Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

the Never ending loop of lenovo think pad edge 64bit


  • This topic is locked This topic is locked

#1
Jbiggs

Jbiggs

    Member

  • Member
  • PipPip
  • 49 posts
Hello I'm having problems with Thinkpad edge, Windows 7, 64bit.
I recieved a notification that a virus was removed then adobie flash was installed and then my computer shut down
removal and the removal was apparently succesful.
However, when I tried to boot it up it goes into the Startup Repair Loop.
When I try to start windows normally, as soon as the windows logo animation appears, a blue screen very briefly flashes (So brief I can't read the message).
Then I am directed to another screen which indicates my options as either commencing the Startup Repair or Start Windows normally. If I start the Startup Repair, the process is not able to fix the problem automatically.
I have tried using Lenovo rescue and recovery to fix it with no luck.
I tried restoring the system using backup restore points but no luck again.

Also, prior to the problem occurring I was experiencing Google search redirect problem. and by problems i mean if this was not the first thing i did i would get redirected somewhere.
please help My family is pretty good with computers and fixxing this we have worked for 3 hours trying to get the computer to symply boot but with no success!
  • 0

Advertisements


#2
Jbiggs

Jbiggs

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
(PS the Virus protection was the Microsoft virus protection that noticed and "removed" the problem)
  • 0

#3
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
:welcome:

Lets give it a try. You will need a USB Flash drive.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Click on Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.

  • 0

#4
Jbiggs

Jbiggs

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
I will try this tomorow If the system recovery quick fix (555min ETA finish time from 10 min ago) does not work thank you for replying I have added and made the flash drive and all just cant do anyhting it is fully locked but tomorow afternoon I will try this out and send you my reply thank you!
  • 0

#5
Jbiggs

Jbiggs

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
just kidding i just checked the flsh drive to make sure the file i needed to download was there and it wasnt i tryed opening it again and i get a run 32 error on this computer and it is the only othere one here It will not open or save the file you asked me to download and place on the USB flash drive
  • 0

#6
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
The application is to be ran in the Repair Console's Command prompt. It shouldn't be ran in Normal Windows. Try to download the file from a working computer and follow the instructions above.
  • 0

#7
Jbiggs

Jbiggs

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
"Advanced Boot Options

Safe mode
Safe Mode With netowrking
Safe Mode With CMD prompt

Enable Boot Logging
Enable Low-resolutioon Video (640X480)
Directory services restoration mode
Debugging Mode
Disable Automatic Restart on System Failure
Disablle Driver Signature Enforcement

Start Windows normaly"

I do not have what you wanted me to choose but im assuming you want the CMD prompt piece as to use it later or would you liike me to use something lese just to make sure and not comming back to have you confused
  • 0

#8
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
I would like to run FRST from an external environment.

What options does the Lenovo rescue and recovery CD give you? Is the Command prompt included? Can you run an application such as FRST from within the program?
  • 0

#9
Jbiggs

Jbiggs

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
the lenovo resque and recovery that is installed on the conputer just attempts to fix the compuiter that is it you have no controll when you insert the dist however you recieve a diffrent story It askes you to transfer files, fast fix (restore to last knowwn point) and overall system reset to factory settings (resore to factory settings general finish time 900 min)
  • 0

#10
Jbiggs

Jbiggs

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
ok for lenovo BIOS is F1
oprtions as followes
config
date/time
security
Start up
Restart
HDD Diagnostic Program

BIOS version 2.20
BIOS DATE 2011 08 25
embedded controller 1.16
  • 0

Advertisements


#11
Jbiggs

Jbiggs

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
Now it is completly possible that i am in the wrong place but I am reading whjat you re saying and dooing it but can not get to where It has BIOS except for last post and still can not find what you want me to select in order to get the x64 to work
  • 0

#12
Jbiggs

Jbiggs

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
OK it is scanning now sorry for the hassle i was beeeing special not seeing some of the buttons to press thanks for bearing with me
  • 0

#13
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
:thumbsup:
  • 0

#14
Jbiggs

Jbiggs

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
well ummmm have fun!


can result of Farbar Recovery Scan Tool Version: 09-06-2012 01
Ran by SYSTEM at 09-06-2012 14:40:37
Running from G:\
Windows 7 Professional (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11049576 2010-07-14] (Realtek Semiconductor)
HKLM\...\Run: [TpShocks] TpShocks.exe [x]
HKLM\...\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [62312 2010-07-27] (Lenovo Group Limited)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2832168 2011-09-30] (Synaptics Incorporated)
HKLM\...\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [33344 2011-10-20] (Lenovo)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1436736 2011-06-15] (Microsoft Corporation)
HKLM-x32\...\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor [1631296 2011-10-04] (Lenovo Group Limited)
HKLM-x32\...\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~2\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h [34336 2011-05-14] (MyWebSearch.com)
HKLM-x32\...\Run: [MyWebSearch Email Plugin] C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe [38408 2011-05-14] (MyWebSearch.com)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2011-09-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2011-11-12] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [Launch Backup Service Once] C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrstrigger.exe -start [70456 2010-08-20] ()
HKU\Connor Biggs\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-01-01] (Google Inc.)
HKU\Connor Biggs\...\Run: [MyWebSearch Email Plugin] C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe [38408 2011-05-14] (MyWebSearch.com)
HKU\Connor Biggs\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4283256 2011-05-13] (Microsoft Corporation)
HKU\Connor Biggs\...\Run: [Facebook Update] "C:\Users\Connor Biggs\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [137536 2011-09-11] (Facebook Inc.)
HKU\Connor Biggs\...\Run: [Skype] "C:\Users\Connor Biggs\Desktop\Skype.exe" /nosplash /minimized [15026056 2011-01-26] (Skype Technologies S.A.)
HKU\Connor Biggs\...\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet [6276408 2011-08-22] (Yahoo! Inc.)
HKU\Connor Biggs\...\Policies\system: [LogonHoursAction] 2
HKU\Connor Biggs\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\John Connor Biggs\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-01-01] (Google Inc.)
HKU\John Connor Biggs\...\Policies\system: [LogonHoursAction] 2
HKU\John Connor Biggs\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Lsa: [Notification Packages] scecli
ACGina
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)

==================== Services (Whitelisted) ======

2 AcPrfMgrSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe [134208 2011-10-20] (Lenovo)
2 AcSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe [269376 2011-10-20] (Lenovo)
2 btwdins; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [873248 2010-02-17] (Broadcom Corporation.)
2 IBMPMSVC; C:\Windows\System32\ibmpmsvc.exe [45928 2011-08-11] (Lenovo.)
2 IviRegMgr; "C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe" [112152 2007-01-04] (InterVideo)
2 LENOVO.CAMMUTE; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [50536 2010-07-27] (Lenovo Group Limited)
2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [101736 2011-07-12] (Lenovo Group Limited)
2 LENOVO.TPKNRSVC; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [74088 2010-07-27] (Lenovo Group Limited)
2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
2 lxedCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxedserv.exe [45736 2010-04-14] (Lexmark International, Inc.)
2 lxed_device; C:\Windows\system32\lxedcoms.exe -service [1052328 2010-04-14] ( )
2 McAfee SiteAdvisor Service; C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [102608 2011-08-10] (McAfee, Inc.)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [12784 2011-04-27] (Microsoft Corporation)
2 MyWebSearchService; C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe [34320 2011-05-14] (MyWebSearch.com)
3 NisSrv; "C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe" [288272 2011-04-27] (Microsoft Corporation)
3 Power Manager DBC Service; "C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE" [89152 2011-10-04] (Lenovo)
3 PwmEWSvc; C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [175168 2011-10-04] (Lenovo Group Limited)
2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [199272 2010-07-14] (Realtek Semiconductor)
2 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [28672 2011-07-25] (Lenovo Group Limited)
2 ThinkVantage Registry Monitor Service; "C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe" [1028096 2010-08-20] (Lenovo Group Limited)
3 TPHDEXLGSVC; C:\Windows\System32\TPHDEXLG64.exe [47728 2011-03-29] (Lenovo.)
2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [145256 2011-07-12] (Lenovo Group Limited)
2 TPHKSVC; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [142696 2011-07-12] (Lenovo Group Limited)
3 TVT Backup Service; "C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe" [1490944 2010-09-06] (Lenovo Group Limited)

========================== Drivers (Whitelisted) =============

3 5U877; C:\Windows\System32\Drivers\5U877.sys [161664 2010-03-17] (Ricoh co.,Ltd.)
3 hamachi; C:\Windows\System32\Drivers\hamachi.sys [33856 2009-03-18] (LogMeIn, Inc.)
3 IBMPMDRV; C:\Windows\System32\Drivers\IBMPMDRV.sys [39024 2011-08-11] (Lenovo.)
1 lenovo.smi; C:\Windows\System32\DRIVERS\smiifx64.sys [15472 2010-09-07] (Lenovo Group Limited)
3 psadd; C:\Windows\System32\Drivers\psadd.sys [40512 2009-07-01] (Lenovo (United States) Inc.)
3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [242720 2010-03-12] (Realtek Semiconductor Corp.)
0 Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [139888 2011-03-29] (Lenovo.)
0 TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [23664 2011-03-29] (Lenovo.)
3 TPM; C:\Windows\System32\Drivers\TPM.sys [38400 2009-07-13] (Microsoft Corporation)
1 TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [14960 2011-10-04] (Lenovo Group Limited)
3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
3 PCDSRVC{127174DC-C366ED8B-06020200}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-06-09 14:40 - 2012-06-09 14:40 - 00000000 ____D C:\FRST
2012-06-09 13:56 - 2012-06-09 13:56 - 00001732 ____A C:\tvtpktfilter.dat
2012-06-08 22:19 - 2012-06-08 22:19 - 00000087 ____A C:\tvttemp.txt

============ 3 Months Modified Files and Folders =============

2012-06-09 14:40 - 2012-06-09 14:40 - 00000000 ____D C:\FRST
2012-06-09 14:15 - 2010-11-30 11:05 - 00000000 ___HD C:\swshare
2012-06-09 13:56 - 2012-06-09 13:56 - 00001732 ____A C:\tvtpktfilter.dat
2012-06-08 22:19 - 2012-06-08 22:19 - 00000087 ____A C:\tvttemp.txt
2012-06-08 22:01 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\winrm
2012-06-08 22:01 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\WCN
2012-06-08 22:01 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2012-06-08 22:01 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\SysWOW64\WindowsPowerShell
2012-06-08 22:01 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Web
2012-06-08 22:01 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Vss
2012-06-08 22:01 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\TAPI
2012-06-08 22:01 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-TW
2012-06-08 22:01 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2012-06-08 22:01 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-CN
2012-06-08 22:01 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\uk-UA
2012-06-08 22:01 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2012-06-08 22:01 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\th-TH
2012-06-08 22:00 - 2010-11-30 11:14 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2012-06-08 22:00 - 2010-11-30 10:54 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2012-06-08 22:00 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2012-06-08 22:00 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\sv-SE
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\sr-Latn-CS
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\sppui
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\spp
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Speech
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\sl-SI
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\sk-SK
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ru-RU
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ro-RO
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Recovery
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ras
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\pt-PT
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\pt-BR
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\pl-PL
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\nl-NL
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\NetworkList
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\nb-NO
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Msdtc
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\manifeststore
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\lv-LV
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\lt-LT
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ko-KR
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ja-JP
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\it-IT
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\InstallShield
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\IME
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\icsxml
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\hu-HU
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\hr-HR
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\fr-FR
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\fi-FI
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\et-EE
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\es-ES
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\el-GR
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\de-DE
2012-06-08 22:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\da-DK
2012-06-08 21:59 - 2011-10-31 17:54 - 00000000 ____D C:\Windows\SysWOW64\AGEIA
2012-06-08 21:59 - 2011-10-24 21:56 - 00000000 ____D C:\Windows\System32\SPReview
2012-06-08 21:59 - 2011-08-21 11:00 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2012-06-08 21:59 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\winrm
2012-06-08 21:59 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\WCN
2012-06-08 21:59 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\slmgr
2012-06-08 21:59 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\WindowsPowerShell
2012-06-08 21:59 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\WinBioPlugIns
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\cs-CZ
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\com
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\bg-BG
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ar-SA
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-TW
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-HK
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-CN
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\winevt
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\uk-UA
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\tr-TR
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\th-TH
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sysprep
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sv-SE
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sr-Latn-CS
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sppui
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\spp
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\spool
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Speech
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\SMI
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sl-SI
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sk-SK
2012-06-08 21:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Setup
2012-06-08 21:58 - 2011-11-10 00:01 - 00000000 ____D C:\Windows\System32\Macromed
2012-06-08 21:58 - 2011-10-24 14:58 - 00000000 ____D C:\Windows\System32\EventProviders
2012-06-08 21:58 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\Printing_Admin_Scripts
2012-06-08 21:58 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\restore
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ___HD C:\Windows\System32\GroupPolicyUsers
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ___HD C:\Windows\System32\GroupPolicy
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ru-RU
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ro-RO
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Recovery
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ras
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\pt-PT
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\pt-BR
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\pl-PL
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\oobe
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\nl-NL
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NetworkList
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\nb-NO
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\MUI
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Msdtc
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\migwiz
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\manifeststore
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\lv-LV
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\lt-LT
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ko-KR
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ja-JP
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\it-IT
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\IME
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\icsxml
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ias
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\hu-HU
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\hr-HR
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\he-IL
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\fr-FR
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\fi-FI
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\et-EE
2012-06-08 21:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\es-ES
2012-06-08 21:57 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\el-GR
2012-06-08 21:56 - 2011-08-21 13:19 - 00000000 ____D C:\Windows\System32\Drivers\NSSx64
2012-06-08 21:56 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Dism
2012-06-08 21:56 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\de-DE
2012-06-08 21:56 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\da-DK
2012-06-08 21:56 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\cs-CZ
2012-06-08 21:56 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\config\TxR
2012-06-08 21:56 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\com
2012-06-08 21:55 - 2011-12-06 20:43 - 00000000 ____D C:\Windows\System32\appmgmt
2012-06-08 21:55 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\bg-BG
2012-06-08 21:55 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ar-SA
2012-06-08 21:55 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\AdvancedInstallers
2012-06-08 21:55 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Speech
2012-06-08 21:54 - 2010-11-30 11:27 - 00000000 ____D C:\Windows\PCHEALTH
2012-06-08 21:54 - 2009-07-24 09:29 - 00000000 ____D C:\Windows\Panther
2012-06-08 21:54 - 2009-07-13 23:45 - 00000000 ____D C:\Windows\ShellNew
2012-06-08 21:54 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\Performance
2012-06-08 21:54 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\Offline Web Pages
2012-06-08 21:54 - 2009-07-13 20:45 - 00000000 ____D C:\Windows\Setup
2012-06-08 21:54 - 2009-07-13 20:45 - 00000000 ____D C:\Windows\ServiceProfiles
2012-06-08 21:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\servicing
2012-06-08 21:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\security
2012-06-08 21:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\schemas
2012-06-08 21:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Resources
2012-06-08 21:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2012-06-08 21:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2012-06-08 21:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2012-06-08 21:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PLA
2012-06-08 21:53 - 2009-07-13 19:20 - 00000000 __RSD C:\Windows\Media
2012-06-08 21:53 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\L2Schemas
2012-06-08 21:49 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\IME
2012-06-08 21:49 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Help
2012-06-08 21:48 - 2011-09-22 16:19 - 00000000 ____D C:\Windows\en
2012-06-08 21:48 - 2010-11-30 11:29 - 00000000 ____D C:\Windows\Downloaded Installations
2012-06-08 21:48 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\DigitalLocker
2012-06-08 21:48 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2012-06-08 21:48 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Globalization
2012-06-08 21:47 - 2010-11-30 11:32 - 00000000 ____D C:\Windows\delnis
2012-06-08 21:47 - 2010-11-30 10:49 - 00000000 ____D C:\Windows\CSC
2012-06-08 21:47 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Cursors
2012-06-08 21:47 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Branding
2012-06-08 21:46 - 2011-12-29 10:28 - 00000000 ____D C:\Users\Public\Lenovo
2012-06-08 21:46 - 2011-12-24 19:22 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Roaming\Google
2012-06-08 21:46 - 2011-12-24 19:22 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Local\Google
2012-06-08 21:46 - 2011-12-23 22:15 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Roaming\Ventrilo
2012-06-08 21:46 - 2011-12-23 15:11 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Local\Apple Computer
2012-06-08 21:46 - 2011-12-19 14:47 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Local\Broadcom
2012-06-08 21:46 - 2011-12-06 20:03 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Roaming\Adobe
2012-06-08 21:46 - 2011-12-06 18:46 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Roaming\Apple Computer
2012-06-08 21:46 - 2011-12-06 18:45 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Roaming\Macromedia
2012-06-08 21:46 - 2011-12-06 18:45 - 00000000 ____D C:\Users\John Connor Biggs\AppData\LocalLow
2012-06-08 21:46 - 2011-12-06 18:45 - 00000000 ____D C:\users\John Connor Biggs
2012-06-08 21:46 - 2011-01-24 15:16 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2012-06-08 21:46 - 2011-01-24 15:16 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2012-06-08 21:46 - 2009-07-13 23:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2012-06-08 21:46 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\addins
2012-06-08 21:46 - 2009-07-13 19:20 - 00000000 __RHD C:\Users\Public\Libraries
2012-06-08 21:46 - 2009-07-13 19:20 - 00000000 __RHD C:\users\Default
2012-06-08 21:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
2012-06-08 21:45 - 2011-12-29 13:00 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\PCDr
2012-06-08 21:45 - 2011-12-29 10:50 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\PwrMgr
2012-06-08 21:45 - 2011-12-29 10:25 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\InstallShield
2012-06-08 21:45 - 2011-12-08 17:33 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Yahoo!
2012-06-08 21:45 - 2011-10-31 17:55 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\InstallShield Installation Information
2012-06-08 21:45 - 2011-10-24 15:28 - 00000000 ____D C:\Users\Connor Biggs\Documents\InterVideo
2012-06-08 21:45 - 2011-10-16 19:07 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\.minecraft
2012-06-08 21:45 - 2011-10-11 22:47 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Update
2012-06-08 21:45 - 2011-09-24 12:46 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Apple Computer
2012-06-08 21:45 - 2011-09-13 10:06 - 00000000 ____D C:\Users\Connor Biggs\Documents\School
2012-06-08 21:45 - 2011-09-11 19:16 - 00000000 ___RD C:\Users\Connor Biggs\Documents\Scanned Documents
2012-06-08 21:45 - 2011-09-11 19:16 - 00000000 ____D C:\Users\Connor Biggs\Documents\Fax
2012-06-08 21:45 - 2011-08-23 09:50 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Mozilla
2012-06-08 21:45 - 2011-08-21 11:04 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Uniblue
2012-06-08 21:45 - 2011-06-30 07:12 - 00000000 ____D C:\Users\Connor Biggs\Documents\My Received Files
2012-06-08 21:45 - 2011-06-29 21:04 - 00000000 ____D C:\Users\Connor Biggs\Tracing
2012-06-08 21:45 - 2011-06-06 19:51 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\LolClient
2012-06-08 21:45 - 2011-05-13 14:40 - 00000000 ___HD C:\Users\Connor Biggs\Documents\My ooVoo
2012-06-08 21:45 - 2011-05-13 14:37 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Roaming\ooVoo Details
2012-06-08 21:45 - 2011-03-09 15:09 - 00000000 ___HD C:\Users\Connor Biggs\Documents\WoW Mats
2012-06-08 21:45 - 2011-01-24 15:16 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
2012-06-08 21:45 - 2011-01-22 19:16 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Ventrilo
2012-06-08 21:45 - 2011-01-01 23:25 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Roaming\Google
2012-06-08 21:45 - 2011-01-01 23:20 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Roaming\skypePM
2012-06-08 21:45 - 2011-01-01 23:19 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Skype
2012-06-08 21:45 - 2011-01-01 18:13 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Macromedia
2012-06-08 21:45 - 2011-01-01 18:13 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Adobe
2012-06-08 21:45 - 2010-12-24 23:21 - 00000000 ____D C:\users\Connor Biggs
2012-06-08 21:44 - 2011-11-22 03:24 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Yahoo!
2012-06-08 21:44 - 2011-06-26 13:06 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\{3AB3E55B-A6C4-44B7-8BE7-C1D03C9D69DD}
2012-06-08 21:44 - 2011-04-26 19:53 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Local\Windows Live
2012-06-08 21:44 - 2010-12-24 23:36 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Local\VirtualStore
2012-06-08 21:44 - 2010-12-24 23:21 - 00000000 ____D C:\Users\Connor Biggs\AppData\LocalLow
2012-06-08 21:43 - 2011-10-13 20:28 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Pando_Temp
2012-06-08 21:43 - 2011-08-23 09:50 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Mozilla
2012-06-08 21:43 - 2011-05-29 21:35 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Local\Microsoft Games
2012-06-08 21:38 - 2011-12-29 11:00 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\ElevatedDiagnostics
2012-06-08 21:38 - 2011-10-23 03:43 - 00000000 __SHD C:\Users\Connor Biggs\AppData\Local\2e26c49f
2012-06-08 21:38 - 2011-10-20 23:58 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\LogMeIn Hamachi
2012-06-08 21:38 - 2011-10-13 20:29 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Electronic_Arts_Inc
2012-06-08 21:38 - 2011-09-24 12:46 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Apple Computer
2012-06-08 21:38 - 2011-09-24 12:44 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Apple
2012-06-08 21:38 - 2011-09-11 17:32 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Facebook
2012-06-08 21:38 - 2011-08-18 13:57 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Apps\2.0
2012-06-08 21:38 - 2011-01-24 14:56 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Adobe
2012-06-08 21:38 - 2011-01-01 23:19 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Google
2012-06-08 21:38 - 2011-01-01 18:09 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Local\Broadcom
2012-06-08 21:38 - 2009-07-24 09:28 - 00000000 ____D C:\SWTOOLS
2012-06-08 21:34 - 2011-12-29 13:02 - 00000000 ____D C:\Users\All Users\PC-Doctor for Windows
2012-06-08 21:34 - 2011-12-05 18:37 - 00000000 ____D C:\Users\All Users\PC Optimizer Pro
2012-06-08 21:34 - 2011-12-05 18:32 - 00000000 ____D C:\Users\All Users\Tarma Installer
2012-06-08 21:34 - 2011-11-22 03:23 - 00000000 ____D C:\Users\All Users\Yahoo!
2012-06-08 21:34 - 2011-11-01 17:10 - 00000000 ____D C:\Users\All Users\Nexon
2012-06-08 21:34 - 2011-11-01 16:58 - 00000000 ____D C:\Users\All Users\NexonUS
2012-06-08 21:34 - 2011-10-24 14:21 - 00000000 ____D C:\Users\All Users\Sun
2012-06-08 21:34 - 2011-09-24 12:45 - 00000000 ____D C:\Users\All Users\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-06-08 21:34 - 2011-09-17 19:45 - 00000000 ____D C:\Users\All Users\VooMuuSA
2012-06-08 21:34 - 2011-09-11 19:15 - 00000000 ____D C:\Users\All Users\lx_Cats
2012-06-08 21:34 - 2011-08-21 13:19 - 00000000 ____D C:\Users\All Users\Symantec
2012-06-08 21:34 - 2011-08-21 13:19 - 00000000 ____D C:\Users\All Users\NortonInstaller
2012-06-08 21:34 - 2011-08-21 13:19 - 00000000 ____D C:\Users\All Users\Norton
2012-06-08 21:34 - 2011-08-21 11:04 - 00000000 ___DC C:\Users\All Users\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2012-06-08 21:34 - 2011-08-02 12:30 - 00000000 ____D C:\Users\All Users\Blizzard Entertainment
2012-06-08 21:34 - 2011-05-27 19:07 - 00000000 ___HD C:\Users\All Users\gN06511JoOfJ06511
2012-06-08 21:34 - 2011-04-03 18:15 - 00000000 ___HD C:\Users\All Users\jNg06509oCaNg06509
2012-06-08 21:34 - 2011-01-08 15:32 - 00000000 ___HD C:\Users\All Users\McAfee
2012-06-08 21:34 - 2011-01-08 15:32 - 00000000 ____D C:\Users\All Users\McAfee Security Scan
2012-06-08 21:34 - 2011-01-01 23:19 - 00000000 ____D C:\Users\All Users\Skype
2012-06-08 21:34 - 2011-01-01 23:19 - 00000000 ____D C:\Users\All Users\Google
2012-06-08 21:34 - 2011-01-01 18:38 - 00000000 ____D C:\Users\All Users\Hewlett-Packard
2012-06-08 21:34 - 2011-01-01 18:21 - 00000000 ___HD C:\Users\All Users\HP
2012-06-08 21:34 - 2010-12-25 23:00 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-06-08 21:34 - 2010-11-30 11:22 - 00000000 ___HD C:\Users\All Users\PCDr
2012-06-08 21:34 - 2010-11-30 11:14 - 00000000 ___HD C:\Users\All Users\InterVideo
2012-06-08 21:34 - 2010-11-30 11:13 - 00000000 ____D C:\Users\All Users\Lenovo
2012-06-08 21:34 - 2010-11-30 11:12 - 00000000 ____D C:\Users\All Users\Ulead Systems
2012-06-08 21:33 - 2011-11-22 03:22 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2012-06-08 21:33 - 2011-10-24 14:20 - 00000000 ____D C:\Users\All Users\Ask
2012-06-08 21:33 - 2011-09-24 12:44 - 00000000 ____D C:\Users\All Users\Apple Computer
2012-06-08 21:33 - 2011-09-24 12:44 - 00000000 ____D C:\Users\All Users\Apple
2012-06-08 21:33 - 2011-09-17 19:46 - 00000000 ____D C:\Program Files (x86)\WhiteSmokeTranslator
2012-06-08 21:33 - 2011-09-17 19:46 - 00000000 ____D C:\Program Files (x86)\WhiteSmoke_Bar
2012-06-08 21:33 - 2010-11-30 11:27 - 00000000 ____D C:\Program Files (x86)\Windows Live
2012-06-08 21:33 - 2010-11-30 11:18 - 00000000 ___HD C:\Users\All Users\Adobe
2012-06-08 21:33 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2012-06-08 21:33 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2012-06-08 21:33 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2012-06-08 21:33 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2012-06-08 21:33 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2012-06-08 21:32 - 2011-09-17 19:45 - 00000000 ____D C:\Program Files (x86)\VooMuu
2012-06-08 21:32 - 2011-08-21 11:04 - 00000000 ____D C:\Program Files (x86)\Uniblue
2012-06-08 21:32 - 2011-08-21 11:04 - 00000000 ____D C:\Program Files (x86)\Superfish
2012-06-08 21:32 - 2011-06-27 10:22 - 00000000 ____D C:\Program Files (x86)\Utherverse Digital Inc
2012-06-08 21:32 - 2011-01-22 19:15 - 00000000 ____D C:\Program Files (x86)\Ventrilo
2012-06-08 21:32 - 2010-11-30 11:00 - 00000000 ____D C:\Program Files (x86)\ThinkPad
2012-06-08 21:32 - 2010-11-30 10:57 - 00000000 ____D C:\Program Files (x86)\ThinkPad Wireless LAN Adapter Software
2012-06-08 21:30 - 2011-10-22 23:55 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2012-06-08 21:18 - 2011-08-21 11:04 - 00000000 ____D C:\Program Files (x86)\SocialRibbons LP2
2012-06-08 21:18 - 2011-01-01 23:20 - 00000000 ____D C:\Program Files (x86)\Search Toolbar
2012-06-08 21:18 - 2011-01-01 23:19 - 00000000 ___RD C:\Program Files (x86)\Skype
2012-06-08 21:15 - 2011-12-05 19:21 - 00000000 ____D C:\Program Files (x86)\QuickTime
2012-06-08 21:15 - 2011-06-06 19:37 - 00000000 ____D C:\Program Files (x86)\Riot Games
2012-06-08 21:15 - 2010-11-30 10:57 - 00000000 ____D C:\Program Files (x86)\Realtek
2012-06-08 21:15 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2012-06-08 21:14 - 2011-12-29 10:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-06-08 21:14 - 2011-08-23 09:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-06-08 21:14 - 2011-08-21 13:19 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2012-06-08 21:14 - 2011-08-21 13:19 - 00000000 ____D C:\Program Files (x86)\Norton Security Scan
2012-06-08 21:14 - 2011-08-21 11:04 - 00000000 ____D C:\Program Files (x86)\PriceGong
2012-06-08 21:14 - 2011-06-06 19:15 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2012-06-08 21:14 - 2011-05-14 13:57 - 00000000 ____D C:\Program Files (x86)\MyWebSearch
2012-06-08 21:14 - 2011-02-06 12:26 - 00000000 ____D C:\Program Files (x86)\ProfileSong
2012-06-08 21:14 - 2010-11-30 11:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2012-06-08 21:14 - 2010-11-30 11:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-06-08 21:14 - 2010-11-30 11:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-06-08 21:14 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2012-06-08 21:13 - 2011-01-19 14:26 - 00000000 ____D C:\Program Files (x86)\McAfee
2012-06-08 21:13 - 2011-01-08 15:32 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2012-06-08 21:13 - 2010-12-25 23:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2012-06-08 21:13 - 2010-11-30 11:00 - 00000000 ____D C:\Program Files (x86)\Lenovo
2012-06-08 21:11 - 2011-12-29 10:26 - 00000000 ____D C:\Program Files (x86)\Integrated Camera Driver
2012-06-08 21:11 - 2011-09-24 12:45 - 00000000 ____D C:\Program Files (x86)\iTunes
2012-06-08 21:11 - 2010-11-30 11:17 - 00000000 ____D C:\Program Files (x86)\Java
2012-06-08 21:11 - 2010-11-30 11:09 - 00000000 ____D C:\Program Files (x86)\InterVideo
2012-06-08 21:11 - 2010-11-30 10:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-06-08 21:10 - 2011-12-05 18:32 - 00000000 ____D C:\Program Files (x86)\Free Offers from Freeze.com
2012-06-08 21:10 - 2011-10-13 20:26 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2012-06-08 21:10 - 2011-05-14 13:57 - 00000000 ____D C:\Program Files (x86)\FunWebProducts
2012-06-08 21:10 - 2011-01-01 23:19 - 00000000 ____D C:\Program Files (x86)\Google
2012-06-08 21:09 - 2011-02-06 12:26 - 00000000 ____D C:\Program Files (x86)\ConduitEngine
2012-06-08 21:09 - 2011-02-06 12:26 - 00000000 ____D C:\Program Files (x86)\Conduit
2012-06-08 21:09 - 2010-11-30 11:12 - 00000000 ____D C:\Program Files (x86)\Corel
2012-06-08 21:08 - 2011-12-29 10:05 - 00000000 ____D C:\Program Files (x86)\Cisco
2012-06-08 21:08 - 2011-12-05 19:17 - 00000000 ____D C:\Program Files (x86)\Bonjour
2012-06-08 21:08 - 2011-11-01 17:03 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2012-06-08 21:08 - 2011-09-24 12:44 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2012-06-08 21:08 - 2011-09-17 19:46 - 00000000 ____D C:\Program Files (x86)\Blinkx
2012-06-08 21:08 - 2010-11-30 10:59 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2012-06-08 21:06 - 2011-10-31 17:54 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2012-06-08 21:06 - 2011-10-22 21:52 - 00000000 ____D C:\Program Files (x86)\alaplaya
2012-06-08 21:06 - 2011-09-15 16:47 - 00000000 ____D C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint
2012-06-08 21:06 - 2010-11-30 11:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2012-06-08 21:05 - 2011-12-29 10:48 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-06-08 21:05 - 2011-12-05 18:32 - 00000000 ____D C:\Program Files\PC Optimizer Pro
2012-06-08 21:05 - 2011-12-05 18:32 - 00000000 ____D C:\Program Files (x86)\7-Zip
2012-06-08 21:05 - 2011-04-03 18:31 - 00000000 ____D C:\Program Files\WiseFixer
2012-06-08 21:05 - 2010-12-25 23:01 - 00000000 ____D C:\Program Files\Microsoft Office
2012-06-08 21:05 - 2010-11-30 11:34 - 00000000 ____D C:\Program Files\Synaptics
2012-06-08 21:05 - 2010-11-30 11:27 - 00000000 ____D C:\Program Files\Windows Live
2012-06-08 21:05 - 2010-11-30 11:22 - 00000000 ____D C:\Program Files\PC-Doctor
2012-06-08 21:05 - 2010-11-30 11:08 - 00000000 ____D C:\Program Files\ThinkVantage
2012-06-08 21:05 - 2010-11-30 10:56 - 00000000 ____D C:\Program Files\ThinkPad
2012-06-08 21:05 - 2010-11-30 10:54 - 00000000 ____D C:\Program Files\Realtek
2012-06-08 21:05 - 2009-07-13 23:45 - 00000000 ____D C:\Program Files\Windows Journal
2012-06-08 21:05 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2012-06-08 21:05 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2012-06-08 21:05 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2012-06-08 21:05 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Defender
2012-06-08 21:05 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Reference Assemblies
2012-06-08 21:05 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\MSBuild
2012-06-08 21:05 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Microsoft Games
2012-06-08 21:05 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Windows NT
2012-06-08 21:04 - 2011-12-29 10:06 - 00000000 ____D C:\Program Files\Common Files\Lenovo
2012-06-08 21:04 - 2011-12-05 19:20 - 00000000 ____D C:\Program Files\iTunes
2012-06-08 21:04 - 2011-12-05 19:20 - 00000000 ____D C:\Program Files\iPod
2012-06-08 21:04 - 2011-09-24 12:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2012-06-08 21:04 - 2011-09-24 12:44 - 00000000 ____D C:\Program Files\Bonjour
2012-06-08 21:04 - 2011-09-15 16:46 - 00000000 ____D C:\Program Files\Lexmark Toolbar
2012-06-08 21:04 - 2011-09-11 19:15 - 00000000 ____D C:\Program Files\Lexmark S600 Series
2012-06-08 21:04 - 2011-09-11 19:14 - 00000000 ____D C:\Program Files\Lexmark
2012-06-08 21:04 - 2011-01-01 23:20 - 00000000 ____D C:\Program Files\Google
2012-06-08 21:04 - 2011-01-01 18:36 - 00000000 ____D C:\Program Files\Hewlett-Packard
2012-06-08 21:04 - 2010-11-30 11:16 - 00000000 ____D C:\Program Files\Java
2012-06-08 21:04 - 2010-11-30 10:59 - 00000000 ____D C:\Program Files\ATI
2012-06-08 21:04 - 2010-11-30 10:55 - 00000000 ____D C:\Program Files\Lenovo
2012-06-08 21:04 - 2010-11-30 10:54 - 00000000 ____D C:\Program Files\DIFX
2012-06-08 21:04 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\DVD Maker
2012-06-08 21:04 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\System
2012-06-08 21:04 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2012-06-08 21:04 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Services
2012-06-08 21:04 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2012-06-08 21:04 - 2009-07-13 19:20 - 00000000 ____D C:\PerfLogs
2012-06-08 21:03 - 2010-12-25 23:00 - 00000000 __RHD C:\MSOCache
2012-06-08 21:03 - 2010-11-30 11:30 - 00000000 ___HD C:\mfg

ZeroAccess:
C:\Users\Connor Biggs\AppData\Local\2e26c49f

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 16%
Total physical RAM: 3838.15 MB
Available physical RAM: 3190.17 MB
Total Pagefile: 3836.3 MB
Available Pagefile: 3182.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (Windows7_OS) (Fixed) (Total:464.59 GB) (Free:316.87 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive g: () (Removable) (Total:3.82 GB) (Free:3.71 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (SYSTEM_DRV) (Fixed) (Total:1.17 GB) (Free:0.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 No Media 0 B 0 B
Disk 2 Online 3864 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1200 MB 1024 KB
Partition 2 Primary 464 GB 1201 MB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM_DRV NTFS Partition 1200 MB Healthy

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C Windows7_OS NTFS Partition 464 GB Healthy

======================================================================================================

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3919 MB 31 KB

======================================================================================================

Disk: 2
Partition 1
Type : 0B
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G FAT32 Removable 3919 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2011-12-23 11:14

======================= End Of Log ==========================
  • 0

#15
Jbiggs

Jbiggs

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
whats next?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP