Solved Qvo6 problem however,

Broni · Apr 18, 2013

Let's try something else...

For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

If you are using Vista or Windows 7 enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
Use the arrow keys to select the Repair your computer menu item.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

Insert the installation disc.
Restart your computer.
If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
Click Repair your computer.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

- Startup Repair
  System Restore
  Windows Complete PC Restore
  Windows Memory Diagnostic Tool
  Command Prompt
Select Command Prompt
In the command window type in notepad and press Enter.
The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

neowing · Apr 18, 2013

1st: -----------------------

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-04-2013
Ran by SYSTEM at 19-04-2013 09:39:10
Running from G:\
Windows 7 Ultimate Service Pack 1 (X64) OS Language: 0412
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [IME14 KOR Setup] C:\PROGRA~1\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /KOR /Log [109424 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1451728 2013-01-24] (COMODO)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [499608 2011-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Korean IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE [26400 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IME14 KOR Setup] C:\PROGRA~2\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /KOR /Log [80240 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [HncUpdate] C:\Program Files (x86)\Hnc\HncUtils\HncChecker.exe [715624 2012-10-17] (Hancom Inc(HNC).)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [295512 2013-04-06] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4767304 2013-03-07] (AVAST Software)
HKLM-x32\...\Run: [gbrspcontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave [1851088 2013-04-17] (Comodo Security Solutions, Inc.)
HKU\FamilyCom\...\Run: [uTorrent] "C:\Users\FamilyCom\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED [802136 2013-04-17] (BitTorrent Inc.)
HKU\FamilyCom\...\Run: [VirtualDVD] "C:\Program Files (x86)\VirtualDVD\VirtualDVD.exe" /Startup [3253760 2013-02-18] (oh!soft)
Tcpip\Parameters: [DhcpNameServer] 168.126.63.1 168.126.63.2
Startup: C:\ProgramData\Start Menu\Programs\Startup\Start GeekBuddy.lnk
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions Inc.)

==================== Services (Whitelisted) ===================

2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [45248 2013-03-07] (AVAST Software)
2 CLPSLauncher; "C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe" [70344 2013-04-17] (Comodo Security Solutions Inc.)
2 cmdAgent; "C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" [3724472 2013-01-24] (COMODO)
3 cmdvirth; "C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe" [158928 2013-01-24] (COMODO)
2 GeekBuddyRSP; "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -service [1851088 2013-04-17] (Comodo Security Solutions, Inc.)
2 ImeDictUpdateService; "C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE" [83312 2010-01-21] (Microsoft Corporation)
2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-17] (Intel Corporation)
3 NMIndexingService; "C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe" [271920 2007-05-16] (Nero AG)
2 nvsvc; "C:\Windows\system32\nvvsvc.exe" [877856 2013-03-15] (NVIDIA Corporation)
2 nvUpdatusService; "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" [1266464 2013-03-15] (NVIDIA Corporation)
2 RealNetworks Downloader Resolver Service; "C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe" [39056 2013-03-06] ()
2 Stereo Service; "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" [383264 2013-03-14] (NVIDIA Corporation)

==================== Drivers (Whitelisted) =====================

1 AMonTDLH; C:\Windows\System32\Drivers\AMonTDLH.sys [118072 2012-09-14] (AhnLab, Inc.)
3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-07-03] (Google Inc)
3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
3 AndNetDiag2; C:\Windows\System32\DRIVERS\lgandnetdiag264.sys [29184 2012-07-03] (LG Electronics Inc.)
3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-03-07] (AVAST Software)
1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-03-07] (AVAST Software)
2 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [80816 2013-03-07] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [70992 2013-03-07] (AVAST Software)
0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-03-07] ()
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-03-07] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [377920 2013-03-07] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [68920 2013-03-07] (AVAST Software)
3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178624 2013-03-07] ()
3 CdmDrvNt; C:\Windows\System32\Drivers\CdmDrvNt.sys [25656 2009-07-21] (AhnLab, Inc.)
1 CFRMD; C:\Windows\SysWow64\Drivers\CFRMD.sys [37976 2012-09-03] (Windows (R) Win 7 DDK provider)
1 cmderd; C:\Windows\System32\Drivers\cmderd.sys [23176 2013-01-16] (COMODO)
1 cmdGuard; C:\Windows\System32\Drivers\cmdGuard.sys [699880 2013-01-16] (COMODO)
1 cmdHlp; C:\Windows\System32\Drivers\cmdHlp.sys [48360 2013-01-16] (COMODO)
3 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [283200 2013-04-06] (DT Soft Ltd)
3 ikbevent; C:\Windows\System32\Drivers\ikbevent.sys [25536 2012-02-09] ()
3 imsevent; C:\Windows\System32\Drivers\imsevent.sys [25536 2012-02-09] ()
1 inspect; C:\Windows\System32\Drivers\inspect.sys [95752 2013-01-16] (COMODO)
3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
3 JRSUKD25; \??\C:\Windows\system32\JRSUKD25.SYS [19888 2013-04-07] (lumensoft Corporation)
3 kcrtx64; \??\C:\Windows\system32\kcrtx64.sys [141848 2013-04-07] (Kings Information & Network)
3 MfFWEnt; \??\C:\Program Files\AhnLab\ASP\MyFirewall 4.0\MfFWEnt.sys [126072 2010-06-28] (AhnLab, Inc.)
3 MfIPSEnt; \??\C:\Program Files\AhnLab\ASP\MyFirewall 4.0\MfIPSEnt.sys [155256 2010-06-28] (AhnLab, Inc.)
0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-04-06] (Duplex Secure Ltd.)
3 VirtualDVD; C:\Windows\System32\Drivers\VirtualDVD.sys [184320 2013-01-03] (ohsoft)
3 WPRO_41_2001; C:\Windows\System32\Drivers\WPRO_41_2001.sys [34752 2013-04-19] ()
2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [32240 2008-02-01] (Cyberlink Corp.)
3 AhnFlt2k; \??\C:\Windows\system32\Drivers\AhnFlt2k.sys [x]
3 AhnRec2k; \??\C:\Windows\system32\Drivers\AhnRec2k.sys [x]
3 catchme; \??\C:\ComboFix\catchme.sys [x]
3 JRSKD24; \??\C:\Windows\system32\JRSKD24.SYS [x]
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ====================

==================== One Month Created Files and Folders ========

2013-04-19 09:38 - 2013-04-19 09:38 - 00000000 ____D C:\FRST
2013-04-19 09:32 - 2013-04-19 09:32 - 00094656 ____A (CACE Technologies) C:\Windows\System32\WPRO_41_2001woem.tmp
2013-04-19 09:23 - 2013-04-19 09:23 - 00015877 ____A C:\Users\FamilyCom\Downloads\한글_2010.torrent
2013-04-19 09:01 - 2013-04-19 09:01 - 00016376 ____A C:\Users\FamilyCom\Downloads\한글과컴퓨터 오피스 2010_시리얼.torrent
2013-04-19 09:01 - 2013-04-19 09:01 - 00012716 ____A C:\Users\FamilyCom\Downloads\MS오피스2010sp1통합본.torrent
2013-04-19 08:58 - 2013-04-19 08:58 - 00046951 ____A C:\Users\FamilyCom\Downloads\[gg]_Valvrave_the_Liberator_-_02_[3514DF30].mkv.torrent
2013-04-19 08:58 - 2013-04-19 08:58 - 00026330 ____A C:\Users\FamilyCom\Downloads\[HorribleSubs] Majestic Prince - 03 [720p].mkv.torrent
2013-04-19 08:58 - 2013-04-19 08:58 - 00024692 ____A C:\Users\FamilyCom\Downloads\[HorribleSubs] Saint Seiya Omega - 53 [720p].mkv.torrent
2013-04-19 08:57 - 2013-04-19 08:57 - 00011317 ____A C:\Users\FamilyCom\Downloads\(C83) [アレマテオレマ (小林由高)] GARIGARI47 (東方Project).zip.torrent
2013-04-19 08:27 - 2013-04-19 08:37 - 00000000 ____D C:\ComboFix
2013-04-18 10:32 - 2013-04-18 10:32 - 00038732 ____A C:\Users\FamilyCom\Desktop\comboRRR.txt
2013-04-18 09:42 - 2013-04-19 08:09 - 05056640 ____R (Swearware) C:\Users\FamilyCom\Desktop\ComboFix.exe
2013-04-18 09:34 - 2013-04-18 09:34 - 00002047 ____A C:\Users\Public\Desktop\AntiError.lnk
2013-04-18 09:34 - 2013-04-18 09:34 - 00002043 ____A C:\Users\Public\Desktop\GeekBuddy.lnk
2013-04-18 09:20 - 2013-04-18 09:46 - 00002079 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-04-18 09:17 - 2013-03-07 08:33 - 00022600 ____A (AVAST Software) C:\Windows\System32\Drivers\aswKbd.sys
2013-04-18 09:14 - 2013-04-18 09:14 - 00000000 ____D C:\Users\FamilyCom\AppData\LocalGoogle
2013-04-18 09:11 - 2013-03-07 08:33 - 01025808 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-04-18 09:11 - 2013-03-07 08:33 - 00377920 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-04-18 09:11 - 2013-03-07 08:33 - 00080816 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-04-18 09:11 - 2013-03-07 08:33 - 00070992 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2013-04-18 09:11 - 2013-03-07 08:33 - 00068920 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-04-18 09:11 - 2013-03-07 08:33 - 00033400 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-04-18 09:11 - 2013-03-07 08:32 - 00041664 ____A (AVAST Software) C:\Windows\avastSS.scr
2013-04-18 08:37 - 2013-04-18 08:37 - 01752992 ____A (Bleeping Computer, LLC) C:\Users\FamilyCom\Desktop\rkill.exe
2013-04-18 08:24 - 2011-06-26 15:45 - 00256000 ____A C:\Windows\PEV.exe
2013-04-18 08:24 - 2010-11-08 02:20 - 00208896 ____A C:\Windows\MBR.exe
2013-04-18 08:24 - 2009-04-20 13:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-04-18 08:24 - 2000-08-31 09:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-04-18 08:24 - 2000-08-31 09:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-04-18 08:24 - 2000-08-31 09:00 - 00098816 ____A C:\Windows\sed.exe
2013-04-18 08:24 - 2000-08-31 09:00 - 00080412 ____A C:\Windows\grep.exe
2013-04-18 08:24 - 2000-08-31 09:00 - 00068096 ____A C:\Windows\zip.exe
2013-04-17 14:09 - 2013-04-18 10:21 - 00008024 ____A C:\Users\FamilyCom\Desktop\Rkill.txt
2013-04-17 13:48 - 2013-04-19 08:36 - 00000000 ____D C:\Windows\erdnt
2013-04-17 13:48 - 2013-04-19 08:28 - 00000000 ____D C:\Qoobox
2013-04-17 11:15 - 2013-04-17 11:18 - 00000000 ____D C:\Users\FamilyCom\Desktop\RK_Quarantine
2013-04-17 11:13 - 2013-04-17 11:13 - 00816128 ____A C:\Users\FamilyCom\Desktop\RogueKiller.exe
2013-04-17 08:07 - 2013-04-17 08:07 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-04-17 08:07 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-04-17 08:05 - 2013-04-17 08:05 - 00003558 ____A C:\Windows\SysWOW64\jupdate-1.7.0_21-b11.log
2013-04-17 08:05 - 2013-04-04 05:35 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-04-17 08:05 - 2013-04-04 05:30 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-04-17 08:05 - 2013-04-04 05:29 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-04-17 07:57 - 2013-04-19 09:32 - 00016518 ____A C:\Windows\PFRO.log
2013-04-17 07:57 - 2013-04-19 09:32 - 00002513 ____A C:\Windows\setupact.log
2013-04-17 07:57 - 2013-04-17 07:57 - 00000000 ____A C:\Windows\setuperr.log
2013-04-16 21:51 - 2013-04-16 21:51 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-04-16 21:19 - 2012-10-27 23:26 - 00008192 ____A C:\Windows\SysWOW64\pythoncomloader27.dll
2013-04-16 21:19 - 2012-10-27 23:22 - 00364544 ____A () C:\Windows\SysWOW64\pythoncom27.dll
2013-04-16 21:19 - 2012-10-27 23:20 - 00110080 ____A () C:\Windows\SysWOW64\pywintypes27.dll
2013-04-16 20:57 - 2013-04-18 09:21 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-04-16 20:57 - 2013-03-07 08:33 - 00178624 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-04-16 20:57 - 2013-03-07 08:33 - 00065336 ____A C:\Windows\System32\Drivers\aswRvrt.sys
2013-04-16 20:57 - 2013-03-07 08:32 - 00287840 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-04-16 20:55 - 2013-04-18 09:11 - 00000000 ____D C:\Program Files\AVAST Software
2013-04-16 20:53 - 2013-04-18 09:11 - 00000000 ____D C:\ProgramData\AVAST Software
2013-04-16 20:09 - 2013-02-22 15:57 - 17817088 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-04-16 20:09 - 2013-02-22 15:29 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-04-16 20:09 - 2013-02-22 15:27 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-04-16 20:09 - 2013-02-22 15:21 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-04-16 20:09 - 2013-02-22 15:20 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-04-16 20:09 - 2013-02-22 15:19 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-04-16 20:09 - 2013-02-22 15:18 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-04-16 20:09 - 2013-02-22 15:17 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-04-16 20:09 - 2013-02-22 15:15 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-04-16 20:09 - 2013-02-22 15:15 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-04-16 20:09 - 2013-02-22 15:15 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-04-16 20:09 - 2013-02-22 15:14 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-04-16 20:09 - 2013-02-22 15:13 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-04-16 20:09 - 2013-02-22 15:13 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-04-16 20:09 - 2013-02-22 15:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-04-16 20:09 - 2013-02-22 15:09 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-04-16 20:09 - 2013-02-22 13:05 - 12324352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-04-16 20:09 - 2013-02-22 12:47 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-04-16 20:09 - 2013-02-22 12:46 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-04-16 20:09 - 2013-02-22 12:38 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-04-16 20:09 - 2013-02-22 12:38 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-04-16 20:09 - 2013-02-22 12:37 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-04-16 20:09 - 2013-02-22 12:36 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-04-16 20:09 - 2013-02-22 12:35 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-04-16 20:09 - 2013-02-22 12:34 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-04-16 20:09 - 2013-02-22 12:34 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-04-16 20:09 - 2013-02-22 12:34 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-04-16 20:09 - 2013-02-22 12:33 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-04-16 20:09 - 2013-02-22 12:32 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-04-16 20:09 - 2013-02-22 12:31 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-04-16 20:09 - 2013-02-22 12:31 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-04-16 20:09 - 2013-02-22 12:28 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-04-16 20:09 - 2013-02-12 13:12 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-04-16 20:06 - 2013-02-15 15:08 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-04-16 20:06 - 2013-02-15 15:06 - 03717632 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-04-16 20:06 - 2013-02-15 15:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-04-16 20:06 - 2013-02-15 13:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-04-16 20:06 - 2013-02-15 13:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-04-16 20:06 - 2013-02-15 12:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-04-16 19:58 - 2013-03-01 12:36 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-04-16 19:56 - 2013-03-19 15:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-04-16 19:56 - 2013-03-19 14:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-04-16 19:56 - 2013-03-19 14:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-04-16 19:56 - 2013-03-19 14:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-04-16 19:56 - 2013-03-19 13:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-04-16 19:56 - 2013-03-19 12:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-04-16 19:32 - 2013-04-16 19:32 - 00001151 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-04-16 19:32 - 2013-04-16 19:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-16 18:45 - 2013-04-16 18:45 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\Mozilla
2013-04-16 18:24 - 2013-04-16 21:51 - 00000000 ____D C:\Program Files\CCleaner
2013-04-16 17:47 - 2013-04-17 08:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-16 17:47 - 2013-04-16 17:47 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\Malwarebytes
2013-04-16 17:47 - 2013-04-16 17:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-04-16 17:27 - 2013-04-16 17:30 - 00000000 ____D C:\ProgramData\eSafe
2013-04-16 17:15 - 2013-04-16 17:15 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Mozilla
2013-04-16 17:15 - 2013-04-16 17:15 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Macromedia
2013-04-16 17:14 - 2013-04-16 19:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-04-16 17:14 - 2013-04-16 17:14 - 00000000 ____D C:\ProgramData\Mozilla
2013-04-15 17:05 - 2013-04-16 21:26 - 00000000 ____D C:\Users\FamilyCom\Desktop\Pose
2013-04-14 20:18 - 2013-04-14 20:18 - 00000000 ____D C:\Program Files (x86)\Skyrim Mods
2013-04-13 11:52 - 2013-04-13 11:52 - 00000000 ____D C:\Program Files (x86)\Banktown
2013-04-13 10:49 - 2013-04-13 11:52 - 00000000 ____D C:\Program Files (x86)\INICIS61
2013-04-12 21:55 - 2013-04-16 21:33 - 00000000 ____D C:\BOSS
2013-04-12 18:17 - 2013-04-16 21:19 - 00000000 ____D C:\Python27
2013-04-12 18:03 - 2013-04-12 18:04 - 00000000 ____D C:\Games

