 11:37 - 2012-06-07 11:37 - 00000000 ____D C:\Users\Trial\AppData\Local\{309EDD3B-8C8B-4771-BAC7-A4879052E295}
    2012-06-06 22:18 - 2012-04-23 03:26 - 00096056 ____A (Tonec Inc.) C:\Windows\System32\Drivers\idmwfp.sys
    2012-06-06 14:05 - 2012-06-06 14:05 - 00002048 ____A C:\Uninstall.dat
    2012-06-06 08:10 - 2012-06-06 08:10 - 00000000 ____D C:\Users\Bisho\AppData\Local\{9C1F7C7A-8EDA-48F1-8B36-268C28A208CC}
    2012-06-06 08:10 - 2012-06-06 08:10 - 00000000 ____D C:\Users\Bisho\AppData\Local\{4576DBA7-2953-4F36-9FC2-DFD7A164E2AF}
    2012-06-05 10:33 - 2012-06-05 10:33 - 00000000 ____D C:\Users\Bisho\AppData\Local\{C6060028-C0DD-4AED-A7F7-E64E27C02FB0}
    2012-06-05 10:33 - 2012-06-05 10:33 - 00000000 ____D C:\Users\Bisho\AppData\Local\{6A82BB6B-F73A-494E-B2DE-020E2480A8AF}
    2012-06-05 03:05 - 2012-03-05 21:59 - 03968368 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
    2012-06-05 03:05 - 2012-03-05 21:59 - 03913072 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
    2012-06-05 03:02 - 2012-01-04 00:59 - 12872704 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
    2012-06-05 03:02 - 2012-01-04 00:58 - 00442880 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
    2012-06-05 03:02 - 2011-12-29 21:27 - 00478720 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
    2012-06-04 16:40 - 2012-06-14 17:56 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
    2012-06-04 12:15 - 2012-06-04 12:15 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Yahoo!
    2012-06-04 08:14 - 2012-06-04 08:14 - 00000000 ____D C:\Users\Trial\AppData\Local\{2D004930-5A09-461A-BBFF-A98654BE9EC8}
    2012-06-04 08:13 - 2012-06-04 08:14 - 00000000 ____D C:\Users\Trial\AppData\Local\{5DD33D6C-1580-4472-9B2A-9F85F54CA326}
    2012-06-04 05:21 - 2012-06-04 05:22 - 00000000 ____D C:\Users\Bisho\AppData\Local\{EB2BBEFF-FEE9-47F4-818D-5B97F3B913CD}
    2012-06-04 05:21 - 2012-06-04 05:21 - 00000000 ____D C:\Users\Bisho\AppData\Local\{768CBF18-F3F5-414A-9AF7-53C7D1461177}
    2012-06-03 05:10 - 2012-06-03 05:10 - 00000000 ____D C:\Users\Trial\AppData\Local\{A6A9019B-0D93-4C24-9087-9118667E8BC8}
    2012-06-03 05:10 - 2012-06-03 05:10 - 00000000 ____D C:\Users\Trial\AppData\Local\{8099B7FE-A129-4D54-87E4-124B0655CE3F}
    2012-06-03 03:39 - 2012-06-03 03:39 - 00000000 ____D C:\Users\Bisho\AppData\Local\{D0305CEA-6719-4196-9878-625C4EC26E73}
    2012-06-03 03:39 - 2012-06-03 03:39 - 00000000 ____D C:\Users\Bisho\AppData\Local\{85C3E1BE-CBC7-46ED-BB1B-2ED2B096103E}
    2012-06-02 15:42 - 2012-06-02 15:42 - 00000000 ____D C:\Users\Bisho\AppData\Local\ESET
    2012-06-02 09:07 - 2012-06-02 09:07 - 00000000 ____D C:\Users\Bisho\AppData\Local\{06C2CC86-8AF0-4D41-B9A3-A68BE6B4B49E}
    2012-06-02 09:06 - 2012-06-02 09:07 - 00000000 ____D C:\Users\Bisho\AppData\Local\{FB24A4E1-8D9A-424C-A4F5-1482718872A7}
    2012-06-02 06:00 - 2012-06-02 06:00 - 00000000 ____D C:\Users\Trial\AppData\Local\{87EB8656-9A9B-496C-BB21-83E280A311C1}
    2012-06-02 05:59 - 2012-06-02 06:00 - 00000000 ____D C:\Users\Trial\AppData\Local\{5CED5D1E-5698-419F-92E4-843BA69D21CC}
    2012-05-31 15:59 - 2012-05-31 15:59 - 00000000 ____D C:\Program Files\ESET
    2012-05-31 15:34 - 2012-05-31 15:34 - 00000000 ____D C:\Users\Bisho\AppData\Local\http___www.julien-manici
    2012-05-31 10:48 - 2012-05-31 10:48 - 00000000 ____D C:\Users\Trial\AppData\Local\Microsoft Help
    2012-05-31 04:47 - 2012-05-31 04:47 - 00000000 ____D C:\Users\Trial\AppData\Local\{FC9C9319-029E-4BE1-99A1-551C43DA7262}
    2012-05-31 04:47 - 2012-05-31 04:47 - 00000000 ____D C:\Users\Trial\AppData\Local\{654A0ADD-3640-45DC-930D-39EC60AF4A6E}
    2012-05-31 04:17 - 2012-05-31 08:24 - 00000000 ____D C:\Windows\System32\_avast_
    2012-05-31 04:16 - 2012-05-31 09:22 - 00000000 ____D C:\Users\All Users\AVAST Software
    2012-05-31 04:16 - 2012-05-31 04:16 - 00000000 ____D C:\Program Files\AVAST Software
    2012-05-31 03:32 - 2012-05-31 03:32 - 00000000 ____D C:\Users\Bisho\AppData\Local\{FD4595E3-F5B9-442D-9B70-B14BB0CFB72E}
    2012-05-31 03:32 - 2012-05-31 03:32 - 00000000 ____D C:\Users\Bisho\AppData\Local\{3F021DB0-5021-438A-8589-1378DD6C4DE1}
    2012-05-30 13:01 - 2012-05-30 13:01 - 00000000 ____D C:\Users\Trial\AppData\Local\{E23F9E30-DAB2-411B-9072-CD0F0778F62F}
    2012-05-30 12:41 - 2012-05-30 12:41 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
    2012-05-30 11:08 - 2012-05-30 11:08 - 00000000 ____D C:\samsung
    2012-05-30 06:23 - 2012-06-23 15:09 - 00000000 ____D C:\Users\All Users\Windows Codecs
    2012-05-30 05:40 - 2012-05-30 05:40 - 00000000 ____D C:\Users\Bisho\AppData\Local\{A7D4A363-4572-4EC0-9A1F-3CE1EF394B7E}
    2012-05-30 05:39 - 2012-05-30 05:40 - 00000000 ____D C:\Users\Bisho\AppData\Local\{BC2CA819-D853-4146-8782-64ADCD2988D0}
    2012-05-29 09:18 - 2012-05-29 09:18 - 00000000 ____D C:\Users\Trial\AppData\Local\{B454A43C-6316-4746-A315-2810E5E0A734}
    2012-05-29 09:18 - 2012-05-29 09:18 - 00000000 ____D C:\Users\Trial\AppData\Local\{4A521E97-39AF-48A2-BEC3-A1B8F32666BD}
    2012-05-28 09:46 - 2012-05-28 09:47 - 00000000 ____D C:\Users\Trial\AppData\Local\{B570AE20-2634-4678-97BD-8AE6B93E4054}
    2012-05-28 09:46 - 2012-05-28 09:46 - 00000000 ____D C:\Users\Trial\AppData\Local\{A1532312-A1E0-4C57-831D-67756589AA45}


    ============ 3 Months Modified Files and Folders ===============

    2012-06-27 23:00 - 2012-06-27 02:01 - 00000000 ____D C:\FRST
    2012-06-27 11:46 - 2012-06-10 16:58 - 00000218 ____A C:\Windows\Tasks\AutoKMSDaily.job
    2012-06-27 11:46 - 2012-06-10 16:58 - 00000216 ____A C:\Windows\Tasks\AutoKMS.job
    2012-06-27 11:46 - 2012-06-10 16:57 - 00151552 ____A C:\Windows\KMSEmulator.exe
    2012-06-27 11:46 - 2011-09-16 06:08 - 00000000 ____D C:\Program Files\Common Files\Akamai
    2012-06-27 11:45 - 2012-06-23 13:58 - 00000952 ____A C:\Windows\setupact.log
    2012-06-27 11:45 - 2012-06-23 13:56 - 00000380 ____A C:\Windows\errord.log
    2012-06-27 11:45 - 2009-11-07 10:29 - 00000000 ____D C:\Users\All Users\NVIDIA
    2012-06-27 11:45 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2012-06-27 11:40 - 2012-06-17 19:51 - 00887828 ____A C:\Windows\WindowsUpdate.log
