Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Constant redirects and rootkits, websites unavailable [Solved]

Started by zxcymn , Jun 03 2010 02:59 AM

  • This topic is locked This topic is locked

#16
zxcymn
Posted 04 June 2010 - 01:24 PM

zxcymn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts
ESET came up clean. Log just says:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK


OTL log:

OTL logfile created on: 6/4/2010 3:19:37 PM - Run 2
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Users\zxcymn\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 61.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 184.88 Gb Free Space | 39.70% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NERDCAVE
Current User Name: zxcymn
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/03 06:22:42 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\zxcymn\Desktop\OTL.com
PRC - [2010/05/27 20:08:46 | 003,493,264 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\Xfire.exe
PRC - [2010/05/21 01:52:33 | 000,395,048 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2010/05/21 01:52:13 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/13 21:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


========== Modules (SafeList) ==========

MOD - [2010/06/03 06:22:42 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\zxcymn\Desktop\OTL.com
MOD - [2010/05/27 20:09:04 | 000,970,640 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\xfire_toucan_42784.dll
MOD - [2009/07/13 21:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
MOD - [2009/07/13 21:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/13 21:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/13 21:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/13 21:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/13 21:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/13 21:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/13 21:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/13 21:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/13 21:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/13 21:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009/07/13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2007/12/21 17:07:58 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/05/21 01:52:33 | 000,395,048 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/13 21:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/13 21:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/13 21:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/13 21:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/13 21:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/13 21:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/13 21:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/13 21:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 21:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 21:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/13 21:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/13 21:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 21:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/13 21:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/13 21:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/13 21:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/13 21:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)


========== Driver Services (SafeList) ==========

DRV - [2010/04/03 22:55:32 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/12/30 12:21:16 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/12/11 03:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/11/18 10:09:52 | 000,376,832 | ---- | M] (NETGEAR Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2009/11/08 23:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/07/13 21:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/13 21:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/13 21:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/13 21:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/13 21:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/13 21:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/13 21:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/13 21:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/13 21:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/13 21:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/13 21:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/13 21:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/13 21:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/13 21:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/13 21:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/13 21:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/13 21:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/13 21:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/13 21:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/13 21:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/13 21:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/13 21:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/13 21:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/13 21:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/13 21:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/13 21:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/13 21:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/13 21:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 21:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/13 21:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 21:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/13 21:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 21:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/13 21:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/13 21:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/13 21:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/13 21:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/13 21:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/13 21:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/13 21:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/13 21:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/13 20:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/13 20:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009/07/13 20:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/13 19:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/13 19:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/13 19:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/13 19:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009/07/13 19:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/13 19:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2009/07/13 19:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/13 19:51:23 | 000,080,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009/07/13 19:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 19:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/13 19:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/13 19:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/13 19:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/13 19:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/13 19:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 19:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 19:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/13 19:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009/07/13 19:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/13 19:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 18:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 18:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 18:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 18:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 18:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 18:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 18:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/07/13 18:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 18:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 18:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2007/05/15 12:15:22 | 000,042,496 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm) Virtual Audio Cable (WDM)
DRV - [2004/08/13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2003/09/25 01:00:00 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ov519vid.sys -- (ovt519)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 A9 58 B8 C5 03 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = about:blank

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co...en&source=iglk"
FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2
FF - prefs.js..extensions.enabledItems: [email protected]:3.6.14
FF - prefs.js..extensions.enabledItems: {6dd0bdba-0a02-429e-b595-87a7dfdca7a1}:0.7.7
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.8
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:0.4.5.15
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {987311C6-B504-4aa2-90BF-60CC49808D42}:2.2
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/29 14:18:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/29 14:18:24 | 000,000,000 | ---D | M]

[2010/05/21 01:14:08 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Extensions
[2010/06/04 06:04:01 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions
[2010/05/21 01:40:31 | 000,000,000 | ---D | M] (Linkification) -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010/05/21 01:37:43 | 000,000,000 | ---D | M] (GameFOX) -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions\{6dd0bdba-0a02-429e-b595-87a7dfdca7a1}
[2010/05/25 20:37:29 | 000,000,000 | ---D | M] (BugMeNot) -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}
[2010/05/23 23:05:36 | 000,000,000 | ---D | M] (4chan) -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2010/05/21 01:16:24 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
[2010/05/23 23:40:12 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/05/21 17:42:32 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/05/24 00:26:50 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/05/21 01:18:55 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions\[email protected]
[2010/06/03 10:01:41 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/01 03:27:01 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/06/03 10:01:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/06/03 10:01:28 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/05/26 20:33:49 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll

O1 HOSTS File: ([2009/06/10 17:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\RZRSETUP.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/06/04 05:11:01 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/06/04 03:01:23 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/06/03 22:19:00 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\NVIDIA
[2010/06/03 22:18:56 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\Futuremark
[2010/06/03 22:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2010/06/03 22:18:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\AGEIA
[2010/06/03 22:17:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/06/03 10:03:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/06/03 09:55:10 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Desktop\JavaRa
[2010/06/03 09:48:45 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/06/03 09:48:44 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/06/03 09:48:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/03 09:33:39 | 006,153,376 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\zxcymn\Desktop\mbam-setup-1.46.exe
[2010/06/03 09:27:37 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Users\zxcymn\Desktop\TFC.exe
[2010/06/03 08:16:35 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Desktop\avenger
[2010/06/03 06:55:28 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Desktop\tdsskiller
[2010/06/03 06:22:42 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Users\zxcymn\Desktop\OTL.com
[2010/06/03 04:45:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/06/03 04:45:16 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/06/02 21:43:28 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/06/02 21:43:27 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/06/02 21:43:18 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/06/02 21:42:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/06/02 20:52:18 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\IrfanView
[2010/06/02 20:52:18 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2010/06/02 20:27:48 | 000,000,000 | ---D | C] -- C:\Program Files\WinSCP
[2010/06/02 07:08:30 | 000,000,000 | ---D | C] -- C:\Program Files\WindSolutions
[2010/06/02 07:08:09 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\WindSolutions
[2010/06/02 07:08:09 | 000,000,000 | ---D | C] -- C:\ProgramData\WindSolutions
[2010/06/02 06:33:00 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\Apple Computer
[2010/06/02 06:32:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/06/02 06:31:54 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/06/02 06:31:54 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/06/02 06:31:54 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/06/02 06:29:46 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Apple Computer
[2010/06/02 06:29:21 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/06/02 06:28:51 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/06/02 02:22:27 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\THQ
[2010/06/02 02:18:33 | 000,000,000 | ---D | C] -- C:\SteamApps
[2010/06/02 01:58:12 | 000,000,000 | ---D | C] -- C:\Program Files\Saints Row 2
[2010/06/02 01:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2010/06/01 04:16:15 | 000,000,000 | ---D | C] -- C:\Windows\OvtCam
[2010/06/01 04:14:34 | 000,174,530 | ---- | C] (OmniVision Technologies, Inc.) -- C:\Windows\System32\drivers\ov519vid.sys
[2010/06/01 04:14:34 | 000,135,168 | ---- | C] (OmniVision Technologies, Inc.) -- C:\Windows\ov519cap.exe
[2010/06/01 04:14:34 | 000,061,440 | ---- | C] (OmniVision Technologies, Inc.) -- C:\Windows\ov519dib.dll
[2010/06/01 04:14:34 | 000,040,960 | ---- | C] (OmniVision Technologies Inc.) -- C:\Windows\System32\ov519ext.dll
[2010/06/01 04:14:34 | 000,025,211 | ---- | C] (OmniVision Technologies Inc.) -- C:\Windows\System32\drivers\ov519cmd.sys
[2010/06/01 04:14:34 | 000,025,099 | ---- | C] (OmniVision Technologies Inc.) -- C:\Windows\System32\ov519ext.ax
[2010/06/01 04:14:34 | 000,016,426 | ---- | C] (OmniVision Technologies Inc.) -- C:\Windows\System32\ov519usd.dll
[2010/06/01 04:14:34 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2010/06/01 03:28:20 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\skypePM
[2010/06/01 03:27:13 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Skype
[2010/06/01 03:26:42 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/06/01 03:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/06/01 03:26:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/05/31 12:49:25 | 000,000,000 | ---D | C] -- C:\Program Files\ModernRcon
[2010/05/30 21:43:40 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Documents\Insight Software
[2010/05/30 21:43:40 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Insight Software
[2010/05/30 21:41:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Insight Software Solutions
[2010/05/30 21:41:28 | 000,000,000 | ---D | C] -- C:\Program Files\Macro Express Pro
[2010/05/30 01:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Insight Software Solutions
[2010/05/30 01:17:48 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Documents\Workspace Macro Pro
[2010/05/30 01:17:48 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Documents\Launch-n-Go
[2010/05/29 14:18:10 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/05/29 14:18:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/05/29 14:17:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/05/29 14:17:52 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\Apple
[2010/05/29 14:17:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/05/28 08:02:37 | 000,000,000 | ---D | C] -- C:\Program Files\OpenPandora
[2010/05/28 05:35:20 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Documents\GTA San Andreas User Files
[2010/05/28 05:26:03 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2010/05/28 03:21:51 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\smc
[2010/05/27 01:46:44 | 000,000,000 | ---D | C] -- C:\Program Files\EA GAMES
[2010/05/26 22:41:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2010/05/26 20:34:04 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\GamersFirst LIVE!
[2010/05/26 20:34:01 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\PMB Files
[2010/05/26 20:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010/05/26 20:33:49 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2010/05/26 20:33:42 | 000,000,000 | ---D | C] -- C:\Program Files\GamersFirst
[2010/05/26 16:12:13 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/05/26 15:29:38 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Documents\BFBC2
[2010/05/26 15:07:52 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010/05/25 03:11:07 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Desktop\Downloads [IM Services]
[2010/05/25 00:42:34 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\.minecraft
[2010/05/25 00:42:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/05/25 00:41:40 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/05/24 22:51:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/05/24 22:48:22 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/05/24 22:48:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/05/24 22:48:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/05/24 22:47:40 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\Adobe
[2010/05/24 22:47:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010/05/23 23:53:11 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Malwarebytes
[2010/05/23 23:52:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/05/23 23:51:27 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Desktop\Downloads [uTorrent]
[2010/05/23 23:08:53 | 000,000,000 | ---D | C] -- C:\Program Files\Guitar Pro 5
[2010/05/22 14:29:29 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/05/21 16:29:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Shared
[2010/05/21 16:29:05 | 001,089,536 | ---- | C] (eHelp Corporation.) -- C:\Windows\System32\ROBOEX32.DLL
[2010/05/21 16:29:05 | 000,085,504 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\System32\HtmlWH.dll
[2010/05/21 16:29:05 | 000,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\System32\INETWH32.dll
[2010/05/21 16:29:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\MAGIX
[2010/05/21 16:28:53 | 000,475,136 | ---- | C] (MAGIX AG) -- C:\Windows\System32\mgxoschk.dll
[2010/05/21 16:10:38 | 000,000,000 | ---D | C] -- C:\Program Files\FFmpeg for Audacity
[2010/05/21 16:08:51 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Audacity
[2010/05/21 16:08:39 | 000,000,000 | ---D | C] -- C:\Program Files\Lame for Audacity
[2010/05/21 16:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity 1.3 Beta (Unicode)
[2010/05/21 15:58:36 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\The Ringtone Maker Plus
[2010/05/21 15:35:57 | 000,042,496 | ---- | C] (Eugene V. Muzychenko) -- C:\Windows\System32\drivers\vrtaucbl.sys
[2010/05/21 15:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\Virtual Audio Cable
[2010/05/21 14:59:19 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Documents\My Recordings
[2010/05/21 14:59:11 | 000,000,000 | ---D | C] -- C:\Program Files\Steinberg
[2010/05/21 14:59:11 | 000,000,000 | ---D | C] -- C:\Program Files\Antares Audio Technologies
[2010/05/21 14:57:21 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Acoustica
[2010/05/21 14:57:08 | 000,057,344 | ---- | C] (NexiTech, Inc.) -- C:\Windows\System32\Wnaspint.dll
[2010/05/21 14:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\Acoustica Shared Effects
[2010/05/21 14:57:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Acoustica
[2010/05/21 14:56:49 | 000,000,000 | ---D | C] -- C:\Program Files\Acoustica Mixcraft 4
[2010/05/21 14:40:52 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\PunkBuster
[2010/05/21 14:28:16 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Desktop\Downloads [Firefox]
[2010/05/21 12:04:31 | 000,000,000 | ---D | C] -- C:\Windows\nl-NL
[2010/05/21 12:04:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\nl
[2010/05/21 12:04:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\0413
[2010/05/21 12:04:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nl-NL
[2010/05/21 12:04:00 | 000,000,000 | ---D | C] -- C:\Windows\da-DK
[2010/05/21 12:03:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\da-DK
[2010/05/21 12:03:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\da
[2010/05/21 12:03:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sv-SE
[2010/05/21 12:03:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\sv
[2010/05/21 12:03:11 | 000,000,000 | ---D | C] -- C:\Windows\sv-SE
[2010/05/21 12:03:04 | 000,000,000 | ---D | C] -- C:\Windows\ro-RO
[2010/05/21 12:02:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ro-RO
[2010/05/21 12:02:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ar-SA
[2010/05/21 12:02:44 | 000,000,000 | ---D | C] -- C:\Windows\ar-SA
[2010/05/21 12:02:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\ar
[2010/05/21 12:02:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\bg-BG
[2010/05/21 12:02:20 | 000,000,000 | ---D | C] -- C:\Windows\bg-BG
[2010/05/21 12:02:04 | 000,000,000 | ---D | C] -- C:\Windows\pl-PL
[2010/05/21 12:02:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pl-PL
[2010/05/21 12:01:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\pl
[2010/05/21 12:01:40 | 000,000,000 | ---D | C] -- C:\Windows\pt-BR
[2010/05/21 12:01:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pt-BR
[2010/05/21 12:01:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ru-RU
[2010/05/21 12:01:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\ru
[2010/05/21 12:01:00 | 000,000,000 | ---D | C] -- C:\Windows\ru-RU
[2010/05/21 12:00:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\es
[2010/05/21 12:00:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\0C0A
[2010/05/21 12:00:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\es-ES
[2010/05/21 12:00:18 | 000,000,000 | ---D | C] -- C:\Windows\es-ES
[2010/05/21 12:00:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\th-TH
[2010/05/21 12:00:00 | 000,000,000 | ---D | C] -- C:\Windows\th-TH
[2010/05/21 11:59:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\he
[2010/05/21 11:59:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\he-IL
[2010/05/21 11:59:34 | 000,000,000 | ---D | C] -- C:\Windows\he-IL
[2010/05/21 11:57:00 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\ElevatedDiagnostics
[2010/05/21 11:32:45 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\nl-NL\pscr.sys.mui
[2010/05/21 11:32:44 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\nl-NL\yk62x86.sys.mui
[2010/05/21 11:32:32 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nl-NL\BrSerIb.sys.mui
[2010/05/21 11:32:32 | 000,011,264 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\nl-NL\ltmdmnt.sys.mui
[2010/05/21 11:32:31 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nl-NL\BrSerId.sys.mui
[2010/05/21 11:32:31 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nl-NL\BrParwdm.sys.mui
[2010/05/21 11:25:26 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\da-DK\pscr.sys.mui
[2010/05/21 11:25:25 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\da-DK\yk62x86.sys.mui
[2010/05/21 11:25:12 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\da-DK\BrSerId.sys.mui
[2010/05/21 11:25:12 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\da-DK\BrSerIb.sys.mui
[2010/05/21 11:25:12 | 000,010,240 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\da-DK\ltmdmnt.sys.mui
[2010/05/21 11:25:12 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\da-DK\BrParwdm.sys.mui
[2010/05/21 11:18:46 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\sv-SE\pscr.sys.mui
[2010/05/21 11:18:45 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\sv-SE\yk62x86.sys.mui
[2010/05/21 11:18:34 | 000,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\sv-SE\BrSerId.sys.mui
[2010/05/21 11:18:34 | 000,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\sv-SE\BrSerIb.sys.mui
[2010/05/21 11:18:34 | 000,009,728 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\sv-SE\ltmdmnt.sys.mui
[2010/05/21 11:18:34 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\sv-SE\BrParwdm.sys.mui
[2010/05/21 11:02:14 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\ar-SA\pscr.sys.mui
[2010/05/21 11:02:12 | 000,032,768 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\ar-SA\yk62x86.sys.mui
[2010/05/21 11:01:56 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ar-SA\BrSerId.sys.mui
[2010/05/21 11:01:56 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ar-SA\BrSerIb.sys.mui
[2010/05/21 11:01:56 | 000,009,216 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\ar-SA\ltmdmnt.sys.mui
[2010/05/21 11:01:56 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ar-SA\BrParwdm.sys.mui
[2010/05/21 10:48:10 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\pl-PL\pscr.sys.mui
[2010/05/21 10:48:08 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\pl-PL\yk62x86.sys.mui
[2010/05/21 10:47:57 | 000,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pl-PL\BrSerId.sys.mui
[2010/05/21 10:47:57 | 000,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pl-PL\BrSerIb.sys.mui
[2010/05/21 10:47:57 | 000,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\pl-PL\ltmdmnt.sys.mui
[2010/05/21 10:47:57 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pl-PL\BrParwdm.sys.mui
[2010/05/21 10:43:04 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\pt-BR\pscr.sys.mui
[2010/05/21 10:43:02 | 000,033,792 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\pt-BR\yk62x86.sys.mui
[2010/05/21 10:42:54 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-BR\BrSerIb.sys.mui
[2010/05/21 10:42:54 | 000,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\pt-BR\ltmdmnt.sys.mui
[2010/05/21 10:42:53 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-BR\BrSerId.sys.mui
[2010/05/21 10:42:53 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-BR\BrParwdm.sys.mui
[2010/05/21 10:37:14 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\ru-RU\pscr.sys.mui
[2010/05/21 10:37:13 | 000,033,792 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\ru-RU\yk62x86.sys.mui
[2010/05/21 10:37:13 | 000,011,264 | ---- | C] (Корпорация Intel) -- C:\Windows\System32\drivers\ru-RU\e1q6032.sys.mui
[2010/05/21 10:37:13 | 000,011,264 | ---- | C] (Корпорация Intel) -- C:\Windows\System32\drivers\ru-RU\e1k6032.sys.mui
[2010/05/21 10:37:07 | 000,002,560 | ---- | C] (Корпорация Майкрософт) -- C:\Windows\System32\drivers\ru-RU\mountmgr.sys.mui
[2010/05/21 10:37:02 | 000,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ru-RU\BrSerId.sys.mui
[2010/05/21 10:37:02 | 000,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ru-RU\BrSerIb.sys.mui
[2010/05/21 10:37:02 | 000,010,240 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\ru-RU\ltmdmnt.sys.mui
[2010/05/21 10:37:02 | 000,002,560 | ---- | C] (Корпорация Майкрософт) -- C:\Windows\System32\drivers\ru-RU\volmgrx.sys.mui
[2010/05/21 10:37:02 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ru-RU\BrParwdm.sys.mui
[2010/05/21 10:33:05 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\es-ES\pscr.sys.mui
[2010/05/21 10:33:04 | 000,033,792 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\es-ES\yk62x86.sys.mui
[2010/05/21 10:32:54 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\es-ES\BrSerIb.sys.mui
[2010/05/21 10:32:54 | 000,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\es-ES\ltmdmnt.sys.mui
[2010/05/21 10:32:53 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\es-ES\BrSerId.sys.mui
[2010/05/21 10:32:53 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\es-ES\BrParwdm.sys.mui
[2010/05/21 10:19:58 | 000,003,072 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\he-IL\pscr.sys.mui
[2010/05/21 10:19:57 | 000,032,256 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\he-IL\yk62x86.sys.mui
[2010/05/21 10:19:35 | 000,008,704 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\he-IL\BrSerId.sys.mui
[2010/05/21 10:19:35 | 000,008,704 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\he-IL\BrSerIb.sys.mui
[2010/05/21 10:19:35 | 000,008,704 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\he-IL\ltmdmnt.sys.mui
[2010/05/21 10:19:35 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\he-IL\BrParwdm.sys.mui
[2010/05/21 05:09:59 | 000,000,000 | ---D | C] -- C:\Windows\sr-Latn-CS
[2010/05/21 05:09:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sr-Latn-CS
[2010/05/21 05:09:47 | 000,000,000 | ---D | C] -- C:\Windows\uk-UA
[2010/05/21 05:09:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\uk-UA
[2010/05/21 05:09:32 | 000,000,000 | ---D | C] -- C:\Windows\it-IT
[2010/05/21 05:09:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\it-IT
[2010/05/21 05:09:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\0410
[2010/05/21 05:09:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\it
[2010/05/21 05:09:04 | 000,000,000 | ---D | C] -- C:\Windows\sk-SK
[2010/05/21 05:08:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sk-SK
[2010/05/21 05:08:51 | 000,000,000 | ---D | C] -- C:\Windows\zh-TW
[2010/05/21 05:08:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\zh-CHT
[2010/05/21 05:08:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-TW
[2010/05/21 05:08:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-HK
[2010/05/21 05:08:29 | 000,000,000 | ---D | C] -- C:\Windows\ko-KR
[2010/05/21 05:08:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ko-KR
[2010/05/21 05:08:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\ko
[2010/05/21 05:08:09 | 000,000,000 | ---D | C] -- C:\Windows\fr-FR
[2010/05/21 05:08:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\fr-FR
[2010/05/21 05:08:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\fr
[2010/05/21 05:08:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\040C
[2010/05/21 05:07:47 | 000,000,000 | ---D | C] -- C:\Windows\cs-CZ
[2010/05/21 05:07:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\cs
[2010/05/21 05:07:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\cs-CZ
[2010/05/21 05:07:26 | 000,000,000 | ---D | C] -- C:\Windows\fi-FI
[2010/05/21 05:07:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\fi-FI
[2010/05/21 05:07:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\fi
[2010/05/21 05:06:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\zh-CHS
[2010/05/21 05:06:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-CN
[2010/05/21 05:06:45 | 000,000,000 | ---D | C] -- C:\Windows\zh-CN
[2010/05/21 05:06:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sl-SI
[2010/05/21 05:06:36 | 000,000,000 | ---D | C] -- C:\Windows\sl-SI
[2010/05/21 05:06:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\et-EE
[2010/05/21 05:06:20 | 000,000,000 | ---D | C] -- C:\Windows\et-EE
[2010/05/21 05:06:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\hr-HR
[2010/05/21 05:06:14 | 000,000,000 | ---D | C] -- C:\Windows\hr-HR
[2010/05/21 04:12:59 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010/05/21 04:12:38 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/05/21 03:26:54 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\it-IT\pscr.sys.mui
[2010/05/21 03:26:51 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\it-IT\yk62x86.sys.mui
[2010/05/21 03:26:39 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\it-IT\BrSerId.sys.mui
[2010/05/21 03:26:39 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\it-IT\BrSerIb.sys.mui
[2010/05/21 03:26:39 | 000,011,264 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\it-IT\ltmdmnt.sys.mui
[2010/05/21 03:26:39 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\it-IT\BrParwdm.sys.mui
[2010/05/21 03:18:47 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Macromedia
[2010/05/21 03:18:47 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Adobe
[2010/05/21 03:18:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010/05/21 03:12:25 | 000,002,560 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\zh-TW\pscr.sys.mui
[2010/05/21 03:12:23 | 000,030,720 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\zh-TW\yk62x86.sys.mui
[2010/05/21 03:12:12 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\zh-TW\BrSerIb.sys.mui
[2010/05/21 03:12:12 | 000,005,120 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\zh-TW\ltmdmnt.sys.mui
[2010/05/21 03:12:11 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\zh-TW\BrSerId.sys.mui
[2010/05/21 03:12:11 | 000,002,048 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\zh-TW\BrParwdm.sys.mui
[2010/05/21 03:10:03 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010/05/21 03:06:28 | 000,003,072 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\ko-KR\pscr.sys.mui
[2010/05/21 03:06:27 | 000,031,232 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\ko-KR\yk62x86.sys.mui
[2010/05/21 03:06:16 | 000,006,656 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ko-KR\BrSerIb.sys.mui
[2010/05/21 03:06:16 | 000,006,144 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\ko-KR\ltmdmnt.sys.mui
[2010/05/21 03:06:15 | 000,006,656 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ko-KR\BrSerId.sys.mui
[2010/05/21 03:06:15 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ko-KR\BrParwdm.sys.mui
[2010/05/21 03:04:24 | 000,000,000 | ---D | C] -- C:\Windows.old
[2010/05/21 02:59:41 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\fr-FR\pscr.sys.mui
[2010/05/21 02:59:38 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\fr-FR\yk62x86.sys.mui
[2010/05/21 02:59:26 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fr-FR\BrSerId.sys.mui
[2010/05/21 02:59:26 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fr-FR\BrSerIb.sys.mui
[2010/05/21 02:59:26 | 000,011,264 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\fr-FR\ltmdmnt.sys.mui
[2010/05/21 02:59:25 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fr-FR\BrParwdm.sys.mui
[2010/05/21 02:54:33 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\cs-CZ\pscr.sys.mui
[2010/05/21 02:54:32 | 000,033,792 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\cs-CZ\yk62x86.sys.mui
[2010/05/21 02:54:23 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\cs-CZ\BrSerId.sys.mui
[2010/05/21 02:54:23 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\cs-CZ\BrSerIb.sys.mui
[2010/05/21 02:54:23 | 000,009,728 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\cs-CZ\ltmdmnt.sys.mui
[2010/05/21 02:54:23 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\cs-CZ\BrParwdm.sys.mui
[2010/05/21 02:48:43 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\fi-FI\pscr.sys.mui
[2010/05/21 02:48:41 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\fi-FI\yk62x86.sys.mui
[2010/05/21 02:48:30 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fi-FI\BrSerId.sys.mui
[2010/05/21 02:48:30 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fi-FI\BrSerIb.sys.mui
[2010/05/21 02:48:30 | 000,009,728 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\fi-FI\ltmdmnt.sys.mui
[2010/05/21 02:48:30 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fi-FI\BrParwdm.sys.mui
[2010/05/21 02:45:08 | 000,002,560 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\zh-CN\pscr.sys.mui
[2010/05/21 02:45:05 | 000,030,720 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\zh-CN\yk62x86.sys.mui
[2010/05/21 02:44:50 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\zh-CN\BrSerId.sys.mui
[2010/05/21 02:44:50 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\zh-CN\BrSerIb.sys.mui
[2010/05/21 02:44:50 | 000,004,608 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\zh-CN\ltmdmnt.sys.mui
[2010/05/21 02:44:50 | 000,002,048 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\zh-CN\BrParwdm.sys.mui
[2010/05/21 02:35:44 | 000,000,000 | ---D | C] -- C:\Windows\nb-NO
[2010/05/21 02:35:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\no
[2010/05/21 02:35:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nb-NO
[2010/05/21 02:33:34 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\nb-NO\pscr.sys.mui
[2010/05/21 02:33:30 | 000,032,768 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\nb-NO\yk62x86.sys.mui
[2010/05/21 02:33:17 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nb-NO\BrSerId.sys.mui
[2010/05/21 02:33:17 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nb-NO\BrSerIb.sys.mui
[2010/05/21 02:33:17 | 000,009,728 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\nb-NO\ltmdmnt.sys.mui
[2010/05/21 02:33:17 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nb-NO\BrParwdm.sys.mui
[2010/05/21 02:31:59 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2010/05/21 02:31:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\XPSViewer
[2010/05/21 02:31:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\de-DE
[2010/05/21 02:31:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\0407
[2010/05/21 02:31:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\de
[2010/05/21 02:28:31 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\de-DE\pscr.sys.mui
[2010/05/21 02:28:27 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\de-DE\yk62x86.sys.mui
[2010/05/21 02:27:59 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerIb.sys.mui
[2010/05/21 02:27:59 | 000,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\de-DE\ltmdmnt.sys.mui
[2010/05/21 02:27:57 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerId.sys.mui
[2010/05/21 02:27:56 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrParwdm.sys.mui
[2010/05/21 02:14:14 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/05/21 02:12:05 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010/05/21 01:51:59 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010/05/21 01:51:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2010/05/21 01:25:14 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Xfire
[2010/05/21 01:25:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2010/05/21 01:25:13 | 000,000,000 | ---D | C] -- C:\Program Files\Xfire
[2010/05/21 01:14:03 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Mozilla
[2010/05/21 01:14:03 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\Mozilla
[2010/05/21 01:13:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/05/21 00:57:54 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\VS Revo Group
[2010/05/21 00:57:51 | 000,027,192 | ---- | C] (VS Revo Group) -- C:\Windows\System32\drivers\revoflt.sys
[2010/05/21 00:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2010/05/21 00:57:03 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\WinRAR
[2010/05/21 00:53:51 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/05/21 00:46:48 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/05/21 00:45:42 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\uTorrent
[2010/05/21 00:13:29 | 000,061,440 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Windows\System32\W32N50.dll
[2010/05/21 00:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/05/21 00:06:37 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\Diagnostics
[2010/05/20 23:49:24 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/05/20 23:48:54 | 000,000,000 | ---D | C] -- C:\Program Files\NETGEAR
[2010/05/20 23:48:29 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010/05/20 23:48:29 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2010/05/20 23:44:02 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Searches
[2010/05/20 23:43:53 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Identities
[2010/05/20 23:43:51 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Contacts
[2010/05/20 23:43:47 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\VirtualStore
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\AppData\Local\Temporary Internet Files
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\Templates
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\Start Menu
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\SendTo
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\Recent
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\PrintHood
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\NetHood
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\Documents\My Videos
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\Documents\My Pictures
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\Documents\My Music
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\My Documents
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\Local Settings
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\AppData\Local\History
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\Cookies
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\Application Data
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\AppData\Local\Application Data
[2010/05/20 23:43:45 | 000,000,000 | --SD | C] -- C:\Users\zxcymn\AppData\Roaming\Microsoft
[2010/05/20 23:43:45 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Videos
[2010/05/20 23:43:45 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Saved Games
[2010/05/20 23:43:45 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Pictures
[2010/05/20 23:43:45 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Music
[2010/05/20 23:43:45 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Links
[2010/05/20 23:43:45 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Favorites
[2010/05/20 23:43:45 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Downloads
[2010/05/20 23:43:45 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\My Documents
[2010/05/20 23:43:45 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Desktop
[2010/05/20 23:43:45 | 000,000,000 | -H-D | C] -- C:\Users\zxcymn\AppData
[2010/05/20 23:43:45 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\Temp
[2010/05/20 23:43:45 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\Microsoft
[2010/05/20 23:43:45 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Media Center Programs
[2010/05/20 23:43:38 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010/05/20 23:02:01 | 000,000,000 | -HSD | C] -- C:\Boot
[2010/05/07 13:00:18 | 000,000,000 | ---D | C] -- C:\Riot Games
[2010/05/04 21:41:40 | 000,000,000 | R--D | C] -- C:\Program Files\Porn
[2010/04/16 13:07:33 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Desktop\Music
[2010/04/16 12:48:54 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Desktop\Guitar
[2010/04/14 04:42:55 | 000,000,000 | ---D | C] -- C:\60f7eb0271f380dab4
[2010/04/14 03:38:23 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010/04/14 03:15:21 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/04/14 03:07:33 | 000,000,000 | ---D | C] -- C:\OEMSettings
[2010/04/13 22:15:16 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/04/03 22:55:32 | 000,056,424 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