neowing · Apr 18, 2013

2nd:--------------------------

0000890 ____A C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2013-04-12 18:02 - 2013-04-16 19:30 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2013-04-12 17:55 - 2013-04-12 19:57 - 00000000 ____D C:\Users\FamilyCom\Documents\Nexus Mod Manager
2013-04-12 17:55 - 2013-04-12 18:03 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Black_Tree_Gaming
2013-04-12 17:52 - 2013-04-16 21:34 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Skyrim
2013-04-12 17:52 - 2013-04-12 17:52 - 00000000 ____D C:\Users\FamilyCom\Documents\My Games
2013-04-12 17:37 - 2010-02-04 10:01 - 00530776 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_6.dll
2013-04-12 17:37 - 2010-02-04 10:01 - 00528216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2013-04-12 17:37 - 2010-02-04 10:01 - 00238936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2013-04-12 17:37 - 2010-02-04 10:01 - 00176984 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_6.dll
2013-04-12 17:37 - 2010-02-04 10:01 - 00078680 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_4.dll
2013-04-12 17:37 - 2010-02-04 10:01 - 00074072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2013-04-12 17:37 - 2010-02-04 10:01 - 00024920 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_7.dll
2013-04-12 17:37 - 2010-02-04 10:01 - 00022360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2013-04-12 17:37 - 2009-09-04 17:44 - 00517960 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_5.dll
2013-04-12 17:37 - 2009-09-04 17:44 - 00515416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2013-04-12 17:37 - 2009-09-04 17:44 - 00238936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2013-04-12 17:37 - 2009-09-04 17:44 - 00176968 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_5.dll
2013-04-12 17:37 - 2009-09-04 17:44 - 00073544 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_3.dll
2013-04-12 17:37 - 2009-09-04 17:44 - 00069464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2013-04-12 17:37 - 2009-09-04 17:29 - 05554512 ____A (Microsoft Corporation) C:\Windows\System32\d3dcsx_42.dll
2013-04-12 17:37 - 2009-09-04 17:29 - 05501792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2013-04-12 17:37 - 2009-09-04 17:29 - 02582888 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_42.dll
2013-04-12 17:37 - 2009-09-04 17:29 - 02475352 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_42.dll
2013-04-12 17:37 - 2009-09-04 17:29 - 01974616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-04-12 17:37 - 2009-09-04 17:29 - 01892184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-04-12 17:37 - 2009-09-04 17:29 - 00523088 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_42.dll
2013-04-12 17:37 - 2009-09-04 17:29 - 00453456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2013-04-12 17:37 - 2009-09-04 17:29 - 00285024 ____A (Microsoft Corporation) C:\Windows\System32\d3dx11_42.dll
2013-04-12 17:37 - 2009-09-04 17:29 - 00235344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2013-04-12 17:37 - 2009-03-16 14:18 - 00521560 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_4.dll
2013-04-12 17:37 - 2009-03-16 14:18 - 00517448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2013-04-12 17:37 - 2009-03-16 14:18 - 00235352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2013-04-12 17:37 - 2009-03-16 14:18 - 00174936 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_4.dll
2013-04-12 17:37 - 2009-03-16 14:18 - 00024920 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_6.dll
2013-04-12 17:37 - 2009-03-16 14:18 - 00022360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2013-04-12 17:37 - 2009-03-09 15:27 - 05425496 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll
2013-04-12 17:37 - 2009-03-09 15:27 - 04178264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2013-04-12 17:37 - 2009-03-09 15:27 - 02430312 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_41.dll
2013-04-12 17:37 - 2009-03-09 15:27 - 01846632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2013-04-12 17:37 - 2009-03-09 15:27 - 00520544 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_41.dll
2013-04-12 17:37 - 2009-03-09 15:27 - 00453456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2013-04-12 17:37 - 2008-10-27 10:04 - 00518480 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_3.dll
2013-04-12 17:37 - 2008-10-27 10:04 - 00514384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2013-04-12 17:37 - 2008-10-27 10:04 - 00235856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2013-04-12 17:37 - 2008-10-27 10:04 - 00175440 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_3.dll
2013-04-12 17:37 - 2008-10-27 10:04 - 00074576 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_2.dll
2013-04-12 17:37 - 2008-10-27 10:04 - 00070992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-04-12 17:37 - 2008-10-27 10:04 - 00025936 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_5.dll
2013-04-12 17:37 - 2008-10-27 10:04 - 00023376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-04-12 17:37 - 2008-10-15 06:22 - 05631312 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_40.dll
2013-04-12 17:37 - 2008-10-15 06:22 - 04379984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2013-04-12 17:37 - 2008-10-15 06:22 - 02605920 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_40.dll
2013-04-12 17:37 - 2008-10-15 06:22 - 02036576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-04-12 17:37 - 2008-10-15 06:22 - 00519000 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll
2013-04-12 17:37 - 2008-10-15 06:22 - 00452440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2013-04-12 17:36 - 2008-07-31 10:41 - 00238088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2013-04-12 17:36 - 2008-07-31 10:41 - 00177672 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_2.dll
2013-04-12 17:36 - 2008-07-31 10:41 - 00072200 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_1.dll
2013-04-12 17:36 - 2008-07-31 10:41 - 00068616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-04-12 17:36 - 2008-07-31 10:40 - 00513544 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_2.dll
2013-04-12 17:36 - 2008-07-31 10:40 - 00509448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2013-04-12 17:36 - 2008-07-10 11:01 - 00467984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-04-12 17:36 - 2008-07-10 11:00 - 04992520 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_39.dll
2013-04-12 17:36 - 2008-07-10 11:00 - 03851784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-04-12 17:36 - 2008-07-10 11:00 - 01942552 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_39.dll
2013-04-12 17:36 - 2008-07-10 11:00 - 01493528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-04-12 17:36 - 2008-07-10 11:00 - 00540688 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_39.dll
2013-04-12 17:36 - 2008-05-30 14:19 - 00511496 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_1.dll
2013-04-12 17:36 - 2008-05-30 14:19 - 00507400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2013-04-12 17:36 - 2008-05-30 14:18 - 00238088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2013-04-12 17:36 - 2008-05-30 14:18 - 00177672 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_1.dll
2013-04-12 17:36 - 2008-05-30 14:17 - 00068104 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_0.dll
2013-04-12 17:36 - 2008-05-30 14:17 - 00065032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2013-04-12 17:36 - 2008-05-30 14:17 - 00025608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2013-04-12 17:36 - 2008-05-30 14:16 - 00028168 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_4.dll
2013-04-12 17:36 - 2008-05-30 14:11 - 04991496 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_38.dll
2013-04-12 17:36 - 2008-05-30 14:11 - 03850760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2013-04-12 17:36 - 2008-05-30 14:11 - 01941528 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_38.dll
2013-04-12 17:36 - 2008-05-30 14:11 - 01491992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2013-04-12 17:36 - 2008-05-30 14:11 - 00540688 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_38.dll
2013-04-12 17:36 - 2008-05-30 14:11 - 00467984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2013-04-12 17:36 - 2008-03-05 16:04 - 00489480 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_0.dll
2013-04-12 17:36 - 2008-03-05 16:03 - 00479752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2013-04-12 17:36 - 2008-03-05 16:03 - 00238088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2013-04-12 17:36 - 2008-03-05 16:03 - 00177672 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_0.dll
2013-04-12 17:36 - 2008-03-05 16:00 - 00028168 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_3.dll
2013-04-12 17:36 - 2008-03-05 16:00 - 00025608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2013-04-12 17:36 - 2008-03-05 15:56 - 04910088 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_37.dll
2013-04-12 17:36 - 2008-03-05 15:56 - 03786760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2013-04-12 17:36 - 2008-03-05 15:56 - 01860120 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_37.dll
2013-04-12 17:36 - 2008-03-05 15:56 - 01420824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2013-04-12 17:36 - 2008-02-05 23:07 - 00529424 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_37.dll
2013-04-12 17:36 - 2008-02-05 23:07 - 00462864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2013-04-12 17:36 - 2007-10-22 03:40 - 00411656 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_10.dll
2013-04-12 17:36 - 2007-10-22 03:39 - 00267272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2013-04-12 17:36 - 2007-10-22 03:37 - 00021000 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_2.dll
2013-04-12 17:36 - 2007-10-22 03:37 - 00017928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2013-04-12 17:36 - 2007-10-12 15:14 - 05081608 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_36.dll
2013-04-12 17:36 - 2007-10-12 15:14 - 03734536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2013-04-12 17:36 - 2007-10-12 15:14 - 02006552 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_36.dll
2013-04-12 17:36 - 2007-10-12 15:14 - 01374232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2013-04-12 17:36 - 2007-10-02 09:56 - 00508264 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_36.dll
2013-04-12 17:36 - 2007-10-02 09:56 - 00444776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2013-04-12 17:36 - 2007-07-20 00:57 - 00411496 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_9.dll
2013-04-12 17:36 - 2007-07-20 00:57 - 00267112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2013-04-12 17:36 - 2007-07-19 18:14 - 05073256 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_35.dll
2013-04-12 17:36 - 2007-07-19 18:14 - 03727720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2013-04-12 17:36 - 2007-07-19 18:14 - 01985904 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_35.dll
2013-04-12 17:36 - 2007-07-19 18:14 - 01358192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2013-04-12 17:36 - 2007-07-19 18:14 - 00508264 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_35.dll
2013-04-12 17:36 - 2007-07-19 18:14 - 00444776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2013-04-12 17:36 - 2007-06-20 20:49 - 00409960 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_8.dll
2013-04-12 17:36 - 2007-06-20 20:46 - 00266088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2013-04-12 17:36 - 2007-05-16 16:45 - 04496232 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_34.dll
2013-04-12 17:36 - 2007-05-16 16:45 - 03497832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2013-04-12 17:36 - 2007-05-16 16:45 - 01401200 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_34.dll
2013-04-12 17:36 - 2007-05-16 16:45 - 01124720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2013-04-12 17:36 - 2007-05-16 16:45 - 00506728 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_34.dll
2013-04-12 17:36 - 2007-05-16 16:45 - 00443752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2013-04-12 17:36 - 2007-04-04 18:55 - 00403304 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_7.dll
2013-04-12 17:36 - 2007-04-04 18:55 - 00261480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2013-04-12 17:36 - 2007-04-04 18:54 - 00107368 ____A (Microsoft Corporation) C:\Windows\System32\xinput1_3.dll
2013-04-12 17:36 - 2007-04-04 18:53 - 00081768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2013-04-12 17:36 - 2007-03-15 16:57 - 00506728 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_33.dll
2013-04-12 17:36 - 2007-03-15 16:57 - 00443752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2013-04-12 17:36 - 2007-03-12 16:42 - 04494184 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_33.dll
2013-04-12 17:36 - 2007-03-12 16:42 - 03495784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2013-04-12 17:36 - 2007-03-12 16:42 - 01400176 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_33.dll
2013-04-12 17:36 - 2007-03-12 16:42 - 01123696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2013-04-12 17:36 - 2007-03-05 12:42 - 00017688 ____A (Microsoft Corporation) C:\Windows\System32\x3daudio1_1.dll
2013-04-12 17:36 - 2007-03-05 12:42 - 00015128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2013-04-12 17:36 - 2007-01-24 15:27 - 00393576 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_6.dll
2013-04-12 17:36 - 2007-01-24 15:27 - 00255848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2013-04-12 17:36 - 2006-12-08 12:02 - 00251672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2013-04-12 17:36 - 2006-12-08 12:00 - 00390424 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_5.dll
2013-04-12 17:36 - 2006-11-29 13:06 - 04398360 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_32.dll
2013-04-12 17:36 - 2006-11-29 13:06 - 03426072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-04-12 17:36 - 2006-11-29 13:06 - 00469264 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10.dll
2013-04-12 17:36 - 2006-11-29 13:06 - 00440080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2013-04-12 17:36 - 2006-09-28 16:05 - 03977496 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_31.dll
2013-04-12 17:36 - 2006-09-28 16:05 - 02414360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-04-12 17:36 - 2006-09-28 16:05 - 00237848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2013-04-12 17:36 - 2006-09-28 16:04 - 00364824 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_4.dll
2013-04-12 17:36 - 2006-07-28 09:31 - 00083736 ____A (Microsoft Corporation) C:\Windows\System32\xinput1_2.dll
2013-04-12 17:36 - 2006-07-28 09:30 - 00363288 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_3.dll
2013-04-12 17:36 - 2006-07-28 09:30 - 00236824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2013-04-12 17:36 - 2006-07-28 09:30 - 00062744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2013-04-12 17:36 - 2006-05-31 07:24 - 00230168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2013-04-12 17:36 - 2006-05-31 07:22 - 00354072 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_2.dll
2013-04-12 17:36 - 2006-03-31 12:41 - 03927248 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_30.dll
2013-04-12 17:36 - 2006-03-31 12:40 - 00352464 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_1.dll
2013-04-12 17:36 - 2006-03-31 12:39 - 00229584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2013-04-12 17:36 - 2006-03-31 12:39 - 00083664 ____A (Microsoft Corporation) C:\Windows\System32\xinput1_1.dll
2013-04-12 17:36 - 2006-03-31 12:39 - 00062672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2013-04-12 17:36 - 2006-02-03 08:43 - 03830992 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_29.dll
2013-04-12 17:36 - 2006-02-03 08:43 - 02332368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2013-04-12 17:36 - 2006-02-03 08:42 - 00355536 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_0.dll
2013-04-12 17:36 - 2006-02-03 08:42 - 00230096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2013-04-12 17:36 - 2006-02-03 08:41 - 00016592 ____A (Microsoft Corporation) C:\Windows\System32\x3daudio1_0.dll
2013-04-12 17:36 - 2006-02-03 08:41 - 00014032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2013-04-12 17:36 - 2005-12-05 18:09 - 03815120 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_28.dll
2013-04-12 17:36 - 2005-07-22 19:59 - 03807440 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll
2013-04-12 17:36 - 2005-07-22 19:59 - 02319568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-04-12 17:36 - 2005-05-26 15:34 - 03767504 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_26.dll
2013-04-12 17:36 - 2005-05-26 15:34 - 02297552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2013-04-12 17:36 - 2005-03-18 17:19 - 03823312 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_25.dll
2013-04-12 17:36 - 2005-03-18 17:19 - 02337488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2013-04-12 17:36 - 2005-02-05 19:45 - 03544272 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_24.dll
2013-04-12 17:36 - 2005-02-05 19:45 - 02222800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2013-04-12 17:25 - 2013-04-12 17:25 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-04-12 17:20 - 2013-04-12 17:20 - 00000000 ____D C:\ProgramData\ALM
2013-04-12 17:14 - 2013-04-12 17:14 - 00000000 ____D C:\Users\FamilyCom\Adobe Flash Builder 4.5
2013-04-12 17:09 - 2013-04-12 17:09 - 00001085 ____A C:\Users\Public\Desktop\Adobe Content Viewer.lnk
2013-04-12 17:08 - 2013-04-12 17:08 - 00000000 ____D C:\Program Files (x86)\Adobe Story
2013-04-12 17:03 - 2013-04-12 17:03 - 00000000 ____D C:\Program Files (x86)\My Company Name
2013-04-12 17:03 - 2009-07-09 03:00 - 00055280 ____N (Sonic Solutions) C:\Windows\System32\Drivers\PxHlpa64.sys
2013-04-12 17:03 - 2009-06-23 03:00 - 00010224 ____N (Sonic Solutions) C:\Windows\System32\Drivers\cdralw2k.sys
2013-04-12 17:03 - 2009-06-23 03:00 - 00010224 ____N (Sonic Solutions) C:\Windows\System32\Drivers\cdr4_xp.sys
2013-04-12 17:01 - 2013-04-12 17:22 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-04-12 17:01 - 2013-04-12 17:22 - 00000000 ____D C:\Program Files\Adobe
2013-04-12 17:00 - 2013-04-12 17:00 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-04-12 17:00 - 2013-04-12 17:00 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-04-12 16:46 - 2013-04-12 16:46 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\VirtualDVD
2013-04-12 16:45 - 2013-04-12 16:45 - 00001035 ____A C:\Users\FamilyCom\Desktop\VirtualDVD.lnk
2013-04-12 16:45 - 2013-04-12 16:45 - 00000000 ____D C:\Windows\SysWOW64\VirtualDVD InstallData
2013-04-12 16:45 - 2013-04-12 16:45 - 00000000 ____D C:\Program Files (x86)\VirtualDVD
2013-04-12 16:45 - 2013-01-03 13:05 - 00184320 ____A (ohsoft) C:\Windows\System32\Drivers\VirtualDVD.sys
2013-04-10 20:27 - 2012-07-03 11:58 - 00031744 ____A (Google Inc) C:\Windows\System32\Drivers\lgandnetadb.sys
2013-04-10 20:27 - 2012-07-03 11:50 - 00036352 ____A (LG Electronics Inc.) C:\Windows\System32\Drivers\lgandnetmodem64.sys
2013-04-10 20:27 - 2012-07-03 11:50 - 00029184 ____A (LG Electronics Inc.) C:\Windows\System32\Drivers\lgandnetdiag64.sys
2013-04-10 20:27 - 2012-07-03 11:50 - 00029184 ____A (LG Electronics Inc.) C:\Windows\System32\Drivers\lgandnetdiag264.sys
2013-04-10 20:25 - 2013-04-10 20:26 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2013-04-10 20:25 - 2013-04-10 20:25 - 00002427 ____A C:\Windows\SysWOW64\lgAxconfig.ini
2013-04-10 20:25 - 2013-04-10 20:25 - 00000831 ____A C:\Users\FamilyCom\Desktop\LGMobile Support Tool.lnk
2013-04-10 20:25 - 2013-04-10 20:25 - 00000000 ____D C:\LGMobileUpgrade
2013-04-10 20:25 - 2011-05-10 13:37 - 00655872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr90.dll
2013-04-10 20:25 - 2011-05-10 13:37 - 00568832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp90.dll
2013-04-10 20:25 - 2011-05-10 13:37 - 00224768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcm90.dll
2013-04-10 20:25 - 2006-05-04 08:33 - 00053248 ____A () C:\Windows\SysWOW64\CommonDL.dll
2013-04-10 20:25 - 2005-10-04 01:39 - 00044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml4a.dll
2013-04-09 22:10 - 2013-04-09 22:10 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Bandizip
2013-04-08 12:18 - 2013-04-08 12:18 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\NVIDIA
2013-04-08 11:15 - 2013-04-08 11:15 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-04-08 11:15 - 2013-04-08 11:15 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_lgandnetadb_01005.Wdf
2013-04-08 11:10 - 2013-04-16 19:21 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\LG Electronics
2013-04-08 11:08 - 2013-04-08 11:08 - 00001210 ____A C:\Users\Public\Desktop\LG PC Suite.lnk
2013-04-08 11:08 - 2013-04-08 11:08 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\LG Electronics
2013-04-08 11:06 - 2013-04-10 20:27 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2013-04-07 20:51 - 2013-03-15 14:53 - 26956576 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 25256736 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 20542752 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 17990800 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 15042928 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 13088000 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 11048736 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-04-07 20:51 - 2013-03-15 14:53 - 09414456 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 07959000 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 07573816 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 06271872 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 02913056 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 02728736 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 02539128 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 02355488 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 01995552 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 01807136 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6431422.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 01510176 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6431422.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 00968408 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 00250504 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-04-07 20:51 - 2013-03-15 14:53 - 00205184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-04-07 14:51 - 2012-09-14 16:42 - 00118072 ____A (AhnLab, Inc.) C:\Windows\System32\Drivers\AmonTDLh.sys
2013-04-07 14:50 - 2013-04-07 14:54 - 00000824 ____A C:\Windows\System32\Drivers\etc\hosts_tmp
2013-04-07 14:50 - 2013-04-07 14:50 - 01621512 ____A (RaonSecure Co., Ltd.) C:\Windows\SysWOW64\CKSetup32.exe
2013-04-07 14:50 - 2013-04-07 14:50 - 00596320 ____A (RaonSecure Co., Ltd.) C:\Windows\SysWOW64\TouchEnKey.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00569864 ____A (RaonSecure Co., Ltd.) C:\Windows\SysWOW64\CKSetup64.exe
2013-04-07 14:50 - 2013-04-07 14:50 - 00531072 ____A (Interezen) C:\Windows\SysWOW64\I3GManager.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00434428 ____A (SoftForum Corporation) C:\Windows\SysWOW64\CKCSP.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00343560 ____A (RaonSecure Co., Ltd.) C:\Windows\SysWOW64\npKeyPro.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00237064 ____A (RaonSecure Co., Ltd.) C:\Windows\SysWOW64\CKApp.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00223432 ____A (Interezen) C:\Windows\SysWOW64\I3GEX.exe
2013-04-07 14:50 - 2013-04-07 14:50 - 00191072 ____A (Kings Information & Network) C:\Windows\SysWOW64\kcrypto.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00150512 ___RA (Lumensoft Co., Ltd.) C:\Windows\SysWOW64\CKAgent.exe
2013-04-07 14:50 - 2013-04-07 14:50 - 00150512 ___RA (Lumensoft Co., Ltd.) C:\Windows\System32\CKAgent.exe
2013-04-07 14:50 - 2013-04-07 14:50 - 00150512 ___RA (Lumensoft Co., Ltd.) C:\Windows\System32\CKAgent.dat
2013-04-07 14:50 - 2013-04-07 14:50 - 00141848 ____A (Kings Information & Network) C:\Windows\System32\kcrtx64.sys
2013-04-07 14:50 - 2013-04-07 14:50 - 00138704 ____A (Lumensoft Co., Ltd.) C:\Windows\SysWOW64\jrsoftcp.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00080816 ____A (Lumensoft Co., Ltd.) C:\Windows\SysWOW64\CKKeyProCert.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00072272 ____A C:\Windows\SysWOW64\cosa.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00058600 ____A (Interezen) C:\Windows\SysWOW64\I3Gescp.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00019888 ____A (lumensoft Corporation) C:\Windows\System32\JRSUKD25.SYS
2013-04-07 14:50 - 2013-04-07 14:50 - 00015512 ____A C:\Windows\SysWOW64\IRTrace.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\AhnLab
2013-04-07 14:50 - 2013-04-07 14:50 - 00000000 ____D C:\Program Files (x86)\Interezen
2013-04-07 14:49 - 2013-04-07 14:49 - 00000000 ____D C:\Program Files\NPKI
2013-04-07 14:49 - 2013-04-07 14:49 - 00000000 ____D C:\Program Files (x86)\Wizvera
2013-04-07 14:49 - 2013-04-07 14:49 - 00000000 ____D C:\Program Files (x86)\Softforum
2013-04-07 14:49 - 2013-04-07 14:49 - 00000000 ____D C:\Program Files (x86)\AhnLab
2013-04-06 22:25 - 2013-04-06 22:25 - 00000000 ____D C:\VTRoot
2013-04-06 22:16 - 2013-04-06 22:16 - 00000000 ____D C:\ProgramData\Comodo Downloader
2013-04-06 22:16 - 2013-04-06 22:16 - 00000000 ____D C:\Program Files\COMODO
2013-04-06 21:40 - 2013-04-12 16:34 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\DAEMON Tools Lite
2013-04-06 21:40 - 2013-04-12 16:34 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-04-06 21:30 - 2013-04-06 21:30 - 00564824 ____A (Duplex Secure Ltd.) C:\Windows\System32\Drivers\sptd.sys
2013-04-06 17:24 - 2013-04-19 09:03 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\Media Player Classic
2013-04-06 17:23 - 2013-04-06 17:23 - 00000000 ____D C:\Program Files\K-Lite Codec Pack x64
2013-04-06 17:23 - 2013-04-05 03:00 - 00127488 ____A C:\Windows\System32\ff_vfw.dll
2013-04-06 17:23 - 2012-06-10 02:21 - 00206336 ____A C:\Windows\System32\unrar64.dll
2013-04-06 17:23 - 2011-12-08 02:37 - 00148992 ____A ( ) C:\Windows\System32\lagarith.dll
2013-04-06 17:22 - 2013-04-06 17:22 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-04-06 17:22 - 2013-04-05 03:00 - 00112640 ____A C:\Windows\SysWOW64\ff_vfw.dll
2013-04-06 17:22 - 2013-03-18 01:21 - 03649536 ____A (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2013-04-06 17:22 - 2012-06-10 02:21 - 00178688 ____A C:\Windows\SysWOW64\unrar.dll
2013-04-06 17:22 - 2011-12-22 02:14 - 00151552 ____A (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2013-04-06 17:22 - 2011-12-08 02:32 - 00216064 ____A ( ) C:\Windows\SysWOW64\lagarith.dll
2013-04-06 17:22 - 2011-06-24 23:44 - 00243200 ____A C:\Windows\SysWOW64\xvidvfw.dll
2013-04-06 17:22 - 2011-06-24 23:28 - 00650752 ____A C:\Windows\SysWOW64\xvidcore.dll
2013-04-06 17:22 - 2004-05-19 03:16 - 00039936 ____A (Disappearing Inc.) C:\Windows\SysWOW64\huffyuv.dll
2013-04-06 16:16 - 2013-04-12 17:51 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Adobe
2013-04-06 16:13 - 2013-04-06 16:13 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\Ahead
2013-04-06 15:42 - 2013-04-06 15:42 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\GRETECH
2013-04-06 15:32 - 2013-04-06 15:32 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\Apple Computer
2013-04-06 11:59 - 2013-04-06 12:00 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-04-06 11:59 - 2013-04-06 11:59 - 00000000 ____D C:\ProgramData\Apple Computer
2013-04-06 11:58 - 2013-04-06 11:58 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Apple
2013-04-06 11:58 - 2013-04-06 11:58 - 00000000 ____D C:\ProgramData\Apple
2013-04-06 11:58 - 2013-04-06 11:58 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-04-06 11:57 - 2013-04-06 11:57 - 00201872 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2013-04-06 11:57 - 2013-04-06 11:57 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\RealNetworks
2013-04-06 11:57 - 2013-04-06 11:57 - 00000000 ____D C:\ProgramData\RealNetworks
2013-04-06 11:57 - 2013-04-06 11:57 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2013-04-06 11:56 - 2013-04-06 11:58 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\Real
2013-04-06 11:56 - 2013-04-06 11:57 - 00000000 ____D C:\Program Files (x86)\Real
2013-04-06 11:56 - 2013-04-06 11:56 - 00272896 ____A (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2013-04-06 11:56 - 2013-04-06 11:56 - 00006656 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll
2013-04-06 11:56 - 2013-04-06 11:56 - 00005632 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll
2013-04-06 11:43 - 2013-04-06 11:57 - 00000000 ____D C:\ProgramData\Real
2013-04-06 11:13 - 2013-04-07 20:49 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-04-06 11:13 - 2013-04-06 22:17 - 00000000 ____D C:\ProgramData\COMODO
2013-04-06 11:06 - 2013-04-06 11:06 - 00000843 ____A C:\Users\Public\Desktop\μTorrent.lnk
2013-04-06 11:05 - 2013-04-19 09:33 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\uTorrent
2013-04-06 11:05 - 2013-04-06 11:05 - 00000000 ____D C:\Program Files\7-Zip
2013-04-06 11:04 - 2013-04-06 11:06 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\WinRAR
2013-04-06 11:04 - 2013-04-06 11:04 - 00000000 ____D C:\ProgramData\Sun
2013-04-06 11:04 - 2013-04-06 11:04 - 00000000 ____D C:\Program Files\WinRAR
2013-04-06 11:04 - 2013-04-06 11:03 - 00861088 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-04-06 11:04 - 2013-04-06 11:03 - 00782240 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-04-06 11:03 - 2013-04-17 08:05 - 00000000 ____D C:\Program Files (x86)\Java
2013-04-06 10:57 - 2013-04-16 20:56 - 00000000 ___RD C:\Users\FamilyCom\Desktop\QUICK
2013-04-05 22:28 - 2013-04-16 18:27 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\CrashDumps
2013-04-05 20:15 - 2013-04-19 09:32 - 00000686 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-04-05 20:15 - 2013-04-19 09:20 - 00000690 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-04-05 20:15 - 2013-04-18 09:14 - 00000000 ____D C:\Program Files (x86)\Google
2013-04-05 20:14 - 2013-04-18 09:14 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Google
2013-04-05 20:14 - 2013-04-16 18:19 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Deployment
2013-04-05 20:14 - 2013-04-05 20:14 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Apps\2.0
2013-04-05 15:44 - 2013-04-16 20:55 - 00000000 ____D C:\Program Files\Common Files\AhnLab
2013-04-05 15:44 - 2013-04-09 21:30 - 03045104 ____A (AhnLab, Inc.) C:\Windows\System32\btscan.exe
2013-04-05 15:43 - 2013-04-07 14:50 - 00000000 ____D C:\Program Files\AhnLab
2013-04-05 15:43 - 2009-07-21 10:00 - 00025656 ____A (AhnLab, Inc.) C:\Windows\System32\Drivers\CdmDrvNt.sys
2013-04-05 15:42 - 2013-04-05 15:43 - 00000000 ____D C:\ProgramData\AhnLab
2013-04-05 15:19 - 2013-04-12 17:26 - 00165720 ____A C:\Users\FamilyCom\AppData\Local\GDIPFONTCACHEV1.DAT
2013-04-05 15:19 - 2013-04-05 15:19 - 00000000 ____D C:\Program Files (x86)\Etron Technology
2013-04-05 15:18 - 2013-04-09 22:06 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\Estsoft
2013-04-05 15:18 - 2013-04-05 15:18 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\ECRSC
2013-04-05 15:17 - 2013-04-05 15:17 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\HNC
2013-04-05 15:17 - 2012-10-24 17:52 - 00065136 ____A (Hancom Inc.) C:\Windows\System32\HNCE2PPRMON80.dll
2013-04-05 15:16 - 2013-04-05 15:16 - 00001045 ____A C:\Users\Public\Desktop\한컴오피스 한글 2010.lnk
2013-04-05 15:15 - 2013-04-12 17:26 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\Adobe
2013-04-05 15:15 - 2013-04-05 15:15 - 00000069 ____A C:\Windows\hjimesv.ini
2013-04-05 15:15 - 2013-04-05 15:15 - 00000016 ____A C:\Windows\SysWOW64\winhcfgb.ini
2013-04-05 15:15 - 2013-04-05 15:15 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\Macromedia
2013-04-05 15:14 - 2009-09-07 02:30 - 00667136 ____A C:\Windows\SysWOW64\OGACheckControl.dll
2013-04-05 15:14 - 2009-09-07 02:30 - 00667136 ____A C:\Windows\System32\OGACheckControl.dll
2013-04-05 15:04 - 2013-04-05 15:04 - 00000000 ____D C:\Windows\PCHEALTH
2013-04-05 15:04 - 2013-04-05 15:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-04-05 15:04 - 2013-04-05 15:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-04-05 15:04 - 2013-04-05 15:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-04-05 15:04 - 2013-04-05 15:04 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-04-05 15:02 - 2013-04-05 15:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-04-05 15:02 - 2013-04-05 15:02 - 00000000 ___RD C:\MSOCache
2013-04-05 15:02 - 2013-04-05 15:02 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Microsoft Help
2013-04-05 15:02 - 2013-04-05 15:02 - 00000000 ____D C:\Program Files\Microsoft Office
2013-04-05 15:02 - 2013-04-05 15:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-04-05 14:12 - 2013-04-18 08:08 - 00000000 ___RD C:\Windows Activation Technologies
2013-04-05 14:11 - 2013-04-05 14:11 - 00000000 ____D C:\Windows\KJ
2013-04-05 14:11 - 2012-10-06 07:07 - 00405881 ____A C:\Windows\KJ.exe
2013-04-05 13:46 - 2013-04-19 09:32 - 00000000 ____D C:\ProgramData\NVIDIA
2013-04-05 13:46 - 2013-04-05 13:46 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-04-05 13:46 - 2013-04-05 13:46 - 00000000 __SHD C:\Users\UpdatusUser\시작 메뉴
2013-04-05 13:46 - 2013-04-05 13:46 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-04-05 13:45 - 2013-04-05 13:45 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-04-05 13:45 - 2013-03-15 14:53 - 15508512 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2013-04-05 13:45 - 2013-03-15 14:53 - 02864144 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2013-04-05 13:45 - 2013-03-15 14:53 - 01118776 ____A (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2013-04-05 13:45 - 2013-03-15 14:53 - 00017738 ____A C:\Windows\System32\nvinfo.pb
2013-04-05 13:45 - 2013-03-15 13:16 - 06398240 ____A (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2013-04-05 13:45 - 2013-03-15 13:16 - 03477280 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2013-04-05 13:45 - 2013-03-15 13:16 - 02555680 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2013-04-05 13:45 - 2013-03-15 13:16 - 00877856 ____A (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2013-04-05 13:45 - 2013-03-15 13:16 - 00237856 ____A (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2013-04-05 13:45 - 2013-03-15 13:16 - 00063776 ____A (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2013-04-05 13:45 - 2013-03-14 01:24 - 03065455 ____A C:\Windows\System32\nvcoproc.bin
2013-04-05 13:45 - 2013-02-10 12:25 - 01807136 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6420294.dll
2013-04-05 13:45 - 2013-02-10 12:25 - 01510176 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6420162.dll
2013-04-05 13:45 - 2012-12-19 14:42 - 00031672 ____A (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2013-04-05 13:45 - 2012-12-19 14:41 - 00194488 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2013-04-05 13:45 - 2012-12-18 17:31 - 01510328 ____A (NVIDIA Corporation) C:\Windows\System32\nvhdagenco6420103.dll
2013-04-05 13:44 - 2013-04-05 13:44 - 00000000 ____D C:\NVIDIA

neowing · Apr 18, 2013

3rd:-----------------

0000000 ____D C:\Users\FamilyCom\AppData\Roaming\InstallShield
2013-04-05 13:41 - 2013-04-05 13:41 - 00000000 ____D C:\Program Files (x86)\ASM104xUSB3
2013-04-05 13:40 - 2013-04-05 13:40 - 00000000 ____D C:\Windows\System32\appmgmt
2013-04-05 13:39 - 2013-04-19 09:32 - 00034752 ____A C:\Windows\System32\Drivers\WPRO_41_2001.sys
2013-04-05 13:38 - 2013-04-05 13:38 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-04-05 13:38 - 2013-04-05 13:38 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-04-05 13:38 - 2013-04-05 13:38 - 00000000 ____D C:\Program Files\Realtek
2013-04-05 13:37 - 2011-10-18 20:53 - 02957544 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHD64.sys
2013-04-05 13:37 - 2011-10-18 19:10 - 00099432 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoInst64.dll
2013-04-05 13:37 - 2011-10-18 17:41 - 00150996 ____A C:\Windows\System32\Drivers\RTAIODAT.DAT
2013-04-05 13:37 - 2011-10-18 14:55 - 00331880 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtlCPAPI64.dll
2013-04-05 13:37 - 2011-10-18 14:47 - 01914472 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkApi64.dll
2013-04-05 13:37 - 2011-10-18 12:05 - 02528872 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtPgEx64.dll
2013-04-05 13:37 - 2011-10-17 18:30 - 03213928 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO64.dll
2013-04-05 13:37 - 2011-10-11 16:37 - 00626264 ____A (Creative Technology Ltd.) C:\Windows\System32\MBTHX64.dll
2013-04-05 13:37 - 2011-10-11 16:37 - 00561240 ____A (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2013-04-05 13:37 - 2011-08-31 20:12 - 01698408 ____A (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2013-04-05 13:37 - 2011-07-28 01:55 - 02604376 ____A (Waves Audio Ltd.) C:\Windows\System32\WavesGUILib.dll
2013-04-05 13:37 - 2011-07-28 01:55 - 02132824 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioEQ.dll
2013-04-05 13:37 - 2011-07-22 20:35 - 01247848 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTCOM64.dll
2013-04-05 13:37 - 2011-06-30 17:14 - 01560168 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTSnMg64.cpl
2013-04-05 13:37 - 2011-05-05 16:24 - 02085440 ____A (Fortemedia Corporation) C:\Windows\System32\FMAPO64.dll
2013-04-05 13:37 - 2010-11-08 08:31 - 00375128 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEP64A.dll
2013-04-05 13:37 - 2010-11-08 08:31 - 00310104 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DHT64.dll
2013-04-05 13:37 - 2010-11-08 08:31 - 00310104 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DAA64.dll
2013-04-05 13:37 - 2010-11-08 08:31 - 00204120 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEED64A.dll
2013-04-05 13:37 - 2010-11-08 08:31 - 00101208 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEL64A.dll
2013-04-05 13:37 - 2010-11-08 08:31 - 00078680 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEG64A.dll
2013-04-05 13:37 - 2010-11-03 19:30 - 00149608 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCfg64.dll
2013-04-05 13:37 - 2010-09-27 10:34 - 00318808 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO20.dll
2013-04-05 13:37 - 2010-07-22 17:37 - 00200800 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTAC64.dll
2013-04-05 13:37 - 2010-07-02 20:40 - 00080984 ____A (Creative Technology Ltd.) C:\Windows\System32\MBWrp64.dll
2013-04-05 13:37 - 2009-11-24 10:55 - 00518896 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSTSX64.dll
2013-04-05 13:37 - 2009-11-24 10:55 - 00211184 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSTSH64.dll
2013-04-05 13:37 - 2009-11-24 10:55 - 00198896 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSHP64.dll
2013-04-05 13:37 - 2009-11-24 10:55 - 00155888 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSWOW64.dll
2013-04-05 13:37 - 2009-11-17 19:12 - 00108960 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTAR64.dll
2013-04-05 13:36 - 2013-04-05 13:39 - 00000000 ____D C:\ProgramData\Intel
2013-04-05 13:36 - 2013-04-05 13:39 - 00000000 ____D C:\Program Files\Intel
2013-04-05 13:36 - 2013-04-05 13:37 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-04-05 13:36 - 2011-12-17 03:40 - 00015128 ____A C:\Windows\System32\Drivers\IntelMEFWVer.dll
2013-04-05 13:36 - 2011-09-29 18:30 - 00107552 ____A (Realtek Semiconductor Corporation) C:\Windows\System32\RTNUninst64.dll
2013-04-05 13:36 - 2011-09-29 18:30 - 00074272 ____A C:\Windows\System32\RtNicProp64.dll
2013-04-05 13:35 - 2013-04-05 13:41 - 00000000 ____D C:\Program Files (x86)\Intel
2013-04-05 13:35 - 2013-04-05 13:35 - 00000000 ____D C:\Intel
2013-04-05 13:35 - 2011-12-06 16:55 - 00053248 ____A (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2013-04-05 13:27 - 2013-04-18 08:09 - 00000000 ____D C:\users\FamilyCom
2013-04-05 13:27 - 2013-04-05 13:27 - 00000020 ___SH C:\Users\FamilyCom\ntuser.ini
2013-04-05 13:27 - 2013-04-05 13:27 - 00000000 __SHD C:\Users\FamilyCom\시작 메뉴
2013-04-05 13:27 - 2013-04-05 13:27 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\VirtualStore
2013-04-05 13:26 - 2013-04-05 13:26 - 00000000 __SHD C:\Users\Default\시작 메뉴
2013-04-05 13:26 - 2013-04-05 13:26 - 00000000 __SHD C:\ProgramData\시작 메뉴
2013-04-05 13:26 - 2013-04-05 13:26 - 00000000 __SHD C:\ProgramData\바탕 화면
2013-04-05 13:26 - 2013-04-05 13:26 - 00000000 ____D C:\Recovery
2013-03-23 09:30 - 2013-04-17 12:00 - 00000000 ____D C:\Users\FamilyCom\Desktop\mbar

==================== One Month Modified Files and Folders =======

2013-04-19 09:38 - 2013-04-19 09:38 - 00000000 ____D C:\FRST
2013-04-19 09:33 - 2013-04-06 11:05 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\uTorrent
2013-04-19 09:32 - 2013-04-19 09:32 - 00094656 ____A (CACE Technologies) C:\Windows\System32\WPRO_41_2001woem.tmp
2013-04-19 09:32 - 2013-04-17 07:57 - 00016518 ____A C:\Windows\PFRO.log
2013-04-19 09:32 - 2013-04-17 07:57 - 00002513 ____A C:\Windows\setupact.log
2013-04-19 09:32 - 2013-04-05 20:15 - 00000686 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-04-19 09:32 - 2013-04-05 13:46 - 00000000 ____D C:\ProgramData\NVIDIA
2013-04-19 09:32 - 2013-04-05 13:39 - 00034752 ____A C:\Windows\System32\Drivers\WPRO_41_2001.sys
2013-04-19 09:32 - 2009-07-14 14:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-04-19 09:31 - 2013-02-24 00:47 - 01850891 ____A C:\Windows\WindowsUpdate.log
2013-04-19 09:31 - 2009-07-14 13:45 - 00025936 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-04-19 09:31 - 2009-07-14 13:45 - 00025936 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-04-19 09:27 - 2013-03-06 02:03 - 00666534 ____A C:\Windows\System32\perfh019.dat
2013-04-19 09:27 - 2013-03-06 02:03 - 00383348 ____A C:\Windows\System32\perfh011.dat
2013-04-19 09:27 - 2013-03-06 02:03 - 00371100 ____A C:\Windows\System32\prfh0404.dat
2013-04-19 09:27 - 2013-03-06 02:03 - 00355130 ____A C:\Windows\System32\prfh0804.dat
2013-04-19 09:27 - 2013-03-06 02:03 - 00128694 ____A C:\Windows\System32\perfc019.dat
2013-04-19 09:27 - 2013-03-06 02:03 - 00103370 ____A C:\Windows\System32\perfc011.dat
2013-04-19 09:27 - 2013-03-06 02:03 - 00101230 ____A C:\Windows\System32\prfc0804.dat
2013-04-19 09:27 - 2013-03-06 02:03 - 00096316 ____A C:\Windows\System32\prfc0404.dat
2013-04-19 09:27 - 2010-11-22 02:21 - 00402744 ____A C:\Windows\System32\perfh012.dat
2013-04-19 09:27 - 2010-11-22 02:21 - 00101692 ____A C:\Windows\System32\perfc012.dat
2013-04-19 09:27 - 2009-07-14 14:13 - 03410714 ____A C:\Windows\System32\PerfStringBackup.INI
2013-04-19 09:23 - 2013-04-19 09:23 - 00015877 ____A C:\Users\FamilyCom\Downloads\한글_2010.torrent
2013-04-19 09:20 - 2013-04-05 20:15 - 00000690 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-04-19 09:03 - 2013-04-06 17:24 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\Media Player Classic
2013-04-19 09:01 - 2013-04-19 09:01 - 00016376 ____A C:\Users\FamilyCom\Downloads\한글과컴퓨터 오피스 2010_시리얼.torrent
2013-04-19 09:01 - 2013-04-19 09:01 - 00012716 ____A C:\Users\FamilyCom\Downloads\MS오피스2010sp1통합본.torrent
2013-04-19 08:58 - 2013-04-19 08:58 - 00046951 ____A C:\Users\FamilyCom\Downloads\[gg]_Valvrave_the_Liberator_-_02_[3514DF30].mkv.torrent
2013-04-19 08:58 - 2013-04-19 08:58 - 00026330 ____A C:\Users\FamilyCom\Downloads\[HorribleSubs] Majestic Prince - 03 [720p].mkv.torrent
2013-04-19 08:58 - 2013-04-19 08:58 - 00024692 ____A C:\Users\FamilyCom\Downloads\[HorribleSubs] Saint Seiya Omega - 53 [720p].mkv.torrent
2013-04-19 08:57 - 2013-04-19 08:57 - 00011317 ____A C:\Users\FamilyCom\Downloads\(C83) [アレマテオレマ (小林由高)] GARIGARI47 (東方Project).zip.torrent
2013-04-19 08:44 - 2013-02-24 00:49 - 00000622 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-04-19 08:37 - 2013-04-19 08:27 - 00000000 ____D C:\ComboFix
2013-04-19 08:37 - 2009-07-14 11:34 - 00000215 ____A C:\Windows\system.ini
2013-04-19 08:36 - 2013-04-17 13:48 - 00000000 ____D C:\Windows\erdnt
2013-04-19 08:28 - 2013-04-17 13:48 - 00000000 ____D C:\Qoobox
2013-04-19 08:09 - 2013-04-18 09:42 - 05056640 ____R (Swearware) C:\Users\FamilyCom\Desktop\ComboFix.exe
2013-04-18 10:32 - 2013-04-18 10:32 - 00038732 ____A C:\Users\FamilyCom\Desktop\comboRRR.txt
2013-04-18 10:31 - 2009-07-14 12:20 - 00000000 __RHD C:\users\Default
2013-04-18 10:21 - 2013-04-17 14:09 - 00008024 ____A C:\Users\FamilyCom\Desktop\Rkill.txt
2013-04-18 09:46 - 2013-04-18 09:20 - 00002079 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-04-18 09:34 - 2013-04-18 09:34 - 00002047 ____A C:\Users\Public\Desktop\AntiError.lnk
2013-04-18 09:34 - 2013-04-18 09:34 - 00002043 ____A C:\Users\Public\Desktop\GeekBuddy.lnk
2013-04-18 09:21 - 2013-04-16 20:57 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-04-18 09:14 - 2013-04-18 09:14 - 00000000 ____D C:\Users\FamilyCom\AppData\LocalGoogle
2013-04-18 09:14 - 2013-04-05 20:15 - 00000000 ____D C:\Program Files (x86)\Google
2013-04-18 09:14 - 2013-04-05 20:14 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Google
2013-04-18 09:11 - 2013-04-16 20:55 - 00000000 ____D C:\Program Files\AVAST Software
2013-04-18 09:11 - 2013-04-16 20:53 - 00000000 ____D C:\ProgramData\AVAST Software
2013-04-18 08:37 - 2013-04-18 08:37 - 01752992 ____A (Bleeping Computer, LLC) C:\Users\FamilyCom\Desktop\rkill.exe
2013-04-18 08:09 - 2013-04-05 13:27 - 00000000 ____D C:\users\FamilyCom
2013-04-18 08:08 - 2013-04-05 14:12 - 00000000 ___RD C:\Windows Activation Technologies
2013-04-18 08:08 - 2011-12-14 22:09 - 00000000 ____D C:\Users\FamilyCom\Documents\Game
2013-04-18 08:08 - 2011-12-13 21:18 - 00000000 ____D C:\Users\FamilyCom\Documents\프로그램 단
2013-04-18 08:08 - 2009-07-14 12:20 - 00000000 ____D C:\Windows\registration
2013-04-17 12:00 - 2013-03-23 09:30 - 00000000 ____D C:\Users\FamilyCom\Desktop\mbar
2013-04-17 11:18 - 2013-04-17 11:15 - 00000000 ____D C:\Users\FamilyCom\Desktop\RK_Quarantine
2013-04-17 11:13 - 2013-04-17 11:13 - 00816128 ____A C:\Users\FamilyCom\Desktop\RogueKiller.exe
2013-04-17 08:10 - 2013-02-24 00:49 - 00691592 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-04-17 08:10 - 2013-02-24 00:49 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-04-17 08:07 - 2013-04-17 08:07 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-04-17 08:07 - 2013-04-16 17:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-17 08:05 - 2013-04-17 08:05 - 00003558 ____A C:\Windows\SysWOW64\jupdate-1.7.0_21-b11.log
2013-04-17 08:05 - 2013-04-06 11:03 - 00000000 ____D C:\Program Files (x86)\Java
2013-04-17 07:57 - 2013-04-17 07:57 - 00000000 ____A C:\Windows\setuperr.log
2013-04-16 21:53 - 2013-02-24 00:40 - 00000000 ____D C:\Windows\Panther
2013-04-16 21:51 - 2013-04-16 21:51 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-04-16 21:51 - 2013-04-16 18:24 - 00000000 ____D C:\Program Files\CCleaner
2013-04-16 21:34 - 2013-04-12 17:52 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Skyrim
2013-04-16 21:33 - 2013-04-12 21:55 - 00000000 ____D C:\BOSS
2013-04-16 21:26 - 2013-04-15 17:05 - 00000000 ____D C:\Users\FamilyCom\Desktop\Pose
2013-04-16 21:19 - 2013-04-12 18:17 - 00000000 ____D C:\Python27
2013-04-16 20:56 - 2013-04-06 10:57 - 00000000 ___RD C:\Users\FamilyCom\Desktop\QUICK
2013-04-16 20:55 - 2013-04-05 15:44 - 00000000 ____D C:\Program Files\Common Files\AhnLab
2013-04-16 20:15 - 2009-07-14 13:45 - 05293088 ____A C:\Windows\System32\FNTCACHE.DAT
2013-04-16 19:32 - 2013-04-16 19:32 - 00001151 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-04-16 19:32 - 2013-04-16 19:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-16 19:32 - 2013-04-16 17:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-04-16 19:30 - 2013-04-12 18:02 - 00000890 ____A C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2013-04-16 19:30 - 2013-04-12 18:02 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2013-04-16 19:21 - 2013-04-08 11:10 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\LG Electronics
2013-04-16 19:21 - 2013-02-24 00:49 - 00000000 ____D C:\Windows\System32\Macromed
2013-04-16 19:21 - 2010-11-22 02:31 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-04-16 19:21 - 2009-07-14 12:20 - 00000000 ___HD C:\Windows\System32\GroupPolicy
2013-04-16 19:21 - 2009-07-14 12:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-04-16 19:21 - 2009-07-14 12:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-04-16 18:45 - 2013-04-16 18:45 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\Mozilla
2013-04-16 18:27 - 2013-04-05 22:28 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\CrashDumps
2013-04-16 18:19 - 2013-04-05 20:14 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Deployment
2013-04-16 17:47 - 2013-04-16 17:47 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\Malwarebytes
2013-04-16 17:47 - 2013-04-16 17:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-04-16 17:30 - 2013-04-16 17:27 - 00000000 ____D C:\ProgramData\eSafe
2013-04-16 17:15 - 2013-04-16 17:15 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Mozilla
2013-04-16 17:15 - 2013-04-16 17:15 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Macromedia
2013-04-16 17:14 - 2013-04-16 17:14 - 00000000 ____D C:\ProgramData\Mozilla
2013-04-14 20:18 - 2013-04-14 20:18 - 00000000 ____D C:\Program Files (x86)\Skyrim Mods
2013-04-13 11:52 - 2013-04-13 11:52 - 00000000 ____D C:\Program Files (x86)\Banktown
2013-04-13 11:52 - 2013-04-13 10:49 - 00000000 ____D C:\Program Files (x86)\INICIS61
2013-04-12 19:57 - 2013-04-12 17:55 - 00000000 ____D C:\Users\FamilyCom\Documents\Nexus Mod Manager
2013-04-12 18:04 - 2013-04-12 18:03 - 00000000 ____D C:\Games
2013-04-12 18:03 - 2013-04-12 17:55 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Black_Tree_Gaming
2013-04-12 17:52 - 2013-04-12 17:52 - 00000000 ____D C:\Users\FamilyCom\Documents\My Games
2013-04-12 17:51 - 2013-04-06 16:16 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Adobe
2013-04-12 17:26 - 2013-04-05 15:19 - 00165720 ____A C:\Users\FamilyCom\AppData\Local\GDIPFONTCACHEV1.DAT
2013-04-12 17:26 - 2013-04-05 15:15 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\Adobe
2013-04-12 17:25 - 2013-04-12 17:25 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-04-12 17:25 - 2013-02-24 01:27 - 00000000 ____D C:\ProgramData\Adobe
2013-04-12 17:22 - 2013-04-12 17:01 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-04-12 17:22 - 2013-04-12 17:01 - 00000000 ____D C:\Program Files\Adobe
2013-04-12 17:21 - 2013-02-24 01:27 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-04-12 17:20 - 2013-04-12 17:20 - 00000000 ____D C:\ProgramData\ALM
2013-04-12 17:14 - 2013-04-12 17:14 - 00000000 ____D C:\Users\FamilyCom\Adobe Flash Builder 4.5
2013-04-12 17:09 - 2013-04-12 17:09 - 00001085 ____A C:\Users\Public\Desktop\Adobe Content Viewer.lnk
2013-04-12 17:08 - 2013-04-12 17:08 - 00000000 ____D C:\Program Files (x86)\Adobe Story
2013-04-12 17:03 - 2013-04-12 17:03 - 00000000 ____D C:\Program Files (x86)\My Company Name
2013-04-12 17:00 - 2013-04-12 17:00 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-04-12 17:00 - 2013-04-12 17:00 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-04-12 16:46 - 2013-04-12 16:46 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\VirtualDVD
2013-04-12 16:45 - 2013-04-12 16:45 - 00001035 ____A C:\Users\FamilyCom\Desktop\VirtualDVD.lnk
2013-04-12 16:45 - 2013-04-12 16:45 - 00000000 ____D C:\Windows\SysWOW64\VirtualDVD InstallData
2013-04-12 16:45 - 2013-04-12 16:45 - 00000000 ____D C:\Program Files (x86)\VirtualDVD
2013-04-12 16:34 - 2013-04-06 21:40 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\DAEMON Tools Lite
2013-04-12 16:34 - 2013-04-06 21:40 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-04-10 20:27 - 2013-04-08 11:06 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2013-04-10 20:27 - 2013-02-24 00:48 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-04-10 20:26 - 2013-04-10 20:25 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2013-04-10 20:25 - 2013-04-10 20:25 - 00002427 ____A C:\Windows\SysWOW64\lgAxconfig.ini
2013-04-10 20:25 - 2013-04-10 20:25 - 00000831 ____A C:\Users\FamilyCom\Desktop\LGMobile Support Tool.lnk
2013-04-10 20:25 - 2013-04-10 20:25 - 00000000 ____D C:\LGMobileUpgrade
2013-04-09 22:10 - 2013-04-09 22:10 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Bandizip
2013-04-09 22:06 - 2013-04-05 15:18 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\Estsoft
2013-04-09 22:06 - 2013-02-24 00:51 - 00000000 ____D C:\ProgramData\ESTsoft
2013-04-09 22:06 - 2013-02-24 00:51 - 00000000 ____D C:\Program Files (x86)\ESTsoft
2013-04-09 21:30 - 2013-04-05 15:44 - 03045104 ____A (AhnLab, Inc.) C:\Windows\System32\btscan.exe
2013-04-09 17:43 - 2009-07-14 12:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-04-08 12:18 - 2013-04-08 12:18 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\NVIDIA
2013-04-08 11:15 - 2013-04-08 11:15 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-04-08 11:15 - 2013-04-08 11:15 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_lgandnetadb_01005.Wdf
2013-04-08 11:08 - 2013-04-08 11:08 - 00001210 ____A C:\Users\Public\Desktop\LG PC Suite.lnk
2013-04-08 11:08 - 2013-04-08 11:08 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\LG Electronics
2013-04-07 20:53 - 2013-02-24 01:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-04-07 20:49 - 2013-04-06 11:13 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-04-07 14:54 - 2013-04-07 14:50 - 00000824 ____A C:\Windows\System32\Drivers\etc\hosts_tmp
2013-04-07 14:50 - 2013-04-07 14:50 - 01621512 ____A (RaonSecure Co., Ltd.) C:\Windows\SysWOW64\CKSetup32.exe
2013-04-07 14:50 - 2013-04-07 14:50 - 00596320 ____A (RaonSecure Co., Ltd.) C:\Windows\SysWOW64\TouchEnKey.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00569864 ____A (RaonSecure Co., Ltd.) C:\Windows\SysWOW64\CKSetup64.exe
2013-04-07 14:50 - 2013-04-07 14:50 - 00531072 ____A (Interezen) C:\Windows\SysWOW64\I3GManager.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00434428 ____A (SoftForum Corporation) C:\Windows\SysWOW64\CKCSP.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00343560 ____A (RaonSecure Co., Ltd.) C:\Windows\SysWOW64\npKeyPro.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00237064 ____A (RaonSecure Co., Ltd.) C:\Windows\SysWOW64\CKApp.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00223432 ____A (Interezen) C:\Windows\SysWOW64\I3GEX.exe
2013-04-07 14:50 - 2013-04-07 14:50 - 00191072 ____A (Kings Information & Network) C:\Windows\SysWOW64\kcrypto.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00150512 ___RA (Lumensoft Co., Ltd.) C:\Windows\SysWOW64\CKAgent.exe
2013-04-07 14:50 - 2013-04-07 14:50 - 00150512 ___RA (Lumensoft Co., Ltd.) C:\Windows\System32\CKAgent.exe
2013-04-07 14:50 - 2013-04-07 14:50 - 00150512 ___RA (Lumensoft Co., Ltd.) C:\Windows\System32\CKAgent.dat
2013-04-07 14:50 - 2013-04-07 14:50 - 00141848 ____A (Kings Information & Network) C:\Windows\System32\kcrtx64.sys
2013-04-07 14:50 - 2013-04-07 14:50 - 00138704 ____A (Lumensoft Co., Ltd.) C:\Windows\SysWOW64\jrsoftcp.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00080816 ____A (Lumensoft Co., Ltd.) C:\Windows\SysWOW64\CKKeyProCert.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00072272 ____A C:\Windows\SysWOW64\cosa.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00058600 ____A (Interezen) C:\Windows\SysWOW64\I3Gescp.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00019888 ____A (lumensoft Corporation) C:\Windows\System32\JRSUKD25.SYS
2013-04-07 14:50 - 2013-04-07 14:50 - 00015512 ____A C:\Windows\SysWOW64\IRTrace.dll
2013-04-07 14:50 - 2013-04-07 14:50 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\AhnLab
2013-04-07 14:50 - 2013-04-07 14:50 - 00000000 ____D C:\Program Files (x86)\Interezen
2013-04-07 14:50 - 2013-04-05 15:43 - 00000000 ____D C:\Program Files\AhnLab
2013-04-07 14:49 - 2013-04-07 14:49 - 00000000 ____D C:\Program Files\NPKI
2013-04-07 14:49 - 2013-04-07 14:49 - 00000000 ____D C:\Program Files (x86)\Wizvera
2013-04-07 14:49 - 2013-04-07 14:49 - 00000000 ____D C:\Program Files (x86)\Softforum
2013-04-07 14:49 - 2013-04-07 14:49 - 00000000 ____D C:\Program Files (x86)\AhnLab
2013-04-06 22:25 - 2013-04-06 22:25 - 00000000 ____D C:\VTRoot
2013-04-06 22:17 - 2013-04-06 11:13 - 00000000 ____D C:\ProgramData\COMODO
2013-04-06 22:16 - 2013-04-06 22:16 - 00000000 ____D C:\ProgramData\Comodo Downloader
2013-04-06 22:16 - 2013-04-06 22:16 - 00000000 ____D C:\Program Files\COMODO
2013-04-06 21:40 - 2013-03-06 12:04 - 00283200 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2013-04-06 21:30 - 2013-04-06 21:30 - 00564824 ____A (Duplex Secure Ltd.) C:\Windows\System32\Drivers\sptd.sys
2013-04-06 17:23 - 2013-04-06 17:23 - 00000000 ____D C:\Program Files\K-Lite Codec Pack x64
2013-04-06 17:22 - 2013-04-06 17:22 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-04-06 16:13 - 2013-04-06 16:13 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\Ahead
2013-04-06 15:42 - 2013-04-06 15:42 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\GRETECH
2013-04-06 15:32 - 2013-04-06 15:32 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\Apple Computer
2013-04-06 12:00 - 2013-04-06 11:59 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-04-06 11:59 - 2013-04-06 11:59 - 00000000 ____D C:\ProgramData\Apple Computer
2013-04-06 11:58 - 2013-04-06 11:58 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Apple
2013-04-06 11:58 - 2013-04-06 11:58 - 00000000 ____D C:\ProgramData\Apple
2013-04-06 11:58 - 2013-04-06 11:58 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-04-06 11:58 - 2013-04-06 11:56 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\Real
2013-04-06 11:57 - 2013-04-06 11:57 - 00201872 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2013-04-06 11:57 - 2013-04-06 11:57 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\RealNetworks
2013-04-06 11:57 - 2013-04-06 11:57 - 00000000 ____D C:\ProgramData\RealNetworks
2013-04-06 11:57 - 2013-04-06 11:57 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2013-04-06 11:57 - 2013-04-06 11:56 - 00000000 ____D C:\Program Files (x86)\Real
2013-04-06 11:57 - 2013-04-06 11:43 - 00000000 ____D C:\ProgramData\Real
2013-04-06 11:56 - 2013-04-06 11:56 - 00272896 ____A (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2013-04-06 11:56 - 2013-04-06 11:56 - 00006656 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll
2013-04-06 11:56 - 2013-04-06 11:56 - 00005632 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll
2013-04-06 11:56 - 2006-07-17 07:00 - 00499712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2013-04-06 11:56 - 2006-07-17 07:00 - 00348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-04-06 11:06 - 2013-04-06 11:06 - 00000843 ____A C:\Users\Public\Desktop\μTorrent.lnk
2013-04-06 11:06 - 2013-04-06 11:04 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\WinRAR
2013-04-06 11:05 - 2013-04-06 11:05 - 00000000 ____D C:\Program Files\7-Zip
2013-04-06 11:04 - 2013-04-06 11:04 - 00000000 ____D C:\ProgramData\Sun
2013-04-06 11:04 - 2013-04-06 11:04 - 00000000 ____D C:\Program Files\WinRAR
2013-04-06 11:03 - 2013-04-06 11:04 - 00861088 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-04-06 11:03 - 2013-04-06 11:04 - 00782240 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-04-06 08:44 - 2013-02-24 01:12 - 00000000 ____D C:\Program Files (x86)\Hnc
2013-04-05 20:14 - 2013-04-05 20:14 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Apps\2.0
2013-04-05 15:43 - 2013-04-05 15:42 - 00000000 ____D C:\ProgramData\AhnLab
2013-04-05 15:19 - 2013-04-05 15:19 - 00000000 ____D C:\Program Files (x86)\Etron Technology
2013-04-05 15:18 - 2013-04-05 15:18 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\ECRSC
2013-04-05 15:17 - 2013-04-05 15:17 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\HNC
2013-04-05 15:16 - 2013-04-05 15:16 - 00001045 ____A C:\Users\Public\Desktop\한컴오피스 한글 2010.lnk
2013-04-05 15:16 - 2010-11-22 02:31 - 00000000 ____D C:\Windows\ShellNew
2013-04-05 15:15 - 2013-04-05 15:15 - 00000069 ____A C:\Windows\hjimesv.ini
2013-04-05 15:15 - 2013-04-05 15:15 - 00000016 ____A C:\Windows\SysWOW64\winhcfgb.ini
2013-04-05 15:15 - 2013-04-05 15:15 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\Macromedia
2013-04-05 15:06 - 2013-02-24 00:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-04-05 15:04 - 2013-04-05 15:04 - 00000000 ____D C:\Windows\PCHEALTH
2013-04-05 15:04 - 2013-04-05 15:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-04-05 15:04 - 2013-04-05 15:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-04-05 15:04 - 2013-04-05 15:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-04-05 15:04 - 2013-04-05 15:04 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-04-05 15:04 - 2013-04-05 15:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-04-05 15:04 - 2009-07-14 14:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-04-05 15:02 - 2013-04-05 15:02 - 00000000 ___RD C:\MSOCache
2013-04-05 15:02 - 2013-04-05 15:02 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\Microsoft Help
2013-04-05 15:02 - 2013-04-05 15:02 - 00000000 ____D C:\Program Files\Microsoft Office
2013-04-05 15:02 - 2013-04-05 15:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-04-05 15:02 - 2009-07-14 11:34 - 00000478 ____A C:\Windows\win.ini
2013-04-05 14:12 - 2009-07-14 12:20 - 00000000 ____D C:\Windows\rescache
2013-04-05 14:11 - 2013-04-05 14:11 - 00000000 ____D C:\Windows\KJ
2013-04-05 13:46 - 2013-04-05 13:46 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-04-05 13:46 - 2013-04-05 13:46 - 00000000 __SHD C:\Users\UpdatusUser\시작 메뉴
2013-04-05 13:46 - 2013-04-05 13:46 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-04-05 13:46 - 2013-02-24 01:46 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-04-05 13:45 - 2013-04-05 13:45 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-04-05 13:45 - 2009-07-14 12:20 - 00000000 ____D C:\Windows\Help
2013-04-05 13:44 - 2013-04-05 13:44 - 00000000 ____D C:\NVIDIA
2013-04-05 13:43 - 2013-02-24 01:02 - 00000000 ____D C:\HNC
2013-04-05 13:41 - 2013-04-05 13:41 - 00000000 ____D C:\Users\FamilyCom\AppData\Roaming\InstallShield
2013-04-05 13:41 - 2013-04-05 13:41 - 00000000 ____D C:\Program Files (x86)\ASM104xUSB3
2013-04-05 13:41 - 2013-04-05 13:35 - 00000000 ____D C:\Program Files (x86)\Intel
2013-04-05 13:40 - 2013-04-05 13:40 - 00000000 ____D C:\Windows\System32\appmgmt
2013-04-05 13:39 - 2013-04-05 13:36 - 00000000 ____D C:\ProgramData\Intel
2013-04-05 13:39 - 2013-04-05 13:36 - 00000000 ____D C:\Program Files\Intel
2013-04-05 13:38 - 2013-04-05 13:38 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-04-05 13:38 - 2013-04-05 13:38 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-04-05 13:38 - 2013-04-05 13:38 - 00000000 ____D C:\Program Files\Realtek
2013-04-05 13:37 - 2013-04-05 13:36 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-04-05 13:35 - 2013-04-05 13:35 - 00000000 ____D C:\Intel
2013-04-05 13:27 - 2013-04-05 13:27 - 00000020 ___SH C:\Users\FamilyCom\ntuser.ini
2013-04-05 13:27 - 2013-04-05 13:27 - 00000000 __SHD C:\Users\FamilyCom\시작 메뉴
2013-04-05 13:27 - 2013-04-05 13:27 - 00000000 ____D C:\Users\FamilyCom\AppData\Local\VirtualStore
2013-04-05 13:26 - 2013-04-05 13:26 - 00000000 __SHD C:\Users\Default\시작 메뉴
2013-04-05 13:26 - 2013-04-05 13:26 - 00000000 __SHD C:\ProgramData\시작 메뉴
2013-04-05 13:26 - 2013-04-05 13:26 - 00000000 __SHD C:\ProgramData\바탕 화면
2013-04-05 13:26 - 2013-04-05 13:26 - 00000000 ____D C:\Recovery
2013-04-05 13:26 - 2009-07-14 12:20 - 00000000 ____D C:\Program Files\Windows NT
2013-04-05 03:00 - 2013-04-06 17:23 - 00127488 ____A C:\Windows\System32\ff_vfw.dll
2013-04-05 03:00 - 2013-04-06 17:22 - 00112640 ____A C:\Windows\SysWOW64\ff_vfw.dll
2013-04-04 14:50 - 2013-04-17 08:07 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-04-04 05:35 - 2013-04-17 08:05 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-04-04 05:30 - 2013-04-17 08:05 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-04-04 05:29 - 2013-04-17 08:05 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-04-01 19:58 - 2013-02-24 01:48 - 72702784 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

neowing · Apr 18, 2013

4th is the last:-------------

==================== Known DLLs (Whitelisted) =================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2010-11-21 12:24] - [2011-01-16 09:01] - 0389632 ____A (Microsoft Corporation) 81257415084B84F3C0D95C381A8D4C8F

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2010-11-21 12:24] - [2011-01-16 09:01] - 1008640 ____A (Microsoft Corporation) 0B864E15A0BADFF0E7BB8B59009FDDCF

C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-04-16 18:56:08
Restore point made on: 2013-04-16 19:08:16
Restore point made on: 2013-04-16 19:16:51
Restore point made on: 2013-04-16 19:53:45
Restore point made on: 2013-04-16 19:59:31
Restore point made on: 2013-04-16 20:08:04
Restore point made on: 2013-04-16 20:18:29
Restore point made on: 2013-04-16 20:26:17
Restore point made on: 2013-04-16 20:54:53
Restore point made on: 2013-04-16 20:55:49
Restore point made on: 2013-04-16 21:15:48
Restore point made on: 2013-04-17 08:04:55
Restore point made on: 2013-04-17 13:43:39
Restore point made on: 2013-04-18 08:05:19
Restore point made on: 2013-04-18 08:48:17
Restore point made on: 2013-04-18 09:11:15

==================== Memory info ===========================

Percentage of memory in use: 9%
Total physical RAM: 8153.52 MB
Available physical RAM: 7351.57 MB
Total Pagefile: 8151.72 MB
Available Pagefile: 7352.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: () (Fixed) (Total:465.76 GB) (Free:402.78 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: () (Fixed) (Total:298.09 GB) (Free:82.41 GB) NTFS
3 Drive e: () (Fixed) (Total:465.75 GB) (Free:101.96 GB) NTFS
5 Drive g: (KINGSTON) (Removable) (Total:1.86 GB) (Free:1.29 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

디스크 ### 상태 크기 사용 가능 Dyn Gpt
---------- ------------- ------- ------------ --- ---
디스크 0 온라인 931 GB 1024 KB
디스크 1 온라인 298 GB 0 B
디스크 2 온라인 1905 MB 0 B

============================== MBR Partition Table ==================

Last Boot: 2013-04-05 14:54

==================== End Of Log =============================

Broni · Apr 18, 2013

That looks clean actually....

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Click the Scan All Users checkbox.
Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

neowing · Apr 18, 2013

1st: AdwCleaner--------------------

# AdwCleaner v2.200 - Logfile created 04/19/2013 at 10:06:37
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : FamilyCom - FAMILYCOM-PC
# Boot Mode : Normal
# Running from : C:\Users\FamilyCom\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla FireFox\searchplugins\qvo6.xml
Folder Deleted : C:\ProgramData\eSafe

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (ko)

File : C:\Users\FamilyCom\AppData\Roaming\Mozilla\Firefox\Profiles\0xr32m0f.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\FamilyCom\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1161 octets] - [19/04/2013 10:06:10]
AdwCleaner[S1].txt - [1098 octets] - [19/04/2013 10:06:37]

########## EOF - C:\AdwCleaner[S1].txt - [1158 octets] ##########

neowing · Apr 18, 2013

2nd JRT Log:--------------------------

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.5 (04.17.2013:1)
OS: Windows 7 Ultimate x64
Ran by FamilyCom on 2013-04-19 at 10:10:58.63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2013-04-19 at 10:32:05.30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

neowing · Apr 18, 2013

3rd: OTL ----------------------

OTL logfile created on: 2013-04-19 오전 10:34:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\FamilyCom\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000412 | Country: 대한민국 | Language: KOR | Date Format: yyyy-MM-dd

7.96 Gb Total Physical Memory | 6.49 Gb Available Physical Memory | 81.45% Memory free
15.92 Gb Paging File | 14.38 Gb Available in Paging File | 90.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.76 Gb Total Space | 402.67 Gb Free Space | 86.46% Space Free | Partition Type: NTFS
Drive D: | 465.75 Gb Total Space | 101.96 Gb Free Space | 21.89% Space Free | Partition Type: NTFS
Drive F: | 298.09 Gb Total Space | 82.41 Gb Free Space | 27.65% Space Free | Partition Type: NTFS

Computer Name: FAMILYCOM-PC | User Name: FamilyCom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-04-19 10:33:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\FamilyCom\Desktop\OTL.exe
PRC - [2013-04-17 13:27:24 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
PRC - [2013-04-17 11:57:08 | 000,207,560 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
PRC - [2013-04-17 11:57:08 | 000,194,760 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
PRC - [2013-04-17 11:57:08 | 000,070,344 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
PRC - [2013-04-06 11:56:57 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013-03-15 14:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013-03-14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013-03-07 08:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013-03-07 08:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013-03-06 02:21:50 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012-12-18 23:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-12-17 05:37:10 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2010-10-25 15:13:42 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV:64bit: - [2013-03-07 08:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013-01-24 22:43:06 | 003,724,472 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2013-01-24 22:42:44 | 000,158,928 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV:64bit: - [2012-02-09 16:26:48 | 000,133,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent)
SRV:64bit: - [2011-12-08 16:38:24 | 000,607,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2009-07-14 10:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 10:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013-04-17 13:27:24 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe -- (GeekBuddyRSP)
SRV - [2013-04-17 11:57:08 | 000,070,344 | ---- | M] (Comodo Security Solutions Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe -- (CLPSLauncher)
SRV - [2013-04-17 08:10:51 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-04-10 15:56:49 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-03-15 14:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013-03-14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013-03-06 02:21:50 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012-12-18 23:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-12-17 05:37:10 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-06-11 06:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013-04-19 10:07:58 | 000,034,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys -- (WPRO_41_2001)
DRV:64bit: - [2013-04-07 14:50:03 | 000,141,848 | ---- | M] (Kings Information & Network) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\kcrtx64.sys -- (kcrtx64)
DRV:64bit: - [2013-04-07 14:50:03 | 000,019,888 | ---- | M] (lumensoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\JRSUKD25.SYS -- (JRSUKD25)
DRV:64bit: - [2013-04-06 21:40:33 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013-04-06 21:30:12 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013-03-07 08:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013-03-07 08:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013-03-07 08:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013-03-07 08:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013-03-07 08:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013-03-07 08:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013-03-07 08:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013-03-07 08:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013-03-07 08:33:20 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013-01-16 19:51:44 | 000,023,176 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:64bit: - [2013-01-03 13:05:24 | 000,184,320 | ---- | M] (ohsoft) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtualDVD.sys -- (VirtualDVD)
DRV:64bit: - [2012-12-19 14:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012-09-14 16:42:00 | 000,118,072 | ---- | M] (AhnLab, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AmonTDLh.sys -- (AMonTDLH)
DRV:64bit: - [2012-07-03 11:58:00 | 000,031,744 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetadb.sys -- (andnetadb)
DRV:64bit: - [2012-07-03 11:50:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem)
DRV:64bit: - [2012-07-03 11:50:00 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag264.sys -- (AndNetDiag2)
DRV:64bit: - [2012-07-03 11:50:00 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag)
DRV:64bit: - [2012-03-01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-09 16:24:16 | 000,044,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:64bit: - [2012-02-09 16:24:16 | 000,025,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\imsevent.sys -- (imsevent)
DRV:64bit: - [2012-02-09 16:24:14 | 000,025,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent)
DRV:64bit: - [2011-11-10 18:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011-09-29 18:30:34 | 000,646,248 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011-02-08 13:30:52 | 000,064,512 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011-02-08 13:30:52 | 000,039,936 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2010-11-21 12:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010-11-21 12:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 12:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010-11-21 12:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010-11-21 12:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010-11-21 12:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010-11-21 12:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010-11-21 12:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 12:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-11-21 12:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-06-28 16:55:00 | 000,155,256 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\AhnLab\ASP\MyFirewall 4.0\mfipsent.sys -- (MfIPSEnt)
DRV:64bit: - [2010-06-28 16:55:00 | 000,126,072 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\AhnLab\ASP\MyFirewall 4.0\mffwent.sys -- (MfFWEnt)
DRV:64bit: - [2009-07-21 10:00:25 | 000,025,656 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CdmDrvNt.sys -- (CdmDrvNt)
DRV:64bit: - [2009-07-14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009-06-11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012-09-03 16:20:00 | 000,037,976 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\CFRMD.sys -- (CFRMD)
DRV - [2009-07-14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008-02-01 17:24:06 | 000,032,240 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054})

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3543073300-3519423333-1202189545-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.naver.com/
IE - HKU\S-1-5-21-3543073300-3519423333-1202189545-1002\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3543073300-3519423333-1202189545-1002\..\SearchScopes\{5CEF356C-D165-4616-9588-BD629DD7D1DF}: "URL" = http://search.naver.com/search.naver?where=nexearch&sm=ies_hty&query={searchTerms}
IE - HKU\S-1-5-21-3543073300-3519423333-1202189545-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3543073300-3519423333-1202189545-1003\..\SearchScopes,DefaultScope =

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npaosmgr.1: C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\npaosmgr.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@gomtv.com/gomtvx-plugin: C:\Program Files (x86)\Common Files\GRETECH\npgomtvx_nie.dll (Gretech Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@interezen.co.kr/npi3gmanager: C:\Program Files (x86)\Interezen\Plugins\NPI3GManager.dll (Interezen (c) Interezen.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@softforum.com/npKeyPro: C:\Windows\system32\npKeyPro.dll (RaonSecure Co., Ltd.)
FF - HKLM\Software\MozillaPlugins\@softforum.com/npXecureMacuxNPPlugin: C:\Program Files (x86)\Softforum\XecureWeb\NPPlugin\dll\npXecureMacuxNPPlugin.dll (Softforum, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wizvera.com/npVeraport20: C:\Program Files (x86)\Wizvera\Veraport20\npveraport20.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-04-06 11:57:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2013-04-12 17:09:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-04-06 11:57:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-04-12 17:11:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-04-18 09:11:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-04-16 19:32:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013-04-16 18:45:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FamilyCom\AppData\Roaming\mozilla\Extensions
[2013-04-16 19:32:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013-04-10 15:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013-04-10 17:53:24 | 000,004,779 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\danawa-kr.xml
[2013-04-10 17:53:23 | 000,008,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\daum-kr.xml
[2013-04-10 17:53:24 | 000,004,455 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\naver-kr.xml
[2013-04-10 17:53:24 | 000,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-kr.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google

riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: AhnLab Online Security (Enabled) = C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\npaosmgr.dll
CHR - plugin: gomtvx NIE Module (Enabled) = C:\Program Files (x86)\Common Files\GRETECH\npgomtvx_nie.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: INICIS INIpay Plugin (Enabled) = C:\Program Files (x86)\INICIS61\plugins\npINIwallet61.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: NPI3GManager (c) Interezen. plugin (Enabled) = C:\Program Files (x86)\Interezen\Plugins\NPI3GManager.dll
CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: Softforum XecureWeb Unified Plug-in (Enabled) = C:\Program Files (x86)\Softforum\XecureWeb\NPPlugin\dll\npXecureMacuxNPPlugin.dll
CHR - plugin: Veraport Mozilla Plugin (Enabled) = C:\Program Files (x86)\Wizvera\Veraport20\npveraport20.dll
CHR - plugin: RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: TouchEn Key for Multi-Browser (Enabled) = C:\Windows\system32\npKeyPro.dll
CHR - Extension: Google \uBB38\uC11C\uB3C4\uAD6C = C:\Users\FamilyCom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google \uB4DC\uB77C\uC774\uBE0C = C:\Users\FamilyCom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\FamilyCom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google \uAC80\uC0C9 = C:\Users\FamilyCom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! WebRep = C:\Users\FamilyCom\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: Kiwi IRC = C:\Users\FamilyCom\AppData\Local\Google\Chrome\User Data\Default\Extensions\malkpgopfalejggcogglkiemcknbiphe\0.5.4_0\
CHR - Extension: Gmail = C:\Users\FamilyCom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013-04-19 08:36:50 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe (COMODO)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [gbrspcontrol] C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
O4 - HKLM..\Run: [HncUpdate] C:\Program Files (x86)\Hnc\HncUtils\HncChecker.exe (Hancom Inc(HNC).)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-3543073300-3519423333-1202189545-1002..\Run: [uTorrent] C:\Users\FamilyCom\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-21-3543073300-3519423333-1202189545-1002..\Run: [VirtualDVD] C:\Program Files (x86)\VirtualDVD\VirtualDVD.exe (oh!soft)
O4 - HKU\S-1-5-21-3543073300-3519423333-1202189545-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3543073300-3519423333-1202189545-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3543073300-3519423333-1202189545-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3543073300-3519423333-1202189545-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3543073300-3519423333-1202189545-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O13 - gopher Prefix: missing
O16 - DPF: {1C3DB737-3814-495E-87D5-62968A2A1761} http://activex.off.co.kr/toolbar/DicoStarterX.cab (DicoStarter Control)
O16 - DPF: {6CE20149-ABE3-462E-A1B4-5B549971AA38} C:\Users\FAMILY~1\AppData\Local\Temp\5002543\TouchEnKey_Installer_x86.exe (XecureCKKB Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 168.126.63.1 168.126.63.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A127E362-2855-4737-A15D-DABB58F73491}: DhcpNameServer = 168.126.63.1 168.126.63.2
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

neowing · Apr 18, 2013

4th: Continue...------------------

========== Files/Folders - Created Within 30 Days ==========

[2013-04-19 10:33:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\FamilyCom\Desktop\OTL.exe
[2013-04-19 10:10:57 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013-04-19 10:10:37 | 000,000,000 | ---D | C] -- C:\JRT
[2013-04-19 10:09:44 | 000,551,702 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\FamilyCom\Desktop\JRT.exe
[2013-04-19 09:38:38 | 000,000,000 | ---D | C] -- C:\FRST
[2013-04-19 08:38:24 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013-04-19 08:35:37 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013-04-19 08:27:38 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013-04-18 09:34:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\COMODO
[2013-04-18 09:20:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013-04-18 09:17:55 | 000,022,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2013-04-18 09:14:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013-04-18 09:11:58 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013-04-18 09:11:57 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013-04-18 09:11:50 | 000,070,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013-04-18 09:11:49 | 000,068,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013-04-18 09:11:48 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013-04-18 09:11:47 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013-04-18 09:11:30 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013-04-18 08:24:35 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013-04-18 08:24:35 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013-04-18 08:24:35 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013-04-17 13:48:44 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013-04-17 13:48:23 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013-04-17 11:15:26 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\Desktop\RK_Quarantine
[2013-04-17 08:07:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013-04-17 08:07:46 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013-04-17 08:05:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013-04-16 21:33:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BOSS
[2013-04-16 21:19:52 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wrye Bash
[2013-04-16 21:19:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wrye Bash
[2013-04-16 21:16:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
[2013-04-16 20:57:07 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013-04-16 20:55:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013-04-16 20:53:58 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013-04-16 19:32:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013-04-16 18:45:26 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Mozilla
[2013-04-16 18:24:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013-04-16 18:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013-04-16 17:47:28 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Malwarebytes
[2013-04-16 17:47:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013-04-16 17:47:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013-04-16 17:15:26 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Macromedia
[2013-04-16 17:15:01 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Mozilla
[2013-04-16 17:14:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013-04-16 17:14:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013-04-15 17:05:48 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\Desktop\Pose
[2013-04-14 20:18:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Skyrim Mods
[2013-04-13 11:52:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Banktown
[2013-04-13 10:49:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\INICIS61
[2013-04-12 21:55:56 | 000,000,000 | ---D | C] -- C:\BOSS
[2013-04-12 18:17:24 | 000,000,000 | ---D | C] -- C:\Python27
[2013-04-12 18:03:47 | 000,000,000 | ---D | C] -- C:\Games
[2013-04-12 18:02:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
[2013-04-12 18:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\Nexus Mod Manager
[2013-04-12 17:55:26 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\Documents\Nexus Mod Manager
[2013-04-12 17:55:26 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Black_Tree_Gaming
[2013-04-12 17:52:22 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Skyrim
[2013-04-12 17:52:22 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\Documents\My Games
[2013-04-12 17:37:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2013-04-12 17:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2013-04-12 17:20:32 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2013-04-12 17:14:32 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\Adobe Flash Builder 4.5
[2013-04-12 17:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
[2013-04-12 17:08:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Story
[2013-04-12 17:08:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2013-04-12 17:03:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2013-04-12 17:03:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2013-04-12 17:03:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name
[2013-04-12 17:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013-04-12 17:01:10 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013-04-12 17:00:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5
[2013-04-12 17:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013-04-12 16:46:06 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\VirtualDVD
[2013-04-12 16:45:18 | 000,184,320 | ---- | C] (ohsoft) -- C:\Windows\SysNative\drivers\VirtualDVD.sys
[2013-04-12 16:45:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\VirtualDVD InstallData
[2013-04-12 16:45:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VirtualDVD
[2013-04-12 16:45:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDVD
[2013-04-10 20:25:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool
[2013-04-10 20:25:14 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
[2013-04-10 20:25:08 | 000,000,000 | ---D | C] -- C:\LGMobileUpgrade
[2013-04-09 22:10:15 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\반디집
[2013-04-09 22:10:10 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Bandizip
[2013-04-08 12:18:06 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\NVIDIA
[2013-04-08 11:10:55 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\LG Electronics
[2013-04-08 11:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
[2013-04-08 11:08:26 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\LG Electronics
[2013-04-08 11:06:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LG Electronics
[2013-04-07 14:51:11 | 000,118,072 | ---- | C] (AhnLab, Inc.) -- C:\Windows\SysNative\drivers\AmonTDLh.sys
[2013-04-07 14:50:39 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\AhnLab
[2013-04-07 14:50:07 | 000,596,320 | ---- | C] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\TouchEnKey.dll
[2013-04-07 14:50:07 | 000,434,428 | ---- | C] (SoftForum Corporation) -- C:\Windows\SysWow64\CKCSP.dll
[2013-04-07 14:50:07 | 000,343,560 | ---- | C] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\npKeyPro.dll
[2013-04-07 14:50:07 | 000,237,064 | ---- | C] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\CKApp.dll
[2013-04-07 14:50:07 | 000,191,072 | ---- | C] (Kings Information & Network) -- C:\Windows\SysWow64\kcrypto.dll
[2013-04-07 14:50:07 | 000,138,704 | ---- | C] (Lumensoft Co., Ltd.) -- C:\Windows\SysWow64\jrsoftcp.dll
[2013-04-07 14:50:07 | 000,080,816 | ---- | C] (Lumensoft Co., Ltd.) -- C:\Windows\SysWow64\CKKeyProCert.dll
[2013-04-07 14:50:06 | 000,150,512 | R--- | C] (Lumensoft Co., Ltd.) -- C:\Windows\SysWow64\CKAgent.exe
[2013-04-07 14:50:03 | 001,621,512 | ---- | C] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\CKSetup32.exe
[2013-04-07 14:50:03 | 000,569,864 | ---- | C] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\CKSetup64.exe
[2013-04-07 14:50:03 | 000,150,512 | R--- | C] (Lumensoft Co., Ltd.) -- C:\Windows\SysNative\CKAgent.exe
[2013-04-07 14:50:03 | 000,150,512 | R--- | C] (Lumensoft Co., Ltd.) -- C:\Windows\SysNative\CKAgent.dat
[2013-04-07 14:50:03 | 000,141,848 | ---- | C] (Kings Information & Network) -- C:\Windows\SysNative\kcrtx64.sys
[2013-04-07 14:50:03 | 000,019,888 | ---- | C] (lumensoft Corporation) -- C:\Windows\SysNative\JRSUKD25.SYS
[2013-04-07 14:50:02 | 000,531,072 | ---- | C] (Interezen) -- C:\Windows\SysWow64\I3GManager.dll
[2013-04-07 14:50:02 | 000,223,432 | ---- | C] (Interezen) -- C:\Windows\SysWow64\I3GEX.exe
[2013-04-07 14:50:02 | 000,058,600 | ---- | C] (Interezen) -- C:\Windows\SysWow64\I3Gescp.dll
[2013-04-07 14:50:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Interezen
[2013-04-07 14:49:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AhnLab
[2013-04-07 14:49:46 | 000,000,000 | ---D | C] -- C:\Program Files\NPKI
[2013-04-07 14:49:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Softforum
[2013-04-07 14:49:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wizvera
[2013-04-06 22:25:14 | 000,000,000 | ---D | C] -- C:\VTRoot
[2013-04-06 22:16:32 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2013-04-06 22:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2013-04-06 21:40:28 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\DAEMON Tools Lite
[2013-04-06 21:40:27 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013-04-06 21:36:57 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Diagnostics
[2013-04-06 21:30:12 | 000,564,824 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2013-04-06 17:24:18 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Media Player Classic
[2013-04-06 17:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack x64
[2013-04-06 17:23:57 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack x64
[2013-04-06 17:22:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2013-04-06 17:22:49 | 003,649,536 | ---- | C] (x264vfw project) -- C:\Windows\SysWow64\x264vfw.dll
[2013-04-06 17:22:49 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm
[2013-04-06 17:22:49 | 000,039,936 | ---- | C] (Disappearing Inc.) -- C:\Windows\SysWow64\huffyuv.dll
[2013-04-06 17:22:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2013-04-06 17:22:20 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Programs
[2013-04-06 16:16:55 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Adobe
[2013-04-06 16:13:38 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Ahead
[2013-04-06 15:42:48 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\GRETECH
[2013-04-06 15:32:51 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Apple Computer
[2013-04-06 12:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013-04-06 11:59:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013-04-06 11:59:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013-04-06 11:59:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013-04-06 11:58:56 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Apple
[2013-04-06 11:58:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013-04-06 11:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013-04-06 11:57:22 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\RealNetworks
[2013-04-06 11:57:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks
[2013-04-06 11:57:08 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2013-04-06 11:57:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2013-04-06 11:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2013-04-06 11:56:57 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2013-04-06 11:56:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2013-04-06 11:56:41 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Real
[2013-04-06 11:43:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2013-04-06 11:13:28 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
[2013-04-06 11:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2013-04-06 11:13:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2013-04-06 11:05:33 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\uTorrent
[2013-04-06 11:05:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013-04-06 11:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013-04-06 11:04:37 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\WinRAR
[2013-04-06 11:04:37 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013-04-06 11:04:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013-04-06 11:04:28 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013-04-06 11:04:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013-04-06 11:03:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013-04-06 10:57:48 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Desktop\QUICK
[2013-04-05 22:28:20 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\CrashDumps
[2013-04-05 20:15:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chrome
[2013-04-05 20:15:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013-04-05 20:14:59 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Google
[2013-04-05 20:14:50 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Apps
[2013-04-05 20:14:49 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Deployment
[2013-04-05 15:44:48 | 003,045,104 | ---- | C] (AhnLab, Inc.) -- C:\Windows\SysNative\btscan.exe
[2013-04-05 15:44:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AhnLab
[2013-04-05 15:43:18 | 000,025,656 | ---- | C] (AhnLab, Inc.) -- C:\Windows\SysNative\drivers\CdmDrvNt.sys
[2013-04-05 15:43:16 | 000,000,000 | ---D | C] -- C:\Program Files\AhnLab
[2013-04-05 15:42:13 | 000,000,000 | ---D | C] -- C:\ProgramData\AhnLab
[2013-04-05 15:19:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Etron Technology
[2013-04-05 15:18:58 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Estsoft
[2013-04-05 15:18:56 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\ECRSC
[2013-04-05 15:17:53 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\HNC
[2013-04-05 15:17:09 | 000,065,136 | ---- | C] (Hancom Inc.) -- C:\Windows\SysNative\HNCE2PPRMON80.dll
[2013-04-05 15:16:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\한글과컴퓨터
[2013-04-05 15:15:58 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Macromedia
[2013-04-05 15:15:57 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Adobe
[2013-04-05 15:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2013-04-05 15:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013-04-05 15:05:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013-04-05 15:04:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2013-04-05 15:04:41 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013-04-05 15:04:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013-04-05 15:04:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2013-04-05 15:04:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013-04-05 15:04:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013-04-05 15:02:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013-04-05 15:02:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013-04-05 15:02:18 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Microsoft Help
[2013-04-05 15:02:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013-04-05 15:02:08 | 000,000,000 | R--D | C] -- C:\MSOCache
[2013-04-05 14:12:02 | 000,000,000 | R--D | C] -- C:\Windows Activation Technologies
[2013-04-05 14:11:13 | 000,000,000 | ---D | C] -- C:\Windows\KJ
[2013-04-05 13:46:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013-04-05 13:46:15 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013-04-05 13:45:42 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013-04-05 13:44:07 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013-04-05 13:41:36 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\InstallShield
[2013-04-05 13:41:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2013-04-05 13:40:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2013-04-05 13:39:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2013-04-05 13:38:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013-04-05 13:38:07 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013-04-05 13:38:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013-04-05 13:37:53 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2013-04-05 13:37:53 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013-04-05 13:37:53 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013-04-05 13:37:53 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013-04-05 13:37:53 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013-04-05 13:37:50 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2013-04-05 13:37:50 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013-04-05 13:37:50 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013-04-05 13:37:50 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2013-04-05 13:37:50 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2013-04-05 13:37:50 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2013-04-05 13:37:48 | 002,132,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2013-04-05 13:37:48 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013-04-05 13:37:46 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013-04-05 13:37:43 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2013-04-05 13:37:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013-04-05 13:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013-04-05 13:36:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2013-04-05 13:36:00 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2013-04-05 13:35:42 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2013-04-05 13:35:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013-04-05 13:35:29 | 000,000,000 | ---D | C] -- C:\Intel
[2013-04-05 13:27:27 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013-04-05 13:27:27 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Searches
[2013-04-05 13:27:27 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013-04-05 13:27:26 | 000,000,000 | -H-D | C] -- C:\Users\FamilyCom\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013-04-05 13:27:19 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Identities
[2013-04-05 13:27:17 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Contacts
[2013-04-05 13:27:06 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\VirtualStore
[2013-04-05 13:27:04 | 000,000,000 | --SD | C] -- C:\Users\FamilyCom\AppData\Roaming\Microsoft
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Videos
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Saved Games
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Pictures
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Music
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Links
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Favorites
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Downloads
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Documents
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Desktop
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\시작 메뉴
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\AppData\Local\Temporary Internet Files
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\Templates
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\SendTo
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\Recent
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\PrintHood
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\NetHood
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\Documents\My Videos
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\Documents\My Pictures
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\Documents\My Music
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\My Documents
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\Local Settings
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\AppData\Local\History
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\Cookies
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\Application Data
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\AppData\Local\Application Data
[2013-04-05 13:27:04 | 000,000,000 | -H-D | C] -- C:\Users\FamilyCom\AppData
[2013-04-05 13:27:04 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Temp
[2013-04-05 13:27:04 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Microsoft
[2013-04-05 13:27:04 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Media Center Programs
[2013-04-05 13:26:53 | 000,000,000 | ---D | C] -- C:\Recovery
[2013-04-05 13:26:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\시작 메뉴
[2013-04-05 13:26:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\바탕 화면
[2013-03-23 09:30:16 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\Desktop\mbar
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-04-19 10:33:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\FamilyCom\Desktop\OTL.exe
[2013-04-19 10:20:00 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-04-19 10:14:58 | 003,410,714 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-04-19 10:14:58 | 000,666,534 | ---- | M] () -- C:\Windows\SysNative\perfh019.dat
[2013-04-19 10:14:58 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-04-19 10:14:58 | 000,402,744 | ---- | M] () -- C:\Windows\SysNative\perfh012.dat
[2013-04-19 10:14:58 | 000,383,348 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2013-04-19 10:14:58 | 000,371,100 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2013-04-19 10:14:58 | 000,355,130 | ---- | M] () -- C:\Windows\SysNative\prfh0804.dat
[2013-04-19 10:14:58 | 000,128,694 | ---- | M] () -- C:\Windows\SysNative\perfc019.dat
[2013-04-19 10:14:58 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2013-04-19 10:14:58 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-04-19 10:14:58 | 000,101,692 | ---- | M] () -- C:\Windows\SysNative\perfc012.dat
[2013-04-19 10:14:58 | 000,101,230 | ---- | M] () -- C:\Windows\SysNative\prfc0804.dat
[2013-04-19 10:14:58 | 000,096,316 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2013-04-19 10:09:47 | 000,551,702 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\FamilyCom\Desktop\JRT.exe
[2013-04-19 10:08:01 | 000,000,686 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-04-19 10:07:58 | 000,034,752 | ---- | M] () -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys
[2013-04-19 10:07:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-04-19 10:07:42 | 2117,218,303 | -HS- | M] () -- C:\hiberfil.sys
[2013-04-19 10:07:14 | 000,025,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-04-19 10:07:13 | 000,025,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-04-19 10:03:05 | 000,613,083 | ---- | M] () -- C:\Users\FamilyCom\Desktop\adwcleaner.exe
[2013-04-19 08:44:00 | 000,000,622 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-04-19 08:36:50 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013-04-18 09:46:35 | 000,002,079 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013-04-18 09:34:20 | 000,002,047 | ---- | M] () -- C:\Users\Public\Desktop\AntiError.lnk
[2013-04-18 09:34:20 | 000,002,043 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2013-04-18 09:34:20 | 000,002,043 | ---- | M] () -- C:\Users\Public\Desktop\GeekBuddy.lnk
[2013-04-18 09:21:21 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013-04-17 08:07:48 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013-04-16 21:51:02 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013-04-16 20:15:40 | 005,293,088 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-04-16 19:32:32 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013-04-16 19:30:12 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2013-04-12 17:09:10 | 000,001,085 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Content Viewer.lnk
[2013-04-12 16:45:18 | 000,001,035 | ---- | M] () -- C:\Users\FamilyCom\Desktop\VirtualDVD.lnk
[2013-04-10 20:25:23 | 000,002,427 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013-04-10 20:25:20 | 000,000,831 | ---- | M] () -- C:\Users\FamilyCom\Desktop\LGMobile Support Tool.lnk
[2013-04-09 22:10:15 | 000,001,136 | ---- | M] () -- C:\Users\FamilyCom\Application Data\Microsoft\Internet Explorer\Quick Launch\반디집.lnk
[2013-04-09 21:30:00 | 003,045,104 | ---- | M] (AhnLab, Inc.) -- C:\Windows\SysNative\btscan.exe
[2013-04-08 11:15:59 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_lgandnetadb_01005.Wdf
[2013-04-08 11:15:55 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013-04-08 11:08:35 | 000,001,210 | ---- | M] () -- C:\Users\Public\Desktop\LG PC Suite.lnk
[2013-04-07 14:54:04 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_tmp
[2013-04-07 14:50:07 | 000,596,320 | ---- | M] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\TouchEnKey.dll
[2013-04-07 14:50:07 | 000,434,428 | ---- | M] (SoftForum Corporation) -- C:\Windows\SysWow64\CKCSP.dll
[2013-04-07 14:50:07 | 000,343,560 | ---- | M] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\npKeyPro.dll
[2013-04-07 14:50:07 | 000,237,064 | ---- | M] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\CKApp.dll
[2013-04-07 14:50:07 | 000,191,072 | ---- | M] (Kings Information & Network) -- C:\Windows\SysWow64\kcrypto.dll
[2013-04-07 14:50:07 | 000,138,704 | ---- | M] (Lumensoft Co., Ltd.) -- C:\Windows\SysWow64\jrsoftcp.dll
[2013-04-07 14:50:07 | 000,080,816 | ---- | M] (Lumensoft Co., Ltd.) -- C:\Windows\SysWow64\CKKeyProCert.dll
[2013-04-07 14:50:06 | 000,150,512 | R--- | M] (Lumensoft Co., Ltd.) -- C:\Windows\SysWow64\CKAgent.exe
[2013-04-07 14:50:03 | 001,621,512 | ---- | M] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\CKSetup32.exe
[2013-04-07 14:50:03 | 000,569,864 | ---- | M] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\CKSetup64.exe
[2013-04-07 14:50:03 | 000,150,512 | R--- | M] (Lumensoft Co., Ltd.) -- C:\Windows\SysNative\CKAgent.exe
[2013-04-07 14:50:03 | 000,150,512 | R--- | M] (Lumensoft Co., Ltd.) -- C:\Windows\SysNative\CKAgent.dat
[2013-04-07 14:50:03 | 000,141,848 | ---- | M] (Kings Information & Network) -- C:\Windows\SysNative\kcrtx64.sys
[2013-04-07 14:50:03 | 000,019,888 | ---- | M] (lumensoft Corporation) -- C:\Windows\SysNative\JRSUKD25.SYS
[2013-04-07 14:50:02 | 000,531,072 | ---- | M] (Interezen) -- C:\Windows\SysWow64\I3GManager.dll
[2013-04-07 14:50:02 | 000,223,432 | ---- | M] (Interezen) -- C:\Windows\SysWow64\I3GEX.exe
[2013-04-07 14:50:02 | 000,072,272 | ---- | M] () -- C:\Windows\SysWow64\cosa.dll
[2013-04-07 14:50:02 | 000,058,600 | ---- | M] (Interezen) -- C:\Windows\SysWow64\I3Gescp.dll
[2013-04-07 14:50:02 | 000,015,512 | ---- | M] () -- C:\Windows\SysWow64\IRTrace.dll
[2013-04-06 21:40:33 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013-04-06 21:30:12 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2013-04-06 11:56:57 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2013-04-06 11:06:17 | 000,000,843 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2013-04-06 08:42:21 | 000,002,283 | ---- | M] () -- C:\Users\FamilyCom\Application Data\Microsoft\Internet Explorer\Quick Launch\Chrome.lnk
[2013-04-05 15:16:51 | 000,001,045 | ---- | M] () -- C:\Users\Public\Desktop\한컴오피스 한글 2010.lnk
[2013-04-05 15:15:53 | 000,001,373 | ---- | M] () -- C:\Users\FamilyCom\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013-04-05 15:15:50 | 000,000,069 | ---- | M] () -- C:\Windows\hjimesv.ini
[2013-04-05 15:15:49 | 000,000,016 | ---- | M] () -- C:\Windows\SysWow64\winhcfgb.ini
[2013-04-05 13:26:48 | 001,637,287 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013-04-05 13:26:48 | 001,637,287 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013-04-05 03:00:00 | 000,127,488 | ---- | M] () -- C:\Windows\SysNative\ff_vfw.dll
[2013-04-05 03:00:00 | 000,112,640 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013-04-04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-04-19 10:03:01 | 000,613,083 | ---- | C] () -- C:\Users\FamilyCom\Desktop\adwcleaner.exe
[2013-04-18 09:34:20 | 000,002,047 | ---- | C] () -- C:\Users\Public\Desktop\AntiError.lnk
[2013-04-18 09:34:20 | 000,002,043 | ---- | C] () -- C:\Users\Public\Desktop\GeekBuddy.lnk
[2013-04-18 09:20:53 | 000,002,079 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013-04-18 08:24:35 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013-04-18 08:24:35 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013-04-18 08:24:35 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013-04-18 08:24:35 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013-04-18 08:24:35 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013-04-17 08:07:48 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013-04-16 21:51:02 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013-04-16 21:19:44 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\pythoncom27.dll
[2013-04-16 21:19:44 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\pywintypes27.dll
[2013-04-16 21:19:44 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\pythoncomloader27.dll
[2013-04-16 20:57:12 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013-04-16 20:57:12 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013-04-16 20:57:07 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013-04-16 19:32:32 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013-04-16 19:32:32 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013-04-12 18:02:58 | 000,000,890 | ---- | C] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2013-04-12 17:43:30 | 000,000,962 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls V Skyrim Dragonborn.lnk
[2013-04-12 17:11:21 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
[2013-04-12 17:11:21 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
[2013-04-12 17:09:18 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
[2013-04-12 17:09:10 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk
[2013-04-12 17:09:10 | 000,001,085 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Content Viewer.lnk
[2013-04-12 17:00:15 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2013-04-12 16:45:18 | 000,001,035 | ---- | C] () -- C:\Users\FamilyCom\Desktop\VirtualDVD.lnk
[2013-04-10 20:25:20 | 000,000,831 | ---- | C] () -- C:\Users\FamilyCom\Desktop\LGMobile Support Tool.lnk
[2013-04-10 20:25:17 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2013-04-10 20:25:17 | 000,002,427 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013-04-09 22:10:15 | 000,001,136 | ---- | C] () -- C:\Users\FamilyCom\Application Data\Microsoft\Internet Explorer\Quick Launch\반디집.lnk
[2013-04-08 11:15:59 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_lgandnetadb_01005.Wdf
[2013-04-08 11:15:55 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013-04-08 11:08:35 | 000,001,210 | ---- | C] () -- C:\Users\Public\Desktop\LG PC Suite.lnk
[2013-04-07 14:50:02 | 000,072,272 | ---- | C] () -- C:\Windows\SysWow64\cosa.dll
[2013-04-07 14:50:02 | 000,015,512 | ---- | C] () -- C:\Windows\SysWow64\IRTrace.dll
[2013-04-06 17:23:59 | 000,206,336 | ---- | C] () -- C:\Windows\SysNative\unrar64.dll
[2013-04-06 17:23:59 | 000,148,992 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll
[2013-04-06 17:23:58 | 000,127,488 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll
[2013-04-06 17:22:49 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013-04-06 17:22:49 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013-04-06 17:22:49 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013-04-06 17:22:49 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013-04-06 17:22:47 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013-04-06 11:58:56 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013-04-06 11:13:23 | 000,002,043 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2013-04-06 11:06:17 | 000,000,843 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2013-04-05 20:15:39 | 000,002,283 | ---- | C] () -- C:\Users\FamilyCom\Application Data\Microsoft\Internet Explorer\Quick Launch\Chrome.lnk
[2013-04-05 20:15:07 | 000,000,690 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-04-05 20:15:05 | 000,000,686 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-04-05 15:16:51 | 000,001,045 | ---- | C] () -- C:\Users\Public\Desktop\한컴오피스 한글 2010.lnk
[2013-04-05 15:15:53 | 000,001,373 | ---- | C] () -- C:\Users\FamilyCom\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013-04-05 15:15:50 | 000,000,069 | ---- | C] () -- C:\Windows\hjimesv.ini
[2013-04-05 15:15:49 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\winhcfgb.ini
[2013-04-05 15:14:45 | 000,667,136 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.dll
[2013-04-05 15:14:45 | 000,667,136 | ---- | C] () -- C:\Windows\SysNative\OGACheckControl.dll
[2013-04-05 14:11:23 | 000,405,881 | ---- | C] () -- C:\Windows\KJ.exe
[2013-04-05 13:45:53 | 003,065,455 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013-04-05 13:45:23 | 000,017,738 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2013-04-05 13:39:25 | 000,034,752 | ---- | C] () -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys
[2013-04-05 13:37:50 | 000,150,996 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2013-04-05 13:36:52 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2013-04-05 13:36:09 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2013-04-05 13:27:32 | 000,001,345 | ---- | C] () -- C:\Users\FamilyCom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013-04-05 13:27:28 | 000,001,379 | ---- | C] () -- C:\Users\FamilyCom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013-04-05 13:27:04 | 000,000,290 | ---- | C] () -- C:\Users\FamilyCom\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013-04-05 13:27:04 | 000,000,272 | ---- | C] () -- C:\Users\FamilyCom\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013-02-24 01:01:53 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\winhcfga.ini
[2011-12-08 16:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009-07-14 13:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 14:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 13:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 10:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 12:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 10:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013-04-07 14:50:39 | 000,000,000 | ---D | M] -- C:\Users\FamilyCom\AppData\Roaming\AhnLab
[2013-04-12 16:34:19 | 000,000,000 | ---D | M] -- C:\Users\FamilyCom\AppData\Roaming\DAEMON Tools Lite
[2013-04-05 15:17:53 | 000,000,000 | ---D | M] -- C:\Users\FamilyCom\AppData\Roaming\HNC
[2013-04-16 19:21:16 | 000,000,000 | ---D | M] -- C:\Users\FamilyCom\AppData\Roaming\LG Electronics
[2013-04-19 10:10:18 | 000,000,000 | ---D | M] -- C:\Users\FamilyCom\AppData\Roaming\uTorrent
[2013-04-12 16:46:06 | 000,000,000 | ---D | M] -- C:\Users\FamilyCom\AppData\Roaming\VirtualDVD

========== Purity Check ==========

< End of report >

neowing · Apr 18, 2013

5th: Extra-END----------------------------------

OTL Extras logfile created on: 2013-04-19 오전 10:34:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\FamilyCom\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000412 | Country: 대한민국 | Language: KOR | Date Format: yyyy-MM-dd

7.96 Gb Total Physical Memory | 6.49 Gb Available Physical Memory | 81.45% Memory free
15.92 Gb Paging File | 14.38 Gb Available in Paging File | 90.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.76 Gb Total Space | 402.67 Gb Free Space | 86.46% Space Free | Partition Type: NTFS
Drive D: | 465.75 Gb Total Space | 101.96 Gb Free Space | 21.89% Space Free | Partition Type: NTFS
Drive F: | 298.09 Gb Total Space | 82.41 Gb Free Space | 27.65% Space Free | Partition Type: NTFS

Computer Name: FAMILYCOM-PC | User Name: FamilyCom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3543073300-3519423333-1202189545-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{73556754-35CC-491C-9BE5-BA2CBEADAB6F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{942C3672-C76D-44A4-A872-AE8A87C21187}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.5 |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{10C04140-2FCF-436F-B018-E597AAA304E2}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd8\powerdvd8.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1AECB5BA-6F68-467F-B551-97C15B584C31}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{2FBE2089-8A53-4490-89C0-F2D56BC5FBF0}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe flash builder 4.5\flashbuilder.exe |
"{35105F78-DF1F-452C-A7BB-F9021090A766}" = protocol=17 | dir=in | app=c:\users\familycom\appdata\roaming\utorrent\utorrent.exe |
"{43FC5760-73E4-4A2C-9475-FE1B1373CDDB}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe flash builder 4.5\flashbuilder.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7CEBDCF8-F9C2-4C82-8EA6-39EC4D0E845E}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{7F0235F0-3B05-4F12-AC6D-7250D795385C}" = protocol=6 | dir=in | app=c:\users\familycom\appdata\roaming\utorrent\utorrent.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8CB693BC-2BD7-42B4-8B2B-4B90BD56D955}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{A3190664-8652-4AC5-A49B-7928DC6F7B7B}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B0E85CEA-E4D9-41F3-B72E-93AD3612BDB2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{BD7301E8-9CE4-4268-8567-B961F7E92D38}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EAB8F14C-167D-4DE7-98C5-C5682EFCB8B9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{6199B534-A1B6-46ED-873B-97B0ECF8F81E}" = Intel® Trusted Connect Service Client
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90140000-0028-0412-1000-0000000FF1CE}" = Microsoft Office IME (Korean) 2010
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0412-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Korean) 2010
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision 드라이버 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA 제어판 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA 그래픽 드라이버 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision 컨트롤러 드라이버 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX 시스템 소프트웨어 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA 업데이트 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD 오디오 드라이버 1.3.23.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BCC0552D-76C0-4130-BFBD-49BE49ACC594}" = COMODO Internet Security
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DAA6FB09-5AE6-4A1A-9C13-5A583B5DB30D}" = Intel(R) Smart Connect Technology 2.0 x64
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"CCleaner" = CCleaner
"KLiteCodecPack64_is1" = K-Lite Codec Pack 9.8.5 (64-bit)
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0ABBF310-94E4-4AE8-A6BD-10345A3F6439}" = Google Drive
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{291ADE12-A46B-4B39-BC9E-94C756EDCFF2}" = 한컴오피스 2010
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{2D992E01-604B-472C-A883-1DDA105A24D5}_is1" = Veraport20(보안모듈 관리 프로그램) - 2,5,2,3
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{887868A2-D6DE-3255-AA92-AA0B5A59B874}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0412-0000-0000000FF1CE}" = Microsoft Office Access MUI (Korean) 2010
"{90140000-0016-0412-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Korean) 2010
"{90140000-0018-0412-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Korean) 2010
"{90140000-0019-0412-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Korean) 2010
"{90140000-001A-0412-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Korean) 2010
"{90140000-001B-0412-0000-0000000FF1CE}" = Microsoft Office Word MUI (Korean) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0412-0000-0000000FF1CE}" = Microsoft Office Proof (Korean) 2010
"{90140000-0028-0412-0000-0000000FF1CE}" = Microsoft Office IME (Korean) 2010
"{90140000-002C-0412-0000-0000000FF1CE}" = Microsoft Office Proofing (Korean) 2010
"{90140000-0044-0412-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Korean) 2010
"{90140000-006E-0412-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Korean) 2010
"{90140000-00A1-0412-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Korean) 2010
"{90140000-00BA-0412-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Korean) 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A20A58C4-6784-4B4B-86CC-94E2E3671042}" = Nero 7 Ultra Edition
"{A47642B2-4CB5-4325-8093-C88D4747953F}" = GeekBuddy
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Fran?is, Deutsch
"{AC76BA86-7AD7-1042-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Korean
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
"{C0C31BCC-56FB-42a7-8766-D29E1BD74C7C}" = Python 2.7.3
"{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D57FC112-312E-4D70-860F-2DB8FB6858F0}" = Adobe Creative Suite 5.5 Master Collection
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}" = RealDownloader
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple 응용 프로그램 지원
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AhnLab Online Security" = AhnLab Online Security
"avast" = avast! Free Antivirus
"BOSS" = BOSS
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story
"com.adobe.dmp.contentviewer" = Adobe Content Viewer
"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser
"comtypes-py2.7" = Python 2.7 comtypes-0.6.2
"DtsFilter" = DTS+AC3 필터
"GOM Player" = 곰플레이어
"GomTV Launcher Plugin" = 곰TV 플러그인
"Google Chrome" = Chrome
"Haansoft HOffice 80 Korean" = 한컴오피스 2010
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"IPinside Agent" = IPinside Agent
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.8.5
"LG PC Suite" = LG PC Suite
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware 버전 1.75.0.1300
"Mozilla Firefox 20.0.1 (x86 ko)" = Mozilla Firefox 20.0.1 (x86 ko)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPEG2코덱(libmpeg2/mad)" = MPEG2코덱(libmpeg2/mad)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"pywin32-py2.7" = Python 2.7 pywin32-218
"RealPlayer 16.0" = RealPlayer
"TouchEn_key" = TouchEn key with E2E for 32bit
"uTorrent" = µTorrent
"VirtualDVD_is1" = VirtualDVD 2.5.0.0
"Wrye Bash" = Wrye Bash
"wxPython2.8-unicode-py27_is1" = wxPython 2.8.12.1 (unicode) for Python 2.7
"XecureWeb UnifiedPlugin" = XecureWeb UnifiedPlugin

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3543073300-3519423333-1202189545-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Bandizip" = 반디집

< End of report >

Broni · Apr 18, 2013

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

Code:

:OTL
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-21-3543073300-3519423333-1202189545-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
You will get a log that shows the results of the fix. Please post it.

NOTE. If for any reason OTL stalls (most likely at "killing processes..." step) run the fix from safe mode.
Last scans...

Download Security Check from here or here and save it to your Desktop.

Double-click SecurityCheck.exe
Follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

Make sure the following options are checked:
- Internet Services
- Windows Firewall
- System Restore
- Security Center
- Windows Update
- Windows Defender
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

Please run a free online scan with the ESET Online Scanner

Disable your antivirus program
Tick the box next to YES, I accept the Terms of Use
Click Start
Accept any security warnings from your browser.
Check Scan archives
Click Start
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click on List of found threats
Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
NOTE. If Eset won't find any threats, it won't produce any log.

neowing · Apr 18, 2013

1ST ---------- OTL

OTL logfile created on: 2013-04-19 오전 10:34:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\FamilyCom\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000412 | Country: 대한민국 | Language: KOR | Date Format: yyyy-MM-dd

7.96 Gb Total Physical Memory | 6.49 Gb Available Physical Memory | 81.45% Memory free
15.92 Gb Paging File | 14.38 Gb Available in Paging File | 90.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.76 Gb Total Space | 402.67 Gb Free Space | 86.46% Space Free | Partition Type: NTFS
Drive D: | 465.75 Gb Total Space | 101.96 Gb Free Space | 21.89% Space Free | Partition Type: NTFS
Drive F: | 298.09 Gb Total Space | 82.41 Gb Free Space | 27.65% Space Free | Partition Type: NTFS

Computer Name: FAMILYCOM-PC | User Name: FamilyCom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-04-19 10:33:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\FamilyCom\Desktop\OTL.exe
PRC - [2013-04-17 13:27:24 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
PRC - [2013-04-17 11:57:08 | 000,207,560 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
PRC - [2013-04-17 11:57:08 | 000,194,760 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
PRC - [2013-04-17 11:57:08 | 000,070,344 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
PRC - [2013-04-06 11:56:57 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013-03-15 14:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013-03-14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013-03-07 08:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013-03-07 08:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013-03-06 02:21:50 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012-12-18 23:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-12-17 05:37:10 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2010-10-25 15:13:42 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV:64bit: - [2013-03-07 08:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013-01-24 22:43:06 | 003,724,472 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2013-01-24 22:42:44 | 000,158,928 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV:64bit: - [2012-02-09 16:26:48 | 000,133,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent)
SRV:64bit: - [2011-12-08 16:38:24 | 000,607,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2009-07-14 10:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 10:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013-04-17 13:27:24 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe -- (GeekBuddyRSP)
SRV - [2013-04-17 11:57:08 | 000,070,344 | ---- | M] (Comodo Security Solutions Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe -- (CLPSLauncher)
SRV - [2013-04-17 08:10:51 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-04-10 15:56:49 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-03-15 14:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013-03-14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013-03-06 02:21:50 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012-12-18 23:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-12-17 05:37:10 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-06-11 06:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013-04-19 10:07:58 | 000,034,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys -- (WPRO_41_2001)
DRV:64bit: - [2013-04-07 14:50:03 | 000,141,848 | ---- | M] (Kings Information & Network) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\kcrtx64.sys -- (kcrtx64)
DRV:64bit: - [2013-04-07 14:50:03 | 000,019,888 | ---- | M] (lumensoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\JRSUKD25.SYS -- (JRSUKD25)
DRV:64bit: - [2013-04-06 21:40:33 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013-04-06 21:30:12 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013-03-07 08:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013-03-07 08:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013-03-07 08:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013-03-07 08:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013-03-07 08:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013-03-07 08:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013-03-07 08:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013-03-07 08:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013-03-07 08:33:20 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013-01-16 19:51:44 | 000,023,176 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:64bit: - [2013-01-03 13:05:24 | 000,184,320 | ---- | M] (ohsoft) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtualDVD.sys -- (VirtualDVD)
DRV:64bit: - [2012-12-19 14:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012-09-14 16:42:00 | 000,118,072 | ---- | M] (AhnLab, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AmonTDLh.sys -- (AMonTDLH)
DRV:64bit: - [2012-07-03 11:58:00 | 000,031,744 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetadb.sys -- (andnetadb)
DRV:64bit: - [2012-07-03 11:50:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem)
DRV:64bit: - [2012-07-03 11:50:00 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag264.sys -- (AndNetDiag2)
DRV:64bit: - [2012-07-03 11:50:00 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag)
DRV:64bit: - [2012-03-01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-09 16:24:16 | 000,044,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:64bit: - [2012-02-09 16:24:16 | 000,025,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\imsevent.sys -- (imsevent)
DRV:64bit: - [2012-02-09 16:24:14 | 000,025,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent)
DRV:64bit: - [2011-11-10 18:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011-09-29 18:30:34 | 000,646,248 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011-02-08 13:30:52 | 000,064,512 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011-02-08 13:30:52 | 000,039,936 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2010-11-21 12:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010-11-21 12:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 12:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010-11-21 12:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010-11-21 12:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010-11-21 12:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010-11-21 12:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010-11-21 12:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 12:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-11-21 12:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-06-28 16:55:00 | 000,155,256 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\AhnLab\ASP\MyFirewall 4.0\mfipsent.sys -- (MfIPSEnt)
DRV:64bit: - [2010-06-28 16:55:00 | 000,126,072 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\AhnLab\ASP\MyFirewall 4.0\mffwent.sys -- (MfFWEnt)
DRV:64bit: - [2009-07-21 10:00:25 | 000,025,656 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CdmDrvNt.sys -- (CdmDrvNt)
DRV:64bit: - [2009-07-14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009-06-11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012-09-03 16:20:00 | 000,037,976 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\CFRMD.sys -- (CFRMD)
DRV - [2009-07-14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008-02-01 17:24:06 | 000,032,240 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054})

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3543073300-3519423333-1202189545-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.naver.com/
IE - HKU\S-1-5-21-3543073300-3519423333-1202189545-1002\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3543073300-3519423333-1202189545-1002\..\SearchScopes\{5CEF356C-D165-4616-9588-BD629DD7D1DF}: "URL" = http://search.naver.com/search.naver?where=nexearch&sm=ies_hty&query={searchTerms}
IE - HKU\S-1-5-21-3543073300-3519423333-1202189545-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3543073300-3519423333-1202189545-1003\..\SearchScopes,DefaultScope =

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npaosmgr.1: C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\npaosmgr.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@gomtv.com/gomtvx-plugin: C:\Program Files (x86)\Common Files\GRETECH\npgomtvx_nie.dll (Gretech Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@interezen.co.kr/npi3gmanager: C:\Program Files (x86)\Interezen\Plugins\NPI3GManager.dll (Interezen (c) Interezen.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@softforum.com/npKeyPro: C:\Windows\system32\npKeyPro.dll (RaonSecure Co., Ltd.)
FF - HKLM\Software\MozillaPlugins\@softforum.com/npXecureMacuxNPPlugin: C:\Program Files (x86)\Softforum\XecureWeb\NPPlugin\dll\npXecureMacuxNPPlugin.dll (Softforum, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wizvera.com/npVeraport20: C:\Program Files (x86)\Wizvera\Veraport20\npveraport20.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-04-06 11:57:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2013-04-12 17:09:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-04-06 11:57:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-04-12 17:11:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-04-18 09:11:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-04-16 19:32:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013-04-16 18:45:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FamilyCom\AppData\Roaming\mozilla\Extensions
[2013-04-16 19:32:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013-04-10 15:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013-04-10 17:53:24 | 000,004,779 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\danawa-kr.xml
[2013-04-10 17:53:23 | 000,008,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\daum-kr.xml
[2013-04-10 17:53:24 | 000,004,455 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\naver-kr.xml
[2013-04-10 17:53:24 | 000,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-kr.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google

riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: AhnLab Online Security (Enabled) = C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\npaosmgr.dll
CHR - plugin: gomtvx NIE Module (Enabled) = C:\Program Files (x86)\Common Files\GRETECH\npgomtvx_nie.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: INICIS INIpay Plugin (Enabled) = C:\Program Files (x86)\INICIS61\plugins\npINIwallet61.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: NPI3GManager (c) Interezen. plugin (Enabled) = C:\Program Files (x86)\Interezen\Plugins\NPI3GManager.dll
CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: Softforum XecureWeb Unified Plug-in (Enabled) = C:\Program Files (x86)\Softforum\XecureWeb\NPPlugin\dll\npXecureMacuxNPPlugin.dll
CHR - plugin: Veraport Mozilla Plugin (Enabled) = C:\Program Files (x86)\Wizvera\Veraport20\npveraport20.dll
CHR - plugin: RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: TouchEn Key for Multi-Browser (Enabled) = C:\Windows\system32\npKeyPro.dll
CHR - Extension: Google \uBB38\uC11C\uB3C4\uAD6C = C:\Users\FamilyCom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google \uB4DC\uB77C\uC774\uBE0C = C:\Users\FamilyCom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\FamilyCom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google \uAC80\uC0C9 = C:\Users\FamilyCom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! WebRep = C:\Users\FamilyCom\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: Kiwi IRC = C:\Users\FamilyCom\AppData\Local\Google\Chrome\User Data\Default\Extensions\malkpgopfalejggcogglkiemcknbiphe\0.5.4_0\
CHR - Extension: Gmail = C:\Users\FamilyCom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013-04-19 08:36:50 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe (COMODO)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [gbrspcontrol] C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
O4 - HKLM..\Run: [HncUpdate] C:\Program Files (x86)\Hnc\HncUtils\HncChecker.exe (Hancom Inc(HNC).)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-3543073300-3519423333-1202189545-1002..\Run: [uTorrent] C:\Users\FamilyCom\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-21-3543073300-3519423333-1202189545-1002..\Run: [VirtualDVD] C:\Program Files (x86)\VirtualDVD\VirtualDVD.exe (oh!soft)
O4 - HKU\S-1-5-21-3543073300-3519423333-1202189545-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3543073300-3519423333-1202189545-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3543073300-3519423333-1202189545-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3543073300-3519423333-1202189545-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3543073300-3519423333-1202189545-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O13 - gopher Prefix: missing
O16 - DPF: {1C3DB737-3814-495E-87D5-62968A2A1761} http://activex.off.co.kr/toolbar/DicoStarterX.cab (DicoStarter Control)
O16 - DPF: {6CE20149-ABE3-462E-A1B4-5B549971AA38} C:\Users\FAMILY~1\AppData\Local\Temp\5002543\TouchEnKey_Installer_x86.exe (XecureCKKB Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 168.126.63.1 168.126.63.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A127E362-2855-4737-A15D-DABB58F73491}: DhcpNameServer = 168.126.63.1 168.126.63.2
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-04-19 10:33:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\FamilyCom\Desktop\OTL.exe
[2013-04-19 10:10:57 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013-04-19 10:10:37 | 000,000,000 | ---D | C] -- C:\JRT
[2013-04-19 10:09:44 | 000,551,702 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\FamilyCom\Desktop\JRT.exe
[2013-04-19 09:38:38 | 000,000,000 | ---D | C] -- C:\FRST
[2013-04-19 08:38:24 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013-04-19 08:35:37 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013-04-19 08:27:38 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013-04-18 09:34:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\COMODO
[2013-04-18 09:20:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013-04-18 09:17:55 | 000,022,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2013-04-18 09:14:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013-04-18 09:11:58 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013-04-18 09:11:57 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013-04-18 09:11:50 | 000,070,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013-04-18 09:11:49 | 000,068,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013-04-18 09:11:48 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013-04-18 09:11:47 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013-04-18 09:11:30 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013-04-18 08:24:35 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013-04-18 08:24:35 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013-04-18 08:24:35 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013-04-17 13:48:44 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013-04-17 13:48:23 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013-04-17 11:15:26 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\Desktop\RK_Quarantine
[2013-04-17 08:07:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013-04-17 08:07:46 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013-04-17 08:05:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013-04-16 21:33:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BOSS
[2013-04-16 21:19:52 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wrye Bash
[2013-04-16 21:19:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wrye Bash
[2013-04-16 21:16:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
[2013-04-16 20:57:07 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013-04-16 20:55:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013-04-16 20:53:58 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013-04-16 19:32:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013-04-16 18:45:26 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Mozilla
[2013-04-16 18:24:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013-04-16 18:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013-04-16 17:47:28 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Malwarebytes
[2013-04-16 17:47:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013-04-16 17:47:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013-04-16 17:15:26 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Macromedia
[2013-04-16 17:15:01 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Mozilla
[2013-04-16 17:14:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013-04-16 17:14:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013-04-15 17:05:48 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\Desktop\Pose
[2013-04-14 20:18:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Skyrim Mods
[2013-04-13 11:52:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Banktown
[2013-04-13 10:49:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\INICIS61
[2013-04-12 21:55:56 | 000,000,000 | ---D | C] -- C:\BOSS
[2013-04-12 18:17:24 | 000,000,000 | ---D | C] -- C:\Python27
[2013-04-12 18:03:47 | 000,000,000 | ---D | C] -- C:\Games
[2013-04-12 18:02:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
[2013-04-12 18:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\Nexus Mod Manager
[2013-04-12 17:55:26 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\Documents\Nexus Mod Manager
[2013-04-12 17:55:26 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Black_Tree_Gaming
[2013-04-12 17:52:22 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Skyrim
[2013-04-12 17:52:22 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\Documents\My Games
[2013-04-12 17:37:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911

neowing · Apr 18, 2013

------- CONTINUE FROM ABOVE-----

[2013-04-12 17:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2013-04-12 17:20:32 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2013-04-12 17:14:32 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\Adobe Flash Builder 4.5
[2013-04-12 17:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
[2013-04-12 17:08:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Story
[2013-04-12 17:08:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2013-04-12 17:03:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2013-04-12 17:03:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2013-04-12 17:03:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name
[2013-04-12 17:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013-04-12 17:01:10 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013-04-12 17:00:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5
[2013-04-12 17:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013-04-12 16:46:06 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\VirtualDVD
[2013-04-12 16:45:18 | 000,184,320 | ---- | C] (ohsoft) -- C:\Windows\SysNative\drivers\VirtualDVD.sys
[2013-04-12 16:45:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\VirtualDVD InstallData
[2013-04-12 16:45:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VirtualDVD
[2013-04-12 16:45:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDVD
[2013-04-10 20:25:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool
[2013-04-10 20:25:14 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
[2013-04-10 20:25:08 | 000,000,000 | ---D | C] -- C:\LGMobileUpgrade
[2013-04-09 22:10:15 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\반디집
[2013-04-09 22:10:10 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Bandizip
[2013-04-08 12:18:06 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\NVIDIA
[2013-04-08 11:10:55 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\LG Electronics
[2013-04-08 11:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
[2013-04-08 11:08:26 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\LG Electronics
[2013-04-08 11:06:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LG Electronics
[2013-04-07 14:51:11 | 000,118,072 | ---- | C] (AhnLab, Inc.) -- C:\Windows\SysNative\drivers\AmonTDLh.sys
[2013-04-07 14:50:39 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\AhnLab
[2013-04-07 14:50:07 | 000,596,320 | ---- | C] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\TouchEnKey.dll
[2013-04-07 14:50:07 | 000,434,428 | ---- | C] (SoftForum Corporation) -- C:\Windows\SysWow64\CKCSP.dll
[2013-04-07 14:50:07 | 000,343,560 | ---- | C] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\npKeyPro.dll
[2013-04-07 14:50:07 | 000,237,064 | ---- | C] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\CKApp.dll
[2013-04-07 14:50:07 | 000,191,072 | ---- | C] (Kings Information & Network) -- C:\Windows\SysWow64\kcrypto.dll
[2013-04-07 14:50:07 | 000,138,704 | ---- | C] (Lumensoft Co., Ltd.) -- C:\Windows\SysWow64\jrsoftcp.dll
[2013-04-07 14:50:07 | 000,080,816 | ---- | C] (Lumensoft Co., Ltd.) -- C:\Windows\SysWow64\CKKeyProCert.dll
[2013-04-07 14:50:06 | 000,150,512 | R--- | C] (Lumensoft Co., Ltd.) -- C:\Windows\SysWow64\CKAgent.exe
[2013-04-07 14:50:03 | 001,621,512 | ---- | C] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\CKSetup32.exe
[2013-04-07 14:50:03 | 000,569,864 | ---- | C] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\CKSetup64.exe
[2013-04-07 14:50:03 | 000,150,512 | R--- | C] (Lumensoft Co., Ltd.) -- C:\Windows\SysNative\CKAgent.exe
[2013-04-07 14:50:03 | 000,150,512 | R--- | C] (Lumensoft Co., Ltd.) -- C:\Windows\SysNative\CKAgent.dat
[2013-04-07 14:50:03 | 000,141,848 | ---- | C] (Kings Information & Network) -- C:\Windows\SysNative\kcrtx64.sys
[2013-04-07 14:50:03 | 000,019,888 | ---- | C] (lumensoft Corporation) -- C:\Windows\SysNative\JRSUKD25.SYS
[2013-04-07 14:50:02 | 000,531,072 | ---- | C] (Interezen) -- C:\Windows\SysWow64\I3GManager.dll
[2013-04-07 14:50:02 | 000,223,432 | ---- | C] (Interezen) -- C:\Windows\SysWow64\I3GEX.exe
[2013-04-07 14:50:02 | 000,058,600 | ---- | C] (Interezen) -- C:\Windows\SysWow64\I3Gescp.dll
[2013-04-07 14:50:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Interezen
[2013-04-07 14:49:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AhnLab
[2013-04-07 14:49:46 | 000,000,000 | ---D | C] -- C:\Program Files\NPKI
[2013-04-07 14:49:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Softforum
[2013-04-07 14:49:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wizvera
[2013-04-06 22:25:14 | 000,000,000 | ---D | C] -- C:\VTRoot
[2013-04-06 22:16:32 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2013-04-06 22:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2013-04-06 21:40:28 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\DAEMON Tools Lite
[2013-04-06 21:40:27 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013-04-06 21:36:57 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Diagnostics
[2013-04-06 21:30:12 | 000,564,824 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2013-04-06 17:24:18 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Media Player Classic
[2013-04-06 17:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack x64
[2013-04-06 17:23:57 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack x64
[2013-04-06 17:22:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2013-04-06 17:22:49 | 003,649,536 | ---- | C] (x264vfw project) -- C:\Windows\SysWow64\x264vfw.dll
[2013-04-06 17:22:49 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm
[2013-04-06 17:22:49 | 000,039,936 | ---- | C] (Disappearing Inc.) -- C:\Windows\SysWow64\huffyuv.dll
[2013-04-06 17:22:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2013-04-06 17:22:20 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Programs
[2013-04-06 16:16:55 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Adobe
[2013-04-06 16:13:38 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Ahead
[2013-04-06 15:42:48 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\GRETECH
[2013-04-06 15:32:51 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Apple Computer
[2013-04-06 12:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013-04-06 11:59:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013-04-06 11:59:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013-04-06 11:59:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013-04-06 11:58:56 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Apple
[2013-04-06 11:58:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013-04-06 11:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013-04-06 11:57:22 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\RealNetworks
[2013-04-06 11:57:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks
[2013-04-06 11:57:08 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2013-04-06 11:57:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2013-04-06 11:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2013-04-06 11:56:57 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2013-04-06 11:56:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2013-04-06 11:56:41 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Real
[2013-04-06 11:43:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2013-04-06 11:13:28 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
[2013-04-06 11:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2013-04-06 11:13:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2013-04-06 11:05:33 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\uTorrent
[2013-04-06 11:05:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013-04-06 11:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013-04-06 11:04:37 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\WinRAR
[2013-04-06 11:04:37 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013-04-06 11:04:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013-04-06 11:04:28 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013-04-06 11:04:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013-04-06 11:03:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013-04-06 10:57:48 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Desktop\QUICK
[2013-04-05 22:28:20 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\CrashDumps
[2013-04-05 20:15:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chrome
[2013-04-05 20:15:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013-04-05 20:14:59 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Google
[2013-04-05 20:14:50 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Apps
[2013-04-05 20:14:49 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Deployment
[2013-04-05 15:44:48 | 003,045,104 | ---- | C] (AhnLab, Inc.) -- C:\Windows\SysNative\btscan.exe
[2013-04-05 15:44:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AhnLab
[2013-04-05 15:43:18 | 000,025,656 | ---- | C] (AhnLab, Inc.) -- C:\Windows\SysNative\drivers\CdmDrvNt.sys
[2013-04-05 15:43:16 | 000,000,000 | ---D | C] -- C:\Program Files\AhnLab
[2013-04-05 15:42:13 | 000,000,000 | ---D | C] -- C:\ProgramData\AhnLab
[2013-04-05 15:19:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Etron Technology
[2013-04-05 15:18:58 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Estsoft
[2013-04-05 15:18:56 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\ECRSC
[2013-04-05 15:17:53 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\HNC
[2013-04-05 15:17:09 | 000,065,136 | ---- | C] (Hancom Inc.) -- C:\Windows\SysNative\HNCE2PPRMON80.dll
[2013-04-05 15:16:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\한글과컴퓨터
[2013-04-05 15:15:58 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Macromedia
[2013-04-05 15:15:57 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Adobe
[2013-04-05 15:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2013-04-05 15:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013-04-05 15:05:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013-04-05 15:04:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2013-04-05 15:04:41 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013-04-05 15:04:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013-04-05 15:04:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2013-04-05 15:04:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013-04-05 15:04:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013-04-05 15:02:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013-04-05 15:02:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013-04-05 15:02:18 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Microsoft Help
[2013-04-05 15:02:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013-04-05 15:02:08 | 000,000,000 | R--D | C] -- C:\MSOCache
[2013-04-05 14:12:02 | 000,000,000 | R--D | C] -- C:\Windows Activation Technologies
[2013-04-05 14:11:13 | 000,000,000 | ---D | C] -- C:\Windows\KJ
[2013-04-05 13:46:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013-04-05 13:46:15 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013-04-05 13:45:42 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013-04-05 13:44:07 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013-04-05 13:41:36 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\InstallShield
[2013-04-05 13:41:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2013-04-05 13:40:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2013-04-05 13:39:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2013-04-05 13:38:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013-04-05 13:38:07 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013-04-05 13:38:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013-04-05 13:37:53 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2013-04-05 13:37:53 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013-04-05 13:37:53 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013-04-05 13:37:53 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013-04-05 13:37:53 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013-04-05 13:37:50 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2013-04-05 13:37:50 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013-04-05 13:37:50 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013-04-05 13:37:50 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2013-04-05 13:37:50 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2013-04-05 13:37:50 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2013-04-05 13:37:48 | 002,132,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2013-04-05 13:37:48 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013-04-05 13:37:46 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013-04-05 13:37:43 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2013-04-05 13:37:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013-04-05 13:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013-04-05 13:36:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2013-04-05 13:36:00 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2013-04-05 13:35:42 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2013-04-05 13:35:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013-04-05 13:35:29 | 000,000,000 | ---D | C] -- C:\Intel
[2013-04-05 13:27:27 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013-04-05 13:27:27 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Searches
[2013-04-05 13:27:27 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013-04-05 13:27:26 | 000,000,000 | -H-D | C] -- C:\Users\FamilyCom\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013-04-05 13:27:19 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Identities
[2013-04-05 13:27:17 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Contacts
[2013-04-05 13:27:06 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\VirtualStore
[2013-04-05 13:27:04 | 000,000,000 | --SD | C] -- C:\Users\FamilyCom\AppData\Roaming\Microsoft
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Videos
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Saved Games
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Pictures
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Music
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Links
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Favorites
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Downloads
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Documents
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\Desktop
[2013-04-05 13:27:04 | 000,000,000 | R--D | C] -- C:\Users\FamilyCom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\시작 메뉴
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\AppData\Local\Temporary Internet Files
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\Templates
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\SendTo
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\Recent
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\PrintHood
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\NetHood
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\Documents\My Videos
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\Documents\My Pictures
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\Documents\My Music
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\My Documents
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\Local Settings
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\AppData\Local\History
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\Cookies
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\Application Data
[2013-04-05 13:27:04 | 000,000,000 | -HSD | C] -- C:\Users\FamilyCom\AppData\Local\Application Data
[2013-04-05 13:27:04 | 000,000,000 | -H-D | C] -- C:\Users\FamilyCom\AppData
[2013-04-05 13:27:04 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Temp
[2013-04-05 13:27:04 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Local\Microsoft
[2013-04-05 13:27:04 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\AppData\Roaming\Media Center Programs
[2013-04-05 13:26:53 | 000,000,000 | ---D | C] -- C:\Recovery
[2013-04-05 13:26:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\시작 메뉴
[2013-04-05 13:26:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\바탕 화면
[2013-03-23 09:30:16 | 000,000,000 | ---D | C] -- C:\Users\FamilyCom\Desktop\mbar
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-04-19 10:33:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\FamilyCom\Desktop\OTL.exe
[2013-04-19 10:20:00 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-04-19 10:14:58 | 003,410,714 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-04-19 10:14:58 | 000,666,534 | ---- | M] () -- C:\Windows\SysNative\perfh019.dat
[2013-04-19 10:14:58 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-04-19 10:14:58 | 000,402,744 | ---- | M] () -- C:\Windows\SysNative\perfh012.dat
[2013-04-19 10:14:58 | 000,383,348 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2013-04-19 10:14:58 | 000,371,100 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2013-04-19 10:14:58 | 000,355,130 | ---- | M] () -- C:\Windows\SysNative\prfh0804.dat
[2013-04-19 10:14:58 | 000,128,694 | ---- | M] () -- C:\Windows\SysNative\perfc019.dat
[2013-04-19 10:14:58 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2013-04-19 10:14:58 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-04-19 10:14:58 | 000,101,692 | ---- | M] () -- C:\Windows\SysNative\perfc012.dat
[2013-04-19 10:14:58 | 000,101,230 | ---- | M] () -- C:\Windows\SysNative\prfc0804.dat
[2013-04-19 10:14:58 | 000,096,316 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2013-04-19 10:09:47 | 000,551,702 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\FamilyCom\Desktop\JRT.exe
[2013-04-19 10:08:01 | 000,000,686 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-04-19 10:07:58 | 000,034,752 | ---- | M] () -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys
[2013-04-19 10:07:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-04-19 10:07:42 | 2117,218,303 | -HS- | M] () -- C:\hiberfil.sys
[2013-04-19 10:07:14 | 000,025,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-04-19 10:07:13 | 000,025,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-04-19 10:03:05 | 000,613,083 | ---- | M] () -- C:\Users\FamilyCom\Desktop\adwcleaner.exe
[2013-04-19 08:44:00 | 000,000,622 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-04-19 08:36:50 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013-04-18 09:46:35 | 000,002,079 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013-04-18 09:34:20 | 000,002,047 | ---- | M] () -- C:\Users\Public\Desktop\AntiError.lnk
[2013-04-18 09:34:20 | 000,002,043 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2013-04-18 09:34:20 | 000,002,043 | ---- | M] () -- C:\Users\Public\Desktop\GeekBuddy.lnk
[2013-04-18 09:21:21 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013-04-17 08:07:48 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013-04-16 21:51:02 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013-04-16 20:15:40 | 005,293,088 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-04-16 19:32:32 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013-04-16 19:30:12 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2013-04-12 17:09:10 | 000,001,085 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Content Viewer.lnk
[2013-04-12 16:45:18 | 000,001,035 | ---- | M] () -- C:\Users\FamilyCom\Desktop\VirtualDVD.lnk
[2013-04-10 20:25:23 | 000,002,427 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013-04-10 20:25:20 | 000,000,831 | ---- | M] () -- C:\Users\FamilyCom\Desktop\LGMobile Support Tool.lnk
[2013-04-09 22:10:15 | 000,001,136 | ---- | M] () -- C:\Users\FamilyCom\Application Data\Microsoft\Internet Explorer\Quick Launch\반디집.lnk
[2013-04-09 21:30:00 | 003,045,104 | ---- | M] (AhnLab, Inc.) -- C:\Windows\SysNative\btscan.exe
[2013-04-08 11:15:59 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_lgandnetadb_01005.Wdf
[2013-04-08 11:15:55 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013-04-08 11:08:35 | 000,001,210 | ---- | M] () -- C:\Users\Public\Desktop\LG PC Suite.lnk
[2013-04-07 14:54:04 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_tmp
[2013-04-07 14:50:07 | 000,596,320 | ---- | M] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\TouchEnKey.dll
[2013-04-07 14:50:07 | 000,434,428 | ---- | M] (SoftForum Corporation) -- C:\Windows\SysWow64\CKCSP.dll
[2013-04-07 14:50:07 | 000,343,560 | ---- | M] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\npKeyPro.dll
[2013-04-07 14:50:07 | 000,237,064 | ---- | M] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\CKApp.dll
[2013-04-07 14:50:07 | 000,191,072 | ---- | M] (Kings Information & Network) -- C:\Windows\SysWow64\kcrypto.dll
[2013-04-07 14:50:07 | 000,138,704 | ---- | M] (Lumensoft Co., Ltd.) -- C:\Windows\SysWow64\jrsoftcp.dll
[2013-04-07 14:50:07 | 000,080,816 | ---- | M] (Lumensoft Co., Ltd.) -- C:\Windows\SysWow64\CKKeyProCert.dll
[2013-04-07 14:50:06 | 000,150,512 | R--- | M] (Lumensoft Co., Ltd.) -- C:\Windows\SysWow64\CKAgent.exe
[2013-04-07 14:50:03 | 001,621,512 | ---- | M] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\CKSetup32.exe
[2013-04-07 14:50:03 | 000,569,864 | ---- | M] (RaonSecure Co., Ltd.) -- C:\Windows\SysWow64\CKSetup64.exe
[2013-04-07 14:50:03 | 000,150,512 | R--- | M] (Lumensoft Co., Ltd.) -- C:\Windows\SysNative\CKAgent.exe
[2013-04-07 14:50:03 | 000,150,512 | R--- | M] (Lumensoft Co., Ltd.) -- C:\Windows\SysNative\CKAgent.dat
[2013-04-07 14:50:03 | 000,141,848 | ---- | M] (Kings Information & Network) -- C:\Windows\SysNative\kcrtx64.sys
[2013-04-07 14:50:03 | 000,019,888 | ---- | M] (lumensoft Corporation) -- C:\Windows\SysNative\JRSUKD25.SYS
[2013-04-07 14:50:02 | 000,531,072 | ---- | M] (Interezen) -- C:\Windows\SysWow64\I3GManager.dll
[2013-04-07 14:50:02 | 000,223,432 | ---- | M] (Interezen) -- C:\Windows\SysWow64\I3GEX.exe
[2013-04-07 14:50:02 | 000,072,272 | ---- | M] () -- C:\Windows\SysWow64\cosa.dll
[2013-04-07 14:50:02 | 000,058,600 | ---- | M] (Interezen) -- C:\Windows\SysWow64\I3Gescp.dll
[2013-04-07 14:50:02 | 000,015,512 | ---- | M] () -- C:\Windows\SysWow64\IRTrace.dll
[2013-04-06 21:40:33 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013-04-06 21:30:12 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2013-04-06 11:56:57 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2013-04-06 11:06:17 | 000,000,843 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2013-04-06 08:42:21 | 000,002,283 | ---- | M] () -- C:\Users\FamilyCom\Application Data\Microsoft\Internet Explorer\Quick Launch\Chrome.lnk
[2013-04-05 15:16:51 | 000,001,045 | ---- | M] () -- C:\Users\Public\Desktop\한컴오피스 한글 2010.lnk
[2013-04-05 15:15:53 | 000,001,373 | ---- | M] () -- C:\Users\FamilyCom\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013-04-05 15:15:50 | 000,000,069 | ---- | M] () -- C:\Windows\hjimesv.ini
[2013-04-05 15:15:49 | 000,000,016 | ---- | M] () -- C:\Windows\SysWow64\winhcfgb.ini
[2013-04-05 13:26:48 | 001,637,287 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013-04-05 13:26:48 | 001,637,287 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013-04-05 03:00:00 | 000,127,488 | ---- | M] () -- C:\Windows\SysNative\ff_vfw.dll
[2013-04-05 03:00:00 | 000,112,640 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013-04-04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-04-19 10:03:01 | 000,613,083 | ---- | C] () -- C:\Users\FamilyCom\Desktop\adwcleaner.exe
[2013-04-18 09:34:20 | 000,002,047 | ---- | C] () -- C:\Users\Public\Desktop\AntiError.lnk
[2013-04-18 09:34:20 | 000,002,043 | ---- | C] () -- C:\Users\Public\Desktop\GeekBuddy.lnk
[2013-04-18 09:20:53 | 000,002,079 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013-04-18 08:24:35 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013-04-18 08:24:35 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013-04-18 08:24:35 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013-04-18 08:24:35 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013-04-18 08:24:35 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013-04-17 08:07:48 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013-04-16 21:51:02 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013-04-16 21:19:44 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\pythoncom27.dll
[2013-04-16 21:19:44 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\pywintypes27.dll
[2013-04-16 21:19:44 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\pythoncomloader27.dll
[2013-04-16 20:57:12 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013-04-16 20:57:12 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013-04-16 20:57:07 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013-04-16 19:32:32 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013-04-16 19:32:32 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013-04-12 18:02:58 | 000,000,890 | ---- | C] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2013-04-12 17:43:30 | 000,000,962 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls V Skyrim Dragonborn.lnk
[2013-04-12 17:11:21 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
[2013-04-12 17:11:21 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
[2013-04-12 17:09:18 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
[2013-04-12 17:09:10 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk
[2013-04-12 17:09:10 | 000,001,085 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Content Viewer.lnk
[2013-04-12 17:00:15 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2013-04-12 16:45:18 | 000,001,035 | ---- | C] () -- C:\Users\FamilyCom\Desktop\VirtualDVD.lnk
[2013-04-10 20:25:20 | 000,000,831 | ---- | C] () -- C:\Users\FamilyCom\Desktop\LGMobile Support Tool.lnk
[2013-04-10 20:25:17 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2013-04-10 20:25:17 | 000,002,427 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013-04-09 22:10:15 | 000,001,136 | ---- | C] () -- C:\Users\FamilyCom\Application Data\Microsoft\Internet Explorer\Quick Launch\반디집.lnk
[2013-04-08 11:15:59 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_lgandnetadb_01005.Wdf
[2013-04-08 11:15:55 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013-04-08 11:08:35 | 000,001,210 | ---- | C] () -- C:\Users\Public\Desktop\LG PC Suite.lnk
[2013-04-07 14:50:02 | 000,072,272 | ---- | C] () -- C:\Windows\SysWow64\cosa.dll
[2013-04-07 14:50:02 | 000,015,512 | ---- | C] () -- C:\Windows\SysWow64\IRTrace.dll
[2013-04-06 17:23:59 | 000,206,336 | ---- | C] () -- C:\Windows\SysNative\unrar64.dll
[2013-04-06 17:23:59 | 000,148,992 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll
[2013-04-06 17:23:58 | 000,127,488 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll
[2013-04-06 17:22:49 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013-04-06 17:22:49 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013-04-06 17:22:49 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013-04-06 17:22:49 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013-04-06 17:22:47 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013-04-06 11:58:56 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013-04-06 11:13:23 | 000,002,043 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2013-04-06 11:06:17 | 000,000,843 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2013-04-05 20:15:39 | 000,002,283 | ---- | C] () -- C:\Users\FamilyCom\Application Data\Microsoft\Internet Explorer\Quick Launch\Chrome.lnk
[2013-04-05 20:15:07 | 000,000,690 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-04-05 20:15:05 | 000,000,686 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-04-05 15:16:51 | 000,001,045 | ---- | C] () -- C:\Users\Public\Desktop\한컴오피스 한글 2010.lnk
[2013-04-05 15:15:53 | 000,001,373 | ---- | C] () -- C:\Users\FamilyCom\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013-04-05 15:15:50 | 000,000,069 | ---- | C] () -- C:\Windows\hjimesv.ini
[2013-04-05 15:15:49 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\winhcfgb.ini
[2013-04-05 15:14:45 | 000,667,136 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.dll
[2013-04-05 15:14:45 | 000,667,136 | ---- | C] () -- C:\Windows\SysNative\OGACheckControl.dll
[2013-04-05 14:11:23 | 000,405,881 | ---- | C] () -- C:\Windows\KJ.exe
[2013-04-05 13:45:53 | 003,065,455 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013-04-05 13:45:23 | 000,017,738 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2013-04-05 13:39:25 | 000,034,752 | ---- | C] () -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys
[2013-04-05 13:37:50 | 000,150,996 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2013-04-05 13:36:52 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2013-04-05 13:36:09 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2013-04-05 13:27:32 | 000,001,345 | ---- | C] () -- C:\Users\FamilyCom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013-04-05 13:27:28 | 000,001,379 | ---- | C] () -- C:\Users\FamilyCom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013-04-05 13:27:04 | 000,000,290 | ---- | C] () -- C:\Users\FamilyCom\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013-04-05 13:27:04 | 000,000,272 | ---- | C] () -- C:\Users\FamilyCom\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013-02-24 01:01:53 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\winhcfga.ini
[2011-12-08 16:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009-07-14 13:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 14:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 13:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 10:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 12:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 10:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013-04-07 14:50:39 | 000,000,000 | ---D | M] -- C:\Users\FamilyCom\AppData\Roaming\AhnLab
[2013-04-12 16:34:19 | 000,000,000 | ---D | M] -- C:\Users\FamilyCom\AppData\Roaming\DAEMON Tools Lite
[2013-04-05 15:17:53 | 000,000,000 | ---D | M] -- C:\Users\FamilyCom\AppData\Roaming\HNC
[2013-04-16 19:21:16 | 000,000,000 | ---D | M] -- C:\Users\FamilyCom\AppData\Roaming\LG Electronics
[2013-04-19 10:10:18 | 000,000,000 | ---D | M] -- C:\Users\FamilyCom\AppData\Roaming\uTorrent
[2013-04-12 16:46:06 | 000,000,000 | ---D | M] -- C:\Users\FamilyCom\AppData\Roaming\VirtualDVD

========== Purity Check ==========

< End of report >

neowing · Apr 18, 2013

2ND ---- S.CHECK LOG

Results of screen317's Security Check version 0.99.62
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware 버전 1.75.0.1300
Java 7 Update 21
Java version out of Date!
Adobe Flash Player 11.7.700.169
Adobe Reader 10.1.6 Adobe Reader out of Date!
Mozilla Firefox (20.0.1)
Google Chrome 26.0.1410.43
Google Chrome 26.0.1410.64
````````Process Check: objlist.exe by Laurent````````
Comodo Firewall cmdagent.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

neowing · Apr 18, 2013

LAST FSS------

Farbar Service Scanner Version: 14-04-2013
Ran by FamilyCom (administrator) on 19-04-2013 at 11:12:37
Running from "C:\Users\FamilyCom\Desktop"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Destination is offline
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

neowing · Apr 18, 2013

ESET DID NOT FIND ANYTHING !!!.

Broni · Apr 18, 2013

OTL log is incorrect.
You clicked on "Scan" button instead of "Fix" button.
Please redo.

How is computer doing?

neowing · Apr 19, 2013

As I said in the first post: I was "Restore the 4 days ago's Backup"

It cleaned redirect home page problem.

I was worried that even if I did "Restore 4days ago" ,
I want to make sure there is no other treat to my computer.

For Re-do Below:

All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_USERS\S-1-5-21-3543073300-3519423333-1202189545-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: FamilyCom
->Temp folder emptied: 3145 bytes
->Temporary Internet Files folder emptied: 8211976 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 11233328 bytes
->Flash cache emptied: 492 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 94656 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 608 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 163546 bytes

Total Files Cleaned = 19.00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: FamilyCom
->Java cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0.00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: FamilyCom
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 04192013_135944

Files\Folders moved on Reboot...
C:\Users\FamilyCom\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Windows\SysNative\WPRO_41_2001woem.tmp moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Broni · Apr 19, 2013

Update Adobe Reader

You can download it from https://www.techspot.com/downloads/2083-adobe-reader-dc.html
After installing the latest Adobe Reader, uninstall all previous versions (if present).
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Alternatively, you can uninstall Adobe Reader (33.5 MB), download and install Foxit PDF Reader(3.5MB) from HERE.
It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or any other garbage.

1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it.

Run JavaRa.exe (Vista and 7 users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.
Do NOT post JavaRa log.

======================================

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following:

Code:

:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[emptyjava]
[CLEARALLRESTOREPOINTS]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

Double-click OTL.exe to start the program.
Close all other programs apart from OTL as this step will require a reboot
On the OTL main screen, press the CLEANUP button
Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure Windows Updates are current.

4. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)

6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

7. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

8. Run Temporary File Cleaner (TFC) weekly.

9. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

10. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

11. (Windows XP only) Run defrag at your convenience.

12. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

13. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

14. Please, let me know, how your computer is doing.

neowing · Apr 19, 2013

Ok, I followed steps but I need some time to finished install PSI Update.

However, No.5 said Adobe Reader outdated but I updated correctly.
I think it is false infomation....

For OTL Log:---------

All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: FamilyCom
->Temp folder emptied: 91317 bytes
->Temporary Internet Files folder emptied: 508525 bytes
->Java cache emptied: 45955 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 307120781 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 94656 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5708 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 311537194 bytes

Total Files Cleaned = 591.00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: FamilyCom
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0.00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: FamilyCom
->Java cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 04202013_083044

Files\Folders moved on Reboot...
C:\Users\FamilyCom\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Windows\SysNative\WPRO_41_2001woem.tmp moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Broni · Apr 19, 2013

14. Please, let me know, how your computer is doing.

neowing · Apr 19, 2013

It doesn't have any problem.
So, I believe this computer is clean, right ?
Thank you for helping me to solve the issue !

Broni · Apr 19, 2013

Way to go!!
Good luck and stay safe

Solved Qvo6 problem however,

Posts: 56,041 +516

Posts: 308 +1

Posts: 308 +1

Posts: 308 +1

Posts: 308 +1

Posts: 56,041 +516

Posts: 308 +1

Posts: 308 +1

Posts: 308 +1

Posts: 308 +1

Posts: 308 +1

Posts: 56,041 +516

Posts: 308 +1

Posts: 308 +1

Posts: 308 +1

Posts: 308 +1

Posts: 308 +1

Posts: 56,041 +516

Posts: 308 +1

Posts: 56,041 +516

Posts: 308 +1

Posts: 56,041 +516

Posts: 308 +1

Posts: 56,041 +516

Similar threads