    2012-06-27 11:40 - 2012-03-24 02:48 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\DMCache
    2012-06-27 11:40 - 2009-07-13 20:34 - 00028864 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2012-06-27 11:40 - 2009-07-13 20:34 - 00028864 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2012-06-27 11:39 - 2012-06-27 11:39 - 00882250 ____A C:\Users\Administrator\Downloads\FRST.exe
     
  25. gamesms

    gamesms TS Rookie Topic Starter Posts: 45

    2012-06-27 11:32 - 2009-12-05 13:41 - 00000880 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2012-06-27 06:44 - 2009-12-05 13:41 - 00000884 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2012-06-27 06:23 - 2011-02-07 00:14 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2546657983-1106873551-1639024377-1001UA.job
    2012-06-27 06:05 - 2012-05-18 08:15 - 00000094 ____A C:\Windows\System32\debug.log
    2012-06-27 05:59 - 2009-11-07 08:46 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\DMCache
    2012-06-27 04:42 - 2011-07-06 18:01 - 00000928 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2546657983-1106873551-1639024377-1001UA.job
    2012-06-26 19:00 - 2009-11-08 02:27 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\uTorrent
    2012-06-26 18:14 - 2012-06-26 18:14 - 00000508 ____A C:\Windows\PFRO.log
    2012-06-26 17:53 - 2011-09-20 00:48 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\IDM
    2012-06-26 17:51 - 2012-06-26 17:51 - 00001031 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2012-06-26 17:51 - 2012-06-26 17:51 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
    2012-06-26 17:41 - 2012-06-26 17:41 - 00139664 ____A C:\Windows\Minidump\062712-30139-01.dmp
    2012-06-26 17:41 - 2009-11-27 03:40 - 00000000 ____D C:\Windows\Minidump
    2012-06-26 17:28 - 2012-06-26 16:27 - 00000000 ___SD C:\32788R22FWJFW
    2012-06-26 17:26 - 2012-06-26 17:26 - 00151936 ____A C:\Windows\Minidump\062712-42915-01.dmp
    2012-06-26 16:41 - 2012-06-26 16:41 - 00152352 ____A C:\Windows\Minidump\062712-54381-01.dmp
    2012-06-26 16:30 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\ar-SA
    2012-06-26 16:27 - 2012-06-26 16:27 - 00000000 ____D C:\Windows\erdnt
    2012-06-26 16:23 - 2009-11-07 08:34 - 00007104 ____A C:\Windows\System32\PerfStringBackup.INI
    2012-06-26 01:25 - 2012-06-26 01:25 - 00388096 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\csc.sys
    2012-06-25 14:00 - 2012-06-25 14:00 - 00003400 ____N C:\bootsqm.dat
    2012-06-24 00:54 - 2011-09-20 06:16 - 00000000 ____D C:\Windows\AutoKMS
    2012-06-24 00:54 - 2010-03-02 06:58 - 00000000 ____D C:\users\Administrator
    2012-06-24 00:54 - 2010-01-31 15:11 - 00000000 ____D C:\users\nad
    2012-06-24 00:54 - 2009-11-08 01:14 - 00000000 ____D C:\users\Trial
    2012-06-24 00:54 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\wfp
    2012-06-24 00:54 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\DriverStore
    2012-06-24 00:54 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\registration
    2012-06-23 15:09 - 2012-05-30 06:23 - 00000000 ____D C:\Users\All Users\Windows Codecs
    2012-06-23 13:59 - 2009-11-07 08:20 - 00000000 ____D C:\users\Bisho
    2012-06-23 13:58 - 2012-06-23 13:58 - 00000000 ____A C:\Windows\setuperr.log
    2012-06-23 07:37 - 2012-06-23 07:04 - 00000000 ___AD C:\Kaspersky Rescue Disk 10.0
    2012-06-22 16:36 - 2009-11-11 05:11 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\DAEMON Tools Lite
    2012-06-22 16:35 - 2012-06-21 03:26 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Media Player Classic
    2012-06-22 16:35 - 2010-07-01 14:39 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Winamp
    2012-06-22 16:28 - 2011-10-31 23:31 - 00000000 ____D C:\Users\Bisho\AppData\Local\CrashDumps
    2012-06-22 15:17 - 2012-06-22 15:17 - 00001945 ____A C:\Windows\epplauncher.mif
    2012-06-22 15:16 - 2012-06-22 15:16 - 00000000 ____D C:\Program Files\Microsoft Security Client
    2012-06-22 14:35 - 2012-06-22 14:35 - 00000000 ____D C:\Users\Bisho\AppData\Local\{C43C6127-A7FF-45DC-A5AE-0FF1BFF90976}
    2012-06-22 14:35 - 2012-06-22 14:35 - 00000000 ____D C:\Users\Bisho\AppData\Local\{065076BA-575E-4538-B26B-EDECC5D72429}
    2012-06-22 14:35 - 2010-04-12 08:19 - 00000000 ____D C:\Users\Bisho\AppData\Local\Windows Live
    2012-06-22 13:52 - 2012-06-22 13:52 - 00000000 ____D C:\Users\Bisho\AppData\Local\{4DE7BF4B-7E01-4E27-9BB4-88A3753B2917}
    2012-06-22 13:14 - 2010-01-30 10:31 - 00000000 ____D C:\Users\Trial\AppData\Roaming\DMCache
    2012-06-22 13:13 - 2009-11-08 01:19 - 00000000 ____D C:\Users\Trial\AppData\Roaming\Adobe
    2012-06-22 13:13 - 2009-11-08 01:16 - 00664680 ____A C:\Users\Trial\AppData\Local\GDIPFONTCACHEV1.DAT
    2012-06-21 12:37 - 2012-06-21 12:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{5E801A8A-F905-4E80-AB1F-9EE013BB71F4}
    2012-06-21 12:37 - 2012-06-21 12:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{0678E3D3-422B-40FA-986B-D29BC6A60A2F}
    2012-06-21 02:45 - 2012-06-21 02:45 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
    2012-06-21 02:45 - 2012-06-21 02:45 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
    2012-06-20 17:29 - 2012-06-20 17:29 - 00000000 ____D C:\Windows\System32\Macromed
    2012-06-20 17:29 - 2010-04-13 15:50 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
    2012-06-20 16:09 - 2012-04-30 11:12 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\vlc
    2012-06-20 03:01 - 2012-06-20 03:01 - 00000000 ____D C:\Users\Bisho\AppData\Local\{FDA19AB1-6BD7-4221-81C2-123F701A2044}
    2012-06-20 03:01 - 2012-06-20 03:01 - 00000000 ____D C:\Users\Bisho\AppData\Local\{1339E2F0-0898-4A1A-90EE-45E65370B9E3}
    2012-06-20 01:29 - 2011-07-06 18:01 - 00000906 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2546657983-1106873551-1639024377-1001Core.job
    2012-06-19 15:00 - 2012-06-19 14:55 - 00000000 ____D C:\Users\Bisho\AppData\Local\{E62E5AD8-E86A-4DF4-A627-C8FE355EF0CB}
    2012-06-19 14:55 - 2012-06-19 14:55 - 00000000 ____D C:\Users\Bisho\AppData\Local\{0625B66D-F1EC-49A0-914F-5BB78979A3D5}
    2012-06-19 12:23 - 2011-02-07 00:14 - 00000856 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2546657983-1106873551-1639024377-1001Core.job
    2012-06-18 13:56 - 2009-11-07 08:46 - 00000000 ____D C:\Program Files\Internet Download Manager
    2012-06-17 19:49 - 2012-06-17 19:49 - 00000000 ____D C:\Samsung Galaxy S3 ToolKit
    2012-06-17 19:18 - 2011-06-29 05:48 - 00000360 ____A C:\Users\Bisho\AppData\Roaming\Network Meter_Settings.ini
    2012-06-17 19:14 - 2012-06-17 17:10 - 00000000 ____D C:\Users\Administrator\Documents\SelfMV
    2012-06-17 16:31 - 2012-06-17 16:31 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\DivX
    2012-06-17 16:31 - 2011-05-27 15:23 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Media Player Classic
    2012-06-17 16:24 - 2012-03-24 02:48 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\IDM
    2012-06-17 16:17 - 2012-06-17 16:18 - 00476936 ____A (Sun Microsystems, Inc.) C:\Windows\System32\npdeployJava1.dll
    2012-06-17 16:17 - 2012-06-17 16:18 - 00157448 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe
    2012-06-17 16:17 - 2012-06-17 16:18 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe
    2012-06-17 16:17 - 2012-06-17 16:18 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe
    2012-06-17 16:17 - 2011-05-05 19:36 - 00472840 ____A (Sun Microsystems, Inc.) C:\Windows\System32\deployJava1.dll
    2012-06-17 16:02 - 2012-06-17 16:02 - 00000000 ____D C:\Users\Administrator\Documents\samsung
    2012-06-17 16:02 - 2012-06-17 16:02 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Samsung
    2012-06-17 16:02 - 2012-06-17 16:02 - 00000000 ____D C:\Users\Administrator\AppData\Local\Samsung
    2012-06-17 16:01 - 2012-03-22 08:50 - 00000632 _RASH C:\Users\Administrator\ntuser.pol
    2012-06-17 16:01 - 2011-06-04 12:42 - 00664680 ____A C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
    2012-06-17 16:01 - 2011-05-27 14:27 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
    2012-06-17 15:38 - 2012-06-17 15:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{6CAF425C-BE6E-45BE-ABE5-796DE1228AF4}
    2012-06-17 03:37 - 2012-06-17 03:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{F6ACF6FD-B54D-442F-B19E-9D57CADC5CF6}
    2012-06-17 03:06 - 2012-04-21 23:54 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
    2012-06-16 17:30 - 2009-11-07 09:28 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2012-06-16 15:37 - 2012-06-16 15:36 - 00000000 ____D C:\Users\Bisho\AppData\Local\{35660FCA-8C88-44DF-A376-E218614A3AB7}
    2012-06-16 03:36 - 2012-06-16 03:36 - 00000000 ____D C:\Users\Bisho\AppData\Local\{775D1AE3-A936-4C11-A317-DBD7222DFE25}
    2012-06-15 15:43 - 2012-03-23 06:43 - 00000000 ____D C:\Users\Bisho\AppData\Local\Symbian-Toys.com
    2012-06-15 15:35 - 2001-12-18 01:10 - 00000657 ____A C:\Windows\wafi2000.ini
    2012-06-15 14:59 - 2009-11-08 01:24 - 00001555 ____A C:\Windows\ata live update.ini
    2012-06-15 13:53 - 2012-06-15 13:53 - 00000000 ____D C:\Users\Bisho\AppData\Local\{AEE7D9F0-F4AC-444E-99AD-96B3911A0B0D}
    2012-06-14 17:59 - 2012-06-14 17:59 - 00000000 ____D C:\Windows\System32\1056
    2012-06-14 17:56 - 2012-06-04 16:40 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
    2012-06-14 17:56 - 2010-02-28 17:32 - 00000000 ____D C:\Users\All Users\Spybot - Search & Destroy
    2012-06-14 13:15 - 2012-06-14 13:15 - 00000000 ____D C:\Users\Bisho\AppData\Local\{8B10F81E-B4C4-48C5-B4AA-B72DF1D31F11}
    2012-06-14 13:15 - 2012-06-14 13:15 - 00000000 ____D C:\Users\Bisho\AppData\Local\{1CBD6B84-781C-40FD-86ED-EA3CFDBF2ECA}
    2012-06-13 03:31 - 2012-06-13 03:31 - 00000000 ____D C:\Users\Bisho\AppData\Local\{88D1BAAD-19F1-4664-AA15-735C170FC220}
    2012-06-13 03:31 - 2012-06-13 03:31 - 00000000 ____D C:\Users\Bisho\AppData\Local\{12C5CCCC-A0FF-4044-B9D6-D445AD0EAB66}
    2012-06-12 11:20 - 2012-06-12 11:20 - 00000000 ____D C:\Users\Bisho\AppData\Local\{398D6AA7-82B4-4126-A37E-9D1C18D1187A}
    2012-06-12 11:20 - 2012-06-12 11:20 - 00000000 ____D C:\Users\Bisho\AppData\Local\{0DC74891-02F3-44B1-B87B-BF0C0EE2693B}
    2012-06-12 04:09 - 2009-11-07 09:45 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Skype
    2012-06-12 04:06 - 2012-06-10 16:48 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\IObit
    2012-06-11 16:25 - 2012-06-11 16:24 - 00000000 ____D C:\Users\Bisho\AppData\Local\{EE84F72B-1959-4BD3-ADF2-7B901B90EA72}
    2012-06-11 16:24 - 2012-06-11 16:24 - 00000000 ____D C:\Users\Bisho\AppData\Local\{20003CBF-1B19-44B6-B73C-0CDD87A7A9D5}
    2012-06-11 15:56 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\NDF
    2012-06-11 15:48 - 2011-01-02 14:14 - 00998188 ___AH C:\Windows\System32\mlfcache.dat
    2012-06-11 15:22 - 2012-06-11 15:22 - 00001713 ____A C:\Users\Public\Desktop\iTunes.lnk
    2012-06-11 15:22 - 2012-06-11 15:21 - 00000000 ____D C:\Program Files\iTunes
    2012-06-11 15:21 - 2012-06-11 15:21 - 00000000 ____D C:\Program Files\iPod
    2012-06-11 15:21 - 2012-05-27 14:42 - 00000000 ____D C:\Program Files\Common Files\Apple
    2012-06-11 15:19 - 2012-06-11 15:19 - 00000000 ____D C:\Program Files\Bonjour
    2012-06-11 03:54 - 2011-11-10 09:50 - 05169576 ____A C:\Windows\System32\FNTCACHE.DAT
    2012-06-10 16:48 - 2012-06-10 16:48 - 00000000 ____D C:\Program Files\IObit
    2012-06-10 16:13 - 2012-01-23 02:09 - 00034379 ____A C:\swtag.log
    2012-06-10 16:13 - 2011-11-10 09:51 - 00664680 ____A C:\Users\Bisho\AppData\Local\GDIPFONTCACHEV1.DAT
    2012-06-10 16:13 - 2010-12-07 23:15 - 00000000 ____D C:\Users\All Users\regid.1986-12.com.adobe
    2012-06-10 16:13 - 2009-11-07 13:26 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Adobe
    2012-06-10 16:11 - 2009-11-11 05:16 - 00000000 ____D C:\Users\Bisho\AppData\Local\Adobe
    2012-06-10 15:51 - 2009-11-07 12:54 - 00000000 ____D C:\Program Files\Common Files\Adobe
    2012-06-10 15:49 - 2009-11-11 05:11 - 00000000 ____D C:\Program Files\Adobe
    2012-06-10 15:45 - 2009-11-11 05:11 - 00000000 ____D C:\Users\All Users\Adobe
    2012-06-10 15:32 - 2012-06-10 15:32 - 00000000 ____D C:\Users\Bisho\AppData\Local\Macromedia
    2012-06-09 17:41 - 2011-12-19 01:00 - 00000000 ____D C:\Program Files\CCleaner
    2012-06-09 14:58 - 2012-06-08 16:25 - 00000000 ____D C:\Users\Bisho\AppData\Local\Conduit
    2012-06-09 11:58 - 2012-06-09 11:58 - 00000000 ____D C:\Program Files\fr3nsis
    2012-06-09 09:21 - 2009-11-08 05:08 - 00178688 ____A C:\Windows\System32\unrar.dll
    2012-06-08 16:26 - 2012-06-08 16:26 - 00000000 ____D C:\Users\Bisho\AppData\Local\CRE
    2012-06-08 16:25 - 2012-06-08 16:25 - 00000000 ____D C:\Program Files\Conduit
    2012-06-08 13:02 - 2011-12-30 12:47 - 00000824 ____A C:\Users\Bisho\AppData\Roaming\TOMASADISON.MTBF.txt
    2012-06-08 13:02 - 2011-05-11 21:57 - 00000000 ____D C:\Users\Bisho\AppData\Local\Avid
    2012-06-08 13:02 - 2011-05-11 21:50 - 00000349 ____A C:\Users\Public\Documents\PCLECHAL.INI
    2012-06-08 11:03 - 2012-06-08 11:03 - 00000000 ____D C:\Users\Bisho\AppData\Local\{EF5A350C-4A79-4A6F-8A99-DCED60A1AFBC}
    2012-06-08 11:03 - 2012-06-08 11:03 - 00000000 ____D C:\Users\Bisho\AppData\Local\{C2756249-6B3F-421F-98CB-E510DA8713B8}
    2012-06-08 10:08 - 2009-07-13 20:53 - 00032612 ____A C:\Windows\Tasks\SCHEDLGU.TXT
    2012-06-07 11:38 - 2012-06-07 11:37 - 00000000 ____D C:\Users\Trial\AppData\Local\{7F4CA021-6A8C-4EA2-8B22-4A9ABE12F487}
    2012-06-07 11:37 - 2012-06-07 11:37 - 00000000 ____D C:\Users\Trial\AppData\Local\{309EDD3B-8C8B-4771-BAC7-A4879052E295}
    2012-06-07 11:37 - 2011-11-05 11:12 - 00000000 ____D C:\Users\Trial\AppData\Local\Windows Live
    2012-06-06 14:05 - 2012-06-06 14:05 - 00002048 ____A C:\Uninstall.dat
    2012-06-06 08:10 - 2012-06-06 08:10 - 00000000 ____D C:\Users\Bisho\AppData\Local\{9C1F7C7A-8EDA-48F1-8B36-268C28A208CC}
    2012-06-06 08:10 - 2012-06-06 08:10 - 00000000 ____D C:\Users\Bisho\AppData\Local\{4576DBA7-2953-4F36-9FC2-DFD7A164E2AF}
    2012-06-05 10:33 - 2012-06-05 10:33 - 00000000 ____D C:\Users\Bisho\AppData\Local\{C6060028-C0DD-4AED-A7F7-E64E27C02FB0}
    2012-06-05 10:33 - 2012-06-05 10:33 - 00000000 ____D C:\Users\Bisho\AppData\Local\{6A82BB6B-F73A-494E-B2DE-020E2480A8AF}
    2012-06-04 16:34 - 2009-07-13 18:04 - 00000000 ____A C:\Windows\System32\Drivers\etc\hosts.old
    2012-06-04 15:56 - 2012-04-22 03:32 - 00000000 ____D C:\Program Files\SecurityKISS Tunnel
    2012-06-04 12:15 - 2012-06-04 12:15 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Yahoo!
    2012-06-04 08:14 - 2012-06-04 08:14 - 00000000 ____D C:\Users\Trial\AppData\Local\{2D004930-5A09-461A-BBFF-A98654BE9EC8}
    2012-06-04 08:14 - 2012-06-04 08:13 - 00000000 ____D C:\Users\Trial\AppData\Local\{5DD33D6C-1580-4472-9B2A-9F85F54CA326}
    2012-06-04 05:22 - 2012-06-04 05:21 - 00000000 ____D C:\Users\Bisho\AppData\Local\{EB2BBEFF-FEE9-47F4-818D-5B97F3B913CD}
    2012-06-04 05:21 - 2012-06-04 05:21 - 00000000 ____D C:\Users\Bisho\AppData\Local\{768CBF18-F3F5-414A-9AF7-53C7D1461177}
    2012-06-04 03:28 - 2009-11-07 11:35 - 00000000 ____D C:\Users\Bisho\AppData\Local\Google
    2012-06-04 03:28 - 2009-11-07 09:31 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Mozilla
    2012-06-04 03:26 - 2011-07-10 19:08 - 00000000 ____D C:\Program Files\Real
    2012-06-04 03:26 - 2009-11-08 00:51 - 00000000 ____D C:\Users\All Users\Real
    2012-06-04 03:26 - 2009-11-08 00:47 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Real
    2012-06-03 11:45 - 2012-02-02 08:11 - 00000000 ____D C:\Users\Trial\AppData\Local\CrashDumps
    2012-06-03 05:10 - 2012-06-03 05:10 - 00000000 ____D C:\Users\Trial\AppData\Local\{A6A9019B-0D93-4C24-9087-9118667E8BC8}
    2012-06-03 05:10 - 2012-06-03 05:10 - 00000000 ____D C:\Users\Trial\AppData\Local\{8099B7FE-A129-4D54-87E4-124B0655CE3F}
    2012-06-03 05:10 - 2010-01-30 10:31 - 00000000 ____D C:\Users\Trial\AppData\Roaming\IDM
    2012-06-03 03:39 - 2012-06-03 03:39 - 00000000 ____D C:\Users\Bisho\AppData\Local\{D0305CEA-6719-4196-9878-625C4EC26E73}
    2012-06-03 03:39 - 2012-06-03 03:39 - 00000000 ____D C:\Users\Bisho\AppData\Local\{85C3E1BE-CBC7-46ED-BB1B-2ED2B096103E}
    2012-06-03 03:36 - 2009-11-11 16:34 - 00000418 _RASH C:\Users\All Users\ntuser.pol
    2012-06-02 15:42 - 2012-06-02 15:42 - 00000000 ____D C:\Users\Bisho\AppData\Local\ESET
    2012-06-02 14:19 - 2012-06-26 16:22 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
    2012-06-02 14:19 - 2012-06-26 16:22 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
    2012-06-02 14:19 - 2012-06-26 16:22 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
    2012-06-02 14:19 - 2012-06-26 16:21 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
    2012-06-02 14:19 - 2012-06-26 16:21 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
    2012-06-02 14:12 - 2012-06-26 16:22 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
    2012-06-02 14:12 - 2012-06-26 16:21 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
    2012-06-02 09:07 - 2012-06-02 09:07 - 00000000 ____D C:\Users\Bisho\AppData\Local\{06C2CC86-8AF0-4D41-B9A3-A68BE6B4B49E}
    2012-06-02 09:07 - 2012-06-02 09:06 - 00000000 ____D C:\Users\Bisho\AppData\Local\{FB24A4E1-8D9A-424C-A4F5-1482718872A7}
    2012-06-02 06:00 - 2012-06-02 06:00 - 00000000 ____D C:\Users\Trial\AppData\Local\{87EB8656-9A9B-496C-BB21-83E280A311C1}
    2012-06-02 06:00 - 2012-06-02 05:59 - 00000000 ____D C:\Users\Trial\AppData\Local\{5CED5D1E-5698-419F-92E4-843BA69D21CC}
    2012-06-02 04:19 - 2012-06-26 16:21 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
    2012-06-02 04:12 - 2012-06-26 16:21 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
    2012-06-01 17:56 - 2009-11-07 12:46 - 00000000 ____D C:\Program Files\Google
    2012-06-01 08:31 - 2011-07-15 07:03 - 00000419 ____A C:\Windows\BRWMARK.INI
    2012-05-31 16:04 - 2009-07-13 18:04 - 00000542 ____A C:\Windows\win.ini
    2012-05-31 16:00 - 2009-07-13 18:37 - 00000000 __RHD C:\users\Default
    2012-05-31 15:59 - 2012-05-31 15:59 - 00000000 ____D C:\Program Files\ESET
    2012-05-31 15:34 - 2012-05-31 15:34 - 00000000 ____D C:\Users\Bisho\AppData\Local\http___www.julien-manici
    2012-05-31 13:54 - 2012-05-06 15:10 - 00000000 ____D C:\Flashtool
    2012-05-31 13:53 - 2009-11-07 10:28 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
    2012-05-31 10:48 - 2012-05-31 10:48 - 00000000 ____D C:\Users\Trial\AppData\Local\Microsoft Help
    2012-05-31 10:48 - 2009-11-07 11:01 - 00000000 ____D C:\Users\All Users\Microsoft Help
    2012-05-31 09:22 - 2012-05-31 04:16 - 00000000 ____D C:\Users\All Users\AVAST Software
    2012-05-31 08:24 - 2012-05-31 04:17 - 00000000 ____D C:\Windows\System32\_avast_
    2012-05-31 04:47 - 2012-05-31 04:47 - 00000000 ____D C:\Users\Trial\AppData\Local\{FC9C9319-029E-4BE1-99A1-551C43DA7262}
    2012-05-31 04:47 - 2012-05-31 04:47 - 00000000 ____D C:\Users\Trial\AppData\Local\{654A0ADD-3640-45DC-930D-39EC60AF4A6E}
    2012-05-31 04:39 - 2012-01-04 11:24 - 00000000 ___HD C:\CTF
    2012-05-31 04:17 - 2009-07-13 18:04 - 00002577 ____A C:\Windows\System32\config.nt
    2012-05-31 04:16 - 2012-05-31 04:16 - 00000000 ____D C:\Program Files\AVAST Software
    2012-05-31 03:32 - 2012-05-31 03:32 - 00000000 ____D C:\Users\Bisho\AppData\Local\{FD4595E3-F5B9-442D-9B70-B14BB0CFB72E}
    2012-05-31 03:32 - 2012-05-31 03:32 - 00000000 ____D C:\Users\Bisho\AppData\Local\{3F021DB0-5021-438A-8589-1378DD6C4DE1}
    2012-05-30 18:03 - 2010-02-08 00:02 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\FileZilla
    2012-05-30 13:01 - 2012-05-30 13:01 - 00000000 ____D C:\Users\Trial\AppData\Local\{E23F9E30-DAB2-411B-9072-CD0F0778F62F}
    2012-05-30 12:41 - 2012-05-30 12:41 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
    2012-05-30 12:16 - 2011-05-01 15:50 - 00000000 ____D C:\Users\All Users\AVerTV
    2012-05-30 11:08 - 2012-05-30 11:08 - 00000000 ____D C:\samsung
    2012-05-30 05:40 - 2012-05-30 05:40 - 00000000 ____D C:\Users\Bisho\AppData\Local\{A7D4A363-4572-4EC0-9A1F-3CE1EF394B7E}
    2012-05-30 05:40 - 2012-05-30 05:39 - 00000000 ____D C:\Users\Bisho\AppData\Local\{BC2CA819-D853-4146-8782-64ADCD2988D0}
    2012-05-30 03:06 - 2006-07-11 08:35 - 00348160 ____A (Microsoft Corporation) C:\Windows\System32\msvcr71.dll
    2012-05-29 09:18 - 2012-05-29 09:18 - 00000000 ____D C:\Users\Trial\AppData\Local\{B454A43C-6316-4746-A315-2810E5E0A734}
    2012-05-29 09:18 - 2012-05-29 09:18 - 00000000 ____D C:\Users\Trial\AppData\Local\{4A521E97-39AF-48A2-BEC3-A1B8F32666BD}
    2012-05-28 23:38 - 2012-03-28 11:11 - 00330240 ____A ((?)????) C:\Windows\MASetupCaller.dll
    2012-05-28 09:47 - 2012-05-28 09:46 - 00000000 ____D C:\Users\Trial\AppData\Local\{B570AE20-2634-4678-97BD-8AE6B93E4054}
    2012-05-28 09:46 - 2012-05-28 09:46 - 00000000 ____D C:\Users\Trial\AppData\Local\{A1532312-A1E0-4C57-831D-67756589AA45}
    2012-05-27 15:16 - 2012-03-29 13:11 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\redsn0w
    2012-05-27 14:43 - 2011-01-12 19:03 - 00000000 ____D C:\Users\All Users\Apple Computer
    2012-05-27 11:40 - 2012-05-27 11:39 - 00000000 ____D C:\Users\Trial\AppData\Local\{723E762F-2DF3-4ED8-B729-455682FCB38A}
    2012-05-27 11:39 - 2012-05-27 11:39 - 00000000 ____D C:\Users\Trial\AppData\Local\{FA78BCE5-2AC7-4BF6-B7D7-8F92A8D180E3}
    2012-05-27 11:39 - 2012-05-27 11:39 - 00000000 ____D C:\Users\Trial\AppData\Local\{E743C357-9EB9-4CC2-A451-FBAFE8D639D3}
    2012-05-27 11:39 - 2012-05-27 11:39 - 00000000 ____D C:\Users\Trial\AppData\Local\{C274FCEE-3A44-43AD-A766-519EF68DED78}
    2012-05-27 11:39 - 2012-05-27 11:39 - 00000000 ____D C:\Users\Trial\AppData\Local\{898F0074-B468-4D23-8D83-0F2312E6FFB3}
    2012-05-27 00:06 - 2012-05-27 00:02 - 00008103 ____A C:\Windows\System32\Drivers\etc\hosts.umbrella
    2012-05-27 00:02 - 2012-05-27 00:01 - 00000000 ____D C:\Users\Bisho\.shsh
    2012-05-26 23:38 - 2012-05-26 23:38 - 00000000 ____D C:\Users\Trial\AppData\Local\{7D066CC3-5963-4B52-9A99-DF2833115CFA}
    2012-05-26 23:38 - 2012-05-26 23:38 - 00000000 ____D C:\Users\Trial\AppData\Local\{741BB85A-8317-462B-90A6-E9C2FF355E98}
    2012-05-26 11:42 - 2012-05-20 12:12 - 00000000 ____D C:\Users\Bisho\AppData\Local\libimobiledevice
    2012-05-26 07:01 - 2012-05-26 07:01 - 00000000 ____D C:\Users\Trial\AppData\Local\{B83AE3FD-1083-470D-B3FB-B415CCE9F847}
    2012-05-26 07:01 - 2012-05-26 07:01 - 00000000 ____D C:\Users\Trial\AppData\Local\{3958A0C9-8E73-43AD-A0C5-2ECDF618556F}
    2012-05-26 07:00 - 2012-02-23 13:26 - 00000000 ____D C:\Users\Trial\AppData\Roaming\Apple Computer
    2012-05-26 06:59 - 2012-05-26 06:59 - 00000000 ____D C:\Users\Trial\AppData\Local\Apple Computer
    2012-05-25 09:44 - 2012-05-25 09:43 - 00000000 ____D C:\Users\Trial\AppData\Local\{067F3F28-213A-4636-9B19-62C407B6D0AB}
    2012-05-25 09:43 - 2012-05-25 09:43 - 00000000 ____D C:\Users\Trial\AppData\Local\{8C212CA0-4857-4B99-BFB1-4FB4EEC4BF45}
    2012-05-24 09:51 - 2012-05-24 09:51 - 00000000 ____D C:\Users\Trial\AppData\Local\{D395134E-9AA9-4C8F-A1F8-CD07867EB7F5}
    2012-05-24 09:51 - 2012-05-24 09:51 - 00000000 ____D C:\Users\Trial\AppData\Local\{9008271E-15F3-428D-AD46-B224C3598D8D}
    2012-05-23 13:09 - 2012-05-23 13:09 - 00000000 ____D C:\Users\Trial\AppData\Local\{7F71E053-9C60-4868-9474-7818E24539CB}
    2012-05-23 08:28 - 2012-05-23 08:28 - 00000000 ____D C:\Users\Trial\AppData\Local\{A9A485A7-FE4F-42B1-BDB8-FD229D798248}
    2012-05-22 11:27 - 2012-05-22 11:27 - 00000000 ____D C:\Users\Trial\AppData\Local\{A9F35C19-BDA9-4437-8A0B-029FA770DA36}
    2012-05-22 11:27 - 2012-05-22 11:27 - 00000000 ____D C:\Users\Trial\AppData\Local\{27988716-885F-40F2-B394-71F193AB51E2}
    2012-05-22 01:34 - 2010-06-11 02:01 - 00000632 _RASH C:\Users\Bisho\ntuser.pol
    2012-05-21 16:06 - 2012-05-21 16:06 - 00000000 ____D C:\Users\Trial\AppData\Local\{50DD0A74-3A1F-4D15-817C-65149FB8BCDC}
    2012-05-21 16:06 - 2012-05-21 16:06 - 00000000 ____D C:\Users\Trial\AppData\Local\{3EEA2542-359E-44FF-8F7F-58DD79A37132}
    2012-05-21 12:24 - 2011-07-17 02:58 - 00000000 ____D C:\Program Files\ProgDVB
    2012-05-21 10:57 - 2010-06-16 01:58 - 00000632 _RASH C:\Users\Trial\ntuser.pol
    2012-05-21 08:47 - 2010-06-13 16:29 - 00000000 ____D C:\Users\All Users\2DBoy
    2012-05-21 04:06 - 2012-05-21 04:06 - 00000000 ____D C:\Users\Trial\AppData\Local\{6265BB00-5445-4270-BA6B-830295E27949}
    2012-05-21 04:05 - 2012-05-21 04:05 - 00000000 ____D C:\Users\Trial\AppData\Local\{B954B72F-CE94-4FBF-96C5-3B67FF098349}
    2012-05-20 18:09 - 2012-06-17 14:12 - 00181432 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
    2012-05-20 18:09 - 2012-06-17 14:12 - 00080824 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys
    2012-05-20 13:54 - 2012-05-20 13:54 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Sun
    2012-05-20 11:39 - 2012-05-20 11:39 - 00000000 ____D C:\Users\Bisho\AppData\Local\{9F093341-98D0-4230-AB95-C2BC75289C14}
    2012-05-20 11:39 - 2012-05-20 11:39 - 00000000 ____D C:\Users\Bisho\AppData\Local\{09E467C6-351F-4008-8241-9EBBD1379D1F}
    2012-05-20 10:54 - 2012-05-20 10:54 - 00000000 ____D C:\Users\Trial\AppData\Local\{4E0D0F98-7BF5-483D-A094-930D4C2682CA}
    2012-05-20 10:54 - 2012-05-20 10:54 - 00000000 ____D C:\Users\Trial\AppData\Local\{22EEC186-B0AF-4EA3-8E63-8558ABACB737}
    2012-05-20 09:26 - 2012-05-20 09:26 - 00000000 ____D C:\Users\Bisho\AppData\Local\{A3F50570-4FF2-4C81-849A-22403F3CB0A0}
    2012-05-19 12:44 - 2012-05-19 12:44 - 00000000 ____D C:\Users\Bisho\AppData\Local\{5B14566F-C311-4766-83D3-0EE0F8C027BC}
    2012-05-19 12:44 - 2012-05-19 12:44 - 00000000 ____D C:\Users\Bisho\AppData\Local\{362EF2B4-17BA-44D9-9BC4-C6977A09D17A}
    2012-05-19 02:05 - 2012-05-19 02:05 - 00000000 ____D C:\Users\Trial\AppData\Local\{11DB7EFD-B0EB-461B-838D-FCE959E8AFD9}
    2012-05-19 02:05 - 2012-05-19 02:04 - 00000000 ____D C:\Users\Trial\AppData\Local\{864C8293-5D38-4333-B2A8-7C1A082D45EE}
    2012-05-18 14:09 - 2012-02-07 17:57 - 00005023 ____A C:\Users\All Users\mxnhytee.feu
    2012-05-18 11:23 - 2012-05-18 11:23 - 00000000 ____D C:\Users\Bisho\AppData\Local\{E8E4E546-AB42-4D91-85DA-9C1CBD284C79}
    2012-05-18 11:23 - 2012-05-18 11:23 - 00000000 ____D C:\Users\Bisho\AppData\Local\{2ADE39D9-AB8F-4E16-89F0-EB2962885F26}
    2012-05-17 12:55 - 2012-04-09 07:19 - 00000000 ____D C:\Users\Bisho\AppData\Local\Htc
    2012-05-17 04:22 - 2009-11-07 10:32 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
    2012-05-06 16:20 - 2012-05-06 16:20 - 00000218 ____A C:\Users\Bisho\.recently-used.xbel
    2012-05-06 15:53 - 2012-02-07 19:37 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\gtk-2.0
    2012-05-06 15:50 - 2012-05-06 15:50 - 00000000 ____D C:\Users\Bisho\.Virtualbox.sav
    2012-05-06 05:21 - 2012-05-06 05:21 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Need for Speed World
    2012-05-05 08:36 - 2012-05-05 08:36 - 00000000 ____D C:\Users\Bisho\AppData\Local\{69132A0E-4AE2-4B21-8888-5F34E08265C9}
    2012-05-05 08:36 - 2012-05-05 08:36 - 00000000 ____D C:\Users\Bisho\AppData\Local\{2B393701-9B22-448D-8FFF-E1A40A8093EA}
    2012-05-03 16:49 - 2012-05-03 16:49 - 00000000 ____D C:\Users\Default\AppData\LocalGoogle
    2012-05-03 16:49 - 2012-05-03 16:49 - 00000000 ____D C:\Users\Default\AppData\Local\Google
    2012-05-03 16:49 - 2012-05-03 16:49 - 00000000 ____D C:\Users\Default User\AppData\LocalGoogle
    2012-05-03 16:49 - 2012-05-03 16:49 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
    2012-05-03 05:45 - 2011-05-27 14:32 - 00001001 ____A C:\Users\Administrator\AppData\Roaming\Rim.Desktop.Exception.log
    2012-05-03 05:31 - 2012-04-14 10:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\Htc
    2012-05-03 04:18 - 2012-05-03 04:07 - 127469288 ____A (Research In Motion Ltd. ) C:\Users\Administrator\Downloads\8520wifiM_PBr5.0.0_rel1168_PL5.2.0.67_A5.0.0.681_MTC_Touch.exe
    2012-05-03 04:17 - 2012-05-03 04:17 - 00003043 ____A C:\Users\Administrator\Desktop\BBSAK.lnk
    2012-05-03 04:17 - 2012-05-03 04:17 - 00000000 ____D C:\Program Files\BBSAK
    2012-05-03 03:34 - 2012-05-03 03:34 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Acapela Group
    2012-05-03 03:33 - 2012-05-03 03:33 - 00000000 ____D C:\Users\Administrator\AppData\LocalGoogle
    2012-05-03 03:33 - 2010-03-02 07:00 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
    2012-05-01 08:55 - 2012-05-01 08:55 - 00000000 ____D C:\Users\Trial\AppData\Local\{E5BC8329-1C3A-46E7-BE2F-97F0180AEFAE}
    2012-05-01 08:52 - 2012-05-01 08:52 - 00000000 ____D C:\Users\Trial\AppData\Local\{E47AB045-61C6-4B22-BB70-88088AA90B89}
    2012-05-01 08:51 - 2012-04-25 01:52 - 00000000 ____D C:\Users\Trial\AppData\Local\Htc
    2012-04-30 01:57 - 2012-04-30 01:56 - 00000000 ____D C:\Users\Trial\AppData\Local\{77D2391E-9DDD-4D39-8F2F-20A406F0DF2C}
    2012-04-30 01:56 - 2012-04-30 01:56 - 00000000 ____D C:\Users\Trial\AppData\Local\{BAA18330-3547-4C2C-AAAA-B393ED001807}
    2012-04-30 01:39 - 2011-06-04 20:51 - 00000000 ____D C:\Program Files\CyberLink
    2012-04-30 01:39 - 2011-06-04 20:48 - 00000000 ____D C:\Users\All Users\CyberLink
    2012-04-29 13:57 - 2011-06-04 20:49 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\CyberLink
    2012-04-29 13:56 - 2011-06-04 20:48 - 00000000 ____D C:\Users\Bisho\AppData\Local\Cyberlink
    2012-04-29 13:56 - 2010-02-06 17:55 - 00000000 ____D C:\Users\Public\CyberLink
    2012-04-29 13:46 - 2011-10-25 02:08 - 00000000 ____D C:\Users\All Users\install_clap
    2012-04-29 08:19 - 2012-04-29 08:19 - 00000000 ____D C:\Users\Trial\AppData\Local\{A88E26BD-F3C9-44B4-97DF-AC98B670EDD3}
    2012-04-29 05:14 - 2012-04-29 05:14 - 00000000 ____D C:\Users\Trial\AppData\Roaming\Acapela Group
    2012-04-29 01:29 - 2012-04-29 01:29 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Acapela Group
    2012-04-28 06:10 - 2009-12-05 04:39 - 00000000 ____D C:\Program Files\DIFX
    2012-04-27 07:41 - 2012-04-27 07:41 - 00000000 ____D C:\Users\Bisho\AppData\Local\{8689EC5D-BB26-45CC-B4B0-1691159D0DE1}
    2012-04-27 07:41 - 2012-04-27 07:41 - 00000000 ____D C:\Users\Bisho\AppData\Local\{2653F3B9-23CD-43E8-B943-11601E463A8D}
    2012-04-26 09:08 - 2009-11-07 11:24 - 55656824 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2012-04-25 20:45 - 2012-06-22 16:27 - 00129536 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
    2012-04-25 20:45 - 2012-06-22 16:27 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
    2012-04-25 20:41 - 2012-06-22 16:27 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
    2012-04-25 14:03 - 2010-11-02 18:19 - 00000000 ____D C:\Users\Bisho\AppData\Local\SKIDROW
    2012-04-25 14:00 - 2012-04-25 14:00 - 00000000 ____D C:\Program Files\GFI Software
    2012-04-25 13:59 - 2012-04-25 13:59 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\GFI Software
    2012-04-25 01:59 - 2012-04-25 01:59 - 00000000 ____D C:\Users\Trial\AppData\Local\{33486AAC-8192-4CF2-8DAE-402D15C9700D}
    2012-04-25 01:52 - 2012-04-25 01:51 - 00000000 ____D C:\Users\Trial\AppData\Roaming\HTC
    2012-04-25 01:50 - 2012-04-25 01:50 - 00000000 ____D C:\Users\Trial\AppData\LocalGoogle
    2012-04-25 01:50 - 2009-11-08 01:15 - 00000000 ____D C:\Users\Trial\AppData\Local\Google
    2012-04-24 23:19 - 2009-11-12 04:59 - 00000000 ____D C:\Program Files\Common Files\Blizzard Entertainment
    2012-04-24 12:44 - 2012-04-24 12:44 - 00000000 ____D C:\Users\Bisho\AppData\LocalGoogle
    2012-04-24 11:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Microsoft.NET
    2012-04-24 05:56 - 2009-11-08 05:12 - 00094720 ____A C:\Users\Bisho\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2012-04-24 04:34 - 2009-11-12 08:11 - 00000000 ____D C:\Users\All Users\Blizzard Entertainment
    2012-04-24 04:34 - 2009-07-13 18:37 - 00000000 ___RD C:\users\Public
    2012-04-24 04:19 - 2009-11-08 01:26 - 00000000 ____D C:\Users\All Users\Yahoo!
    2012-04-24 04:19 - 2009-11-08 01:26 - 00000000 ____D C:\Program Files\Yahoo!
    2012-04-24 04:18 - 2012-03-24 10:28 - 00000000 ____D C:\Program Files\NSS
    2012-04-24 04:18 - 2012-02-27 10:10 - 00000000 ____D C:\Program Files\EAABot
    2012-04-24 04:17 - 2012-03-26 05:13 - 00000000 ____D C:\Program Files\Trademanager
    2012-04-23 03:26 - 2012-06-06 22:18 - 00096056 ____A (Tonec Inc.) C:\Windows\System32\Drivers\idmwfp.sys
    2012-04-22 11:03 - 2012-04-22 10:23 - 00000000 ____D C:\Users\Bisho\AppData\Local\{E62C3CB2-8A6E-47B8-8924-220E6DD3B1E8}
    2012-04-22 03:32 - 2012-04-22 03:32 - 00003770 ____A C:\Windows\System32\ipconfig_results.txt
    2012-04-21 23:54 - 2012-04-21 23:54 - 00000000 ____D C:\Users\All Users\Mozilla
    2012-04-21 14:51 - 2012-01-31 07:50 - 00000000 ____D C:\Program Files\Fiddler2
    2012-04-21 05:47 - 2012-04-21 05:47 - 00000000 ____D C:\Users\Bisho\AppData\Local\visi_coupon
    2012-04-21 03:45 - 2012-04-21 03:45 - 00000000 ____D C:\Users\Bisho\AppData\Local\{7F55E8A3-E09F-4B48-BF31-177124A1BBCE}
    2012-04-21 03:45 - 2012-04-21 03:44 - 00000000 ____D C:\Users\Bisho\AppData\Local\{7D6B848B-3C58-415E-A2F9-9BC36FBBE2F0}
    2012-04-20 15:53 - 2012-04-09 09:57 - 00000000 ____D C:\Android
    2012-04-20 10:27 - 2012-04-20 10:27 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Mael
    2012-04-20 10:21 - 2012-04-20 10:21 - 00000000 ____D C:\Program Files\HxD
    2012-04-19 20:54 - 2012-04-19 20:35 - 00189248 ____A C:\Windows\System32\PnkBstrB.exe
    2012-04-19 20:54 - 2012-04-19 20:35 - 00138056 ____A C:\Windows\System32\Drivers\PnkBstrK.sys
    2012-04-19 20:54 - 2009-11-14 07:25 - 00138056 ____A C:\Users\Bisho\AppData\Roaming\PnkBstrK.sys
    2012-04-19 20:54 - 2009-11-14 07:25 - 00075136 ____A C:\Windows\System32\PnkBstrA.exe
    2012-04-19 20:33 - 2012-04-19 20:54 - 02484592 ____A C:\Windows\System32\pbsvc_p4f.exe
    2012-04-19 19:29 - 2011-07-19 01:42 - 00000000 ____D C:\Users\Bisho\AppData\Local\Samsung
    2012-04-19 19:25 - 2011-07-18 15:21 - 00000000 ____D C:\Users\All Users\Samsung
    2012-04-19 19:23 - 2011-07-18 15:21 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\Samsung
    2012-04-19 19:21 - 2010-04-06 06:44 - 00000000 ____D C:\Users\Bisho\AppData\Local\Downloaded Installations
    2012-04-17 16:29 - 2009-11-07 09:45 - 00000000 ___RD C:\Program Files\Skype
    2012-04-17 16:29 - 2009-11-07 09:45 - 00000000 ____D C:\Users\All Users\Skype
    2012-04-17 08:49 - 2012-04-17 08:49 - 00000000 ____D C:\Users\Bisho\AppData\Local\{C2EB642D-6EB0-4EB1-99E4-B6BA58A1F3E3}
    2012-04-17 08:49 - 2012-04-17 08:48 - 00000000 ____D C:\Users\Bisho\AppData\Local\{FF69C875-D38B-4196-9FCB-34E55E12C173}
    2012-04-16 14:36 - 2009-11-17 22:58 - 00000129 ____A C:\Users\Bisho\jagex_runescape_preferences2.dat
    2012-04-16 14:18 - 2012-04-16 14:18 - 00000040 ____A C:\Users\Bisho\jagex_cl_runescape_LIVE.dat
    2012-04-16 14:18 - 2009-11-17 22:53 - 00000042 ____A C:\Users\Bisho\jagex_runescape_preferences.dat
    2012-04-15 17:40 - 2012-04-15 17:40 - 00000211 ____A C:\Users\Bisho\.swfinfo
    2012-04-15 14:53 - 2012-04-15 14:53 - 00000000 ____D C:\Program Files\EA Games
    2012-04-15 14:27 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Help
    2012-04-14 14:47 - 2012-04-14 14:37 - 00001695 ____A C:\Users\All Users\SystemInformation.txt
    2012-04-14 14:32 - 2010-04-04 16:53 - 00000000 ____D C:\Program Files\Nokia
    2012-04-14 14:30 - 2011-03-03 00:06 - 00000000 ____D C:\Program Files\Common Files\Nokia
    2012-04-14 10:25 - 2012-04-14 10:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\NokiaAccount
    2012-04-14 10:25 - 2012-04-14 10:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\Nokia
    2012-04-14 10:25 - 2012-04-14 10:24 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\HTC
    2012-04-14 10:25 - 2012-03-27 03:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Nokia
    2012-04-14 10:00 - 2009-12-05 04:39 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\PC Suite
    2012-04-11 10:38 - 2012-04-11 10:38 - 00000000 ____D C:\Users\Bisho\AppData\Local\{2023B410-C7E2-461C-A31E-1F3DA77CCDD7}
    2012-04-11 10:38 - 2012-04-11 10:38 - 00000000 ____D C:\Users\Bisho\AppData\Local\{001949DC-EE82-458D-B99B-A5686D5F8017}
    2012-04-10 22:38 - 2012-04-10 22:38 - 00000000 ____D C:\Users\Bisho\AppData\Local\{E0A68289-5991-47A1-83D4-8E981F8C061E}
    2012-04-10 22:38 - 2012-04-10 22:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{2C4D4D8B-627E-42CC-9456-A602D8F64ABD}
    2012-04-09 15:29 - 2012-04-09 06:11 - 00000000 ____D C:\Program Files\Unlockroot
    2012-04-09 12:46 - 2012-04-09 12:46 - 00000000 ____D C:\Users\Bisho\AppData\Local\{E87C0939-1581-43A3-B7B9-452EAC5F81C7}
    2012-04-09 12:46 - 2012-04-09 12:45 - 00000000 ____D C:\Users\Bisho\AppData\Local\{01CF0483-77D7-4803-BBD4-469D358800C9}
    2012-04-09 07:21 - 2012-04-09 07:21 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
    2012-04-09 07:19 - 2012-04-09 07:18 - 00000000 ____D C:\Users\Bisho\AppData\Roaming\HTC
    2012-04-09 07:18 - 2012-04-09 07:05 - 00000000 ____D C:\Program Files\HTC
    2012-04-09 06:20 - 2012-04-09 06:20 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
    2012-04-08 04:28 - 2010-12-07 23:12 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
    2012-04-08 04:28 - 2009-11-11 15:31 - 00000000 ____D C:\Program Files\MSXML 4.0
    2012-04-07 18:41 - 2012-04-07 18:41 - 00001908 ____A C:\Windows\diagwrn.xml
    2012-04-07 18:41 - 2012-04-07 18:41 - 00001908 ____A C:\Windows\diagerr.xml
    2012-04-07 12:37 - 2012-04-07 12:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{E62E57E7-15CF-4B48-B0C3-23EF822843C9}
    2012-04-07 12:37 - 2012-04-07 12:37 - 00000000 ____D C:\Users\Bisho\AppData\Local\{4FAFF0E1-AE21-4965-8DE6-D289DF0CE22E}
    2012-04-06 10:15 - 2012-04-06 10:15 - 00033512 ____A (AnchorFree Inc) C:\Windows\System32\Drivers\taphss.sys
    2012-04-04 06:52 - 2012-04-04 06:52 - 00171064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\MpFilter.sys
    2012-04-04 06:52 - 2012-04-04 06:52 - 00074112 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\NisDrvWFP.sys
    2012-04-04 05:57 - 2012-04-04 05:57 - 00000000 ____D C:\Users\Bisho\AppData\Local\{83BD00DE-C475-42B6-83EB-59D4CD8094E9}
    2012-04-04 05:57 - 2012-04-04 05:57 - 00000000 ____D C:\Users\Bisho\AppData\Local\{12F03746-6B84-4FD5-AF67-3EE0FCFD74B6}
    2012-04-04 04:56 - 2012-06-26 17:51 - 00022344 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
    2012-04-04 04:54 - 2009-11-07 09:15 - 00000000 ____D C:\Program Files\Windows Live
    2012-04-04 04:36 - 2012-04-04 04:36 - 00000000 ____D C:\Users\Bisho\AppData\Local\{F478B097-5DCF-4CDB-9FDD-E1D3B6A4EC54}
    2012-04-03 06:44 - 2012-04-03 06:43 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Winamp
    2012-04-03 06:32 - 2012-04-03 06:32 - 00000000 ____D C:\Users\Bisho\AppData\Local\{5CE3BD50-9967-4AEC-9D7D-1DC9CF4019E3}
    2012-04-02 14:50 - 2012-04-02 14:48 - 00000000 ____D C:\Users\Bisho\AppData\Local\{E8D198EA-E128-4DCF-86DD-30F8742B6C71}
    2012-04-02 02:50 - 2012-04-02 02:50 - 00000000 ____D C:\Users\Bisho\AppData\Local\{19FEEFA3-502A-4BFD-8663-1F293BB761E8}
    2012-04-02 02:50 - 2012-04-02 02:50 - 00000000 ____D C:\Users\Bisho\AppData\Local\{09E4E821-05CD-4DC2-A9AD-2DD88F7A8C84}
    2012-04-01 16:12 - 2012-04-01 16:12 - 00000000 ____D C:\Users\Bisho\AppData\Local\{9DDD7DB5-7231-483B-A733-5195138ADE67}
    2012-04-01 16:12 - 2012-04-01 16:12 - 00000000 ____D C:\Users\Bisho\AppData\Local\{3F0588DB-2DF5-42DB-8EA0-591E57AFA3CC}
    2012-03-30 13:47 - 2012-03-30 13:47 - 00000000 __SHD C:\Users\Bisho\Phone Browser
    2012-03-30 12:59 - 2012-03-30 12:59 - 00000000 ____D C:\Users\Bisho\AppData\Local\{6EB851B8-F6F8-4496-947B-1A21CE212251}
    2012-03-30 06:20 - 2010-04-21 04:00 - 00000000 ____D C:\Users\Bisho\AppData\Local\NokiaAccount
    2012-03-30 05:07 - 2010-04-08 01:57 - 00000000 ____D C:\Users\All Users\Nokia
    2012-03-30 04:32 - 2012-03-30 04:32 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf
    ========================= Known DLLs (Whitelisted) ============
    ========================= Bamital & volsnap Check ============
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
    ==================== EXE ASSOCIATION =====================
    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK
    ========================= Memory info ======================
    Percentage of memory in use: 13%
    Total physical RAM: 4085.95 MB
    Available physical RAM: 3530.83 MB
    Total Pagefile: 4084.23 MB
    Available Pagefile: 3529.43 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1969.62 MB
    ======================= Partitions =========================
    1 Drive c: () (Fixed) (Total:97.8 GB) (Free:24.59 GB) NTFS
    2 Drive e: () (Fixed) (Total:200.19 GB) (Free:10.91 GB) NTFS
    4 Drive g: (FLASH DRIVE) (Removable) (Total:3.73 GB) (Free:2.29 GB) FAT32
    5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
    6 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 298 GB 0 B
    Disk 1 Online 3830 MB 0 B
    Partitions of Disk 0:
    ===============
    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 100 MB 1024 KB
    Partition 2 Primary 97 GB 101 MB
    Partition 3 Primary 200 GB 97 GB
    ======================================================================================================
    Disk: 0
    Partition 1
    Type : 07
    Hidden: No
    Active: Yes
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 1 Y System Rese NTFS Partition 100 MB Healthy
    ======================================================================================================
    Disk: 0
    Partition 2
    Type : 07
    Hidden: No
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 C NTFS Partition 97 GB Healthy
    ======================================================================================================
    Disk: 0
    Partition 3
    Type : 07
    Hidden: No
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 E NTFS Partition 200 GB Healthy
    ======================================================================================================
    Partitions of Disk 1:
    ===============
    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 3829 MB 32 KB
    ======================================================================================================
    Disk: 1
    Partition 1
    Type : 0B
    Hidden: No
    Active: Yes
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 4 G FLASH DRIVE FAT32 Removable 3829 MB Healthy
    ======================================================================================================
    ==========================================================
    Last Boot: 2012-06-21 02:17
    ======================= End Of Log ==========================
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.