========== Files - Modified Within 90 Days ==========

[2010/06/04 15:19:47 | 001,572,864 | -HS- | M] () -- C:\Users\zxcymn\NTUSER.DAT
[2010/06/04 11:31:04 | 000,030,810 | ---- | M] () -- C:\Users\zxcymn\Desktop\puritania.gp4
[2010/06/04 11:11:06 | 000,020,352 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/06/04 11:11:06 | 000,020,352 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/06/04 11:03:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/06/04 11:03:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/06/04 11:03:39 | 2817,384,448 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/04 05:03:13 | 002,084,559 | -H-- | M] () -- C:\Users\zxcymn\AppData\Local\IconCache.db
[2010/06/03 16:00:01 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\At1.job
[2010/06/03 09:55:05 | 000,071,798 | ---- | M] () -- C:\Users\zxcymn\Desktop\JavaRa.zip
[2010/06/03 09:33:40 | 006,153,376 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\zxcymn\Desktop\mbam-setup-1.46.exe
[2010/06/03 09:27:37 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Users\zxcymn\Desktop\TFC.exe
[2010/06/03 08:21:54 | 192,968,757 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/06/03 08:13:57 | 000,219,128 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/06/03 07:36:55 | 000,138,592 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/06/03 06:22:42 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\zxcymn\Desktop\OTL.com
[2010/06/03 00:35:10 | 000,000,600 | ---- | M] () -- C:\Users\zxcymn\AppData\Roaming\winscp.rnd
[2010/06/02 20:27:48 | 000,001,747 | ---- | M] () -- C:\Users\zxcymn\Desktop\WinSCP.lnk
[2010/06/02 01:52:28 | 012,416,038 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/06/02 01:52:28 | 000,692,886 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/06/02 01:52:28 | 000,691,932 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2010/06/02 01:52:28 | 000,689,288 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2010/06/02 01:52:28 | 000,687,942 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2010/06/02 01:52:28 | 000,687,574 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2010/06/02 01:52:28 | 000,674,664 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2010/06/02 01:52:28 | 000,662,402 | ---- | M] () -- C:\Windows\System32\prfh0416.dat
[2010/06/02 01:52:28 | 000,641,468 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010/06/02 01:52:28 | 000,622,444 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010/06/02 01:52:28 | 000,617,198 | ---- | M] () -- C:\Windows\System32\perfh01D.dat
[2010/06/02 01:52:28 | 000,615,122 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/06/02 01:52:28 | 000,461,056 | ---- | M] () -- C:\Windows\System32\perfh006.dat
[2010/06/02 01:52:28 | 000,447,984 | ---- | M] () -- C:\Windows\System32\perfh014.dat
[2010/06/02 01:52:28 | 000,434,950 | ---- | M] () -- C:\Windows\System32\perfh001.dat
[2010/06/02 01:52:28 | 000,432,832 | ---- | M] () -- C:\Windows\System32\perfh00B.dat
[2010/06/02 01:52:28 | 000,402,910 | ---- | M] () -- C:\Windows\System32\perfh012.dat
[2010/06/02 01:52:28 | 000,379,230 | ---- | M] () -- C:\Windows\System32\prfh0404.dat
[2010/06/02 01:52:28 | 000,363,260 | ---- | M] () -- C:\Windows\System32\prfh0804.dat
[2010/06/02 01:52:28 | 000,354,606 | ---- | M] () -- C:\Windows\System32\perfh00D.dat
[2010/06/02 01:52:28 | 000,133,632 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2010/06/02 01:52:28 | 000,131,160 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2010/06/02 01:52:28 | 000,129,536 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2010/06/02 01:52:28 | 000,128,820 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2010/06/02 01:52:28 | 000,126,998 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/06/02 01:52:28 | 000,125,856 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010/06/02 01:52:28 | 000,124,850 | ---- | M] () -- C:\Windows\System32\prfc0416.dat
[2010/06/02 01:52:28 | 000,123,934 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2010/06/02 01:52:28 | 000,120,576 | ---- | M] () -- C:\Windows\System32\perfc01D.dat
[2010/06/02 01:52:28 | 000,118,612 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010/06/02 01:52:28 | 000,103,496 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/06/02 01:52:28 | 000,101,784 | ---- | M] () -- C:\Windows\System32\perfc012.dat
[2010/06/02 01:52:28 | 000,101,356 | ---- | M] () -- C:\Windows\System32\prfc0804.dat
[2010/06/02 01:52:28 | 000,096,442 | ---- | M] () -- C:\Windows\System32\prfc0404.dat
[2010/06/02 01:52:28 | 000,078,518 | ---- | M] () -- C:\Windows\System32\perfc00B.dat
[2010/06/02 01:52:28 | 000,076,548 | ---- | M] () -- C:\Windows\System32\perfc006.dat
[2010/06/02 01:52:28 | 000,076,092 | ---- | M] () -- C:\Windows\System32\perfc001.dat
[2010/06/02 01:52:28 | 000,073,930 | ---- | M] () -- C:\Windows\System32\perfc014.dat
[2010/06/02 01:52:28 | 000,066,202 | ---- | M] () -- C:\Windows\System32\perfc00D.dat
[2010/06/01 03:28:21 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/05/31 23:44:21 | 000,000,036 | ---- | M] () -- C:\Users\zxcymn\AppData\Local\housecall.guid.cache
[2010/05/31 12:49:26 | 000,001,888 | ---- | M] () -- C:\Users\zxcymn\Desktop\ModernRcon v0.8.lnk
[2010/05/30 01:57:58 | 000,012,320 | ---- | M] () -- C:\Users\zxcymn\Documents\macex.mex
[2010/05/27 20:09:00 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
[2010/05/27 01:56:58 | 000,000,656 | ---- | M] () -- C:\Windows\eReg.dat
[2010/05/26 15:26:03 | 000,138,056 | ---- | M] () -- C:\Users\zxcymn\AppData\Roaming\PnkBstrK.sys
[2010/05/26 15:25:44 | 002,434,856 | ---- | M] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/05/24 00:09:26 | 000,294,464 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/05/23 23:11:36 | 000,072,088 | ---- | M] () -- C:\Users\zxcymn\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/05/21 16:29:28 | 000,000,000 | ---- | M] () -- C:\Windows\RingtoneMaker.INI
[2010/05/21 14:57:08 | 000,000,978 | ---- | M] () -- C:\Users\Public\Desktop\Mixcraft 4.lnk
[2010/05/21 14:38:17 | 000,674,600 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
[2010/05/21 11:39:22 | 000,341,322 | ---- | M] () -- C:\Windows\System32\perfi013.dat
[2010/05/21 11:39:22 | 000,043,068 | ---- | M] () -- C:\Windows\System32\perfd013.dat
[2010/05/21 11:31:41 | 000,306,636 | ---- | M] () -- C:\Windows\System32\perfi006.dat
[2010/05/21 11:31:41 | 000,039,236 | ---- | M] () -- C:\Windows\System32\perfd006.dat
[2010/05/21 11:24:27 | 000,294,764 | ---- | M] () -- C:\Windows\System32\perfi01D.dat
[2010/05/21 11:24:27 | 000,037,052 | ---- | M] () -- C:\Windows\System32\perfd01D.dat
[2010/05/21 11:07:49 | 000,289,060 | ---- | M] () -- C:\Windows\System32\perfi001.dat
[2010/05/21 11:07:49 | 000,042,056 | ---- | M] () -- C:\Windows\System32\perfd001.dat
[2010/05/21 10:52:20 | 000,337,158 | ---- | M] () -- C:\Windows\System32\perfi015.dat
[2010/05/21 10:52:20 | 000,038,710 | ---- | M] () -- C:\Windows\System32\perfd015.dat
[2010/05/21 10:47:13 | 000,323,154 | ---- | M] () -- C:\Windows\System32\prfi0416.dat
[2010/05/21 10:47:13 | 000,038,536 | ---- | M] () -- C:\Windows\System32\prfd0416.dat
[2010/05/21 10:41:05 | 000,336,704 | ---- | M] () -- C:\Windows\System32\perfi019.dat
[2010/05/21 10:41:05 | 000,039,446 | ---- | M] () -- C:\Windows\System32\perfd019.dat
[2010/05/21 10:36:30 | 000,341,432 | ---- | M] () -- C:\Windows\System32\perfi00A.dat
[2010/05/21 10:36:30 | 000,041,390 | ---- | M] () -- C:\Windows\System32\perfd00A.dat
[2010/05/21 10:28:09 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/05/21 10:26:45 | 000,229,316 | ---- | M] () -- C:\Windows\System32\perfi00D.dat
[2010/05/21 10:26:45 | 000,032,166 | ---- | M] () -- C:\Windows\System32\perfd00D.dat
[2010/05/21 03:32:36 | 000,335,478 | ---- | M] () -- C:\Windows\System32\perfi010.dat
[2010/05/21 03:32:36 | 000,037,534 | ---- | M] () -- C:\Windows\System32\perfd010.dat
[2010/05/21 03:17:53 | 000,117,840 | ---- | M] () -- C:\Windows\System32\prfi0404.dat
[2010/05/21 03:17:53 | 000,031,548 | ---- | M] () -- C:\Windows\System32\prfd0404.dat
[2010/05/21 03:11:29 | 000,157,694 | ---- | M] () -- C:\Windows\System32\perfi012.dat
[2010/05/21 03:11:29 | 000,031,548 | ---- | M] () -- C:\Windows\System32\perfd012.dat
[2010/05/21 03:09:50 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010/05/21 03:09:49 | 000,000,355 | RHS- | M] () -- C:\Boot.ini.saved
[2010/05/21 03:04:00 | 000,344,522 | ---- | M] () -- C:\Windows\System32\perfi00C.dat
[2010/05/21 03:04:00 | 000,038,160 | ---- | M] () -- C:\Windows\System32\perfd00C.dat
[2010/05/21 02:58:01 | 000,292,004 | ---- | M] () -- C:\Windows\System32\perfi005.dat
[2010/05/21 02:58:01 | 000,036,232 | ---- | M] () -- C:\Windows\System32\perfd005.dat
[2010/05/21 02:51:47 | 000,279,790 | ---- | M] () -- C:\Windows\System32\perfi00B.dat
[2010/05/21 02:51:47 | 000,038,258 | ---- | M] () -- C:\Windows\System32\perfd00B.dat
[2010/05/21 02:48:00 | 000,111,310 | ---- | M] () -- C:\Windows\System32\prfi0804.dat
[2010/05/21 02:48:00 | 000,031,548 | ---- | M] () -- C:\Windows\System32\prfd0804.dat
[2010/05/21 02:35:33 | 000,298,300 | ---- | M] () -- C:\Windows\System32\perfi014.dat
[2010/05/21 02:35:33 | 000,036,156 | ---- | M] () -- C:\Windows\System32\perfd014.dat
[2010/05/21 02:31:28 | 000,295,922 | ---- | M] () -- C:\Windows\System32\perfi007.dat
[2010/05/21 02:31:28 | 000,038,104 | ---- | M] () -- C:\Windows\System32\perfd007.dat
[2010/05/21 02:15:35 | 000,042,045 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/05/21 02:13:26 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/05/21 00:33:09 | 000,000,003 | RHS- | M] () -- C:\win7ldr
[2010/05/21 00:33:09 | 000,000,003 | ---- | M] () -- C:\Windows\7Loader.TAG
[2010/05/21 00:32:43 | 000,203,316 | RHS- | M] () -- C:\grldr
[2010/05/21 00:23:37 | 000,524,288 | -HS- | M] () -- C:\Users\zxcymn\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/05/21 00:23:37 | 000,524,288 | -HS- | M] () -- C:\Users\zxcymn\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/05/21 00:23:37 | 000,065,536 | -HS- | M] () -- C:\Users\zxcymn\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/05/20 23:48:55 | 000,002,031 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk
[2010/05/20 23:43:46 | 000,000,020 | -HS- | M] () -- C:\Users\zxcymn\ntuser.ini
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\Windows\PEV.exe
[2010/04/14 04:11:28 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/04/14 02:37:11 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/04/14 02:37:11 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/14 02:33:11 | 000,000,211 | -H-- | M] () -- C:\Boot.BAK
[2010/04/03 22:55:32 | 000,056,424 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/04/03 22:55:32 | 000,007,772 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2010/04/03 18:26:56 | 000,276,196 | ---- | M] () -- C:\Windows\System32\NvApps.xml
[2010/04/03 18:26:56 | 000,066,714 | ---- | M] () -- C:\Windows\System32\NvwsApps.xml
[2010/03/29 18:48:35 | 000,419,880 | ---- | M] () -- C:\Windows\System32\locale.nls

========== Files Created - No Company Name ==========

[2010/06/04 11:30:51 | 000,030,810 | ---- | C] () -- C:\Users\zxcymn\Desktop\puritania.gp4
[2010/06/03 11:50:32 | 000,419,880 | ---- | C] () -- C:\Windows\System32\locale.nls
[2010/06/03 09:55:05 | 000,071,798 | ---- | C] () -- C:\Users\zxcymn\Desktop\JavaRa.zip
[2010/06/02 21:54:10 | 192,968,757 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/06/02 21:43:28 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/06/02 21:43:28 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/06/02 21:43:28 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/06/02 21:43:27 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/06/02 21:43:27 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/06/02 20:27:50 | 000,000,600 | ---- | C] () -- C:\Users\zxcymn\AppData\Roaming\winscp.rnd
[2010/06/02 20:27:48 | 000,001,747 | ---- | C] () -- C:\Users\zxcymn\Desktop\WinSCP.lnk
[2010/06/01 04:14:34 | 000,200,704 | ---- | C] () -- C:\Windows\sel3110.exe
[2010/06/01 04:14:34 | 000,040,960 | ---- | C] () -- C:\Windows\CleanDev.exe
[2010/06/01 04:14:34 | 000,032,528 | ---- | C] () -- C:\Windows\amcap.exe
[2010/06/01 03:28:21 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/05/31 23:44:21 | 000,000,036 | ---- | C] () -- C:\Users\zxcymn\AppData\Local\housecall.guid.cache
[2010/05/31 12:49:26 | 000,001,888 | ---- | C] () -- C:\Users\zxcymn\Desktop\ModernRcon v0.8.lnk
[2010/05/30 01:39:39 | 000,012,320 | ---- | C] () -- C:\Users\zxcymn\Documents\macex.mex
[2010/05/27 20:09:00 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010/05/27 01:56:53 | 000,000,656 | ---- | C] () -- C:\Windows\eReg.dat
[2010/05/26 15:25:44 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/05/21 16:29:28 | 000,000,000 | ---- | C] () -- C:\Windows\RingtoneMaker.INI
[2010/05/21 16:28:53 | 000,002,770 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2010/05/21 14:57:08 | 000,000,978 | ---- | C] () -- C:\Users\Public\Desktop\Mixcraft 4.lnk
[2010/05/21 14:48:38 | 000,219,128 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/05/21 14:38:51 | 000,138,592 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/05/21 14:38:51 | 000,138,056 | ---- | C] () -- C:\Users\zxcymn\AppData\Roaming\PnkBstrK.sys
[2010/05/21 14:38:17 | 000,674,600 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2010/05/21 14:38:17 | 000,219,128 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010/05/21 14:38:17 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010/05/21 12:23:15 | 000,674,664 | ---- | C] () -- C:\Windows\System32\perfh019.dat
[2010/05/21 12:23:15 | 000,617,198 | ---- | C] () -- C:\Windows\System32\perfh01D.dat
[2010/05/21 12:23:15 | 000,434,950 | ---- | C] () -- C:\Windows\System32\perfh001.dat
[2010/05/21 12:23:15 | 000,336,704 | ---- | C] () -- C:\Windows\System32\perfi019.dat
[2010/05/21 12:23:15 | 000,323,154 | ---- | C] () -- C:\Windows\System32\prfi0416.dat
[2010/05/21 12:23:15 | 000,294,764 | ---- | C] () -- C:\Windows\System32\perfi01D.dat
[2010/05/21 12:23:15 | 000,289,060 | ---- | C] () -- C:\Windows\System32\perfi001.dat
[2010/05/21 12:23:15 | 000,128,820 | ---- | C] () -- C:\Windows\System32\perfc019.dat
[2010/05/21 12:23:15 | 000,120,576 | ---- | C] () -- C:\Windows\System32\perfc01D.dat
[2010/05/21 12:23:15 | 000,076,092 | ---- | C] () -- C:\Windows\System32\perfc001.dat
[2010/05/21 12:23:15 | 000,042,056 | ---- | C] () -- C:\Windows\System32\perfd001.dat
[2010/05/21 12:23:15 | 000,039,446 | ---- | C] () -- C:\Windows\System32\perfd019.dat
[2010/05/21 12:23:15 | 000,037,052 | ---- | C] () -- C:\Windows\System32\perfd01D.dat
[2010/05/21 12:23:14 | 000,691,932 | ---- | C] () -- C:\Windows\System32\perfh00A.dat
[2010/05/21 12:23:14 | 000,687,574 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2010/05/21 12:23:14 | 000,662,402 | ---- | C] () -- C:\Windows\System32\prfh0416.dat
[2010/05/21 12:23:14 | 000,461,056 | ---- | C] () -- C:\Windows\System32\perfh006.dat
[2010/05/21 12:23:14 | 000,354,606 | ---- | C] () -- C:\Windows\System32\perfh00D.dat
[2010/05/21 12:23:14 | 000,341,432 | ---- | C] () -- C:\Windows\System32\perfi00A.dat
[2010/05/21 12:23:14 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2010/05/21 12:23:14 | 000,306,636 | ---- | C] () -- C:\Windows\System32\perfi006.dat
[2010/05/21 12:23:14 | 000,229,316 | ---- | C] () -- C:\Windows\System32\perfi00D.dat
[2010/05/21 12:23:14 | 000,131,160 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2010/05/21 12:23:14 | 000,124,850 | ---- | C] () -- C:\Windows\System32\prfc0416.dat
[2010/05/21 12:23:14 | 000,076,548 | ---- | C] () -- C:\Windows\System32\perfc006.dat
[2010/05/21 12:23:14 | 000,066,202 | ---- | C] () -- C:\Windows\System32\perfc00D.dat
[2010/05/21 12:23:14 | 000,041,390 | ---- | C] () -- C:\Windows\System32\perfd00A.dat
[2010/05/21 12:23:14 | 000,039,236 | ---- | C] () -- C:\Windows\System32\perfd006.dat
[2010/05/21 12:23:14 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2010/05/21 12:23:14 | 000,038,536 | ---- | C] () -- C:\Windows\System32\prfd0416.dat
[2010/05/21 12:23:14 | 000,032,166 | ---- | C] () -- C:\Windows\System32\perfd00D.dat
[2010/05/21 12:23:13 | 000,689,288 | ---- | C] () -- C:\Windows\System32\perfh013.dat
[2010/05/21 12:23:13 | 000,341,322 | ---- | C] () -- C:\Windows\System32\perfi013.dat
[2010/05/21 12:23:13 | 000,133,632 | ---- | C] () -- C:\Windows\System32\perfc00A.dat
[2010/05/21 12:23:13 | 000,129,536 | ---- | C] () -- C:\Windows\System32\perfc013.dat
[2010/05/21 12:23:13 | 000,043,068 | ---- | C] () -- C:\Windows\System32\perfd013.dat
[2010/05/21 10:28:09 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/05/21 05:27:09 | 000,692,886 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2010/05/21 05:27:09 | 000,622,444 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2010/05/21 05:27:09 | 000,432,832 | ---- | C] () -- C:\Windows\System32\perfh00B.dat
[2010/05/21 05:27:09 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2010/05/21 05:27:09 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2010/05/21 05:27:09 | 000,279,790 | ---- | C] () -- C:\Windows\System32\perfi00B.dat
[2010/05/21 05:27:09 | 000,126,998 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2010/05/21 05:27:09 | 000,118,612 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2010/05/21 05:27:09 | 000,117,840 | ---- | C] () -- C:\Windows\System32\prfi0404.dat
[2010/05/21 05:27:09 | 000,078,518 | ---- | C] () -- C:\Windows\System32\perfc00B.dat
[2010/05/21 05:27:09 | 000,038,258 | ---- | C] () -- C:\Windows\System32\perfd00B.dat
[2010/05/21 05:27:09 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2010/05/21 05:27:09 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2010/05/21 05:27:09 | 000,031,548 | ---- | C] () -- C:\Windows\System32\prfd0404.dat
[2010/05/21 05:27:08 | 000,687,942 | ---- | C] () -- C:\Windows\System32\perfh010.dat
[2010/05/21 05:27:08 | 000,402,910 | ---- | C] () -- C:\Windows\System32\perfh012.dat
[2010/05/21 05:27:08 | 000,379,230 | ---- | C] () -- C:\Windows\System32\prfh0404.dat
[2010/05/21 05:27:08 | 000,363,260 | ---- | C] () -- C:\Windows\System32\prfh0804.dat
[2010/05/21 05:27:08 | 000,335,478 | ---- | C] () -- C:\Windows\System32\perfi010.dat
[2010/05/21 05:27:08 | 000,157,694 | ---- | C] () -- C:\Windows\System32\perfi012.dat
[2010/05/21 05:27:08 | 000,123,934 | ---- | C] () -- C:\Windows\System32\perfc010.dat
[2010/05/21 05:27:08 | 000,111,310 | ---- | C] () -- C:\Windows\System32\prfi0804.dat
[2010/05/21 05:27:08 | 000,101,784 | ---- | C] () -- C:\Windows\System32\perfc012.dat
[2010/05/21 05:27:08 | 000,101,356 | ---- | C] () -- C:\Windows\System32\prfc0804.dat
[2010/05/21 05:27:08 | 000,096,442 | ---- | C] () -- C:\Windows\System32\prfc0404.dat
[2010/05/21 05:27:08 | 000,037,534 | ---- | C] () -- C:\Windows\System32\perfd010.dat
[2010/05/21 05:27:08 | 000,031,548 | ---- | C] () -- C:\Windows\System32\prfd0804.dat
[2010/05/21 05:27:08 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd012.dat
[2010/05/21 03:09:49 | 000,000,211 | -H-- | C] () -- C:\Boot.BAK
[2010/05/21 02:36:22 | 000,447,984 | ---- | C] () -- C:\Windows\System32\perfh014.dat
[2010/05/21 02:36:22 | 000,298,300 | ---- | C] () -- C:\Windows\System32\perfi014.dat
[2010/05/21 02:36:22 | 000,073,930 | ---- | C] () -- C:\Windows\System32\perfc014.dat
[2010/05/21 02:36:22 | 000,036,156 | ---- | C] () -- C:\Windows\System32\perfd014.dat
[2010/05/21 02:32:39 | 000,641,468 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010/05/21 02:32:39 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010/05/21 02:32:39 | 000,125,856 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010/05/21 02:32:39 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010/05/21 02:13:26 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/05/21 02:11:04 | 2817,384,448 | -HS- | C] () -- C:\hiberfil.sys
[2010/05/21 00:57:28 | 000,000,382 | ---- | C] () -- C:\Windows\tasks\At1.job
[2010/05/21 00:33:09 | 000,203,316 | RHS- | C] () -- C:\grldr
[2010/05/21 00:33:09 | 000,000,003 | RHS- | C] () -- C:\win7ldr
[2010/05/21 00:33:09 | 000,000,003 | ---- | C] () -- C:\Windows\7Loader.TAG
[2010/05/20 23:48:55 | 000,002,031 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk
[2010/05/20 23:43:46 | 000,524,288 | -HS- | C] () -- C:\Users\zxcymn\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/05/20 23:43:46 | 000,524,288 | -HS- | C] () -- C:\Users\zxcymn\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/05/20 23:43:46 | 000,065,536 | -HS- | C] () -- C:\Users\zxcymn\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/05/20 23:43:46 | 000,000,020 | -HS- | C] () -- C:\Users\zxcymn\ntuser.ini
[2010/05/20 23:43:45 | 001,572,864 | -HS- | C] () -- C:\Users\zxcymn\NTUSER.DAT
[2010/05/20 23:43:45 | 000,262,144 | -HS- | C] () -- C:\Users\zxcymn\ntuser.dat.LOG1
[2010/05/20 23:43:45 | 000,000,000 | -HS- | C] () -- C:\Users\zxcymn\ntuser.dat.LOG2
[2010/05/20 23:02:08 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010/05/20 23:02:03 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2010/04/14 02:37:11 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/04/14 02:37:11 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/04/13 22:14:22 | 000,000,355 | RHS- | C] () -- C:\Boot.ini.saved
[2010/04/03 22:55:32 | 000,007,772 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2010/04/03 18:26:56 | 000,276,196 | ---- | C] () -- C:\Windows\System32\NvApps.xml
[2010/04/03 18:26:56 | 000,066,714 | ---- | C] () -- C:\Windows\System32\NvwsApps.xml
[2009/08/03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2004/08/13 09:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys

========== LOP Check ==========

[2010/06/04 06:21:40 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\.minecraft
[2010/05/21 14:57:21 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\Acoustica
[2010/05/28 09:56:32 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\Audacity
[2010/06/02 20:52:18 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\IrfanView
[2010/05/30 01:54:42 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\smc
[2010/05/21 15:58:36 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\The Ringtone Maker Plus
[2010/06/04 05:02:03 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\uTorrent
[2010/06/02 07:15:23 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\WindSolutions
[2010/06/03 16:00:01 | 000,000,382 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2010/05/21 18:15:34 | 000,006,118 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========


< End of report >
  • 0

Advertisements

#17
ali.B
Posted 04 June 2010 - 01:32 PM

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\RZRSETUP.EXE -- File not found

:Files
C:\Windows\Tasks\At*.job
:Commands

[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Edited by ali.B, 04 June 2010 - 01:32 PM.

  • 0

#18
zxcymn
Posted 04 June 2010 - 02:34 PM

zxcymn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts
OTL logfile created on: 6/4/2010 4:30:58 PM - Run 3
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Users\zxcymn\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 79.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 185.10 Gb Free Space | 39.74% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NERDCAVE
Current User Name: zxcymn
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/03 06:22:42 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\zxcymn\Desktop\OTL.com
PRC - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/13 21:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


========== Modules (SafeList) ==========

MOD - [2010/06/03 06:22:42 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\zxcymn\Desktop\OTL.com
MOD - [2009/07/13 21:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/13 21:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/13 21:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/13 21:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/13 21:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/13 21:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/13 21:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/13 21:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/13 21:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/13 21:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009/07/13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/05/21 01:52:33 | 000,395,048 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/13 21:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/13 21:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/13 21:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/13 21:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/13 21:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/13 21:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/13 21:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/13 21:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 21:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 21:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/13 21:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/13 21:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 21:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/13 21:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/13 21:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/13 21:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/13 21:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)


========== Driver Services (SafeList) ==========

DRV - [2010/04/03 22:55:32 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/12/30 12:21:16 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/12/11 03:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/11/18 10:09:52 | 000,376,832 | ---- | M] (NETGEAR Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2009/11/08 23:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/07/13 21:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/13 21:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/13 21:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/13 21:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/13 21:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/13 21:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/13 21:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/13 21:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/13 21:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/13 21:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/13 21:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/13 21:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/13 21:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/13 21:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/13 21:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/13 21:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/13 21:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/13 21:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/13 21:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/13 21:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/13 21:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/13 21:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/13 21:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/13 21:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/13 21:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/13 21:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/13 21:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/13 21:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 21:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/13 21:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 21:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/13 21:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 21:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/13 21:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/13 21:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/13 21:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/13 21:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/13 21:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/13 21:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/13 21:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/13 21:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/13 20:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/13 20:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009/07/13 20:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/13 19:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/13 19:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/13 19:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/13 19:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009/07/13 19:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/13 19:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2009/07/13 19:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/13 19:51:23 | 000,080,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009/07/13 19:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 19:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/13 19:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/13 19:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/13 19:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/13 19:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/13 19:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 19:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 19:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/13 19:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009/07/13 19:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/13 19:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 18:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 18:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 18:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 18:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 18:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 18:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 18:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/07/13 18:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 18:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 18:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2007/05/15 12:15:22 | 000,042,496 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm) Virtual Audio Cable (WDM)
DRV - [2004/08/13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2003/09/25 01:00:00 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ov519vid.sys -- (ovt519)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 A9 58 B8 C5 03 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = about:blank

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co...en&source=iglk"
FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2
FF - prefs.js..extensions.enabledItems: [email protected]:3.6.14
FF - prefs.js..extensions.enabledItems: {6dd0bdba-0a02-429e-b595-87a7dfdca7a1}:0.7.7
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.8
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:0.4.5.15
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {987311C6-B504-4aa2-90BF-60CC49808D42}:2.2
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/29 14:18:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/29 14:18:24 | 000,000,000 | ---D | M]

[2010/05/21 01:14:08 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Extensions
[2010/06/04 06:04:01 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions
[2010/05/21 01:40:31 | 000,000,000 | ---D | M] (Linkification) -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010/05/21 01:37:43 | 000,000,000 | ---D | M] (GameFOX) -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions\{6dd0bdba-0a02-429e-b595-87a7dfdca7a1}
[2010/05/25 20:37:29 | 000,000,000 | ---D | M] (BugMeNot) -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}
[2010/05/23 23:05:36 | 000,000,000 | ---D | M] (4chan) -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2010/05/21 01:16:24 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
[2010/05/23 23:40:12 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/05/21 17:42:32 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/05/24 00:26:50 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/05/21 01:18:55 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\Mozilla\Firefox\Profiles\v8qxgtra.default\extensions\[email protected]
[2010/06/03 10:01:41 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/01 03:27:01 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/06/03 10:01:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/06/03 10:01:28 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/05/26 20:33:49 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll

O1 HOSTS File: ([2009/06/10 17:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/06/04 16:28:30 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/06/04 05:11:01 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/06/04 03:01:23 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/06/03 22:19:00 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\NVIDIA
[2010/06/03 22:18:56 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\Futuremark
[2010/06/03 22:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2010/06/03 22:18:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\AGEIA
[2010/06/03 22:17:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/06/03 10:03:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/06/03 09:55:10 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Desktop\JavaRa
[2010/06/03 09:48:45 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/06/03 09:48:44 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/06/03 09:48:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/03 09:33:39 | 006,153,376 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\zxcymn\Desktop\mbam-setup-1.46.exe
[2010/06/03 09:27:37 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Users\zxcymn\Desktop\TFC.exe
[2010/06/03 08:16:35 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Desktop\avenger
[2010/06/03 06:55:28 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Desktop\tdsskiller
[2010/06/03 06:22:42 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Users\zxcymn\Desktop\OTL.com
[2010/06/03 04:45:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/06/03 04:45:16 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/06/02 21:43:28 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/06/02 21:43:27 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/06/02 21:43:18 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/06/02 21:42:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/06/02 20:52:18 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\IrfanView
[2010/06/02 20:52:18 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2010/06/02 20:27:48 | 000,000,000 | ---D | C] -- C:\Program Files\WinSCP
[2010/06/02 07:08:30 | 000,000,000 | ---D | C] -- C:\Program Files\WindSolutions
[2010/06/02 07:08:09 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\WindSolutions
[2010/06/02 07:08:09 | 000,000,000 | ---D | C] -- C:\ProgramData\WindSolutions
[2010/06/02 06:33:00 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\Apple Computer
[2010/06/02 06:32:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/06/02 06:31:54 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/06/02 06:31:54 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/06/02 06:31:54 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/06/02 06:29:46 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Apple Computer
[2010/06/02 06:29:21 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/06/02 06:28:51 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/06/02 02:22:27 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\THQ
[2010/06/02 02:18:33 | 000,000,000 | ---D | C] -- C:\SteamApps
[2010/06/02 01:58:12 | 000,000,000 | ---D | C] -- C:\Program Files\Saints Row 2
[2010/06/02 01:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2010/06/01 04:16:15 | 000,000,000 | ---D | C] -- C:\Windows\OvtCam
[2010/06/01 04:14:34 | 000,174,530 | ---- | C] (OmniVision Technologies, Inc.) -- C:\Windows\System32\drivers\ov519vid.sys
[2010/06/01 04:14:34 | 000,135,168 | ---- | C] (OmniVision Technologies, Inc.) -- C:\Windows\ov519cap.exe
[2010/06/01 04:14:34 | 000,061,440 | ---- | C] (OmniVision Technologies, Inc.) -- C:\Windows\ov519dib.dll
[2010/06/01 04:14:34 | 000,040,960 | ---- | C] (OmniVision Technologies Inc.) -- C:\Windows\System32\ov519ext.dll
[2010/06/01 04:14:34 | 000,025,211 | ---- | C] (OmniVision Technologies Inc.) -- C:\Windows\System32\drivers\ov519cmd.sys
[2010/06/01 04:14:34 | 000,025,099 | ---- | C] (OmniVision Technologies Inc.) -- C:\Windows\System32\ov519ext.ax
[2010/06/01 04:14:34 | 000,016,426 | ---- | C] (OmniVision Technologies Inc.) -- C:\Windows\System32\ov519usd.dll
[2010/06/01 04:14:34 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2010/06/01 03:28:20 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\skypePM
[2010/06/01 03:27:13 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Skype
[2010/06/01 03:26:42 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/06/01 03:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/06/01 03:26:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/05/31 12:49:25 | 000,000,000 | ---D | C] -- C:\Program Files\ModernRcon
[2010/05/30 21:43:40 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Documents\Insight Software
[2010/05/30 21:43:40 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Insight Software
[2010/05/30 21:41:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Insight Software Solutions
[2010/05/30 21:41:28 | 000,000,000 | ---D | C] -- C:\Program Files\Macro Express Pro
[2010/05/30 01:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Insight Software Solutions
[2010/05/30 01:17:48 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Documents\Workspace Macro Pro
[2010/05/30 01:17:48 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Documents\Launch-n-Go
[2010/05/29 14:18:10 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/05/29 14:18:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/05/29 14:17:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/05/29 14:17:52 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\Apple
[2010/05/29 14:17:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/05/28 08:02:37 | 000,000,000 | ---D | C] -- C:\Program Files\OpenPandora
[2010/05/28 05:35:20 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Documents\GTA San Andreas User Files
[2010/05/28 05:26:03 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2010/05/28 03:21:51 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\smc
[2010/05/27 01:46:44 | 000,000,000 | ---D | C] -- C:\Program Files\EA GAMES
[2010/05/26 22:41:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2010/05/26 20:34:04 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\GamersFirst LIVE!
[2010/05/26 20:34:01 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\PMB Files
[2010/05/26 20:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010/05/26 20:33:49 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2010/05/26 20:33:42 | 000,000,000 | ---D | C] -- C:\Program Files\GamersFirst
[2010/05/26 16:12:13 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/05/26 15:29:38 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Documents\BFBC2
[2010/05/26 15:07:52 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010/05/25 03:11:07 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Desktop\Downloads [IM Services]
[2010/05/25 00:42:34 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\.minecraft
[2010/05/25 00:42:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/05/25 00:41:40 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/05/24 22:51:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/05/24 22:48:22 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/05/24 22:48:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/05/24 22:48:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/05/24 22:47:40 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\Adobe
[2010/05/24 22:47:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010/05/23 23:53:11 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Malwarebytes
[2010/05/23 23:52:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/05/23 23:51:27 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Desktop\Downloads [uTorrent]
[2010/05/23 23:08:53 | 000,000,000 | ---D | C] -- C:\Program Files\Guitar Pro 5
[2010/05/22 14:29:29 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/05/21 16:29:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Shared
[2010/05/21 16:29:05 | 001,089,536 | ---- | C] (eHelp Corporation.) -- C:\Windows\System32\ROBOEX32.DLL
[2010/05/21 16:29:05 | 000,085,504 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\System32\HtmlWH.dll
[2010/05/21 16:29:05 | 000,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\System32\INETWH32.dll
[2010/05/21 16:29:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\MAGIX
[2010/05/21 16:28:53 | 000,475,136 | ---- | C] (MAGIX AG) -- C:\Windows\System32\mgxoschk.dll
[2010/05/21 16:10:38 | 000,000,000 | ---D | C] -- C:\Program Files\FFmpeg for Audacity
[2010/05/21 16:08:51 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Audacity
[2010/05/21 16:08:39 | 000,000,000 | ---D | C] -- C:\Program Files\Lame for Audacity
[2010/05/21 16:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity 1.3 Beta (Unicode)
[2010/05/21 15:58:36 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\The Ringtone Maker Plus
[2010/05/21 15:35:57 | 000,042,496 | ---- | C] (Eugene V. Muzychenko) -- C:\Windows\System32\drivers\vrtaucbl.sys
[2010/05/21 15:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\Virtual Audio Cable
[2010/05/21 14:59:19 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Documents\My Recordings
[2010/05/21 14:59:11 | 000,000,000 | ---D | C] -- C:\Program Files\Steinberg
[2010/05/21 14:59:11 | 000,000,000 | ---D | C] -- C:\Program Files\Antares Audio Technologies
[2010/05/21 14:57:21 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Acoustica
[2010/05/21 14:57:08 | 000,057,344 | ---- | C] (NexiTech, Inc.) -- C:\Windows\System32\Wnaspint.dll
[2010/05/21 14:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\Acoustica Shared Effects
[2010/05/21 14:57:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Acoustica
[2010/05/21 14:56:49 | 000,000,000 | ---D | C] -- C:\Program Files\Acoustica Mixcraft 4
[2010/05/21 14:40:52 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\PunkBuster
[2010/05/21 14:28:16 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Desktop\Downloads [Firefox]
[2010/05/21 12:04:31 | 000,000,000 | ---D | C] -- C:\Windows\nl-NL
[2010/05/21 12:04:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\nl
[2010/05/21 12:04:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\0413
[2010/05/21 12:04:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nl-NL
[2010/05/21 12:04:00 | 000,000,000 | ---D | C] -- C:\Windows\da-DK
[2010/05/21 12:03:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\da-DK
[2010/05/21 12:03:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\da
[2010/05/21 12:03:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sv-SE
[2010/05/21 12:03:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\sv
[2010/05/21 12:03:11 | 000,000,000 | ---D | C] -- C:\Windows\sv-SE
[2010/05/21 12:03:04 | 000,000,000 | ---D | C] -- C:\Windows\ro-RO
[2010/05/21 12:02:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ro-RO
[2010/05/21 12:02:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ar-SA
[2010/05/21 12:02:44 | 000,000,000 | ---D | C] -- C:\Windows\ar-SA
[2010/05/21 12:02:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\ar
[2010/05/21 12:02:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\bg-BG
[2010/05/21 12:02:20 | 000,000,000 | ---D | C] -- C:\Windows\bg-BG
[2010/05/21 12:02:04 | 000,000,000 | ---D | C] -- C:\Windows\pl-PL
[2010/05/21 12:02:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pl-PL
[2010/05/21 12:01:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\pl
[2010/05/21 12:01:40 | 000,000,000 | ---D | C] -- C:\Windows\pt-BR
[2010/05/21 12:01:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pt-BR
[2010/05/21 12:01:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ru-RU
[2010/05/21 12:01:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\ru
[2010/05/21 12:01:00 | 000,000,000 | ---D | C] -- C:\Windows\ru-RU
[2010/05/21 12:00:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\es
[2010/05/21 12:00:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\0C0A
[2010/05/21 12:00:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\es-ES
[2010/05/21 12:00:18 | 000,000,000 | ---D | C] -- C:\Windows\es-ES
[2010/05/21 12:00:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\th-TH
[2010/05/21 12:00:00 | 000,000,000 | ---D | C] -- C:\Windows\th-TH
[2010/05/21 11:59:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\he
[2010/05/21 11:59:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\he-IL
[2010/05/21 11:59:34 | 000,000,000 | ---D | C] -- C:\Windows\he-IL
[2010/05/21 11:57:00 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\ElevatedDiagnostics
[2010/05/21 11:32:45 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\nl-NL\pscr.sys.mui
[2010/05/21 11:32:44 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\nl-NL\yk62x86.sys.mui
[2010/05/21 11:32:32 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nl-NL\BrSerIb.sys.mui
[2010/05/21 11:32:32 | 000,011,264 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\nl-NL\ltmdmnt.sys.mui
[2010/05/21 11:32:31 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nl-NL\BrSerId.sys.mui
[2010/05/21 11:32:31 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nl-NL\BrParwdm.sys.mui
[2010/05/21 11:25:26 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\da-DK\pscr.sys.mui
[2010/05/21 11:25:25 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\da-DK\yk62x86.sys.mui
[2010/05/21 11:25:12 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\da-DK\BrSerId.sys.mui
[2010/05/21 11:25:12 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\da-DK\BrSerIb.sys.mui
[2010/05/21 11:25:12 | 000,010,240 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\da-DK\ltmdmnt.sys.mui
[2010/05/21 11:25:12 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\da-DK\BrParwdm.sys.mui
[2010/05/21 11:18:46 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\sv-SE\pscr.sys.mui
[2010/05/21 11:18:45 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\sv-SE\yk62x86.sys.mui
[2010/05/21 11:18:34 | 000,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\sv-SE\BrSerId.sys.mui
[2010/05/21 11:18:34 | 000,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\sv-SE\BrSerIb.sys.mui
[2010/05/21 11:18:34 | 000,009,728 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\sv-SE\ltmdmnt.sys.mui
[2010/05/21 11:18:34 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\sv-SE\BrParwdm.sys.mui
[2010/05/21 11:02:14 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\ar-SA\pscr.sys.mui
[2010/05/21 11:02:12 | 000,032,768 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\ar-SA\yk62x86.sys.mui
[2010/05/21 11:01:56 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ar-SA\BrSerId.sys.mui
[2010/05/21 11:01:56 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ar-SA\BrSerIb.sys.mui
[2010/05/21 11:01:56 | 000,009,216 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\ar-SA\ltmdmnt.sys.mui
[2010/05/21 11:01:56 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ar-SA\BrParwdm.sys.mui
[2010/05/21 10:48:10 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\pl-PL\pscr.sys.mui
[2010/05/21 10:48:08 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\pl-PL\yk62x86.sys.mui
[2010/05/21 10:47:57 | 000,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pl-PL\BrSerId.sys.mui
[2010/05/21 10:47:57 | 000,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pl-PL\BrSerIb.sys.mui
[2010/05/21 10:47:57 | 000,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\pl-PL\ltmdmnt.sys.mui
[2010/05/21 10:47:57 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pl-PL\BrParwdm.sys.mui
[2010/05/21 10:43:04 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\pt-BR\pscr.sys.mui
[2010/05/21 10:43:02 | 000,033,792 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\pt-BR\yk62x86.sys.mui
[2010/05/21 10:42:54 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-BR\BrSerIb.sys.mui
[2010/05/21 10:42:54 | 000,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\pt-BR\ltmdmnt.sys.mui
[2010/05/21 10:42:53 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-BR\BrSerId.sys.mui
[2010/05/21 10:42:53 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-BR\BrParwdm.sys.mui
[2010/05/21 10:37:14 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\ru-RU\pscr.sys.mui
[2010/05/21 10:37:13 | 000,033,792 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\ru-RU\yk62x86.sys.mui
[2010/05/21 10:37:13 | 000,011,264 | ---- | C] (Корпорация Intel) -- C:\Windows\System32\drivers\ru-RU\e1q6032.sys.mui
[2010/05/21 10:37:13 | 000,011,264 | ---- | C] (Корпорация Intel) -- C:\Windows\System32\drivers\ru-RU\e1k6032.sys.mui
[2010/05/21 10:37:07 | 000,002,560 | ---- | C] (Корпорация Майкрософт) -- C:\Windows\System32\drivers\ru-RU\mountmgr.sys.mui
[2010/05/21 10:37:02 | 000,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ru-RU\BrSerId.sys.mui
[2010/05/21 10:37:02 | 000,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ru-RU\BrSerIb.sys.mui
[2010/05/21 10:37:02 | 000,010,240 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\ru-RU\ltmdmnt.sys.mui
[2010/05/21 10:37:02 | 000,002,560 | ---- | C] (Корпорация Майкрософт) -- C:\Windows\System32\drivers\ru-RU\volmgrx.sys.mui
[2010/05/21 10:37:02 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ru-RU\BrParwdm.sys.mui
[2010/05/21 10:33:05 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\es-ES\pscr.sys.mui
[2010/05/21 10:33:04 | 000,033,792 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\es-ES\yk62x86.sys.mui
[2010/05/21 10:32:54 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\es-ES\BrSerIb.sys.mui
[2010/05/21 10:32:54 | 000,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\es-ES\ltmdmnt.sys.mui
[2010/05/21 10:32:53 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\es-ES\BrSerId.sys.mui
[2010/05/21 10:32:53 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\es-ES\BrParwdm.sys.mui
[2010/05/21 10:19:58 | 000,003,072 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\he-IL\pscr.sys.mui
[2010/05/21 10:19:57 | 000,032,256 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\he-IL\yk62x86.sys.mui
[2010/05/21 10:19:35 | 000,008,704 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\he-IL\BrSerId.sys.mui
[2010/05/21 10:19:35 | 000,008,704 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\he-IL\BrSerIb.sys.mui
[2010/05/21 10:19:35 | 000,008,704 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\he-IL\ltmdmnt.sys.mui
[2010/05/21 10:19:35 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\he-IL\BrParwdm.sys.mui
[2010/05/21 05:09:59 | 000,000,000 | ---D | C] -- C:\Windows\sr-Latn-CS
[2010/05/21 05:09:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sr-Latn-CS
[2010/05/21 05:09:47 | 000,000,000 | ---D | C] -- C:\Windows\uk-UA
[2010/05/21 05:09:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\uk-UA
[2010/05/21 05:09:32 | 000,000,000 | ---D | C] -- C:\Windows\it-IT
[2010/05/21 05:09:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\it-IT
[2010/05/21 05:09:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\0410
[2010/05/21 05:09:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\it
[2010/05/21 05:09:04 | 000,000,000 | ---D | C] -- C:\Windows\sk-SK
[2010/05/21 05:08:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sk-SK
[2010/05/21 05:08:51 | 000,000,000 | ---D | C] -- C:\Windows\zh-TW
[2010/05/21 05:08:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\zh-CHT
[2010/05/21 05:08:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-TW
[2010/05/21 05:08:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-HK
[2010/05/21 05:08:29 | 000,000,000 | ---D | C] -- C:\Windows\ko-KR
[2010/05/21 05:08:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ko-KR
[2010/05/21 05:08:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\ko
[2010/05/21 05:08:09 | 000,000,000 | ---D | C] -- C:\Windows\fr-FR
[2010/05/21 05:08:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\fr-FR
[2010/05/21 05:08:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\fr
[2010/05/21 05:08:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\040C
[2010/05/21 05:07:47 | 000,000,000 | ---D | C] -- C:\Windows\cs-CZ
[2010/05/21 05:07:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\cs
[2010/05/21 05:07:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\cs-CZ
[2010/05/21 05:07:26 | 000,000,000 | ---D | C] -- C:\Windows\fi-FI
[2010/05/21 05:07:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\fi-FI
[2010/05/21 05:07:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\fi
[2010/05/21 05:06:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\zh-CHS
[2010/05/21 05:06:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-CN
[2010/05/21 05:06:45 | 000,000,000 | ---D | C] -- C:\Windows\zh-CN
[2010/05/21 05:06:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sl-SI
[2010/05/21 05:06:36 | 000,000,000 | ---D | C] -- C:\Windows\sl-SI
[2010/05/21 05:06:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\et-EE
[2010/05/21 05:06:20 | 000,000,000 | ---D | C] -- C:\Windows\et-EE
[2010/05/21 05:06:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\hr-HR
[2010/05/21 05:06:14 | 000,000,000 | ---D | C] -- C:\Windows\hr-HR
[2010/05/21 04:12:59 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010/05/21 04:12:38 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/05/21 03:26:54 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\it-IT\pscr.sys.mui
[2010/05/21 03:26:51 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\it-IT\yk62x86.sys.mui
[2010/05/21 03:26:39 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\it-IT\BrSerId.sys.mui
[2010/05/21 03:26:39 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\it-IT\BrSerIb.sys.mui
[2010/05/21 03:26:39 | 000,011,264 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\it-IT\ltmdmnt.sys.mui
[2010/05/21 03:26:39 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\it-IT\BrParwdm.sys.mui
[2010/05/21 03:18:47 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Macromedia
[2010/05/21 03:18:47 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Adobe
[2010/05/21 03:18:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010/05/21 03:12:25 | 000,002,560 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\zh-TW\pscr.sys.mui
[2010/05/21 03:12:23 | 000,030,720 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\zh-TW\yk62x86.sys.mui
[2010/05/21 03:12:12 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\zh-TW\BrSerIb.sys.mui
[2010/05/21 03:12:12 | 000,005,120 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\zh-TW\ltmdmnt.sys.mui
[2010/05/21 03:12:11 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\zh-TW\BrSerId.sys.mui
[2010/05/21 03:12:11 | 000,002,048 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\zh-TW\BrParwdm.sys.mui
[2010/05/21 03:10:03 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010/05/21 03:06:28 | 000,003,072 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\ko-KR\pscr.sys.mui
[2010/05/21 03:06:27 | 000,031,232 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\ko-KR\yk62x86.sys.mui
[2010/05/21 03:06:16 | 000,006,656 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ko-KR\BrSerIb.sys.mui
[2010/05/21 03:06:16 | 000,006,144 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\ko-KR\ltmdmnt.sys.mui
[2010/05/21 03:06:15 | 000,006,656 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ko-KR\BrSerId.sys.mui
[2010/05/21 03:06:15 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ko-KR\BrParwdm.sys.mui
[2010/05/21 03:04:24 | 000,000,000 | ---D | C] -- C:\Windows.old
[2010/05/21 02:59:41 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\fr-FR\pscr.sys.mui
[2010/05/21 02:59:38 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\fr-FR\yk62x86.sys.mui
[2010/05/21 02:59:26 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fr-FR\BrSerId.sys.mui
[2010/05/21 02:59:26 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fr-FR\BrSerIb.sys.mui
[2010/05/21 02:59:26 | 000,011,264 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\fr-FR\ltmdmnt.sys.mui
[2010/05/21 02:59:25 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fr-FR\BrParwdm.sys.mui
[2010/05/21 02:54:33 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\cs-CZ\pscr.sys.mui
[2010/05/21 02:54:32 | 000,033,792 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\cs-CZ\yk62x86.sys.mui
[2010/05/21 02:54:23 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\cs-CZ\BrSerId.sys.mui
[2010/05/21 02:54:23 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\cs-CZ\BrSerIb.sys.mui
[2010/05/21 02:54:23 | 000,009,728 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\cs-CZ\ltmdmnt.sys.mui
[2010/05/21 02:54:23 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\cs-CZ\BrParwdm.sys.mui
[2010/05/21 02:48:43 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\fi-FI\pscr.sys.mui
[2010/05/21 02:48:41 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\fi-FI\yk62x86.sys.mui
[2010/05/21 02:48:30 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fi-FI\BrSerId.sys.mui
[2010/05/21 02:48:30 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fi-FI\BrSerIb.sys.mui
[2010/05/21 02:48:30 | 000,009,728 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\fi-FI\ltmdmnt.sys.mui
[2010/05/21 02:48:30 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fi-FI\BrParwdm.sys.mui
[2010/05/21 02:45:08 | 000,002,560 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\zh-CN\pscr.sys.mui
[2010/05/21 02:45:05 | 000,030,720 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\zh-CN\yk62x86.sys.mui
[2010/05/21 02:44:50 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\zh-CN\BrSerId.sys.mui
[2010/05/21 02:44:50 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\zh-CN\BrSerIb.sys.mui
[2010/05/21 02:44:50 | 000,004,608 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\zh-CN\ltmdmnt.sys.mui
[2010/05/21 02:44:50 | 000,002,048 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\zh-CN\BrParwdm.sys.mui
[2010/05/21 02:35:44 | 000,000,000 | ---D | C] -- C:\Windows\nb-NO
[2010/05/21 02:35:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\no
[2010/05/21 02:35:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nb-NO
[2010/05/21 02:33:34 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\nb-NO\pscr.sys.mui
[2010/05/21 02:33:30 | 000,032,768 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\nb-NO\yk62x86.sys.mui
[2010/05/21 02:33:17 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nb-NO\BrSerId.sys.mui
[2010/05/21 02:33:17 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nb-NO\BrSerIb.sys.mui
[2010/05/21 02:33:17 | 000,009,728 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\nb-NO\ltmdmnt.sys.mui
[2010/05/21 02:33:17 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nb-NO\BrParwdm.sys.mui
[2010/05/21 02:31:59 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2010/05/21 02:31:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\XPSViewer
[2010/05/21 02:31:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\de-DE
[2010/05/21 02:31:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\0407
[2010/05/21 02:31:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\de
[2010/05/21 02:28:31 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\de-DE\pscr.sys.mui
[2010/05/21 02:28:27 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\de-DE\yk62x86.sys.mui
[2010/05/21 02:27:59 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerIb.sys.mui
[2010/05/21 02:27:59 | 000,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\de-DE\ltmdmnt.sys.mui
[2010/05/21 02:27:57 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerId.sys.mui
[2010/05/21 02:27:56 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrParwdm.sys.mui
[2010/05/21 02:14:14 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/05/21 02:12:05 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010/05/21 01:51:59 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010/05/21 01:51:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2010/05/21 01:25:14 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Xfire
[2010/05/21 01:25:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2010/05/21 01:25:13 | 000,000,000 | ---D | C] -- C:\Program Files\Xfire
[2010/05/21 01:14:03 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Mozilla
[2010/05/21 01:14:03 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\Mozilla
[2010/05/21 01:13:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/05/21 00:57:54 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\VS Revo Group
[2010/05/21 00:57:51 | 000,027,192 | ---- | C] (VS Revo Group) -- C:\Windows\System32\drivers\revoflt.sys
[2010/05/21 00:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2010/05/21 00:57:03 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\WinRAR
[2010/05/21 00:53:51 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/05/21 00:46:48 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/05/21 00:45:42 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\uTorrent
[2010/05/21 00:13:29 | 000,061,440 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Windows\System32\W32N50.dll
[2010/05/21 00:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/05/21 00:06:37 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\Diagnostics
[2010/05/20 23:49:24 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/05/20 23:48:54 | 000,000,000 | ---D | C] -- C:\Program Files\NETGEAR
[2010/05/20 23:48:29 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010/05/20 23:48:29 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2010/05/20 23:44:02 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Searches
[2010/05/20 23:43:53 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Identities
[2010/05/20 23:43:51 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Contacts
[2010/05/20 23:43:47 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\VirtualStore
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\AppData\Local\Temporary Internet Files
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\Templates
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\Start Menu
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\SendTo
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\Recent
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\PrintHood
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\NetHood
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\Documents\My Videos
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\Documents\My Pictures
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\Documents\My Music
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\My Documents
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\Local Settings
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\AppData\Local\History
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\Cookies
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\Application Data
[2010/05/20 23:43:46 | 000,000,000 | -HSD | C] -- C:\Users\zxcymn\AppData\Local\Application Data
[2010/05/20 23:43:45 | 000,000,000 | --SD | C] -- C:\Users\zxcymn\AppData\Roaming\Microsoft
[2010/05/20 23:43:45 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Videos
[2010/05/20 23:43:45 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Saved Games
[2010/05/20 23:43:45 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Pictures
[2010/05/20 23:43:45 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Music
[2010/05/20 23:43:45 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Links
[2010/05/20 23:43:45 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Favorites
[2010/05/20 23:43:45 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Downloads
[2010/05/20 23:43:45 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\My Documents
[2010/05/20 23:43:45 | 000,000,000 | R--D | C] -- C:\Users\zxcymn\Desktop
[2010/05/20 23:43:45 | 000,000,000 | -H-D | C] -- C:\Users\zxcymn\AppData
[2010/05/20 23:43:45 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\Temp
[2010/05/20 23:43:45 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Local\Microsoft
[2010/05/20 23:43:45 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\AppData\Roaming\Media Center Programs
[2010/05/20 23:43:38 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010/05/20 23:02:01 | 000,000,000 | -HSD | C] -- C:\Boot
[2010/05/07 13:00:18 | 000,000,000 | ---D | C] -- C:\Riot Games
[2010/05/04 21:41:40 | 000,000,000 | R--D | C] -- C:\Program Files\Porn
[2010/04/16 13:07:33 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Desktop\Music
[2010/04/16 12:48:54 | 000,000,000 | ---D | C] -- C:\Users\zxcymn\Desktop\Guitar
[2010/04/14 04:42:55 | 000,000,000 | ---D | C] -- C:\60f7eb0271f380dab4
[2010/04/14 03:38:23 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010/04/14 03:15:21 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/04/14 03:07:33 | 000,000,000 | ---D | C] -- C:\OEMSettings
[2010/04/13 22:15:16 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/04/03 22:55:32 | 000,056,424 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

========== Files - Modified Within 90 Days ==========

[2010/06/04 16:30:00 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/06/04 16:29:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/06/04 16:29:45 | 2817,384,448 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/04 16:28:49 | 001,572,864 | -HS- | M] () -- C:\Users\zxcymn\NTUSER.DAT
[2010/06/04 11:31:04 | 000,030,810 | ---- | M] () -- C:\Users\zxcymn\Desktop\puritania.gp4
[2010/06/04 11:11:06 | 000,020,352 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/06/04 11:11:06 | 000,020,352 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/06/04 05:03:13 | 002,084,559 | -H-- | M] () -- C:\Users\zxcymn\AppData\Local\IconCache.db
[2010/06/03 09:55:05 | 000,071,798 | ---- | M] () -- C:\Users\zxcymn\Desktop\JavaRa.zip
[2010/06/03 09:33:40 | 006,153,376 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\zxcymn\Desktop\mbam-setup-1.46.exe
[2010/06/03 09:27:37 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Users\zxcymn\Desktop\TFC.exe
[2010/06/03 08:21:54 | 192,968,757 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/06/03 08:13:57 | 000,219,128 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/06/03 07:36:55 | 000,138,592 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/06/03 06:22:42 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\zxcymn\Desktop\OTL.com
[2010/06/03 00:35:10 | 000,000,600 | ---- | M] () -- C:\Users\zxcymn\AppData\Roaming\winscp.rnd
[2010/06/02 20:27:48 | 000,001,747 | ---- | M] () -- C:\Users\zxcymn\Desktop\WinSCP.lnk
[2010/06/02 01:52:28 | 012,416,038 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/06/02 01:52:28 | 000,692,886 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/06/02 01:52:28 | 000,691,932 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2010/06/02 01:52:28 | 000,689,288 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2010/06/02 01:52:28 | 000,687,942 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2010/06/02 01:52:28 | 000,687,574 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2010/06/02 01:52:28 | 000,674,664 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2010/06/02 01:52:28 | 000,662,402 | ---- | M] () -- C:\Windows\System32\prfh0416.dat
[2010/06/02 01:52:28 | 000,641,468 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010/06/02 01:52:28 | 000,622,444 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010/06/02 01:52:28 | 000,617,198 | ---- | M] () -- C:\Windows\System32\perfh01D.dat
[2010/06/02 01:52:28 | 000,615,122 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/06/02 01:52:28 | 000,461,056 | ---- | M] () -- C:\Windows\System32\perfh006.dat
[2010/06/02 01:52:28 | 000,447,984 | ---- | M] () -- C:\Windows\System32\perfh014.dat
[2010/06/02 01:52:28 | 000,434,950 | ---- | M] () -- C:\Windows\System32\perfh001.dat
[2010/06/02 01:52:28 | 000,432,832 | ---- | M] () -- C:\Windows\System32\perfh00B.dat
[2010/06/02 01:52:28 | 000,402,910 | ---- | M] () -- C:\Windows\System32\perfh012.dat
[2010/06/02 01:52:28 | 000,379,230 | ---- | M] () -- C:\Windows\System32\prfh0404.dat
[2010/06/02 01:52:28 | 000,363,260 | ---- | M] () -- C:\Windows\System32\prfh0804.dat
[2010/06/02 01:52:28 | 000,354,606 | ---- | M] () -- C:\Windows\System32\perfh00D.dat
[2010/06/02 01:52:28 | 000,133,632 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2010/06/02 01:52:28 | 000,131,160 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2010/06/02 01:52:28 | 000,129,536 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2010/06/02 01:52:28 | 000,128,820 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2010/06/02 01:52:28 | 000,126,998 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/06/02 01:52:28 | 000,125,856 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010/06/02 01:52:28 | 000,124,850 | ---- | M] () -- C:\Windows\System32\prfc0416.dat
[2010/06/02 01:52:28 | 000,123,934 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2010/06/02 01:52:28 | 000,120,576 | ---- | M] () -- C:\Windows\System32\perfc01D.dat
[2010/06/02 01:52:28 | 000,118,612 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010/06/02 01:52:28 | 000,103,496 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/06/02 01:52:28 | 000,101,784 | ---- | M] () -- C:\Windows\System32\perfc012.dat
[2010/06/02 01:52:28 | 000,101,356 | ---- | M] () -- C:\Windows\System32\prfc0804.dat
[2010/06/02 01:52:28 | 000,096,442 | ---- | M] () -- C:\Windows\System32\prfc0404.dat
[2010/06/02 01:52:28 | 000,078,518 | ---- | M] () -- C:\Windows\System32\perfc00B.dat
[2010/06/02 01:52:28 | 000,076,548 | ---- | M] () -- C:\Windows\System32\perfc006.dat
[2010/06/02 01:52:28 | 000,076,092 | ---- | M] () -- C:\Windows\System32\perfc001.dat
[2010/06/02 01:52:28 | 000,073,930 | ---- | M] () -- C:\Windows\System32\perfc014.dat
[2010/06/02 01:52:28 | 000,066,202 | ---- | M] () -- C:\Windows\System32\perfc00D.dat
[2010/06/01 03:28:21 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/05/31 23:44:21 | 000,000,036 | ---- | M] () -- C:\Users\zxcymn\AppData\Local\housecall.guid.cache
[2010/05/31 12:49:26 | 000,001,888 | ---- | M] () -- C:\Users\zxcymn\Desktop\ModernRcon v0.8.lnk
[2010/05/30 01:57:58 | 000,012,320 | ---- | M] () -- C:\Users\zxcymn\Documents\macex.mex
[2010/05/27 20:09:00 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
[2010/05/27 01:56:58 | 000,000,656 | ---- | M] () -- C:\Windows\eReg.dat
[2010/05/26 15:26:03 | 000,138,056 | ---- | M] () -- C:\Users\zxcymn\AppData\Roaming\PnkBstrK.sys
[2010/05/26 15:25:44 | 002,434,856 | ---- | M] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/05/24 00:09:26 | 000,294,464 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/05/23 23:11:36 | 000,072,088 | ---- | M] () -- C:\Users\zxcymn\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/05/21 16:29:28 | 000,000,000 | ---- | M] () -- C:\Windows\RingtoneMaker.INI
[2010/05/21 14:57:08 | 000,000,978 | ---- | M] () -- C:\Users\Public\Desktop\Mixcraft 4.lnk
[2010/05/21 14:38:17 | 000,674,600 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
[2010/05/21 11:39:22 | 000,341,322 | ---- | M] () -- C:\Windows\System32\perfi013.dat
[2010/05/21 11:39:22 | 000,043,068 | ---- | M] () -- C:\Windows\System32\perfd013.dat
[2010/05/21 11:31:41 | 000,306,636 | ---- | M] () -- C:\Windows\System32\perfi006.dat
[2010/05/21 11:31:41 | 000,039,236 | ---- | M] () -- C:\Windows\System32\perfd006.dat
[2010/05/21 11:24:27 | 000,294,764 | ---- | M] () -- C:\Windows\System32\perfi01D.dat
[2010/05/21 11:24:27 | 000,037,052 | ---- | M] () -- C:\Windows\System32\perfd01D.dat
[2010/05/21 11:07:49 | 000,289,060 | ---- | M] () -- C:\Windows\System32\perfi001.dat
[2010/05/21 11:07:49 | 000,042,056 | ---- | M] () -- C:\Windows\System32\perfd001.dat
[2010/05/21 10:52:20 | 000,337,158 | ---- | M] () -- C:\Windows\System32\perfi015.dat
[2010/05/21 10:52:20 | 000,038,710 | ---- | M] () -- C:\Windows\System32\perfd015.dat
[2010/05/21 10:47:13 | 000,323,154 | ---- | M] () -- C:\Windows\System32\prfi0416.dat
[2010/05/21 10:47:13 | 000,038,536 | ---- | M] () -- C:\Windows\System32\prfd0416.dat
[2010/05/21 10:41:05 | 000,336,704 | ---- | M] () -- C:\Windows\System32\perfi019.dat
[2010/05/21 10:41:05 | 000,039,446 | ---- | M] () -- C:\Windows\System32\perfd019.dat
[2010/05/21 10:36:30 | 000,341,432 | ---- | M] () -- C:\Windows\System32\perfi00A.dat
[2010/05/21 10:36:30 | 000,041,390 | ---- | M] () -- C:\Windows\System32\perfd00A.dat
[2010/05/21 10:28:09 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/05/21 10:26:45 | 000,229,316 | ---- | M] () -- C:\Windows\System32\perfi00D.dat
[2010/05/21 10:26:45 | 000,032,166 | ---- | M] () -- C:\Windows\System32\perfd00D.dat
[2010/05/21 03:32:36 | 000,335,478 | ---- | M] () -- C:\Windows\System32\perfi010.dat
[2010/05/21 03:32:36 | 000,037,534 | ---- | M] () -- C:\Windows\System32\perfd010.dat
[2010/05/21 03:17:53 | 000,117,840 | ---- | M] () -- C:\Windows\System32\prfi0404.dat
[2010/05/21 03:17:53 | 000,031,548 | ---- | M] () -- C:\Windows\System32\prfd0404.dat
[2010/05/21 03:11:29 | 000,157,694 | ---- | M] () -- C:\Windows\System32\perfi012.dat
[2010/05/21 03:11:29 | 000,031,548 | ---- | M] () -- C:\Windows\System32\perfd012.dat
[2010/05/21 03:09:50 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010/05/21 03:09:49 | 000,000,355 | RHS- | M] () -- C:\Boot.ini.saved
[2010/05/21 03:04:00 | 000,344,522 | ---- | M] () -- C:\Windows\System32\perfi00C.dat
[2010/05/21 03:04:00 | 000,038,160 | ---- | M] () -- C:\Windows\System32\perfd00C.dat
[2010/05/21 02:58:01 | 000,292,004 | ---- | M] () -- C:\Windows\System32\perfi005.dat
[2010/05/21 02:58:01 | 000,036,232 | ---- | M] () -- C:\Windows\System32\perfd005.dat
[2010/05/21 02:51:47 | 000,279,790 | ---- | M] () -- C:\Windows\System32\perfi00B.dat
[2010/05/21 02:51:47 | 000,038,258 | ---- | M] () -- C:\Windows\System32\perfd00B.dat
[2010/05/21 02:48:00 | 000,111,310 | ---- | M] () -- C:\Windows\System32\prfi0804.dat
[2010/05/21 02:48:00 | 000,031,548 | ---- | M] () -- C:\Windows\System32\prfd0804.dat
[2010/05/21 02:35:33 | 000,298,300 | ---- | M] () -- C:\Windows\System32\perfi014.dat
[2010/05/21 02:35:33 | 000,036,156 | ---- | M] () -- C:\Windows\System32\perfd014.dat
[2010/05/21 02:31:28 | 000,295,922 | ---- | M] () -- C:\Windows\System32\perfi007.dat
[2010/05/21 02:31:28 | 000,038,104 | ---- | M] () -- C:\Windows\System32\perfd007.dat
[2010/05/21 02:15:35 | 000,042,045 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/05/21 02:13:26 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/05/21 00:33:09 | 000,000,003 | RHS- | M] () -- C:\win7ldr
[2010/05/21 00:33:09 | 000,000,003 | ---- | M] () -- C:\Windows\7Loader.TAG
[2010/05/21 00:32:43 | 000,203,316 | RHS- | M] () -- C:\grldr
[2010/05/21 00:23:37 | 000,524,288 | -HS- | M] () -- C:\Users\zxcymn\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/05/21 00:23:37 | 000,524,288 | -HS- | M] () -- C:\Users\zxcymn\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/05/21 00:23:37 | 000,065,536 | -HS- | M] () -- C:\Users\zxcymn\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/05/20 23:48:55 | 000,002,031 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk
[2010/05/20 23:43:46 | 000,000,020 | -HS- | M] () -- C:\Users\zxcymn\ntuser.ini
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\Windows\PEV.exe
[2010/04/14 04:11:28 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/04/14 02:37:11 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/04/14 02:37:11 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/14 02:33:11 | 000,000,211 | -H-- | M] () -- C:\Boot.BAK
[2010/04/03 22:55:32 | 000,056,424 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/04/03 22:55:32 | 000,007,772 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2010/04/03 18:26:56 | 000,276,196 | ---- | M] () -- C:\Windows\System32\NvApps.xml
[2010/04/03 18:26:56 | 000,066,714 | ---- | M] () -- C:\Windows\System32\NvwsApps.xml
[2010/03/29 18:48:35 | 000,419,880 | ---- | M] () -- C:\Windows\System32\locale.nls

========== Files Created - No Company Name ==========

[2010/06/04 11:30:51 | 000,030,810 | ---- | C] () -- C:\Users\zxcymn\Desktop\puritania.gp4
[2010/06/03 11:50:32 | 000,419,880 | ---- | C] () -- C:\Windows\System32\locale.nls
[2010/06/03 09:55:05 | 000,071,798 | ---- | C] () -- C:\Users\zxcymn\Desktop\JavaRa.zip
[2010/06/02 21:54:10 | 192,968,757 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/06/02 21:43:28 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/06/02 21:43:28 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/06/02 21:43:28 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/06/02 21:43:27 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/06/02 21:43:27 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/06/02 20:27:50 | 000,000,600 | ---- | C] () -- C:\Users\zxcymn\AppData\Roaming\winscp.rnd
[2010/06/02 20:27:48 | 000,001,747 | ---- | C] () -- C:\Users\zxcymn\Desktop\WinSCP.lnk
[2010/06/01 04:14:34 | 000,200,704 | ---- | C] () -- C:\Windows\sel3110.exe
[2010/06/01 04:14:34 | 000,040,960 | ---- | C] () -- C:\Windows\CleanDev.exe
[2010/06/01 04:14:34 | 000,032,528 | ---- | C] () -- C:\Windows\amcap.exe
[2010/06/01 03:28:21 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/05/31 23:44:21 | 000,000,036 | ---- | C] () -- C:\Users\zxcymn\AppData\Local\housecall.guid.cache
[2010/05/31 12:49:26 | 000,001,888 | ---- | C] () -- C:\Users\zxcymn\Desktop\ModernRcon v0.8.lnk
[2010/05/30 01:39:39 | 000,012,320 | ---- | C] () -- C:\Users\zxcymn\Documents\macex.mex
[2010/05/27 20:09:00 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010/05/27 01:56:53 | 000,000,656 | ---- | C] () -- C:\Windows\eReg.dat
[2010/05/26 15:25:44 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/05/21 16:29:28 | 000,000,000 | ---- | C] () -- C:\Windows\RingtoneMaker.INI
[2010/05/21 16:28:53 | 000,002,770 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2010/05/21 14:57:08 | 000,000,978 | ---- | C] () -- C:\Users\Public\Desktop\Mixcraft 4.lnk
[2010/05/21 14:48:38 | 000,219,128 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/05/21 14:38:51 | 000,138,592 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/05/21 14:38:51 | 000,138,056 | ---- | C] () -- C:\Users\zxcymn\AppData\Roaming\PnkBstrK.sys
[2010/05/21 14:38:17 | 000,674,600 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2010/05/21 14:38:17 | 000,219,128 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010/05/21 14:38:17 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010/05/21 12:23:15 | 000,674,664 | ---- | C] () -- C:\Windows\System32\perfh019.dat
[2010/05/21 12:23:15 | 000,617,198 | ---- | C] () -- C:\Windows\System32\perfh01D.dat
[2010/05/21 12:23:15 | 000,434,950 | ---- | C] () -- C:\Windows\System32\perfh001.dat
[2010/05/21 12:23:15 | 000,336,704 | ---- | C] () -- C:\Windows\System32\perfi019.dat
[2010/05/21 12:23:15 | 000,323,154 | ---- | C] () -- C:\Windows\System32\prfi0416.dat
[2010/05/21 12:23:15 | 000,294,764 | ---- | C] () -- C:\Windows\System32\perfi01D.dat
[2010/05/21 12:23:15 | 000,289,060 | ---- | C] () -- C:\Windows\System32\perfi001.dat
[2010/05/21 12:23:15 | 000,128,820 | ---- | C] () -- C:\Windows\System32\perfc019.dat
[2010/05/21 12:23:15 | 000,120,576 | ---- | C] () -- C:\Windows\System32\perfc01D.dat
[2010/05/21 12:23:15 | 000,076,092 | ---- | C] () -- C:\Windows\System32\perfc001.dat
[2010/05/21 12:23:15 | 000,042,056 | ---- | C] () -- C:\Windows\System32\perfd001.dat
[2010/05/21 12:23:15 | 000,039,446 | ---- | C] () -- C:\Windows\System32\perfd019.dat
[2010/05/21 12:23:15 | 000,037,052 | ---- | C] () -- C:\Windows\System32\perfd01D.dat
[2010/05/21 12:23:14 | 000,691,932 | ---- | C] () -- C:\Windows\System32\perfh00A.dat
[2010/05/21 12:23:14 | 000,687,574 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2010/05/21 12:23:14 | 000,662,402 | ---- | C] () -- C:\Windows\System32\prfh0416.dat
[2010/05/21 12:23:14 | 000,461,056 | ---- | C] () -- C:\Windows\System32\perfh006.dat
[2010/05/21 12:23:14 | 000,354,606 | ---- | C] () -- C:\Windows\System32\perfh00D.dat
[2010/05/21 12:23:14 | 000,341,432 | ---- | C] () -- C:\Windows\System32\perfi00A.dat
[2010/05/21 12:23:14 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2010/05/21 12:23:14 | 000,306,636 | ---- | C] () -- C:\Windows\System32\perfi006.dat
[2010/05/21 12:23:14 | 000,229,316 | ---- | C] () -- C:\Windows\System32\perfi00D.dat
[2010/05/21 12:23:14 | 000,131,160 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2010/05/21 12:23:14 | 000,124,850 | ---- | C] () -- C:\Windows\System32\prfc0416.dat
[2010/05/21 12:23:14 | 000,076,548 | ---- | C] () -- C:\Windows\System32\perfc006.dat
[2010/05/21 12:23:14 | 000,066,202 | ---- | C] () -- C:\Windows\System32\perfc00D.dat
[2010/05/21 12:23:14 | 000,041,390 | ---- | C] () -- C:\Windows\System32\perfd00A.dat
[2010/05/21 12:23:14 | 000,039,236 | ---- | C] () -- C:\Windows\System32\perfd006.dat
[2010/05/21 12:23:14 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2010/05/21 12:23:14 | 000,038,536 | ---- | C] () -- C:\Windows\System32\prfd0416.dat
[2010/05/21 12:23:14 | 000,032,166 | ---- | C] () -- C:\Windows\System32\perfd00D.dat
[2010/05/21 12:23:13 | 000,689,288 | ---- | C] () -- C:\Windows\System32\perfh013.dat
[2010/05/21 12:23:13 | 000,341,322 | ---- | C] () -- C:\Windows\System32\perfi013.dat
[2010/05/21 12:23:13 | 000,133,632 | ---- | C] () -- C:\Windows\System32\perfc00A.dat
[2010/05/21 12:23:13 | 000,129,536 | ---- | C] () -- C:\Windows\System32\perfc013.dat
[2010/05/21 12:23:13 | 000,043,068 | ---- | C] () -- C:\Windows\System32\perfd013.dat
[2010/05/21 10:28:09 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/05/21 05:27:09 | 000,692,886 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2010/05/21 05:27:09 | 000,622,444 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2010/05/21 05:27:09 | 000,432,832 | ---- | C] () -- C:\Windows\System32\perfh00B.dat
[2010/05/21 05:27:09 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2010/05/21 05:27:09 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2010/05/21 05:27:09 | 000,279,790 | ---- | C] () -- C:\Windows\System32\perfi00B.dat
[2010/05/21 05:27:09 | 000,126,998 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2010/05/21 05:27:09 | 000,118,612 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2010/05/21 05:27:09 | 000,117,840 | ---- | C] () -- C:\Windows\System32\prfi0404.dat
[2010/05/21 05:27:09 | 000,078,518 | ---- | C] () -- C:\Windows\System32\perfc00B.dat
[2010/05/21 05:27:09 | 000,038,258 | ---- | C] () -- C:\Windows\System32\perfd00B.dat
[2010/05/21 05:27:09 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2010/05/21 05:27:09 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2010/05/21 05:27:09 | 000,031,548 | ---- | C] () -- C:\Windows\System32\prfd0404.dat
[2010/05/21 05:27:08 | 000,687,942 | ---- | C] () -- C:\Windows\System32\perfh010.dat
[2010/05/21 05:27:08 | 000,402,910 | ---- | C] () -- C:\Windows\System32\perfh012.dat
[2010/05/21 05:27:08 | 000,379,230 | ---- | C] () -- C:\Windows\System32\prfh0404.dat
[2010/05/21 05:27:08 | 000,363,260 | ---- | C] () -- C:\Windows\System32\prfh0804.dat
[2010/05/21 05:27:08 | 000,335,478 | ---- | C] () -- C:\Windows\System32\perfi010.dat
[2010/05/21 05:27:08 | 000,157,694 | ---- | C] () -- C:\Windows\System32\perfi012.dat
[2010/05/21 05:27:08 | 000,123,934 | ---- | C] () -- C:\Windows\System32\perfc010.dat
[2010/05/21 05:27:08 | 000,111,310 | ---- | C] () -- C:\Windows\System32\prfi0804.dat
[2010/05/21 05:27:08 | 000,101,784 | ---- | C] () -- C:\Windows\System32\perfc012.dat
[2010/05/21 05:27:08 | 000,101,356 | ---- | C] () -- C:\Windows\System32\prfc0804.dat
[2010/05/21 05:27:08 | 000,096,442 | ---- | C] () -- C:\Windows\System32\prfc0404.dat
[2010/05/21 05:27:08 | 000,037,534 | ---- | C] () -- C:\Windows\System32\perfd010.dat
[2010/05/21 05:27:08 | 000,031,548 | ---- | C] () -- C:\Windows\System32\prfd0804.dat
[2010/05/21 05:27:08 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd012.dat
[2010/05/21 03:09:49 | 000,000,211 | -H-- | C] () -- C:\Boot.BAK
[2010/05/21 02:36:22 | 000,447,984 | ---- | C] () -- C:\Windows\System32\perfh014.dat
[2010/05/21 02:36:22 | 000,298,300 | ---- | C] () -- C:\Windows\System32\perfi014.dat
[2010/05/21 02:36:22 | 000,073,930 | ---- | C] () -- C:\Windows\System32\perfc014.dat
[2010/05/21 02:36:22 | 000,036,156 | ---- | C] () -- C:\Windows\System32\perfd014.dat
[2010/05/21 02:32:39 | 000,641,468 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010/05/21 02:32:39 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010/05/21 02:32:39 | 000,125,856 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010/05/21 02:32:39 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010/05/21 02:13:26 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/05/21 02:11:04 | 2817,384,448 | -HS- | C] () -- C:\hiberfil.sys
[2010/05/21 00:33:09 | 000,203,316 | RHS- | C] () -- C:\grldr
[2010/05/21 00:33:09 | 000,000,003 | RHS- | C] () -- C:\win7ldr
[2010/05/21 00:33:09 | 000,000,003 | ---- | C] () -- C:\Windows\7Loader.TAG
[2010/05/20 23:48:55 | 000,002,031 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk
[2010/05/20 23:43:46 | 000,524,288 | -HS- | C] () -- C:\Users\zxcymn\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/05/20 23:43:46 | 000,524,288 | -HS- | C] () -- C:\Users\zxcymn\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/05/20 23:43:46 | 000,065,536 | -HS- | C] () -- C:\Users\zxcymn\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/05/20 23:43:46 | 000,000,020 | -HS- | C] () -- C:\Users\zxcymn\ntuser.ini
[2010/05/20 23:43:45 | 001,572,864 | -HS- | C] () -- C:\Users\zxcymn\NTUSER.DAT
[2010/05/20 23:43:45 | 000,262,144 | -HS- | C] () -- C:\Users\zxcymn\ntuser.dat.LOG1
[2010/05/20 23:43:45 | 000,000,000 | -HS- | C] () -- C:\Users\zxcymn\ntuser.dat.LOG2
[2010/05/20 23:02:08 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010/05/20 23:02:03 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2010/04/14 02:37:11 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/04/14 02:37:11 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/04/13 22:14:22 | 000,000,355 | RHS- | C] () -- C:\Boot.ini.saved
[2010/04/03 22:55:32 | 000,007,772 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2010/04/03 18:26:56 | 000,276,196 | ---- | C] () -- C:\Windows\System32\NvApps.xml
[2010/04/03 18:26:56 | 000,066,714 | ---- | C] () -- C:\Windows\System32\NvwsApps.xml
[2009/08/03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2004/08/13 09:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys

========== LOP Check ==========

[2010/06/04 06:21:40 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\.minecraft
[2010/05/21 14:57:21 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\Acoustica
[2010/05/28 09:56:32 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\Audacity
[2010/06/02 20:52:18 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\IrfanView
[2010/05/30 01:54:42 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\smc
[2010/05/21 15:58:36 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\The Ringtone Maker Plus
[2010/06/04 05:02:03 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\uTorrent
[2010/06/02 07:15:23 | 000,000,000 | ---D | M] -- C:\Users\zxcymn\AppData\Roaming\WindSolutions
[2010/05/21 18:15:34 | 000,006,366 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========


< End of report >
  • 0

#19
ali.B
Posted 04 June 2010 - 02:37 PM

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

Congratulations your logs appear clean :)

Reset and Re-enable your System Restore

  • Open OTL
  • Under the Custom Scans/Fixes box at the bottom, paste the following:
    :Commands
[clearallrestorepoints]
[createrestorepoint]
  • Click the Run Fix button at the top
  • It might ask you to reboot, if so click YES

NEXT

  • Open OTL to run it. (Vista users, right click on OTL and "Run as administrator")
  • Click on the CleanUp button.
  • Click Yes to begin the cleanup process and remove tools, including this application
  • You may be asked to reboot the machine to finish the cleanup process - if so, choose Yes


Recommendations

See Here for a list of recommendations for free Antivirus\AntiSpyware applications.


  • Keep Your windows up to date by regularly checking their website at:
    http://windowsupdate.microsoft.com/

  • SpywareBlaster protects against bad ActiveX, it immunizes your PC against them.

  • SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program ( eg : TeaTimer, Windows Defender ) or there will be a conflict.

  • Make Internet Explorer more secure
    • Click Start > Run
    • Type Inetcpl.cpl & click OK
    • Click on the Security tab
    • Click Reset all zones to default level
    • Make sure the Internet Zone is selected & Click Custom level
    • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
    • Next Click OK, then Apply button and then OK to exit the Internet Properties page.


  • MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.

  • Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more
    secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up
    blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from
    Here

    If you choose to use Firefox, I highly recommend these add-ons to keep your PC even more secure.
    • NoScript - for blocking ads and other potential website attacks
    • McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling

  • Click Here to learn how to keep a backup of your important files

  • FileHippo Update Checkker is an extremely helpful program that will tell you which of your programs need to be updated. Its important to keep programs up to date so that malware doesn't exploit any old security flaws.


Thank you :)
  • 0

#20
ali.B
Posted 05 June 2010 - 08:00 AM

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP