the Never ending loop of lenovo think pad edge 64bit
Started by
Jbiggs
, Jun 08 2012 09:44 PM
This topic is locked
#31
Posted 09 June 2012 - 10:01 PM
Jbiggs
- Topic Starter
-
- Member
-
- 49 posts
Member
#32
Posted 09 June 2012 - 10:44 PM
JSntgRvr
-
- Global Moderator
-
- 11,579 posts
Global Moderator
You mean atapi.sys?
Run FRST as you did before.
Type the following in the edit box after "Search:".
atapi.sys
It should look as:
Search: atapi.sys
Click Search button and post the log (Search.txt) it makes in the USB drive to your reply.
Run FRST as you did before.
Type the following in the edit box after "Search:".
atapi.sys
It should look as:
Search: atapi.sys
Click Search button and post the log (Search.txt) it makes in the USB drive to your reply.
#33
Posted 09 June 2012 - 11:01 PM
Jbiggs
- Topic Starter
-
- Member
-
- 49 posts
Member
Farbar Recovery Scan Tool Version: 09-06-2012 01
Ran by SYSTEM at 2012-06-09 22:58:24
Running from G:\
================== Search: "atapi.sys" ===================
C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009-07-13 15:19] - [2009-07-13 17:52] - 0024128 ____N (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009-07-13 15:19] - [2009-07-13 17:52] - 0024128 ____N (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\system64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-13 19:01] - [2009-07-13 19:01] - 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\system64\drivers\atapi.sys
[2009-07-13 19:01] - [2009-07-13 19:01] - 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-13 15:19] - [2009-07-13 17:52] - 0024128 ____N (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\System32\drivers\atapi.sys
[2009-07-13 15:19] - [2009-07-13 17:52] - 0024128 ____N (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
====== End Of Search ======
Ran by SYSTEM at 2012-06-09 22:58:24
Running from G:\
================== Search: "atapi.sys" ===================
C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009-07-13 15:19] - [2009-07-13 17:52] - 0024128 ____N (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009-07-13 15:19] - [2009-07-13 17:52] - 0024128 ____N (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\system64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-13 19:01] - [2009-07-13 19:01] - 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\system64\drivers\atapi.sys
[2009-07-13 19:01] - [2009-07-13 19:01] - 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-13 15:19] - [2009-07-13 17:52] - 0024128 ____N (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\System32\drivers\atapi.sys
[2009-07-13 15:19] - [2009-07-13 17:52] - 0024128 ____N (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
====== End Of Search ======
#34
Posted 09 June 2012 - 11:06 PM
Jbiggs
- Topic Starter
-
- Member
-
- 49 posts
Member
re-ran safe mode it was atipcie.sys that it frezes on then gives me the error ran it the info is as followes Farbar Recovery Scan Tool Version: 09-06-2012 01
Ran by SYSTEM at 2012-06-09 22:58:24
Running from G:\
================== Search: "atapi.sys" ===================
C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009-07-13 15:19] - [2009-07-13 17:52] - 0024128 ____N (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009-07-13 15:19] - [2009-07-13 17:52] - 0024128 ____N (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\system64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-13 19:01] - [2009-07-13 19:01] - 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\system64\drivers\atapi.sys
[2009-07-13 19:01] - [2009-07-13 19:01] - 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-13 15:19] - [2009-07-13 17:52] - 0024128 ____N (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\System32\drivers\atapi.sys
[2009-07-13 15:19] - [2009-07-13 17:52] - 0024128 ____N (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
====== End Of Search ======
but i did your serch it is as posted above
Ran by SYSTEM at 2012-06-09 22:58:24
Running from G:\
================== Search: "atapi.sys" ===================
C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009-07-13 15:19] - [2009-07-13 17:52] - 0024128 ____N (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009-07-13 15:19] - [2009-07-13 17:52] - 0024128 ____N (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\system64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-13 19:01] - [2009-07-13 19:01] - 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\system64\drivers\atapi.sys
[2009-07-13 19:01] - [2009-07-13 19:01] - 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-13 15:19] - [2009-07-13 17:52] - 0024128 ____N (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
C:\Windows\System32\drivers\atapi.sys
[2009-07-13 15:19] - [2009-07-13 17:52] - 0024128 ____N (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C
====== End Of Search ======
but i did your serch it is as posted above
#35
Posted 10 June 2012 - 11:02 AM
JSntgRvr
-
- Global Moderator
-
- 11,579 posts
Global Moderator
Search for atipcie.sys instead using FRST and post the resulting Search.txt report.
#36
Posted 10 June 2012 - 11:06 AM
Jbiggs
- Topic Starter
-
- Member
-
- 49 posts
Member
weird i swore i did that............
Farbar Recovery Scan Tool Version: 09-06-2012 01
Ran by SYSTEM at 2012-06-10 11:05:13
Running from G:\
================== Search: "atipcie.sys" ===================
C:\Windows\System32\DriverStore\FileRepository\atipcie.inf_amd64_neutral_2c223f9139d7e453\AtiPcie.sys
[2010-11-30 11:01] - [2009-08-23 16:55] - 0016440 ____N (Advanced Micro Devices Inc.) C07A040D6B5A42DD41EE386CF90974C8
C:\Windows\System32\drivers\AtiPcie.sys
[2010-11-30 11:01] - [2009-08-23 16:55] - 0016440 ____N (Advanced Micro Devices Inc.) C07A040D6B5A42DD41EE386CF90974C8
C:\SWTOOLS\DRIVERS\VIDEO\Packages\Drivers\SBDrv\Filter\NB\W764A\AtiPcie.sys
[2010-11-30 11:01] - [2009-08-23 16:55] - 0016440 ____N (Advanced Micro Devices Inc.) C07A040D6B5A42DD41EE386CF90974C8
C:\SWTOOLS\DRIVERS\VIDEO\Packages\Drivers\SBDrv\Filter\NB\W7\AtiPcie.sys
[2010-11-30 11:01] - [2009-08-23 16:55] - 0014392 ____N (Advanced Micro Devices Inc.) ACA01C43D065E546C6DC88EA669CECA6
====== End Of Search ======
Farbar Recovery Scan Tool Version: 09-06-2012 01
Ran by SYSTEM at 2012-06-10 11:05:13
Running from G:\
================== Search: "atipcie.sys" ===================
C:\Windows\System32\DriverStore\FileRepository\atipcie.inf_amd64_neutral_2c223f9139d7e453\AtiPcie.sys
[2010-11-30 11:01] - [2009-08-23 16:55] - 0016440 ____N (Advanced Micro Devices Inc.) C07A040D6B5A42DD41EE386CF90974C8
C:\Windows\System32\drivers\AtiPcie.sys
[2010-11-30 11:01] - [2009-08-23 16:55] - 0016440 ____N (Advanced Micro Devices Inc.) C07A040D6B5A42DD41EE386CF90974C8
C:\SWTOOLS\DRIVERS\VIDEO\Packages\Drivers\SBDrv\Filter\NB\W764A\AtiPcie.sys
[2010-11-30 11:01] - [2009-08-23 16:55] - 0016440 ____N (Advanced Micro Devices Inc.) C07A040D6B5A42DD41EE386CF90974C8
C:\SWTOOLS\DRIVERS\VIDEO\Packages\Drivers\SBDrv\Filter\NB\W7\AtiPcie.sys
[2010-11-30 11:01] - [2009-08-23 16:55] - 0014392 ____N (Advanced Micro Devices Inc.) ACA01C43D065E546C6DC88EA669CECA6
====== End Of Search ======
#37
Posted 10 June 2012 - 11:19 AM
JSntgRvr
-
- Global Moderator
-
- 11,579 posts
Global Moderator
Something that is bugging me is that all folders reported by FRST were created on the same date, 2012-06-08. It looks that there was an attempt to restore the computer to factory settings, thus creating new system folders. Can you confirm that for me?
#38
Posted 10 June 2012 - 11:25 AM
Jbiggs
- Topic Starter
-
- Member
-
- 49 posts
Member
yea it attempted to try after i made this post and it got to 6% then failed said something to the efect of "due to 1 more more reasons the restore did not work" closed its self and proceded with the repair loop. so yes it tryed but failed for some reason
#39
Posted 10 June 2012 - 11:42 AM
JSntgRvr
-
- Global Moderator
-
- 11,579 posts
Global Moderator
Unfortunately when that happens files are deleted and the installation becomes incomplete.
Since we remove what appeared to be part of Zero Access, try once again to bring the computer to factory settings. If an error is received let me know about it.
Since we remove what appeared to be part of Zero Access, try once again to bring the computer to factory settings. If an error is received let me know about it.
Edited by JSntgRvr, 10 June 2012 - 11:44 AM.
Typo
#40
Posted 10 June 2012 - 11:52 AM
Jbiggs
- Topic Starter
-
- Member
-
- 49 posts
Member
NOt an error but I started it 6 minuts ago and it is still at 0% so probably gona be a little before my next reply
#41
Posted 10 June 2012 - 11:54 AM
JSntgRvr
-
- Global Moderator
-
- 11,579 posts
Global Moderator
No problem.
#42
Posted 10 June 2012 - 12:06 PM
Jbiggs
- Topic Starter
-
- Member
-
- 49 posts
Member
EFT (ESTIMATED FINISH TIME) 132 min
#43
Posted 10 June 2012 - 04:40 PM
Jbiggs
- Topic Starter
-
- Member
-
- 49 posts
Member
no channge is the error loop even though the restore was successful
#44
Posted 10 June 2012 - 06:38 PM
JSntgRvr
-
- Global Moderator
-
- 11,579 posts
Global Moderator
You may be experiencing hardware issues.
Scan with FRST and post the resulting FRST.txt log.
Scan with FRST and post the resulting FRST.txt log.
#45
Posted 10 June 2012 - 10:48 PM
Jbiggs
- Topic Starter
-
- Member
-
- 49 posts
Member
Scan result of Farbar Recovery Scan Tool Version: 09-06-2012 01
Ran by SYSTEM at 10-06-2012 22:44:59
Running from G:\
Windows 7 Professional (X64) OS Language: English(US)
The current controlset is ControlSet001
========================== Registry (Whitelisted) =============
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11049576 2010-07-14] (Realtek Semiconductor)
HKLM\...\Run: [TpShocks] TpShocks.exe [x]
HKLM\...\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [62312 2010-07-27] (Lenovo Group Limited)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2832168 2011-09-30] (Synaptics Incorporated)
HKLM\...\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [33344 2011-10-20] (Lenovo)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1436736 2011-06-15] (Microsoft Corporation)
HKLM-x32\...\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor [1631296 2011-10-04] (Lenovo Group Limited)
HKLM-x32\...\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~2\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h [34336 2011-05-14] (MyWebSearch.com)
HKLM-x32\...\Run: [MyWebSearch Email Plugin] C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe [38408 2011-05-14] (MyWebSearch.com)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2011-09-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2011-11-12] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [Launch Backup Service Once] C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrstrigger.exe -start [70456 2010-08-20] ()
HKU\Connor Biggs\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-01-01] (Google Inc.)
HKU\Connor Biggs\...\Run: [MyWebSearch Email Plugin] C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe [38408 2011-05-14] (MyWebSearch.com)
HKU\Connor Biggs\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4283256 2011-05-13] (Microsoft Corporation)
HKU\Connor Biggs\...\Run: [Facebook Update] "C:\Users\Connor Biggs\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [137536 2011-09-11] (Facebook Inc.)
HKU\Connor Biggs\...\Run: [Skype] "C:\Users\Connor Biggs\Desktop\Skype.exe" /nosplash /minimized [15026056 2011-01-26] (Skype Technologies S.A.)
HKU\Connor Biggs\...\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet [6276408 2011-08-22] (Yahoo! Inc.)
HKU\Connor Biggs\...\Policies\system: [LogonHoursAction] 2
HKU\Connor Biggs\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\John Connor Biggs\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-01-01] (Google Inc.)
HKU\John Connor Biggs\...\Policies\system: [LogonHoursAction] 2
HKU\John Connor Biggs\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Lsa: [Notification Packages] scecli
ACGina
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
==================== Services (Whitelisted) ======
2 AcPrfMgrSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe [134208 2011-10-20] (Lenovo)
2 AcSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe [269376 2011-10-20] (Lenovo)
2 btwdins; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [873248 2010-02-17] (Broadcom Corporation.)
2 IBMPMSVC; C:\Windows\System32\ibmpmsvc.exe [45928 2011-08-11] (Lenovo.)
2 IviRegMgr; "C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe" [112152 2007-01-04] (InterVideo)
2 LENOVO.CAMMUTE; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [50536 2010-07-27] (Lenovo Group Limited)
2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [101736 2011-07-12] (Lenovo Group Limited)
2 LENOVO.TPKNRSVC; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [74088 2010-07-27] (Lenovo Group Limited)
2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
2 lxedCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxedserv.exe [45736 2010-04-14] (Lexmark International, Inc.)
2 lxed_device; C:\Windows\system32\lxedcoms.exe -service [1052328 2010-04-14] ( )
2 McAfee SiteAdvisor Service; C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [102608 2011-08-10] (McAfee, Inc.)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [12784 2011-04-27] (Microsoft Corporation)
2 MyWebSearchService; C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe [34320 2011-05-14] (MyWebSearch.com)
3 NisSrv; "C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe" [288272 2011-04-27] (Microsoft Corporation)
3 Power Manager DBC Service; "C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE" [89152 2011-10-04] (Lenovo)
3 PwmEWSvc; C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [175168 2011-10-04] (Lenovo Group Limited)
2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [199272 2010-07-14] (Realtek Semiconductor)
2 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [28672 2011-07-25] (Lenovo Group Limited)
2 ThinkVantage Registry Monitor Service; "C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe" [1028096 2010-08-20] (Lenovo Group Limited)
3 TPHDEXLGSVC; C:\Windows\System32\TPHDEXLG64.exe [47728 2011-03-29] (Lenovo.)
2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [145256 2011-07-12] (Lenovo Group Limited)
2 TPHKSVC; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [142696 2011-07-12] (Lenovo Group Limited)
3 TVT Backup Service; "C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe" [1490944 2010-09-06] (Lenovo Group Limited)
========================== Drivers (Whitelisted) =============
3 5U877; C:\Windows\System32\Drivers\5U877.sys [161664 2010-03-17] (Ricoh co.,Ltd.)
3 hamachi; C:\Windows\System32\Drivers\hamachi.sys [33856 2009-03-18] (LogMeIn, Inc.)
3 IBMPMDRV; C:\Windows\System32\Drivers\IBMPMDRV.sys [39024 2011-08-11] (Lenovo.)
1 lenovo.smi; C:\Windows\System32\DRIVERS\smiifx64.sys [15472 2010-09-07] (Lenovo Group Limited)
3 psadd; C:\Windows\System32\Drivers\psadd.sys [40512 2009-07-01] (Lenovo (United States) Inc.)
3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [242720 2010-03-12] (Realtek Semiconductor Corp.)
0 Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [139888 2011-03-29] (Lenovo.)
0 TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [23664 2011-03-29] (Lenovo.)
3 TPM; C:\Windows\System32\Drivers\TPM.sys [38400 2009-07-13] (Microsoft Corporation)
1 TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [14960 2011-10-04] (Lenovo Group Limited)
3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
3 PCDSRVC{127174DC-C366ED8B-06020200}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [x]
========================== NetSvcs (Whitelisted) ===========
============ One Month Created Files and Folders ==============
2012-06-10 22:44 - 2012-06-10 22:45 - 00000000 ____D C:\FRST
2012-06-10 19:02 - 2012-06-10 19:02 - 00001732 ____A C:\tvtpktfilter.dat
2012-06-10 16:02 - 2012-06-10 16:02 - 00000087 ____A C:\tvttemp.txt
============ 3 Months Modified Files and Folders =============
2012-06-10 22:45 - 2012-06-10 22:44 - 00000000 ____D C:\FRST
2012-06-10 19:02 - 2012-06-10 19:02 - 00001732 ____A C:\tvtpktfilter.dat
2012-06-10 19:02 - 2010-11-30 11:05 - 00000000 ___HD C:\swshare
2012-06-10 16:02 - 2012-06-10 16:02 - 00000087 ____A C:\tvttemp.txt
2012-06-10 15:46 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\winrm
2012-06-10 15:46 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\WCN
2012-06-10 15:46 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\SysWOW64\WindowsPowerShell
2012-06-10 15:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Web
2012-06-10 15:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Vss
2012-06-10 15:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\TAPI
2012-06-10 15:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-TW
2012-06-10 15:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2012-06-10 15:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-CN
2012-06-10 15:45 - 2010-11-30 11:14 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2012-06-10 15:45 - 2010-11-30 10:54 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2012-06-10 15:45 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2012-06-10 15:45 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2012-06-10 15:45 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\uk-UA
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\th-TH
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\sv-SE
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\sr-Latn-CS
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\sppui
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\spp
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Speech
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\sl-SI
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\sk-SK
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ru-RU
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ro-RO
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Recovery
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ras
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\pt-PT
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\pt-BR
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\pl-PL
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\nl-NL
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\NetworkList
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\nb-NO
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Msdtc
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\manifeststore
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\lv-LV
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\lt-LT
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ko-KR
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ja-JP
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\it-IT
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\InstallShield
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\IME
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\icsxml
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\hu-HU
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\hr-HR
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\fr-FR
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\fi-FI
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\et-EE
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\es-ES
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\el-GR
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\de-DE
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\da-DK
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\cs-CZ
2012-06-10 15:44 - 2011-10-31 17:54 - 00000000 ____D C:\Windows\SysWOW64\AGEIA
2012-06-10 15:44 - 2011-10-24 21:56 - 00000000 ____D C:\Windows\System32\SPReview
2012-06-10 15:44 - 2011-08-21 11:00 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2012-06-10 15:44 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\winrm
2012-06-10 15:44 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\WCN
2012-06-10 15:44 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\slmgr
2012-06-10 15:44 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\Printing_Admin_Scripts
2012-06-10 15:44 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\WindowsPowerShell
2012-06-10 15:44 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\WinBioPlugIns
2012-06-10 15:44 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\restore
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\com
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\bg-BG
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ar-SA
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-TW
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-HK
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-CN
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\winevt
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\uk-UA
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\tr-TR
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\th-TH
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sysprep
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sv-SE
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sr-Latn-CS
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sppui
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\spp
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\spool
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Speech
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\SMI
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sl-SI
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sk-SK
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Setup
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ru-RU
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ro-RO
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Recovery
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ras
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\pt-PT
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\pt-BR
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\pl-PL
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\oobe
2012-06-10 15:43 - 2011-11-10 00:01 - 00000000 ____D C:\Windows\System32\Macromed
2012-06-10 15:43 - 2011-10-24 14:58 - 00000000 ____D C:\Windows\System32\EventProviders
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ___HD C:\Windows\System32\GroupPolicyUsers
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ___HD C:\Windows\System32\GroupPolicy
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\nl-NL
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NetworkList
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\nb-NO
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\MUI
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Msdtc
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\migwiz
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\manifeststore
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\lv-LV
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\lt-LT
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ko-KR
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ja-JP
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\it-IT
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\IME
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\icsxml
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ias
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\hu-HU
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\hr-HR
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\he-IL
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\fr-FR
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\fi-FI
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\et-EE
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\es-ES
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\el-GR
2012-06-10 15:41 - 2011-12-06 20:43 - 00000000 ____D C:\Windows\System32\appmgmt
2012-06-10 15:41 - 2011-08-21 13:19 - 00000000 ____D C:\Windows\System32\Drivers\NSSx64
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Dism
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\de-DE
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\da-DK
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\cs-CZ
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\config\TxR
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\com
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\bg-BG
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ar-SA
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\AdvancedInstallers
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Speech
2012-06-10 15:40 - 2010-11-30 11:27 - 00000000 ____D C:\Windows\PCHEALTH
2012-06-10 15:40 - 2009-07-24 09:29 - 00000000 ____D C:\Windows\Panther
2012-06-10 15:40 - 2009-07-13 23:45 - 00000000 ____D C:\Windows\ShellNew
2012-06-10 15:40 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\Performance
2012-06-10 15:40 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\Offline Web Pages
2012-06-10 15:40 - 2009-07-13 20:45 - 00000000 ____D C:\Windows\Setup
2012-06-10 15:40 - 2009-07-13 20:45 - 00000000 ____D C:\Windows\ServiceProfiles
2012-06-10 15:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\servicing
2012-06-10 15:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\security
2012-06-10 15:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\schemas
2012-06-10 15:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Resources
2012-06-10 15:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2012-06-10 15:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2012-06-10 15:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2012-06-10 15:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PLA
2012-06-10 15:39 - 2009-07-13 19:20 - 00000000 __RSD C:\Windows\Media
2012-06-10 15:39 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\L2Schemas
2012-06-10 15:34 - 2011-09-22 16:19 - 00000000 ____D C:\Windows\en
2012-06-10 15:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\IME
2012-06-10 15:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Help
2012-06-10 15:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Globalization
2012-06-10 15:33 - 2010-11-30 11:32 - 00000000 ____D C:\Windows\delnis
2012-06-10 15:33 - 2010-11-30 11:29 - 00000000 ____D C:\Windows\Downloaded Installations
2012-06-10 15:33 - 2010-11-30 10:49 - 00000000 ____D C:\Windows\CSC
2012-06-10 15:33 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\DigitalLocker
2012-06-10 15:33 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2012-06-10 15:33 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Cursors
2012-06-10 15:33 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Branding
2012-06-10 15:32 - 2011-12-29 10:28 - 00000000 ____D C:\Users\Public\Lenovo
2012-06-10 15:32 - 2011-12-24 19:22 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Roaming\Google
2012-06-10 15:32 - 2011-12-24 19:22 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Local\Google
2012-06-10 15:32 - 2011-12-23 22:15 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Roaming\Ventrilo
2012-06-10 15:32 - 2011-12-23 15:11 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Local\Apple Computer
2012-06-10 15:32 - 2011-12-19 14:47 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Local\Broadcom
2012-06-10 15:32 - 2011-12-06 20:03 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Roaming\Adobe
2012-06-10 15:32 - 2011-12-06 18:46 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Roaming\Apple Computer
2012-06-10 15:32 - 2011-12-06 18:45 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Roaming\Macromedia
2012-06-10 15:32 - 2011-12-06 18:45 - 00000000 ____D C:\Users\John Connor Biggs\AppData\LocalLow
2012-06-10 15:32 - 2011-12-06 18:45 - 00000000 ____D C:\users\John Connor Biggs
2012-06-10 15:32 - 2011-01-24 15:16 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2012-06-10 15:32 - 2011-01-24 15:16 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2012-06-10 15:32 - 2009-07-13 23:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2012-06-10 15:32 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\addins
2012-06-10 15:32 - 2009-07-13 19:20 - 00000000 __RHD C:\Users\Public\Libraries
2012-06-10 15:32 - 2009-07-13 19:20 - 00000000 __RHD C:\users\Default
2012-06-10 15:32 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
2012-06-10 15:31 - 2011-12-29 13:00 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\PCDr
2012-06-10 15:31 - 2011-12-29 10:50 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\PwrMgr
2012-06-10 15:31 - 2011-12-29 10:25 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\InstallShield
2012-06-10 15:31 - 2011-12-08 17:33 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Yahoo!
2012-06-10 15:31 - 2011-10-31 17:55 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\InstallShield Installation Information
2012-06-10 15:31 - 2011-10-24 15:28 - 00000000 ____D C:\Users\Connor Biggs\Documents\InterVideo
2012-06-10 15:31 - 2011-10-16 19:07 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\.minecraft
2012-06-10 15:31 - 2011-10-11 22:47 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Update
2012-06-10 15:31 - 2011-09-24 12:46 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Apple Computer
2012-06-10 15:31 - 2011-09-13 10:06 - 00000000 ____D C:\Users\Connor Biggs\Documents\School
2012-06-10 15:31 - 2011-09-11 19:16 - 00000000 ___RD C:\Users\Connor Biggs\Documents\Scanned Documents
2012-06-10 15:31 - 2011-09-11 19:16 - 00000000 ____D C:\Users\Connor Biggs\Documents\Fax
2012-06-10 15:31 - 2011-08-23 09:50 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Mozilla
2012-06-10 15:31 - 2011-08-21 11:04 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Uniblue
2012-06-10 15:31 - 2011-06-30 07:12 - 00000000 ____D C:\Users\Connor Biggs\Documents\My Received Files
2012-06-10 15:31 - 2011-06-29 21:04 - 00000000 ____D C:\Users\Connor Biggs\Tracing
2012-06-10 15:31 - 2011-06-06 19:51 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\LolClient
2012-06-10 15:31 - 2011-05-13 14:40 - 00000000 ___HD C:\Users\Connor Biggs\Documents\My ooVoo
2012-06-10 15:31 - 2011-05-13 14:37 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Roaming\ooVoo Details
2012-06-10 15:31 - 2011-03-09 15:09 - 00000000 ___HD C:\Users\Connor Biggs\Documents\WoW Mats
2012-06-10 15:31 - 2011-01-24 15:16 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
2012-06-10 15:31 - 2011-01-22 19:16 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Ventrilo
2012-06-10 15:31 - 2011-01-01 23:25 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Roaming\Google
2012-06-10 15:31 - 2011-01-01 23:20 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Roaming\skypePM
2012-06-10 15:31 - 2011-01-01 23:19 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Skype
2012-06-10 15:31 - 2011-01-01 18:13 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Macromedia
2012-06-10 15:31 - 2011-01-01 18:13 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Adobe
2012-06-10 15:31 - 2010-12-24 23:21 - 00000000 ____D C:\users\Connor Biggs
2012-06-10 15:30 - 2011-11-22 03:24 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Yahoo!
2012-06-10 15:30 - 2011-06-26 13:06 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\{3AB3E55B-A6C4-44B7-8BE7-C1D03C9D69DD}
2012-06-10 15:30 - 2011-04-26 19:53 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Local\Windows Live
2012-06-10 15:30 - 2010-12-24 23:36 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Local\VirtualStore
2012-06-10 15:30 - 2010-12-24 23:21 - 00000000 ____D C:\Users\Connor Biggs\AppData\LocalLow
2012-06-10 15:29 - 2011-10-13 20:28 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Pando_Temp
2012-06-10 15:29 - 2011-08-23 09:50 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Mozilla
2012-06-10 15:29 - 2011-05-29 21:35 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Local\Microsoft Games
2012-06-10 15:24 - 2011-12-29 11:00 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\ElevatedDiagnostics
2012-06-10 15:24 - 2011-10-23 03:43 - 00000000 __SHD C:\Users\Connor Biggs\AppData\Local\2e26c49f
2012-06-10 15:24 - 2011-10-20 23:58 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\LogMeIn Hamachi
2012-06-10 15:24 - 2011-10-13 20:29 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Electronic_Arts_Inc
2012-06-10 15:24 - 2011-09-24 12:46 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Apple Computer
2012-06-10 15:24 - 2011-09-24 12:44 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Apple
2012-06-10 15:24 - 2011-09-11 17:32 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Facebook
2012-06-10 15:24 - 2011-08-18 13:57 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Apps\2.0
2012-06-10 15:24 - 2011-01-24 14:56 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Adobe
2012-06-10 15:24 - 2011-01-01 23:19 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Google
2012-06-10 15:24 - 2011-01-01 18:09 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Local\Broadcom
2012-06-10 15:24 - 2009-07-24 09:28 - 00000000 ____D C:\SWTOOLS
2012-06-10 15:20 - 2011-12-29 13:02 - 00000000 ____D C:\Users\All Users\PC-Doctor for Windows
2012-06-10 15:20 - 2011-12-05 18:37 - 00000000 ____D C:\Users\All Users\PC Optimizer Pro
2012-06-10 15:20 - 2011-12-05 18:32 - 00000000 ____D C:\Users\All Users\Tarma Installer
2012-06-10 15:20 - 2011-11-22 03:23 - 00000000 ____D C:\Users\All Users\Yahoo!
2012-06-10 15:20 - 2011-11-01 17:10 - 00000000 ____D C:\Users\All Users\Nexon
2012-06-10 15:20 - 2011-11-01 16:58 - 00000000 ____D C:\Users\All Users\NexonUS
2012-06-10 15:20 - 2011-10-24 14:21 - 00000000 ____D C:\Users\All Users\Sun
2012-06-10 15:20 - 2011-09-24 12:45 - 00000000 ____D C:\Users\All Users\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-06-10 15:20 - 2011-09-17 19:45 - 00000000 ____D C:\Users\All Users\VooMuuSA
2012-06-10 15:20 - 2011-09-11 19:15 - 00000000 ____D C:\Users\All Users\lx_Cats
2012-06-10 15:20 - 2011-08-21 13:19 - 00000000 ____D C:\Users\All Users\Symantec
2012-06-10 15:20 - 2011-08-21 13:19 - 00000000 ____D C:\Users\All Users\NortonInstaller
2012-06-10 15:20 - 2011-08-21 13:19 - 00000000 ____D C:\Users\All Users\Norton
2012-06-10 15:20 - 2011-08-21 11:04 - 00000000 ___DC C:\Users\All Users\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2012-06-10 15:20 - 2011-08-02 12:30 - 00000000 ____D C:\Users\All Users\Blizzard Entertainment
2012-06-10 15:20 - 2011-05-27 19:07 - 00000000 ___HD C:\Users\All Users\gN06511JoOfJ06511
2012-06-10 15:20 - 2011-04-03 18:15 - 00000000 ___HD C:\Users\All Users\jNg06509oCaNg06509
2012-06-10 15:20 - 2011-01-08 15:32 - 00000000 ___HD C:\Users\All Users\McAfee
2012-06-10 15:20 - 2011-01-08 15:32 - 00000000 ____D C:\Users\All Users\McAfee Security Scan
2012-06-10 15:20 - 2011-01-01 23:19 - 00000000 ____D C:\Users\All Users\Skype
2012-06-10 15:20 - 2011-01-01 23:19 - 00000000 ____D C:\Users\All Users\Google
2012-06-10 15:20 - 2011-01-01 18:38 - 00000000 ____D C:\Users\All Users\Hewlett-Packard
2012-06-10 15:20 - 2011-01-01 18:21 - 00000000 ___HD C:\Users\All Users\HP
2012-06-10 15:20 - 2010-12-25 23:00 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-06-10 15:20 - 2010-11-30 11:22 - 00000000 ___HD C:\Users\All Users\PCDr
2012-06-10 15:20 - 2010-11-30 11:14 - 00000000 ___HD C:\Users\All Users\InterVideo
2012-06-10 15:20 - 2010-11-30 11:13 - 00000000 ____D C:\Users\All Users\Lenovo
2012-06-10 15:20 - 2010-11-30 11:12 - 00000000 ____D C:\Users\All Users\Ulead Systems
2012-06-10 15:19 - 2011-11-22 03:22 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2012-06-10 15:19 - 2011-10-24 14:20 - 00000000 ____D C:\Users\All Users\Ask
2012-06-10 15:19 - 2011-09-24 12:44 - 00000000 ____D C:\Users\All Users\Apple Computer
2012-06-10 15:19 - 2011-09-24 12:44 - 00000000 ____D C:\Users\All Users\Apple
2012-06-10 15:19 - 2011-09-17 19:46 - 00000000 ____D C:\Program Files (x86)\WhiteSmokeTranslator
2012-06-10 15:19 - 2011-09-17 19:46 - 00000000 ____D C:\Program Files (x86)\WhiteSmoke_Bar
2012-06-10 15:19 - 2011-09-17 19:45 - 00000000 ____D C:\Program Files (x86)\VooMuu
2012-06-10 15:19 - 2011-08-21 11:04 - 00000000 ____D C:\Program Files (x86)\Uniblue
2012-06-10 15:19 - 2011-08-21 11:04 - 00000000 ____D C:\Program Files (x86)\Superfish
2012-06-10 15:19 - 2011-06-27 10:22 - 00000000 ____D C:\Program Files (x86)\Utherverse Digital Inc
2012-06-10 15:19 - 2011-01-22 19:15 - 00000000 ____D C:\Program Files (x86)\Ventrilo
2012-06-10 15:19 - 2010-11-30 11:27 - 00000000 ____D C:\Program Files (x86)\Windows Live
2012-06-10 15:19 - 2010-11-30 11:18 - 00000000 ___HD C:\Users\All Users\Adobe
2012-06-10 15:19 - 2010-11-30 11:00 - 00000000 ____D C:\Program Files (x86)\ThinkPad
2012-06-10 15:19 - 2010-11-30 10:57 - 00000000 ____D C:\Program Files (x86)\ThinkPad Wireless LAN Adapter Software
2012-06-10 15:19 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2012-06-10 15:19 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2012-06-10 15:19 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2012-06-10 15:19 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2012-06-10 15:19 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2012-06-10 15:16 - 2011-10-22 23:55 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2012-06-10 15:05 - 2011-08-21 11:04 - 00000000 ____D C:\Program Files (x86)\SocialRibbons LP2
2012-06-10 15:05 - 2011-01-01 23:20 - 00000000 ____D C:\Program Files (x86)\Search Toolbar
2012-06-10 15:05 - 2011-01-01 23:19 - 00000000 ___RD C:\Program Files (x86)\Skype
2012-06-10 15:01 - 2011-12-29 10:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-06-10 15:01 - 2011-12-05 19:21 - 00000000 ____D C:\Program Files (x86)\QuickTime
2012-06-10 15:01 - 2011-08-23 09:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-06-10 15:01 - 2011-08-21 13:19 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2012-06-10 15:01 - 2011-08-21 13:19 - 00000000 ____D C:\Program Files (x86)\Norton Security Scan
2012-06-10 15:01 - 2011-08-21 11:04 - 00000000 ____D C:\Program Files (x86)\PriceGong
2012-06-10 15:01 - 2011-06-06 19:37 - 00000000 ____D C:\Program Files (x86)\Riot Games
2012-06-10 15:01 - 2011-06-06 19:15 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2012-06-10 15:01 - 2011-05-14 13:57 - 00000000 ____D C:\Program Files (x86)\MyWebSearch
2012-06-10 15:01 - 2011-02-06 12:26 - 00000000 ____D C:\Program Files (x86)\ProfileSong
2012-06-10 15:01 - 2010-11-30 11:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2012-06-10 15:01 - 2010-11-30 11:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-06-10 15:01 - 2010-11-30 11:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-06-10 15:01 - 2010-11-30 10:57 - 00000000 ____D C:\Program Files (x86)\Realtek
2012-06-10 15:01 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2012-06-10 15:01 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2012-06-10 15:00 - 2011-01-08 15:32 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2012-06-10 15:00 - 2010-12-25 23:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2012-06-10 14:59 - 2011-01-19 14:26 - 00000000 ____D C:\Program Files (x86)\McAfee
2012-06-10 14:59 - 2010-11-30 11:00 - 00000000 ____D C:\Program Files (x86)\Lenovo
2012-06-10 14:58 - 2011-12-29 10:26 - 00000000 ____D C:\Program Files (x86)\Integrated Camera Driver
2012-06-10 14:58 - 2011-09-24 12:45 - 00000000 ____D C:\Program Files (x86)\iTunes
2012-06-10 14:58 - 2011-01-01 23:19 - 00000000 ____D C:\Program Files (x86)\Google
2012-06-10 14:58 - 2010-11-30 11:17 - 00000000 ____D C:\Program Files (x86)\Java
2012-06-10 14:58 - 2010-11-30 11:09 - 00000000 ____D C:\Program Files (x86)\InterVideo
2012-06-10 14:58 - 2010-11-30 10:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-06-10 14:57 - 2011-12-05 18:32 - 00000000 ____D C:\Program Files (x86)\Free Offers from Freeze.com
2012-06-10 14:57 - 2011-10-13 20:26 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2012-06-10 14:57 - 2011-05-14 13:57 - 00000000 ____D C:\Program Files (x86)\FunWebProducts
2012-06-10 14:56 - 2011-02-06 12:26 - 00000000 ____D C:\Program Files (x86)\ConduitEngine
2012-06-10 14:56 - 2011-02-06 12:26 - 00000000 ____D C:\Program Files (x86)\Conduit
2012-06-10 14:56 - 2010-11-30 11:12 - 00000000 ____D C:\Program Files (x86)\Corel
2012-06-10 14:55 - 2011-12-29 10:05 - 00000000 ____D C:\Program Files (x86)\Cisco
2012-06-10 14:55 - 2011-12-05 19:17 - 00000000 ____D C:\Program Files (x86)\Bonjour
2012-06-10 14:55 - 2011-11-01 17:03 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2012-06-10 14:55 - 2011-09-24 12:44 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2012-06-10 14:55 - 2011-09-17 19:46 - 00000000 ____D C:\Program Files (x86)\Blinkx
2012-06-10 14:55 - 2010-11-30 10:59 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2012-06-10 14:54 - 2011-12-05 18:32 - 00000000 ____D C:\Program Files (x86)\7-Zip
2012-06-10 14:54 - 2011-10-31 17:54 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2012-06-10 14:54 - 2011-10-22 21:52 - 00000000 ____D C:\Program Files (x86)\alaplaya
2012-06-10 14:54 - 2011-09-15 16:47 - 00000000 ____D C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint
2012-06-10 14:54 - 2011-04-03 18:31 - 00000000 ____D C:\Program Files\WiseFixer
2012-06-10 14:54 - 2010-11-30 11:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2012-06-10 14:54 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2012-06-10 14:54 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2012-06-10 14:54 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2012-06-10 14:53 - 2011-12-29 10:48 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-06-10 14:53 - 2011-12-05 19:20 - 00000000 ____D C:\Program Files\iTunes
2012-06-10 14:53 - 2011-12-05 19:20 - 00000000 ____D C:\Program Files\iPod
2012-06-10 14:53 - 2011-12-05 18:32 - 00000000 ____D C:\Program Files\PC Optimizer Pro
2012-06-10 14:53 - 2011-09-15 16:46 - 00000000 ____D C:\Program Files\Lexmark Toolbar
2012-06-10 14:53 - 2011-09-11 19:15 - 00000000 ____D C:\Program Files\Lexmark S600 Series
2012-06-10 14:53 - 2011-09-11 19:14 - 00000000 ____D C:\Program Files\Lexmark
2012-06-10 14:53 - 2011-01-01 23:20 - 00000000 ____D C:\Program Files\Google
2012-06-10 14:53 - 2011-01-01 18:36 - 00000000 ____D C:\Program Files\Hewlett-Packard
2012-06-10 14:53 - 2010-12-25 23:01 - 00000000 ____D C:\Program Files\Microsoft Office
2012-06-10 14:53 - 2010-11-30 11:34 - 00000000 ____D C:\Program Files\Synaptics
2012-06-10 14:53 - 2010-11-30 11:27 - 00000000 ____D C:\Program Files\Windows Live
2012-06-10 14:53 - 2010-11-30 11:22 - 00000000 ____D C:\Program Files\PC-Doctor
2012-06-10 14:53 - 2010-11-30 11:16 - 00000000 ____D C:\Program Files\Java
2012-06-10 14:53 - 2010-11-30 11:08 - 00000000 ____D C:\Program Files\ThinkVantage
2012-06-10 14:53 - 2010-11-30 10:56 - 00000000 ____D C:\Program Files\ThinkPad
2012-06-10 14:53 - 2010-11-30 10:55 - 00000000 ____D C:\Program Files\Lenovo
2012-06-10 14:53 - 2010-11-30 10:54 - 00000000 ____D C:\Program Files\Realtek
2012-06-10 14:53 - 2010-11-30 10:54 - 00000000 ____D C:\Program Files\DIFX
2012-06-10 14:53 - 2009-07-13 23:45 - 00000000 ____D C:\Program Files\Windows Journal
2012-06-10 14:53 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Defender
2012-06-10 14:53 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Reference Assemblies
2012-06-10 14:53 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\MSBuild
2012-06-10 14:53 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Microsoft Games
2012-06-10 14:53 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\DVD Maker
2012-06-10 14:53 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Windows NT
2012-06-10 14:53 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\System
2012-06-10 14:52 - 2011-12-29 10:06 - 00000000 ____D C:\Program Files\Common Files\Lenovo
2012-06-10 14:52 - 2011-09-24 12:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2012-06-10 14:52 - 2011-09-24 12:44 - 00000000 ____D C:\Program Files\Bonjour
2012-06-10 14:52 - 2010-12-25 23:00 - 00000000 __RHD C:\MSOCache
2012-06-10 14:52 - 2010-11-30 11:30 - 00000000 ___HD C:\mfg
2012-06-10 14:52 - 2010-11-30 10:59 - 00000000 ____D C:\Program Files\ATI
2012-06-10 14:52 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2012-06-10 14:52 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Services
2012-06-10 14:52 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2012-06-10 14:52 - 2009-07-13 19:20 - 00000000 ____D C:\PerfLogs
ZeroAccess:
C:\Users\Connor Biggs\AppData\Local\2e26c49f
========================= Known DLLs (Whitelisted) ============
========================= Bamital & volsnap Check ============
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
========================= Memory info ======================
Percentage of memory in use: 15%
Total physical RAM: 3838.15 MB
Available physical RAM: 3260.98 MB
Total Pagefile: 3836.3 MB
Available Pagefile: 3255.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
======================= Partitions =========================
1 Drive c: (Windows7_OS) (Fixed) (Total:464.59 GB) (Free:316.86 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive g: () (Removable) (Total:3.82 GB) (Free:3.74 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (SYSTEM_DRV) (Fixed) (Total:1.17 GB) (Free:0.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 No Media 0 B 0 B
Disk 2 Online 3864 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1200 MB 1024 KB
Partition 2 Primary 464 GB 1201 MB
======================================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM_DRV NTFS Partition 1200 MB Healthy
======================================================================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C Windows7_OS NTFS Partition 464 GB Healthy
======================================================================================================
Partitions of Disk 2:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3919 MB 31 KB
======================================================================================================
Disk: 2
Partition 1
Type : 0B
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G FAT32 Removable 3919 MB Healthy
======================================================================================================
==========================================================
Last Boot: 2011-12-23 11:14
======================= End Of Log ==========================
Ran by SYSTEM at 10-06-2012 22:44:59
Running from G:\
Windows 7 Professional (X64) OS Language: English(US)
The current controlset is ControlSet001
========================== Registry (Whitelisted) =============
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11049576 2010-07-14] (Realtek Semiconductor)
HKLM\...\Run: [TpShocks] TpShocks.exe [x]
HKLM\...\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [62312 2010-07-27] (Lenovo Group Limited)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2832168 2011-09-30] (Synaptics Incorporated)
HKLM\...\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [33344 2011-10-20] (Lenovo)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1436736 2011-06-15] (Microsoft Corporation)
HKLM-x32\...\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor [1631296 2011-10-04] (Lenovo Group Limited)
HKLM-x32\...\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~2\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h [34336 2011-05-14] (MyWebSearch.com)
HKLM-x32\...\Run: [MyWebSearch Email Plugin] C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe [38408 2011-05-14] (MyWebSearch.com)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2011-09-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2011-11-12] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [Launch Backup Service Once] C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrstrigger.exe -start [70456 2010-08-20] ()
HKU\Connor Biggs\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-01-01] (Google Inc.)
HKU\Connor Biggs\...\Run: [MyWebSearch Email Plugin] C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe [38408 2011-05-14] (MyWebSearch.com)
HKU\Connor Biggs\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4283256 2011-05-13] (Microsoft Corporation)
HKU\Connor Biggs\...\Run: [Facebook Update] "C:\Users\Connor Biggs\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [137536 2011-09-11] (Facebook Inc.)
HKU\Connor Biggs\...\Run: [Skype] "C:\Users\Connor Biggs\Desktop\Skype.exe" /nosplash /minimized [15026056 2011-01-26] (Skype Technologies S.A.)
HKU\Connor Biggs\...\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet [6276408 2011-08-22] (Yahoo! Inc.)
HKU\Connor Biggs\...\Policies\system: [LogonHoursAction] 2
HKU\Connor Biggs\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\John Connor Biggs\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-01-01] (Google Inc.)
HKU\John Connor Biggs\...\Policies\system: [LogonHoursAction] 2
HKU\John Connor Biggs\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Lsa: [Notification Packages] scecli
ACGina
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
==================== Services (Whitelisted) ======
2 AcPrfMgrSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe [134208 2011-10-20] (Lenovo)
2 AcSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe [269376 2011-10-20] (Lenovo)
2 btwdins; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [873248 2010-02-17] (Broadcom Corporation.)
2 IBMPMSVC; C:\Windows\System32\ibmpmsvc.exe [45928 2011-08-11] (Lenovo.)
2 IviRegMgr; "C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe" [112152 2007-01-04] (InterVideo)
2 LENOVO.CAMMUTE; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [50536 2010-07-27] (Lenovo Group Limited)
2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [101736 2011-07-12] (Lenovo Group Limited)
2 LENOVO.TPKNRSVC; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [74088 2010-07-27] (Lenovo Group Limited)
2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
2 lxedCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxedserv.exe [45736 2010-04-14] (Lexmark International, Inc.)
2 lxed_device; C:\Windows\system32\lxedcoms.exe -service [1052328 2010-04-14] ( )
2 McAfee SiteAdvisor Service; C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [102608 2011-08-10] (McAfee, Inc.)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [12784 2011-04-27] (Microsoft Corporation)
2 MyWebSearchService; C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe [34320 2011-05-14] (MyWebSearch.com)
3 NisSrv; "C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe" [288272 2011-04-27] (Microsoft Corporation)
3 Power Manager DBC Service; "C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE" [89152 2011-10-04] (Lenovo)
3 PwmEWSvc; C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [175168 2011-10-04] (Lenovo Group Limited)
2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [199272 2010-07-14] (Realtek Semiconductor)
2 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [28672 2011-07-25] (Lenovo Group Limited)
2 ThinkVantage Registry Monitor Service; "C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe" [1028096 2010-08-20] (Lenovo Group Limited)
3 TPHDEXLGSVC; C:\Windows\System32\TPHDEXLG64.exe [47728 2011-03-29] (Lenovo.)
2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [145256 2011-07-12] (Lenovo Group Limited)
2 TPHKSVC; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [142696 2011-07-12] (Lenovo Group Limited)
3 TVT Backup Service; "C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe" [1490944 2010-09-06] (Lenovo Group Limited)
========================== Drivers (Whitelisted) =============
3 5U877; C:\Windows\System32\Drivers\5U877.sys [161664 2010-03-17] (Ricoh co.,Ltd.)
3 hamachi; C:\Windows\System32\Drivers\hamachi.sys [33856 2009-03-18] (LogMeIn, Inc.)
3 IBMPMDRV; C:\Windows\System32\Drivers\IBMPMDRV.sys [39024 2011-08-11] (Lenovo.)
1 lenovo.smi; C:\Windows\System32\DRIVERS\smiifx64.sys [15472 2010-09-07] (Lenovo Group Limited)
3 psadd; C:\Windows\System32\Drivers\psadd.sys [40512 2009-07-01] (Lenovo (United States) Inc.)
3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [242720 2010-03-12] (Realtek Semiconductor Corp.)
0 Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [139888 2011-03-29] (Lenovo.)
0 TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [23664 2011-03-29] (Lenovo.)
3 TPM; C:\Windows\System32\Drivers\TPM.sys [38400 2009-07-13] (Microsoft Corporation)
1 TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [14960 2011-10-04] (Lenovo Group Limited)
3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
3 PCDSRVC{127174DC-C366ED8B-06020200}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [x]
========================== NetSvcs (Whitelisted) ===========
============ One Month Created Files and Folders ==============
2012-06-10 22:44 - 2012-06-10 22:45 - 00000000 ____D C:\FRST
2012-06-10 19:02 - 2012-06-10 19:02 - 00001732 ____A C:\tvtpktfilter.dat
2012-06-10 16:02 - 2012-06-10 16:02 - 00000087 ____A C:\tvttemp.txt
============ 3 Months Modified Files and Folders =============
2012-06-10 22:45 - 2012-06-10 22:44 - 00000000 ____D C:\FRST
2012-06-10 19:02 - 2012-06-10 19:02 - 00001732 ____A C:\tvtpktfilter.dat
2012-06-10 19:02 - 2010-11-30 11:05 - 00000000 ___HD C:\swshare
2012-06-10 16:02 - 2012-06-10 16:02 - 00000087 ____A C:\tvttemp.txt
2012-06-10 15:46 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\winrm
2012-06-10 15:46 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\WCN
2012-06-10 15:46 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\SysWOW64\WindowsPowerShell
2012-06-10 15:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Web
2012-06-10 15:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Vss
2012-06-10 15:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\TAPI
2012-06-10 15:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-TW
2012-06-10 15:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2012-06-10 15:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-CN
2012-06-10 15:45 - 2010-11-30 11:14 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2012-06-10 15:45 - 2010-11-30 10:54 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2012-06-10 15:45 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2012-06-10 15:45 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2012-06-10 15:45 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\uk-UA
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\th-TH
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\sv-SE
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\sr-Latn-CS
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\sppui
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\spp
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Speech
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\sl-SI
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\sk-SK
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ru-RU
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ro-RO
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Recovery
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ras
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\pt-PT
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\pt-BR
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\pl-PL
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\nl-NL
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\NetworkList
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\nb-NO
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Msdtc
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\manifeststore
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\lv-LV
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\lt-LT
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ko-KR
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ja-JP
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\it-IT
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\InstallShield
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\IME
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\icsxml
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\hu-HU
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\hr-HR
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\fr-FR
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\fi-FI
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\et-EE
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\es-ES
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\el-GR
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\de-DE
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\da-DK
2012-06-10 15:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\cs-CZ
2012-06-10 15:44 - 2011-10-31 17:54 - 00000000 ____D C:\Windows\SysWOW64\AGEIA
2012-06-10 15:44 - 2011-10-24 21:56 - 00000000 ____D C:\Windows\System32\SPReview
2012-06-10 15:44 - 2011-08-21 11:00 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2012-06-10 15:44 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\winrm
2012-06-10 15:44 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\WCN
2012-06-10 15:44 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\slmgr
2012-06-10 15:44 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\Printing_Admin_Scripts
2012-06-10 15:44 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\WindowsPowerShell
2012-06-10 15:44 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\WinBioPlugIns
2012-06-10 15:44 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\restore
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\com
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\bg-BG
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\ar-SA
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-TW
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-HK
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-CN
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\winevt
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\uk-UA
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\tr-TR
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\th-TH
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sysprep
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sv-SE
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sr-Latn-CS
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sppui
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\spp
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\spool
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Speech
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\SMI
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sl-SI
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sk-SK
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Setup
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ru-RU
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ro-RO
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Recovery
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ras
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\pt-PT
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\pt-BR
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\pl-PL
2012-06-10 15:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\oobe
2012-06-10 15:43 - 2011-11-10 00:01 - 00000000 ____D C:\Windows\System32\Macromed
2012-06-10 15:43 - 2011-10-24 14:58 - 00000000 ____D C:\Windows\System32\EventProviders
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ___HD C:\Windows\System32\GroupPolicyUsers
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ___HD C:\Windows\System32\GroupPolicy
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\nl-NL
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NetworkList
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\nb-NO
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\MUI
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Msdtc
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\migwiz
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\manifeststore
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\lv-LV
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\lt-LT
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ko-KR
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ja-JP
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\it-IT
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\IME
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\icsxml
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ias
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\hu-HU
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\hr-HR
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\he-IL
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\fr-FR
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\fi-FI
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\et-EE
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\es-ES
2012-06-10 15:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\el-GR
2012-06-10 15:41 - 2011-12-06 20:43 - 00000000 ____D C:\Windows\System32\appmgmt
2012-06-10 15:41 - 2011-08-21 13:19 - 00000000 ____D C:\Windows\System32\Drivers\NSSx64
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Dism
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\de-DE
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\da-DK
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\cs-CZ
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\config\TxR
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\com
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\bg-BG
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ar-SA
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\AdvancedInstallers
2012-06-10 15:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Speech
2012-06-10 15:40 - 2010-11-30 11:27 - 00000000 ____D C:\Windows\PCHEALTH
2012-06-10 15:40 - 2009-07-24 09:29 - 00000000 ____D C:\Windows\Panther
2012-06-10 15:40 - 2009-07-13 23:45 - 00000000 ____D C:\Windows\ShellNew
2012-06-10 15:40 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\Performance
2012-06-10 15:40 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\Offline Web Pages
2012-06-10 15:40 - 2009-07-13 20:45 - 00000000 ____D C:\Windows\Setup
2012-06-10 15:40 - 2009-07-13 20:45 - 00000000 ____D C:\Windows\ServiceProfiles
2012-06-10 15:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\servicing
2012-06-10 15:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\security
2012-06-10 15:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\schemas
2012-06-10 15:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Resources
2012-06-10 15:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2012-06-10 15:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2012-06-10 15:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2012-06-10 15:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PLA
2012-06-10 15:39 - 2009-07-13 19:20 - 00000000 __RSD C:\Windows\Media
2012-06-10 15:39 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\L2Schemas
2012-06-10 15:34 - 2011-09-22 16:19 - 00000000 ____D C:\Windows\en
2012-06-10 15:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\IME
2012-06-10 15:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Help
2012-06-10 15:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Globalization
2012-06-10 15:33 - 2010-11-30 11:32 - 00000000 ____D C:\Windows\delnis
2012-06-10 15:33 - 2010-11-30 11:29 - 00000000 ____D C:\Windows\Downloaded Installations
2012-06-10 15:33 - 2010-11-30 10:49 - 00000000 ____D C:\Windows\CSC
2012-06-10 15:33 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\DigitalLocker
2012-06-10 15:33 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2012-06-10 15:33 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Cursors
2012-06-10 15:33 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Branding
2012-06-10 15:32 - 2011-12-29 10:28 - 00000000 ____D C:\Users\Public\Lenovo
2012-06-10 15:32 - 2011-12-24 19:22 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Roaming\Google
2012-06-10 15:32 - 2011-12-24 19:22 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Local\Google
2012-06-10 15:32 - 2011-12-23 22:15 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Roaming\Ventrilo
2012-06-10 15:32 - 2011-12-23 15:11 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Local\Apple Computer
2012-06-10 15:32 - 2011-12-19 14:47 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Local\Broadcom
2012-06-10 15:32 - 2011-12-06 20:03 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Roaming\Adobe
2012-06-10 15:32 - 2011-12-06 18:46 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Roaming\Apple Computer
2012-06-10 15:32 - 2011-12-06 18:45 - 00000000 ____D C:\Users\John Connor Biggs\AppData\Roaming\Macromedia
2012-06-10 15:32 - 2011-12-06 18:45 - 00000000 ____D C:\Users\John Connor Biggs\AppData\LocalLow
2012-06-10 15:32 - 2011-12-06 18:45 - 00000000 ____D C:\users\John Connor Biggs
2012-06-10 15:32 - 2011-01-24 15:16 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2012-06-10 15:32 - 2011-01-24 15:16 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2012-06-10 15:32 - 2009-07-13 23:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2012-06-10 15:32 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\addins
2012-06-10 15:32 - 2009-07-13 19:20 - 00000000 __RHD C:\Users\Public\Libraries
2012-06-10 15:32 - 2009-07-13 19:20 - 00000000 __RHD C:\users\Default
2012-06-10 15:32 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
2012-06-10 15:31 - 2011-12-29 13:00 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\PCDr
2012-06-10 15:31 - 2011-12-29 10:50 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\PwrMgr
2012-06-10 15:31 - 2011-12-29 10:25 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\InstallShield
2012-06-10 15:31 - 2011-12-08 17:33 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Yahoo!
2012-06-10 15:31 - 2011-10-31 17:55 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\InstallShield Installation Information
2012-06-10 15:31 - 2011-10-24 15:28 - 00000000 ____D C:\Users\Connor Biggs\Documents\InterVideo
2012-06-10 15:31 - 2011-10-16 19:07 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\.minecraft
2012-06-10 15:31 - 2011-10-11 22:47 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Update
2012-06-10 15:31 - 2011-09-24 12:46 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Apple Computer
2012-06-10 15:31 - 2011-09-13 10:06 - 00000000 ____D C:\Users\Connor Biggs\Documents\School
2012-06-10 15:31 - 2011-09-11 19:16 - 00000000 ___RD C:\Users\Connor Biggs\Documents\Scanned Documents
2012-06-10 15:31 - 2011-09-11 19:16 - 00000000 ____D C:\Users\Connor Biggs\Documents\Fax
2012-06-10 15:31 - 2011-08-23 09:50 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Mozilla
2012-06-10 15:31 - 2011-08-21 11:04 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Uniblue
2012-06-10 15:31 - 2011-06-30 07:12 - 00000000 ____D C:\Users\Connor Biggs\Documents\My Received Files
2012-06-10 15:31 - 2011-06-29 21:04 - 00000000 ____D C:\Users\Connor Biggs\Tracing
2012-06-10 15:31 - 2011-06-06 19:51 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\LolClient
2012-06-10 15:31 - 2011-05-13 14:40 - 00000000 ___HD C:\Users\Connor Biggs\Documents\My ooVoo
2012-06-10 15:31 - 2011-05-13 14:37 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Roaming\ooVoo Details
2012-06-10 15:31 - 2011-03-09 15:09 - 00000000 ___HD C:\Users\Connor Biggs\Documents\WoW Mats
2012-06-10 15:31 - 2011-01-24 15:16 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
2012-06-10 15:31 - 2011-01-22 19:16 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Ventrilo
2012-06-10 15:31 - 2011-01-01 23:25 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Roaming\Google
2012-06-10 15:31 - 2011-01-01 23:20 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Roaming\skypePM
2012-06-10 15:31 - 2011-01-01 23:19 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Skype
2012-06-10 15:31 - 2011-01-01 18:13 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Macromedia
2012-06-10 15:31 - 2011-01-01 18:13 - 00000000 ____D C:\Users\Connor Biggs\AppData\Roaming\Adobe
2012-06-10 15:31 - 2010-12-24 23:21 - 00000000 ____D C:\users\Connor Biggs
2012-06-10 15:30 - 2011-11-22 03:24 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Yahoo!
2012-06-10 15:30 - 2011-06-26 13:06 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\{3AB3E55B-A6C4-44B7-8BE7-C1D03C9D69DD}
2012-06-10 15:30 - 2011-04-26 19:53 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Local\Windows Live
2012-06-10 15:30 - 2010-12-24 23:36 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Local\VirtualStore
2012-06-10 15:30 - 2010-12-24 23:21 - 00000000 ____D C:\Users\Connor Biggs\AppData\LocalLow
2012-06-10 15:29 - 2011-10-13 20:28 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Pando_Temp
2012-06-10 15:29 - 2011-08-23 09:50 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Mozilla
2012-06-10 15:29 - 2011-05-29 21:35 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Local\Microsoft Games
2012-06-10 15:24 - 2011-12-29 11:00 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\ElevatedDiagnostics
2012-06-10 15:24 - 2011-10-23 03:43 - 00000000 __SHD C:\Users\Connor Biggs\AppData\Local\2e26c49f
2012-06-10 15:24 - 2011-10-20 23:58 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\LogMeIn Hamachi
2012-06-10 15:24 - 2011-10-13 20:29 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Electronic_Arts_Inc
2012-06-10 15:24 - 2011-09-24 12:46 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Apple Computer
2012-06-10 15:24 - 2011-09-24 12:44 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Apple
2012-06-10 15:24 - 2011-09-11 17:32 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Facebook
2012-06-10 15:24 - 2011-08-18 13:57 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Apps\2.0
2012-06-10 15:24 - 2011-01-24 14:56 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Adobe
2012-06-10 15:24 - 2011-01-01 23:19 - 00000000 ____D C:\Users\Connor Biggs\AppData\Local\Google
2012-06-10 15:24 - 2011-01-01 18:09 - 00000000 ___HD C:\Users\Connor Biggs\AppData\Local\Broadcom
2012-06-10 15:24 - 2009-07-24 09:28 - 00000000 ____D C:\SWTOOLS
2012-06-10 15:20 - 2011-12-29 13:02 - 00000000 ____D C:\Users\All Users\PC-Doctor for Windows
2012-06-10 15:20 - 2011-12-05 18:37 - 00000000 ____D C:\Users\All Users\PC Optimizer Pro
2012-06-10 15:20 - 2011-12-05 18:32 - 00000000 ____D C:\Users\All Users\Tarma Installer
2012-06-10 15:20 - 2011-11-22 03:23 - 00000000 ____D C:\Users\All Users\Yahoo!
2012-06-10 15:20 - 2011-11-01 17:10 - 00000000 ____D C:\Users\All Users\Nexon
2012-06-10 15:20 - 2011-11-01 16:58 - 00000000 ____D C:\Users\All Users\NexonUS
2012-06-10 15:20 - 2011-10-24 14:21 - 00000000 ____D C:\Users\All Users\Sun
2012-06-10 15:20 - 2011-09-24 12:45 - 00000000 ____D C:\Users\All Users\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-06-10 15:20 - 2011-09-17 19:45 - 00000000 ____D C:\Users\All Users\VooMuuSA
2012-06-10 15:20 - 2011-09-11 19:15 - 00000000 ____D C:\Users\All Users\lx_Cats
2012-06-10 15:20 - 2011-08-21 13:19 - 00000000 ____D C:\Users\All Users\Symantec
2012-06-10 15:20 - 2011-08-21 13:19 - 00000000 ____D C:\Users\All Users\NortonInstaller
2012-06-10 15:20 - 2011-08-21 13:19 - 00000000 ____D C:\Users\All Users\Norton
2012-06-10 15:20 - 2011-08-21 11:04 - 00000000 ___DC C:\Users\All Users\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2012-06-10 15:20 - 2011-08-02 12:30 - 00000000 ____D C:\Users\All Users\Blizzard Entertainment
2012-06-10 15:20 - 2011-05-27 19:07 - 00000000 ___HD C:\Users\All Users\gN06511JoOfJ06511
2012-06-10 15:20 - 2011-04-03 18:15 - 00000000 ___HD C:\Users\All Users\jNg06509oCaNg06509
2012-06-10 15:20 - 2011-01-08 15:32 - 00000000 ___HD C:\Users\All Users\McAfee
2012-06-10 15:20 - 2011-01-08 15:32 - 00000000 ____D C:\Users\All Users\McAfee Security Scan
2012-06-10 15:20 - 2011-01-01 23:19 - 00000000 ____D C:\Users\All Users\Skype
2012-06-10 15:20 - 2011-01-01 23:19 - 00000000 ____D C:\Users\All Users\Google
2012-06-10 15:20 - 2011-01-01 18:38 - 00000000 ____D C:\Users\All Users\Hewlett-Packard
2012-06-10 15:20 - 2011-01-01 18:21 - 00000000 ___HD C:\Users\All Users\HP
2012-06-10 15:20 - 2010-12-25 23:00 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-06-10 15:20 - 2010-11-30 11:22 - 00000000 ___HD C:\Users\All Users\PCDr
2012-06-10 15:20 - 2010-11-30 11:14 - 00000000 ___HD C:\Users\All Users\InterVideo
2012-06-10 15:20 - 2010-11-30 11:13 - 00000000 ____D C:\Users\All Users\Lenovo
2012-06-10 15:20 - 2010-11-30 11:12 - 00000000 ____D C:\Users\All Users\Ulead Systems
2012-06-10 15:19 - 2011-11-22 03:22 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2012-06-10 15:19 - 2011-10-24 14:20 - 00000000 ____D C:\Users\All Users\Ask
2012-06-10 15:19 - 2011-09-24 12:44 - 00000000 ____D C:\Users\All Users\Apple Computer
2012-06-10 15:19 - 2011-09-24 12:44 - 00000000 ____D C:\Users\All Users\Apple
2012-06-10 15:19 - 2011-09-17 19:46 - 00000000 ____D C:\Program Files (x86)\WhiteSmokeTranslator
2012-06-10 15:19 - 2011-09-17 19:46 - 00000000 ____D C:\Program Files (x86)\WhiteSmoke_Bar
2012-06-10 15:19 - 2011-09-17 19:45 - 00000000 ____D C:\Program Files (x86)\VooMuu
2012-06-10 15:19 - 2011-08-21 11:04 - 00000000 ____D C:\Program Files (x86)\Uniblue
2012-06-10 15:19 - 2011-08-21 11:04 - 00000000 ____D C:\Program Files (x86)\Superfish
2012-06-10 15:19 - 2011-06-27 10:22 - 00000000 ____D C:\Program Files (x86)\Utherverse Digital Inc
2012-06-10 15:19 - 2011-01-22 19:15 - 00000000 ____D C:\Program Files (x86)\Ventrilo
2012-06-10 15:19 - 2010-11-30 11:27 - 00000000 ____D C:\Program Files (x86)\Windows Live
2012-06-10 15:19 - 2010-11-30 11:18 - 00000000 ___HD C:\Users\All Users\Adobe
2012-06-10 15:19 - 2010-11-30 11:00 - 00000000 ____D C:\Program Files (x86)\ThinkPad
2012-06-10 15:19 - 2010-11-30 10:57 - 00000000 ____D C:\Program Files (x86)\ThinkPad Wireless LAN Adapter Software
2012-06-10 15:19 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2012-06-10 15:19 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2012-06-10 15:19 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2012-06-10 15:19 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2012-06-10 15:19 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2012-06-10 15:16 - 2011-10-22 23:55 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2012-06-10 15:05 - 2011-08-21 11:04 - 00000000 ____D C:\Program Files (x86)\SocialRibbons LP2
2012-06-10 15:05 - 2011-01-01 23:20 - 00000000 ____D C:\Program Files (x86)\Search Toolbar
2012-06-10 15:05 - 2011-01-01 23:19 - 00000000 ___RD C:\Program Files (x86)\Skype
2012-06-10 15:01 - 2011-12-29 10:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-06-10 15:01 - 2011-12-05 19:21 - 00000000 ____D C:\Program Files (x86)\QuickTime
2012-06-10 15:01 - 2011-08-23 09:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-06-10 15:01 - 2011-08-21 13:19 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2012-06-10 15:01 - 2011-08-21 13:19 - 00000000 ____D C:\Program Files (x86)\Norton Security Scan
2012-06-10 15:01 - 2011-08-21 11:04 - 00000000 ____D C:\Program Files (x86)\PriceGong
2012-06-10 15:01 - 2011-06-06 19:37 - 00000000 ____D C:\Program Files (x86)\Riot Games
2012-06-10 15:01 - 2011-06-06 19:15 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2012-06-10 15:01 - 2011-05-14 13:57 - 00000000 ____D C:\Program Files (x86)\MyWebSearch
2012-06-10 15:01 - 2011-02-06 12:26 - 00000000 ____D C:\Program Files (x86)\ProfileSong
2012-06-10 15:01 - 2010-11-30 11:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2012-06-10 15:01 - 2010-11-30 11:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-06-10 15:01 - 2010-11-30 11:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-06-10 15:01 - 2010-11-30 10:57 - 00000000 ____D C:\Program Files (x86)\Realtek
2012-06-10 15:01 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2012-06-10 15:01 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2012-06-10 15:00 - 2011-01-08 15:32 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2012-06-10 15:00 - 2010-12-25 23:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2012-06-10 14:59 - 2011-01-19 14:26 - 00000000 ____D C:\Program Files (x86)\McAfee
2012-06-10 14:59 - 2010-11-30 11:00 - 00000000 ____D C:\Program Files (x86)\Lenovo
2012-06-10 14:58 - 2011-12-29 10:26 - 00000000 ____D C:\Program Files (x86)\Integrated Camera Driver
2012-06-10 14:58 - 2011-09-24 12:45 - 00000000 ____D C:\Program Files (x86)\iTunes
2012-06-10 14:58 - 2011-01-01 23:19 - 00000000 ____D C:\Program Files (x86)\Google
2012-06-10 14:58 - 2010-11-30 11:17 - 00000000 ____D C:\Program Files (x86)\Java
2012-06-10 14:58 - 2010-11-30 11:09 - 00000000 ____D C:\Program Files (x86)\InterVideo
2012-06-10 14:58 - 2010-11-30 10:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-06-10 14:57 - 2011-12-05 18:32 - 00000000 ____D C:\Program Files (x86)\Free Offers from Freeze.com
2012-06-10 14:57 - 2011-10-13 20:26 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2012-06-10 14:57 - 2011-05-14 13:57 - 00000000 ____D C:\Program Files (x86)\FunWebProducts
2012-06-10 14:56 - 2011-02-06 12:26 - 00000000 ____D C:\Program Files (x86)\ConduitEngine
2012-06-10 14:56 - 2011-02-06 12:26 - 00000000 ____D C:\Program Files (x86)\Conduit
2012-06-10 14:56 - 2010-11-30 11:12 - 00000000 ____D C:\Program Files (x86)\Corel
2012-06-10 14:55 - 2011-12-29 10:05 - 00000000 ____D C:\Program Files (x86)\Cisco
2012-06-10 14:55 - 2011-12-05 19:17 - 00000000 ____D C:\Program Files (x86)\Bonjour
2012-06-10 14:55 - 2011-11-01 17:03 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2012-06-10 14:55 - 2011-09-24 12:44 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2012-06-10 14:55 - 2011-09-17 19:46 - 00000000 ____D C:\Program Files (x86)\Blinkx
2012-06-10 14:55 - 2010-11-30 10:59 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2012-06-10 14:54 - 2011-12-05 18:32 - 00000000 ____D C:\Program Files (x86)\7-Zip
2012-06-10 14:54 - 2011-10-31 17:54 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2012-06-10 14:54 - 2011-10-22 21:52 - 00000000 ____D C:\Program Files (x86)\alaplaya
2012-06-10 14:54 - 2011-09-15 16:47 - 00000000 ____D C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint
2012-06-10 14:54 - 2011-04-03 18:31 - 00000000 ____D C:\Program Files\WiseFixer
2012-06-10 14:54 - 2010-11-30 11:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2012-06-10 14:54 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2012-06-10 14:54 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2012-06-10 14:54 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2012-06-10 14:53 - 2011-12-29 10:48 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-06-10 14:53 - 2011-12-05 19:20 - 00000000 ____D C:\Program Files\iTunes
2012-06-10 14:53 - 2011-12-05 19:20 - 00000000 ____D C:\Program Files\iPod
2012-06-10 14:53 - 2011-12-05 18:32 - 00000000 ____D C:\Program Files\PC Optimizer Pro
2012-06-10 14:53 - 2011-09-15 16:46 - 00000000 ____D C:\Program Files\Lexmark Toolbar
2012-06-10 14:53 - 2011-09-11 19:15 - 00000000 ____D C:\Program Files\Lexmark S600 Series
2012-06-10 14:53 - 2011-09-11 19:14 - 00000000 ____D C:\Program Files\Lexmark
2012-06-10 14:53 - 2011-01-01 23:20 - 00000000 ____D C:\Program Files\Google
2012-06-10 14:53 - 2011-01-01 18:36 - 00000000 ____D C:\Program Files\Hewlett-Packard
2012-06-10 14:53 - 2010-12-25 23:01 - 00000000 ____D C:\Program Files\Microsoft Office
2012-06-10 14:53 - 2010-11-30 11:34 - 00000000 ____D C:\Program Files\Synaptics
2012-06-10 14:53 - 2010-11-30 11:27 - 00000000 ____D C:\Program Files\Windows Live
2012-06-10 14:53 - 2010-11-30 11:22 - 00000000 ____D C:\Program Files\PC-Doctor
2012-06-10 14:53 - 2010-11-30 11:16 - 00000000 ____D C:\Program Files\Java
2012-06-10 14:53 - 2010-11-30 11:08 - 00000000 ____D C:\Program Files\ThinkVantage
2012-06-10 14:53 - 2010-11-30 10:56 - 00000000 ____D C:\Program Files\ThinkPad
2012-06-10 14:53 - 2010-11-30 10:55 - 00000000 ____D C:\Program Files\Lenovo
2012-06-10 14:53 - 2010-11-30 10:54 - 00000000 ____D C:\Program Files\Realtek
2012-06-10 14:53 - 2010-11-30 10:54 - 00000000 ____D C:\Program Files\DIFX
2012-06-10 14:53 - 2009-07-13 23:45 - 00000000 ____D C:\Program Files\Windows Journal
2012-06-10 14:53 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Defender
2012-06-10 14:53 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Reference Assemblies
2012-06-10 14:53 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\MSBuild
2012-06-10 14:53 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Microsoft Games
2012-06-10 14:53 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\DVD Maker
2012-06-10 14:53 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Windows NT
2012-06-10 14:53 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\System
2012-06-10 14:52 - 2011-12-29 10:06 - 00000000 ____D C:\Program Files\Common Files\Lenovo
2012-06-10 14:52 - 2011-09-24 12:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2012-06-10 14:52 - 2011-09-24 12:44 - 00000000 ____D C:\Program Files\Bonjour
2012-06-10 14:52 - 2010-12-25 23:00 - 00000000 __RHD C:\MSOCache
2012-06-10 14:52 - 2010-11-30 11:30 - 00000000 ___HD C:\mfg
2012-06-10 14:52 - 2010-11-30 10:59 - 00000000 ____D C:\Program Files\ATI
2012-06-10 14:52 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2012-06-10 14:52 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Services
2012-06-10 14:52 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2012-06-10 14:52 - 2009-07-13 19:20 - 00000000 ____D C:\PerfLogs
ZeroAccess:
C:\Users\Connor Biggs\AppData\Local\2e26c49f
========================= Known DLLs (Whitelisted) ============
========================= Bamital & volsnap Check ============
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
========================= Memory info ======================
Percentage of memory in use: 15%
Total physical RAM: 3838.15 MB
Available physical RAM: 3260.98 MB
Total Pagefile: 3836.3 MB
Available Pagefile: 3255.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
======================= Partitions =========================
1 Drive c: (Windows7_OS) (Fixed) (Total:464.59 GB) (Free:316.86 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive g: () (Removable) (Total:3.82 GB) (Free:3.74 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (SYSTEM_DRV) (Fixed) (Total:1.17 GB) (Free:0.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 No Media 0 B 0 B
Disk 2 Online 3864 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1200 MB 1024 KB
Partition 2 Primary 464 GB 1201 MB
======================================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM_DRV NTFS Partition 1200 MB Healthy
======================================================================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C Windows7_OS NTFS Partition 464 GB Healthy
======================================================================================================
Partitions of Disk 2:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3919 MB 31 KB
======================================================================================================
Disk: 2
Partition 1
Type : 0B
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G FAT32 Removable 3919 MB Healthy
======================================================================================================
==========================================================
Last Boot: 2011-12-23 11:14
======================= End Of Log ==========================
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
