Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Vista, Blue screen, freezing

Started by deezy , Feb 08 2011 01:48 PM

  • This topic is locked This topic is locked

#1
deezy
Posted 08 February 2011 - 01:48 PM

deezy

    New Member

  • Member
  • Pip
  • 7 posts
Hello all,
I do not know what this problem is. I am running Vista while I was in the process of writing a college paper my screen would flash briefly and I would lose internet access. In a few moments it would again flash briefly and I would gain back internet access. I finished up my school work and went down stairs to watch the superbowl. Once I finished I realized my computer has frozen. I prompted to restart and I have been receiving nothing but blue screens to screen freezes. I have malwarebytes and found nothing. I had this problem before so I took this computer to the tech and shelled out 65 dollars for a computer set back to factory. I am trying to avoid reformatting my computer if that is possible. Here is the OLT. I also posted this on the malware forums but I am not sure if it is Malware. I ran spyware doctor free version during safe mode, I also ran avg free version and malwarebyte during safemode as well. I did find with spyware, Trojan.Agent/Gen-IEFake" and Trojan.Agent/Gen-IExplorer[Fake]" and promptly removed during safemode.

OTL logfile created on: 2/7/2011 12:15:11 AM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = E:\
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 83.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 432.62 Gb Free Space | 92.90% Space Free | Partition Type: NTFS
Drive D: | 179.75 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 1.87 Gb Total Space | 1.49 Gb Free Space | 80.04% Space Free | Partition Type: FAT

Computer Name: AAA-PC | User Name: aaa | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/06 23:57:16 | 000,602,624 | ---- | M] (OldTimer Tools) -- E:\OTL.com


========== Modules (SafeList) ==========

MOD - [2011/02/06 23:57:16 | 000,602,624 | ---- | M] (OldTimer Tools) -- E:\OTL.com
MOD - [2011/01/28 17:08:59 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.dll
MOD - [2009/07/13 20:16:20 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll
MOD - [2009/07/13 20:15:36 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IME\imekr8\imkrtip.dll
MOD - [2009/07/13 20:15:36 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IME\imekr8\imkrapi.dll
MOD - [2009/07/13 20:15:35 | 000,374,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IME\shared\IMETIP.DLL
MOD - [2009/07/13 20:15:35 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IME\shared\IMJKAPI.DLL
MOD - [2009/07/13 20:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009/07/13 20:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009/07/13 20:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
MOD - [2009/06/10 16:23:11 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/11/11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010/11/11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/01/07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/03/29 18:13:26 | 000,602,624 | ---- | M] (Hauppauge Computer Works) [Auto | Stopped] -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe -- (HauppaugeTVServer)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/10/24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010/01/11 10:19:24 | 001,634,176 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw72DTV.sys -- (hcw72DTV)
DRV:64bit: - [2010/01/11 10:13:28 | 001,631,488 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw72ATV.sys -- (hcw72ATV)
DRV:64bit: - [2010/01/11 10:09:00 | 000,038,912 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw72ADFilter.sys -- (hcw72ADFilter)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 15:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/01/29 17:58:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/02/03 17:45:09 | 000,000,000 | ---D | M]

[2011/01/29 17:59:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aaa\AppData\Roaming\Mozilla\Extensions
[2011/02/06 21:55:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aaa\AppData\Roaming\Mozilla\Firefox\Profiles\w4emkq42.default\extensions
[2011/01/29 17:58:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\SysWow64\grpconv.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.237.161.12
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe ()
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/22 11:17:20 | 000,000,000 | ---D | M] - D:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2007/08/14 06:29:44 | 000,000,055 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{325a5f04-2b3f-11e0-9ff5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{325a5f04-2b3f-11e0-9ff5-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Setup.exe -- [2009/10/28 08:19:09 | 000,184,672 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/07 00:05:27 | 000,049,752 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2011/02/07 00:05:27 | 000,027,472 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\sbbd.exe
[2011/02/07 00:05:21 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE
[2011/02/06 23:34:50 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/02/06 23:27:00 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Malwarebytes
[2011/02/06 23:26:57 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/02/06 23:26:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/02/06 23:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/02/06 23:26:54 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/02/06 23:26:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/02/06 21:52:14 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/02/04 16:54:35 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Diagnostics
[2011/02/04 13:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011/02/03 17:51:12 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Acoustica
[2011/02/03 17:51:09 | 000,057,344 | ---- | C] (NexiTech, Inc.) -- C:\Windows\SysWow64\Wnaspint.dll
[2011/02/03 17:51:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acoustica Mixcraft 4
[2011/02/03 17:51:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acoustica Shared Effects
[2011/02/03 17:50:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VST
[2011/02/03 17:50:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Acoustica
[2011/02/03 17:50:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acoustica Mixcraft 4
[2011/02/03 17:50:14 | 000,000,000 | ---D | C] -- C:\Users\aaa\Desktop\Acoustica Mixcraft [4.5] Build [118][h33t][Dave3737]
[2011/02/03 17:45:21 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\acccore
[2011/02/03 17:45:19 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\AOL
[2011/02/03 17:45:19 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\AIM
[2011/02/03 17:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM
[2011/02/03 17:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\AIM
[2011/02/03 17:45:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AIM
[2011/02/03 17:45:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility
[2011/02/03 17:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AOL
[2011/02/03 13:16:16 | 000,000,000 | ---D | C] -- C:\Program Files\Kiwidisk.com
[2011/02/03 13:14:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KiwidiskCtrl
[2011/02/03 13:14:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kiwidisk.com
[2011/02/02 10:46:59 | 000,000,000 | ---D | C] -- C:\Users\aaa\Desktop\cjs220
[2011/01/31 15:41:51 | 000,000,000 | ---D | C] -- C:\Users\aaa\Desktop\SCIschool
[2011/01/31 14:00:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011/01/31 14:00:25 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Adobe
[2011/01/31 13:59:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/01/31 13:59:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011/01/31 13:59:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/01/31 13:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2011/01/31 13:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/01/31 13:59:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2011/01/30 16:33:49 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\BoneTown
[2011/01/30 16:33:09 | 000,000,000 | RH-D | C] -- C:\Users\aaa\AppData\Roaming\SecuROM
[2011/01/30 16:29:52 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BoneTown
[2011/01/30 16:29:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BoneTown
[2011/01/29 22:12:28 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV
[2011/01/29 22:11:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV
[2011/01/29 22:11:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinTV
[2011/01/29 22:11:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/01/29 22:10:07 | 000,831,554 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwtvwnd.dll
[2011/01/29 22:10:07 | 000,323,640 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwpnp32.dll
[2011/01/29 22:10:07 | 000,110,648 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysWow64\hcwi2c32.dll
[2011/01/29 22:10:07 | 000,036,921 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwutl32.dll
[2011/01/29 22:09:01 | 001,634,176 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw72DTV.sys
[2011/01/29 22:09:01 | 001,631,488 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw72ATV.sys
[2011/01/29 22:09:01 | 000,101,376 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\hcwcpxx64.ax
[2011/01/29 22:09:01 | 000,095,744 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysWow64\hcwcpxx.ax
[2011/01/29 22:09:01 | 000,038,912 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw72ADFilter.sys
[2011/01/29 18:05:27 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2011/01/29 17:58:56 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Mozilla
[2011/01/29 17:58:56 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Mozilla
[2011/01/29 17:58:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011/01/29 17:58:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/01/29 17:46:58 | 000,000,000 | ---D | C] -- C:\Users\aaa\Documents\StarCraft II
[2011/01/29 17:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2011/01/29 17:46:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2011/01/29 17:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011/01/29 17:46:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2011/01/28 19:32:37 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011/01/28 19:32:09 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/01/28 19:31:26 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011/01/28 18:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011/01/28 18:00:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/01/28 17:59:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011/01/28 17:59:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011/01/28 17:58:50 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011/01/28 17:58:50 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011/01/28 17:58:40 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011/01/28 17:58:21 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011/01/28 17:38:56 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Nero
[2011/01/28 17:34:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011/01/28 17:34:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/01/28 17:32:50 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Ahead
[2011/01/28 17:32:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8
[2011/01/28 17:24:51 | 000,000,000 | ---D | C] -- C:\Users\aaa\Desktop\test HD movie
[2011/01/28 17:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2011/01/28 17:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2011/01/28 17:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2011/01/28 17:14:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\이스트소프트
[2011/01/28 17:14:36 | 000,000,000 | ---D | C] -- C:\ProgramData\ESTsoft
[2011/01/28 17:14:35 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\ESTsoft
[2011/01/28 17:14:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESTsoft
[2011/01/28 17:13:47 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\GRETECH
[2011/01/28 17:13:47 | 000,000,000 | ---D | C] -- C:\Users\aaa\Documents\GomPlayer
[2011/01/28 17:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
[2011/01/28 17:13:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DtsFilter
[2011/01/28 17:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS+AC3 Filter
[2011/01/28 17:13:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GNU
[2011/01/28 17:13:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH
[2011/01/28 17:06:35 | 000,000,000 | ---D | C] -- C:\Users\aaa\Desktop\Microsoft Office
[2011/01/28 17:05:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2011/01/28 17:05:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011/01/28 17:05:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011/01/28 17:05:27 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/01/28 17:05:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/01/28 17:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/01/28 17:04:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011/01/28 17:03:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011/01/28 17:03:37 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Microsoft Help
[2011/01/28 17:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/01/28 17:03:34 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011/01/28 17:03:22 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/01/28 16:48:54 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Macromedia
[2011/01/28 16:48:54 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Adobe
[2011/01/28 16:47:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011/01/28 16:40:39 | 000,000,000 | R--D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/01/28 16:40:39 | 000,000,000 | R--D | C] -- C:\Users\aaa\Searches
[2011/01/28 16:40:39 | 000,000,000 | R--D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/01/28 16:40:39 | 000,000,000 | -H-D | C] -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/01/28 16:40:31 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/01/28 16:40:31 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Identities
[2011/01/28 16:40:29 | 000,000,000 | R--D | C] -- C:\Users\aaa\Contacts
[2011/01/28 16:40:28 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\VirtualStore
[2011/01/28 16:40:22 | 000,000,000 | --SD | C] -- C:\Users\aaa\AppData\Roaming\Microsoft
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Videos
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Saved Games
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Pictures
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Music
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Links
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Favorites
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Downloads
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\My Documents
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Desktop
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\AppData\Local\Temporary Internet Files
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Templates
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Start Menu
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\SendTo
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Recent
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\PrintHood
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\NetHood
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Documents\My Videos
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Documents\My Pictures
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Documents\My Music
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\My Documents
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Local Settings
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\AppData\Local\History
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Cookies
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Application Data
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\AppData\Local\Application Data
[2011/01/28 16:40:22 | 000,000,000 | -H-D | C] -- C:\Users\aaa\AppData
[2011/01/28 16:40:22 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Temp
[2011/01/28 16:40:22 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Microsoft
[2011/01/28 16:40:22 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Media Center Programs
[2011/01/28 16:40:17 | 000,000,000 | -HSD | C] -- C:\Recovery

========== Files - Modified Within 30 Days ==========

[2011/02/07 00:12:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/07 00:11:57 | 353,531,296 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/02/07 00:11:56 | 3220,561,920 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/07 00:05:29 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\SBRC.dat
[2011/02/06 23:59:18 | 000,717,260 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/02/06 23:59:18 | 000,609,092 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/02/06 23:59:18 | 000,104,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/02/06 23:41:17 | 000,165,407 | ---- | M] () -- C:\AVGInstLog.cab
[2011/02/06 23:33:53 | 000,412,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/02/06 23:26:57 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/06 23:02:59 | 000,003,240 | ---- | M] () -- C:\bootsqm.dat
[2011/02/06 21:56:44 | 000,013,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/06 21:56:44 | 000,013,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/04 13:59:39 | 000,001,866 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011/02/04 13:59:39 | 000,001,864 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/02/03 18:07:19 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011/02/03 17:51:09 | 000,001,008 | ---- | M] () -- C:\Users\Public\Desktop\Mixcraft 4.lnk
[2011/02/03 17:48:32 | 089,717,256 | ---- | M] () -- C:\Users\aaa\Desktop\Acoustica Mixcraft [4.5] Build [118][h33t][Dave3737].zip
[2011/02/03 17:45:20 | 000,000,358 | -H-- | M] () -- C:\IPH.PH
[2011/02/03 17:45:13 | 000,001,933 | ---- | M] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/02/03 17:45:13 | 000,001,909 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/02/03 13:29:35 | 436,410,868 | ---- | M] () -- C:\Users\aaa\Desktop\[재] 쇼오락 무한도전.E234.110129.SDTV.XviD-SeSang™.avi
[2011/02/02 00:37:32 | 000,238,592 | ---- | M] () -- C:\Users\aaa\Desktop\Oh_Daniel_RECRUIT_iPHQ.doc
[2011/02/01 19:42:47 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/01/31 14:00:04 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/01/29 22:12:28 | 000,034,706 | ---- | M] () -- C:\Windows\Irremote.ini
[2011/01/29 22:12:28 | 000,001,000 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
[2011/01/29 22:12:08 | 000,001,122 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status..lnk
[2011/01/29 22:12:08 | 000,001,087 | ---- | M] () -- C:\Users\Public\Desktop\WinTV 7.lnk
[2011/01/29 22:12:08 | 000,000,209 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2011/01/29 22:12:08 | 000,000,135 | ---- | M] () -- C:\Windows\ODBC.INI
[2011/01/29 22:10:28 | 000,003,568 | ---- | M] () -- C:\Windows\HCWPNP.INI
[2011/01/29 18:04:40 | 000,001,093 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2011/01/29 17:58:49 | 000,001,963 | ---- | M] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/01/29 17:58:49 | 000,001,939 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/01/28 19:35:01 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/01/28 19:35:01 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011/01/28 17:34:49 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/01/28 17:34:31 | 000,722,382 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/01/28 17:34:23 | 000,001,897 | ---- | M] () -- C:\Users\aaa\Desktop\Microsoft Security Essentials.lnk
[2011/01/28 17:32:33 | 000,002,535 | ---- | M] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk
[2011/01/28 17:32:33 | 000,002,511 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2011/01/28 17:32:33 | 000,002,451 | ---- | M] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero Home Essentials SE.lnk
[2011/01/28 17:28:46 | 000,021,764 | ---- | M] () -- C:\Windows\SysWow64\CoreAAC-uninstall.exe
[2011/01/28 17:27:17 | 000,001,024 | ---- | M] () -- C:\Users\aaa\.rnd
[2011/01/28 17:24:47 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/01/28 17:14:36 | 000,001,081 | ---- | M] () -- C:\Users\Public\Desktop\알집.lnk
[2011/01/28 17:13:21 | 000,001,133 | ---- | M] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2011/01/28 17:13:21 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2011/01/28 16:45:30 | 000,001,437 | ---- | M] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

========== Files Created - No Company Name ==========

[2011/02/07 00:05:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\SBRC.dat
[2011/02/06 23:41:17 | 000,165,407 | ---- | C] () -- C:\AVGInstLog.cab
[2011/02/06 23:26:57 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/06 23:02:59 | 000,003,240 | ---- | C] () -- C:\bootsqm.dat
[2011/02/06 21:52:06 | 353,531,296 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/02/03 17:51:09 | 000,001,008 | ---- | C] () -- C:\Users\Public\Desktop\Mixcraft 4.lnk
[2011/02/03 17:49:13 | 089,717,256 | ---- | C] () -- C:\Users\aaa\Desktop\Acoustica Mixcraft [4.5] Build [118][h33t][Dave3737].zip
[2011/02/03 17:47:17 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011/02/03 17:45:13 | 000,001,933 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/02/03 17:45:13 | 000,001,909 | ---- | C] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/02/03 17:44:55 | 000,000,358 | -H-- | C] () -- C:\IPH.PH
[2011/02/03 13:20:44 | 436,410,868 | ---- | C] () -- C:\Users\aaa\Desktop\[재] 쇼오락 무한도전.E234.110129.SDTV.XviD-SeSang™.avi
[2011/02/02 00:37:30 | 000,238,592 | ---- | C] () -- C:\Users\aaa\Desktop\Oh_Daniel_RECRUIT_iPHQ.doc
[2011/02/01 19:42:47 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/01/31 14:00:04 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/01/31 14:00:04 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/01/31 13:59:30 | 000,001,866 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011/01/31 13:59:30 | 000,001,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/01/29 22:12:28 | 000,001,000 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
[2011/01/29 22:12:08 | 000,001,122 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status..lnk
[2011/01/29 22:12:08 | 000,001,087 | ---- | C] () -- C:\Users\Public\Desktop\WinTV 7.lnk
[2011/01/29 22:12:08 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/01/29 22:12:08 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/01/29 22:11:33 | 000,142,337 | ---- | C] () -- C:\Windows\SysWow64\Wait.exe
[2011/01/29 22:09:45 | 000,003,568 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2011/01/29 17:58:49 | 000,001,963 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/01/29 17:58:49 | 000,001,939 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/01/29 17:46:58 | 000,001,093 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2011/01/28 19:34:53 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011/01/28 19:34:50 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/01/28 19:32:09 | 3220,561,920 | -HS- | C] () -- C:\hiberfil.sys
[2011/01/28 17:58:50 | 000,007,621 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2011/01/28 17:34:49 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/01/28 17:34:31 | 000,722,382 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/01/28 17:34:23 | 000,001,897 | ---- | C] () -- C:\Users\aaa\Desktop\Microsoft Security Essentials.lnk
[2011/01/28 17:32:33 | 000,002,535 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk
[2011/01/28 17:32:33 | 000,002,511 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2011/01/28 17:32:33 | 000,002,451 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero Home Essentials SE.lnk
[2011/01/28 17:28:46 | 000,021,764 | ---- | C] () -- C:\Windows\SysWow64\CoreAAC-uninstall.exe
[2011/01/28 17:27:25 | 000,034,706 | ---- | C] () -- C:\Windows\Irremote.ini
[2011/01/28 17:27:15 | 000,001,024 | ---- | C] () -- C:\Users\aaa\.rnd
[2011/01/28 17:24:47 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/01/28 17:14:36 | 000,001,081 | ---- | C] () -- C:\Users\Public\Desktop\알집.lnk
[2011/01/28 17:13:21 | 000,001,133 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2011/01/28 17:13:21 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2011/01/28 16:45:30 | 000,001,437 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/01/28 16:40:44 | 000,001,409 | ---- | C] () -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/01/28 16:40:40 | 000,001,443 | ---- | C] () -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/01/28 16:40:22 | 000,000,290 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/01/28 16:40:22 | 000,000,272 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2011/02/03 17:45:26 | 000,000,000 | ---D | M] -- C:\Users\aaa\AppData\Roaming\acccore
[2011/02/03 17:51:12 | 000,000,000 | ---D | M] -- C:\Users\aaa\AppData\Roaming\Acoustica
[2011/01/30 23:06:55 | 000,000,000 | ---D | M] -- C:\Users\aaa\AppData\Roaming\BoneTown
[2009/07/14 00:08:49 | 000,004,862 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
SRV:64bit: - [2010/11/11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010/11/11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/01/07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/03/29 18:13:26 | 000,602,624 | ---- | M] (Hauppauge Computer Works) [Auto | Stopped] -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe -- (HauppaugeTVServer)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/10/24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010/01/11 10:19:24 | 001,634,176 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw72DTV.sys -- (hcw72DTV)
DRV:64bit: - [2010/01/11 10:13:28 | 001,631,488 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw72ATV.sys -- (hcw72ATV)
DRV:64bit: - [2010/01/11 10:09:00 | 000,038,912 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw72ADFilter.sys -- (hcw72ADFilter)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 15:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/01/29 17:58:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/02/03 17:45:09 | 000,000,000 | ---D | M]

[2011/01/29 17:59:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aaa\AppData\Roaming\Mozilla\Extensions
[2011/02/06 21:55:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aaa\AppData\Roaming\Mozilla\Firefox\Profiles\w4emkq42.default\extensions
[2011/01/29 17:58:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\SysWow64\grpconv.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.237.161.12
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe ()
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/22 11:17:20 | 000,000,000 | ---D | M] - D:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2007/08/14 06:29:44 | 000,000,055 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{325a5f04-2b3f-11e0-9ff5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{325a5f04-2b3f-11e0-9ff5-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Setup.exe -- [2009/10/28 08:19:09 | 000,184,672 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/07 00:05:27 | 000,049,752 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2011/02/07 00:05:27 | 000,027,472 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\sbbd.exe
[2011/02/07 00:05:21 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE
[2011/02/06 23:34:50 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/02/06 23:27:00 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Malwarebytes
[2011/02/06 23:26:57 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/02/06 23:26:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/02/06 23:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/02/06 23:26:54 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/02/06 23:26:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/02/06 21:52:14 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/02/04 16:54:35 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Diagnostics
[2011/02/04 13:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011/02/03 17:51:12 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Acoustica
[2011/02/03 17:51:09 | 000,057,344 | ---- | C] (NexiTech, Inc.) -- C:\Windows\SysWow64\Wnaspint.dll
[2011/02/03 17:51:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acoustica Mixcraft 4
[2011/02/03 17:51:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acoustica Shared Effects
[2011/02/03 17:50:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VST
[2011/02/03 17:50:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Acoustica
[2011/02/03 17:50:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acoustica Mixcraft 4
[2011/02/03 17:50:14 | 000,000,000 | ---D | C] -- C:\Users\aaa\Desktop\Acoustica Mixcraft [4.5] Build [118][h33t][Dave3737]
[2011/02/03 17:45:21 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\acccore
[2011/02/03 17:45:19 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\AOL
[2011/02/03 17:45:19 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\AIM
[2011/02/03 17:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM
[2011/02/03 17:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\AIM
[2011/02/03 17:45:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AIM
[2011/02/03 17:45:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility
[2011/02/03 17:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AOL
[2011/02/03 13:16:16 | 000,000,000 | ---D | C] -- C:\Program Files\Kiwidisk.com
[2011/02/03 13:14:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KiwidiskCtrl
[2011/02/03 13:14:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kiwidisk.com
[2011/02/02 10:46:59 | 000,000,000 | ---D | C] -- C:\Users\aaa\Desktop\cjs220
[2011/01/31 15:41:51 | 000,000,000 | ---D | C] -- C:\Users\aaa\Desktop\SCIschool
[2011/01/31 14:00:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011/01/31 14:00:25 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Adobe
[2011/01/31 13:59:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/01/31 13:59:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011/01/31 13:59:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/01/31 13:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2011/01/31 13:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/01/31 13:59:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2011/01/30 16:33:49 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\BoneTown
[2011/01/30 16:33:09 | 000,000,000 | RH-D | C] -- C:\Users\aaa\AppData\Roaming\SecuROM
[2011/01/30 16:30:15 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2011/01/30 16:30:15 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2011/01/30 16:30:14 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2011/01/30 16:30:14 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2011/01/30 16:30:11 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2011/01/30 16:30:10 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2011/01/30 16:30:10 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2011/01/30 16:30:10 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2011/01/30 16:30:10 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2011/01/30 16:30:10 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2011/01/30 16:30:10 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2011/01/30 16:30:09 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2011/01/30 16:30:09 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2011/01/30 16:30:09 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2011/01/30 16:30:08 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2011/01/30 16:30:08 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2011/01/30 16:30:08 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2011/01/30 16:30:08 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2011/01/30 16:30:07 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2011/01/30 16:30:07 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2011/01/30 16:29:52 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BoneTown
[2011/01/30 16:29:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BoneTown
[2011/01/29 22:12:28 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV
[2011/01/29 22:11:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV
[2011/01/29 22:11:32 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2011/01/29 22:11:32 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2011/01/29 22:11:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinTV
[2011/01/29 22:11:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/01/29 22:10:07 | 000,831,554 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwtvwnd.dll
[2011/01/29 22:10:07 | 000,323,640 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwpnp32.dll
[2011/01/29 22:10:07 | 000,110,648 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysWow64\hcwi2c32.dll
[2011/01/29 22:10:07 | 000,036,921 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwutl32.dll
[2011/01/29 22:09:01 | 001,634,176 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw72DTV.sys
[2011/01/29 22:09:01 | 001,631,488 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw72ATV.sys
[2011/01/29 22:09:01 | 000,101,376 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\hcwcpxx64.ax
[2011/01/29 22:09:01 | 000,095,744 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysWow64\hcwcpxx.ax
[2011/01/29 22:09:01 | 000,038,912 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw72ADFilter.sys
[2011/01/29 18:05:27 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2011/01/29 17:58:56 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Mozilla
[2011/01/29 17:58:56 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Mozilla
[2011/01/29 17:58:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011/01/29 17:58:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/01/29 17:46:58 | 000,000,000 | ---D | C] -- C:\Users\aaa\Documents\StarCraft II
[2011/01/29 17:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2011/01/29 17:46:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2011/01/29 17:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011/01/29 17:46:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2011/01/28 19:32:37 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011/01/28 19:32:09 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/01/28 19:31:26 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011/01/28 18:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011/01/28 18:00:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/01/28 17:59:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011/01/28 17:59:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011/01/28 17:58:50 | 020,471,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2011/01/28 17:58:50 | 015,047,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011/01/28 17:58:50 | 012,859,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2011/01/28 17:58:50 | 010,078,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2011/01/28 17:58:50 | 006,604,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2011/01/28 17:58:50 | 005,653,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2011/01/28 17:58:50 | 004,941,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011/01/28 17:58:50 | 003,112,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2011/01/28 17:58:50 | 002,895,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011/01/28 17:58:50 | 002,479,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2011/01/28 17:58:50 | 002,251,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011/01/28 17:58:50 | 001,614,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco642090.dll
[2011/01/28 17:58:50 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642040.dll
[2011/01/28 17:58:50 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011/01/28 17:58:50 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011/01/28 17:58:49 | 018,580,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2011/01/28 17:58:49 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011/01/28 17:58:49 | 002,200,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2011/01/28 17:58:49 | 001,965,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2011/01/28 17:58:49 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2011/01/28 17:58:40 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011/01/28 17:58:21 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011/01/28 17:46:41 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2011/01/28 17:46:41 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2011/01/28 17:46:41 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2011/01/28 17:46:41 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2011/01/28 17:38:56 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Nero
[2011/01/28 17:34:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011/01/28 17:34:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/01/28 17:34:12 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2011/01/28 17:32:50 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Ahead
[2011/01/28 17:32:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8
[2011/01/28 17:24:51 | 000,000,000 | ---D | C] -- C:\Users\aaa\Desktop\test HD movie
[2011/01/28 17:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2011/01/28 17:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2011/01/28 17:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2011/01/28 17:23:19 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2011/01/28 17:23:19 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2011/01/28 17:14:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\이스트소프트
[2011/01/28 17:14:36 | 000,000,000 | ---D | C] -- C:\ProgramData\ESTsoft
[2011/01/28 17:14:35 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\ESTsoft
[2011/01/28 17:14:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESTsoft
[2011/01/28 17:13:47 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\GRETECH
[2011/01/28 17:13:47 | 000,000,000 | ---D | C] -- C:\Users\aaa\Documents\GomPlayer
[2011/01/28 17:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
[2011/01/28 17:13:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DtsFilter
[2011/01/28 17:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS+AC3 Filter
[2011/01/28 17:13:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GNU
[2011/01/28 17:13:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH
[2011/01/28 17:06:35 | 000,000,000 | ---D | C] -- C:\Users\aaa\Desktop\Microsoft Office
[2011/01/28 17:05:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2011/01/28 17:05:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011/01/28 17:05:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011/01/28 17:05:27 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/01/28 17:05:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/01/28 17:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/01/28 17:04:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011/01/28 17:03:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011/01/28 17:03:37 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Microsoft Help
[2011/01/28 17:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/01/28 17:03:34 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011/01/28 17:03:22 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/01/28 16:48:54 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Macromedia
[2011/01/28 16:48:54 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Adobe
[2011/01/28 16:47:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011/01/28 16:40:39 | 000,000,000 | R--D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/01/28 16:40:39 | 000,000,000 | R--D | C] -- C:\Users\aaa\Searches
[2011/01/28 16:40:39 | 000,000,000 | R--D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/01/28 16:40:39 | 000,000,000 | -H-D | C] -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/01/28 16:40:31 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/01/28 16:40:31 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Identities
[2011/01/28 16:40:29 | 000,000,000 | R--D | C] -- C:\Users\aaa\Contacts
[2011/01/28 16:40:28 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\VirtualStore
[2011/01/28 16:40:22 | 000,000,000 | --SD | C] -- C:\Users\aaa\AppData\Roaming\Microsoft
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Videos
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Saved Games
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Pictures
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Music
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Links
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Favorites
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Downloads
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\My Documents
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Desktop
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\AppData\Local\Temporary Internet Files
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Templates
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Start Menu
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\SendTo
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Recent
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\PrintHood
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\NetHood
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Documents\My Videos
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Documents\My Pictures
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Documents\My Music
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\My Documents
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Local Settings
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\AppData\Local\History
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Cookies
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Application Data
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\AppData\Local\Application Data
[2011/01/28 16:40:22 | 000,000,000 | -H-D | C] -- C:\Users\aaa\AppData
[2011/01/28 16:40:22 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Temp
[2011/01/28 16:40:22 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Microsoft
[2011/01/28 16:40:22 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Media Center Programs
[2011/01/28 16:40:17 | 000,000,000 | -HSD | C] -- C:\Recovery

========== Files - Modified Within 30 Days ==========

[2011/02/07 00:12:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/07 00:11:57 | 353,531,296 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/02/07 00:11:56 | 3220,561,920 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/07 00:05:29 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\SBRC.dat
[2011/02/06 23:59:18 | 000,717,260 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/02/06 23:59:18 | 000,609,092 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/02/06 23:59:18 | 000,104,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/02/06 23:41:17 | 000,165,407 | ---- | M] () -- C:\AVGInstLog.cab
[2011/02/06 23:33:53 | 000,412,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/02/06 23:26:57 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/06 23:02:59 | 000,003,240 | ---- | M] () -- C:\bootsqm.dat
[2011/02/06 21:56:44 | 000,013,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/06 21:56:44 | 000,013,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/04 13:59:39 | 000,001,866 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011/02/04 13:59:39 | 000,001,864 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/02/03 18:07:19 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011/02/03 17:51:09 | 000,001,008 | ---- | M] () -- C:\Users\Public\Desktop\Mixcraft 4.lnk
[2011/02/03 17:48:32 | 089,717,256 | ---- | M] () -- C:\Users\aaa\Desktop\Acoustica Mixcraft [4.5] Build [118][h33t][Dave3737].zip
[2011/02/03 17:45:20 | 000,000,358 | -H-- | M] () -- C:\IPH.PH
[2011/02/03 17:45:13 | 000,001,933 | ---- | M] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/02/03 17:45:13 | 000,001,909 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/02/03 13:29:35 | 436,410,868 | ---- | M] () -- C:\Users\aaa\Desktop\[재] 쇼오락 무한도전.E234.110129.SDTV.XviD-SeSang™.avi
[2011/02/02 00:37:32 | 000,238,592 | ---- | M] () -- C:\Users\aaa\Desktop\Oh_Daniel_RECRUIT_iPHQ.doc
[2011/02/01 19:42:47 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/01/31 14:00:04 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/01/29 22:12:28 | 000,034,706 | ---- | M] () -- C:\Windows\Irremote.ini
[2011/01/29 22:12:28 | 000,001,000 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
[2011/01/29 22:12:08 | 000,001,122 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status..lnk
[2011/01/29 22:12:08 | 000,001,087 | ---- | M] () -- C:\Users\Public\Desktop\WinTV 7.lnk
[2011/01/29 22:12:08 | 000,000,209 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2011/01/29 22:12:08 | 000,000,135 | ---- | M] () -- C:\Windows\ODBC.INI
[2011/01/29 22:10:28 | 000,003,568 | ---- | M] () -- C:\Windows\HCWPNP.INI
[2011/01/29 18:04:40 | 000,001,093 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2011/01/29 17:58:49 | 000,001,963 | ---- | M] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/01/29 17:58:49 | 000,001,939 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/01/28 19:35:01 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/01/28 19:35:01 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011/01/28 17:34:49 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/01/28 17:34:31 | 000,722,382 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/01/28 17:34:23 | 000,001,897 | ---- | M] () -- C:\Users\aaa\Desktop\Microsoft Security Essentials.lnk
[2011/01/28 17:32:33 | 000,002,535 | ---- | M] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk
[2011/01/28 17:32:33 | 000,002,511 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2011/01/28 17:32:33 | 000,002,451 | ---- | M] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero Home Essentials SE.lnk
[2011/01/28 17:28:46 | 000,021,764 | ---- | M] () -- C:\Windows\SysWow64\CoreAAC-uninstall.exe
[2011/01/28 17:27:17 | 000,001,024 | ---- | M] () -- C:\Users\aaa\.rnd
[2011/01/28 17:24:47 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/01/28 17:14:36 | 000,001,081 | ---- | M] () -- C:\Users\Public\Desktop\알집.lnk
[2011/01/28 17:13:21 | 000,001,133 | ---- | M] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2011/01/28 17:13:21 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2011/01/28 16:45:30 | 000,001,437 | ---- | M] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

========== Files Created - No Company Name ==========

[2011/02/07 00:05:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\SBRC.dat
[2011/02/06 23:41:17 | 000,165,407 | ---- | C] () -- C:\AVGInstLog.cab
[2011/02/06 23:26:57 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/06 23:02:59 | 000,003,240 | ---- | C] () -- C:\bootsqm.dat
[2011/02/06 21:52:06 | 353,531,296 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/02/03 17:51:09 | 000,001,008 | ---- | C] () -- C:\Users\Public\Desktop\Mixcraft 4.lnk
[2011/02/03 17:49:13 | 089,717,256 | ---- | C] () -- C:\Users\aaa\Desktop\Acoustica Mixcraft [4.5] Build [118][h33t][Dave3737].zip
[2011/02/03 17:47:17 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011/02/03 17:45:13 | 000,001,933 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/02/03 17:45:13 | 000,001,909 | ---- | C] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/02/03 17:44:55 | 000,000,358 | -H-- | C] () -- C:\IPH.PH
[2011/02/03 13:20:44 | 436,410,868 | ---- | C] () -- C:\Users\aaa\Desktop\[재] 쇼오락 무한도전.E234.110129.SDTV.XviD-SeSang™.avi
[2011/02/02 00:37:30 | 000,238,592 | ---- | C] () -- C:\Users\aaa\Desktop\Oh_Daniel_RECRUIT_iPHQ.doc
[2011/02/01 19:42:47 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/01/31 14:00:04 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/01/31 14:00:04 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/01/31 13:59:30 | 000,001,866 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011/01/31 13:59:30 | 000,001,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/01/29 22:12:28 | 000,001,000 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
[2011/01/29 22:12:08 | 000,001,122 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status..lnk
[2011/01/29 22:12:08 | 000,001,087 | ---- | C] () -- C:\Users\Public\Desktop\WinTV 7.lnk
[2011/01/29 22:12:08 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/01/29 22:12:08 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/01/29 22:11:33 | 000,142,337 | ---- | C] () -- C:\Windows\SysWow64\Wait.exe
[2011/01/29 22:09:45 | 000,003,568 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2011/01/29 17:58:49 | 000,001,963 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/01/29 17:58:49 | 000,001,939 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/01/29 17:46:58 | 000,001,093 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2011/01/28 19:34:53 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011/01/28 19:34:50 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/01/28 19:32:09 | 3220,561,920 | -HS- | C] () -- C:\hiberfil.sys
[2011/01/28 17:58:50 | 000,007,621 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2011/01/28 17:34:49 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/01/28 17:34:31 | 000,722,382 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/01/28 17:34:23 | 000,001,897 | ---- | C] () -- C:\Users\aaa\Desktop\Microsoft Security Essentials.lnk
[2011/01/28 17:32:33 | 000,002,535 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk
[2011/01/28 17:32:33 | 000,002,511 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2011/01/28 17:32:33 | 000,002,451 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero Home Essentials SE.lnk
[2011/01/28 17:28:46 | 000,021,764 | ---- | C] () -- C:\Windows\SysWow64\CoreAAC-uninstall.exe
[2011/01/28 17:27:25 | 000,034,706 | ---- | C] () -- C:\Windows\Irremote.ini
[2011/01/28 17:27:15 | 000,001,024 | ---- | C] () -- C:\Users\aaa\.rnd
[2011/01/28 17:24:47 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/01/28 17:14:36 | 000,001,081 | ---- | C] () -- C:\Users\Public\Desktop\알집.lnk
[2011/01/28 17:13:21 | 000,001,133 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2011/01/28 17:13:21 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2011/01/28 16:45:30 | 000,001,437 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/01/28 16:40:44 | 000,001,409 | ---- | C] () -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/01/28 16:40:40 | 000,001,443 | ---- | C] () -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/01/28 16:40:22 | 000,000,290 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/01/28 16:40:22 | 000,000,272 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2011/02/03 17:45:26 | 000,000,000 | ---D | M] -- C:\Users\aaa\AppData\Roaming\acccore
[2011/02/03 17:51:12 | 000,000,000 | ---D | M] -- C:\Users\aaa\AppData\Roaming\Acoustica
[2011/01/30 23:06:55 | 000,000,000 | ---D | M] -- C:\Users\aaa\AppData\Roaming\BoneTown
[2009/07/14 00:08:49 | 000,004,862 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
SRV:64bit: - [2010/11/11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010/11/11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/01/07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/03/29 18:13:26 | 000,602,624 | ---- | M] (Hauppauge Computer Works) [Auto | Stopped] -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe -- (HauppaugeTVServer)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/10/24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010/01/11 10:19:24 | 001,634,176 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw72DTV.sys -- (hcw72DTV)
DRV:64bit: - [2010/01/11 10:13:28 | 001,631,488 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw72ATV.sys -- (hcw72ATV)
DRV:64bit: - [2010/01/11 10:09:00 | 000,038,912 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw72ADFilter.sys -- (hcw72ADFilter)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 15:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/01/29 17:58:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/02/03 17:45:09 | 000,000,000 | ---D | M]

[2011/01/29 17:59:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aaa\AppData\Roaming\Mozilla\Extensions
[2011/02/06 21:55:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aaa\AppData\Roaming\Mozilla\Firefox\Profiles\w4emkq42.default\extensions
[2011/01/29 17:58:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\SysWow64\grpconv.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.237.161.12
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe ()
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/22 11:17:20 | 000,000,000 | ---D | M] - D:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2007/08/14 06:29:44 | 000,000,055 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{325a5f04-2b3f-11e0-9ff5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{325a5f04-2b3f-11e0-9ff5-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Setup.exe -- [2009/10/28 08:19:09 | 000,184,672 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/07 00:05:27 | 000,049,752 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2011/02/07 00:05:27 | 000,027,472 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\sbbd.exe
[2011/02/07 00:05:21 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE
[2011/02/06 23:34:50 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/02/06 23:27:00 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Malwarebytes
[2011/02/06 23:26:57 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/02/06 23:26:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/02/06 23:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/02/06 23:26:54 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/02/06 23:26:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/02/06 21:52:14 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/02/04 16:54:35 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Diagnostics
[2011/02/04 13:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011/02/03 17:51:12 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Acoustica
[2011/02/03 17:51:09 | 000,057,344 | ---- | C] (NexiTech, Inc.) -- C:\Windows\SysWow64\Wnaspint.dll
[2011/02/03 17:51:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acoustica Mixcraft 4
[2011/02/03 17:51:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acoustica Shared Effects
[2011/02/03 17:50:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VST
[2011/02/03 17:50:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Acoustica
[2011/02/03 17:50:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acoustica Mixcraft 4
[2011/02/03 17:50:14 | 000,000,000 | ---D | C] -- C:\Users\aaa\Desktop\Acoustica Mixcraft [4.5] Build [118][h33t][Dave3737]
[2011/02/03 17:45:21 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\acccore
[2011/02/03 17:45:19 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\AOL
[2011/02/03 17:45:19 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\AIM
[2011/02/03 17:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM
[2011/02/03 17:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\AIM
[2011/02/03 17:45:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AIM
[2011/02/03 17:45:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility
[2011/02/03 17:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AOL
[2011/02/03 13:16:16 | 000,000,000 | ---D | C] -- C:\Program Files\Kiwidisk.com
[2011/02/03 13:14:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KiwidiskCtrl
[2011/02/03 13:14:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kiwidisk.com
[2011/02/02 10:46:59 | 000,000,000 | ---D | C] -- C:\Users\aaa\Desktop\cjs220
[2011/01/31 15:41:51 | 000,000,000 | ---D | C] -- C:\Users\aaa\Desktop\SCIschool
[2011/01/31 14:00:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011/01/31 14:00:25 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Adobe
[2011/01/31 13:59:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/01/31 13:59:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011/01/31 13:59:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/01/31 13:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2011/01/31 13:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/01/31 13:59:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2011/01/30 16:33:49 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\BoneTown
[2011/01/30 16:33:09 | 000,000,000 | RH-D | C] -- C:\Users\aaa\AppData\Roaming\SecuROM
[2011/01/30 16:30:15 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2011/01/30 16:30:15 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2011/01/30 16:30:14 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2011/01/30 16:30:14 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2011/01/30 16:30:11 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2011/01/30 16:30:10 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2011/01/30 16:30:10 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2011/01/30 16:30:10 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2011/01/30 16:30:10 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2011/01/30 16:30:10 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2011/01/30 16:30:10 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2011/01/30 16:30:09 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2011/01/30 16:30:09 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2011/01/30 16:30:09 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2011/01/30 16:30:08 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2011/01/30 16:30:08 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2011/01/30 16:30:08 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2011/01/30 16:30:08 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2011/01/30 16:30:07 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2011/01/30 16:30:07 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2011/01/30 16:29:52 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BoneTown
[2011/01/30 16:29:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BoneTown
[2011/01/29 22:12:28 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV
[2011/01/29 22:11:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV
[2011/01/29 22:11:32 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2011/01/29 22:11:32 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2011/01/29 22:11:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinTV
[2011/01/29 22:11:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/01/29 22:10:07 | 000,831,554 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwtvwnd.dll
[2011/01/29 22:10:07 | 000,323,640 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwpnp32.dll
[2011/01/29 22:10:07 | 000,110,648 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysWow64\hcwi2c32.dll
[2011/01/29 22:10:07 | 000,036,921 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\SysWow64\hcwutl32.dll
[2011/01/29 22:09:01 | 001,634,176 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw72DTV.sys
[2011/01/29 22:09:01 | 001,631,488 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw72ATV.sys
[2011/01/29 22:09:01 | 000,101,376 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\hcwcpxx64.ax
[2011/01/29 22:09:01 | 000,095,744 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysWow64\hcwcpxx.ax
[2011/01/29 22:09:01 | 000,038,912 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw72ADFilter.sys
[2011/01/29 18:05:27 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2011/01/29 17:58:56 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Mozilla
[2011/01/29 17:58:56 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Mozilla
[2011/01/29 17:58:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011/01/29 17:58:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/01/29 17:46:58 | 000,000,000 | ---D | C] -- C:\Users\aaa\Documents\StarCraft II
[2011/01/29 17:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2011/01/29 17:46:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2011/01/29 17:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011/01/29 17:46:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2011/01/28 19:32:37 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011/01/28 19:32:09 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/01/28 19:31:26 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011/01/28 18:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011/01/28 18:00:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/01/28 17:59:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011/01/28 17:59:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011/01/28 17:58:50 | 020,471,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2011/01/28 17:58:50 | 015,047,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011/01/28 17:58:50 | 012,859,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2011/01/28 17:58:50 | 010,078,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2011/01/28 17:58:50 | 006,604,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2011/01/28 17:58:50 | 005,653,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2011/01/28 17:58:50 | 004,941,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011/01/28 17:58:50 | 003,112,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2011/01/28 17:58:50 | 002,895,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011/01/28 17:58:50 | 002,479,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2011/01/28 17:58:50 | 002,251,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011/01/28 17:58:50 | 001,614,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco642090.dll
[2011/01/28 17:58:50 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642040.dll
[2011/01/28 17:58:50 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011/01/28 17:58:50 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011/01/28 17:58:49 | 018,580,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2011/01/28 17:58:49 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011/01/28 17:58:49 | 002,200,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2011/01/28 17:58:49 | 001,965,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2011/01/28 17:58:49 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2011/01/28 17:58:40 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011/01/28 17:58:21 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011/01/28 17:46:41 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2011/01/28 17:46:41 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2011/01/28 17:46:41 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2011/01/28 17:46:41 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2011/01/28 17:38:56 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Nero
[2011/01/28 17:34:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011/01/28 17:34:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/01/28 17:34:12 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2011/01/28 17:32:50 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Ahead
[2011/01/28 17:32:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8
[2011/01/28 17:24:51 | 000,000,000 | ---D | C] -- C:\Users\aaa\Desktop\test HD movie
[2011/01/28 17:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2011/01/28 17:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2011/01/28 17:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2011/01/28 17:23:19 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2011/01/28 17:23:19 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2011/01/28 17:14:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\이스트소프트
[2011/01/28 17:14:36 | 000,000,000 | ---D | C] -- C:\ProgramData\ESTsoft
[2011/01/28 17:14:35 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\ESTsoft
[2011/01/28 17:14:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESTsoft
[2011/01/28 17:13:47 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\GRETECH
[2011/01/28 17:13:47 | 000,000,000 | ---D | C] -- C:\Users\aaa\Documents\GomPlayer
[2011/01/28 17:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
[2011/01/28 17:13:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DtsFilter
[2011/01/28 17:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS+AC3 Filter
[2011/01/28 17:13:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GNU
[2011/01/28 17:13:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH
[2011/01/28 17:06:35 | 000,000,000 | ---D | C] -- C:\Users\aaa\Desktop\Microsoft Office
[2011/01/28 17:05:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2011/01/28 17:05:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011/01/28 17:05:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011/01/28 17:05:27 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/01/28 17:05:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/01/28 17:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/01/28 17:04:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011/01/28 17:03:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011/01/28 17:03:37 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Microsoft Help
[2011/01/28 17:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/01/28 17:03:34 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011/01/28 17:03:22 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/01/28 16:48:54 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Macromedia
[2011/01/28 16:48:54 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Adobe
[2011/01/28 16:47:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011/01/28 16:40:39 | 000,000,000 | R--D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/01/28 16:40:39 | 000,000,000 | R--D | C] -- C:\Users\aaa\Searches
[2011/01/28 16:40:39 | 000,000,000 | R--D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/01/28 16:40:39 | 000,000,000 | -H-D | C] -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/01/28 16:40:31 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/01/28 16:40:31 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Identities
[2011/01/28 16:40:29 | 000,000,000 | R--D | C] -- C:\Users\aaa\Contacts
[2011/01/28 16:40:28 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\VirtualStore
[2011/01/28 16:40:22 | 000,000,000 | --SD | C] -- C:\Users\aaa\AppData\Roaming\Microsoft
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Videos
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Saved Games
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Pictures
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Music
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Links
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Favorites
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Downloads
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\My Documents
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\Desktop
[2011/01/28 16:40:22 | 000,000,000 | R--D | C] -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\AppData\Local\Temporary Internet Files
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Templates
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Start Menu
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\SendTo
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Recent
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\PrintHood
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\NetHood
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Documents\My Videos
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Documents\My Pictures
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Documents\My Music
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\My Documents
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Local Settings
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\AppData\Local\History
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Cookies
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\Application Data
[2011/01/28 16:40:22 | 000,000,000 | -HSD | C] -- C:\Users\aaa\AppData\Local\Application Data
[2011/01/28 16:40:22 | 000,000,000 | -H-D | C] -- C:\Users\aaa\AppData
[2011/01/28 16:40:22 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Temp
[2011/01/28 16:40:22 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Local\Microsoft
[2011/01/28 16:40:22 | 000,000,000 | ---D | C] -- C:\Users\aaa\AppData\Roaming\Media Center Programs
[2011/01/28 16:40:17 | 000,000,000 | -HSD | C] -- C:\Recovery

========== Files - Modified Within 30 Days ==========

[2011/02/07 00:16:40 | 000,717,260 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/02/07 00:16:40 | 000,609,092 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/02/07 00:16:40 | 000,104,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/02/07 00:12:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/07 00:11:57 | 353,531,296 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/02/07 00:11:56 | 3220,561,920 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/07 00:05:29 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\SBRC.dat
[2011/02/06 23:41:17 | 000,165,407 | ---- | M] () -- C:\AVGInstLog.cab
[2011/02/06 23:33:53 | 000,412,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/02/06 23:26:57 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/06 23:02:59 | 000,003,240 | ---- | M] () -- C:\bootsqm.dat
[2011/02/06 21:56:44 | 000,013,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/06 21:56:44 | 000,013,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/04 13:59:39 | 000,001,866 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011/02/04 13:59:39 | 000,001,864 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/02/03 18:07:19 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011/02/03 17:51:09 | 000,001,008 | ---- | M] () -- C:\Users\Public\Desktop\Mixcraft 4.lnk
[2011/02/03 17:48:32 | 089,717,256 | ---- | M] () -- C:\Users\aaa\Desktop\Acoustica Mixcraft [4.5] Build [118][h33t][Dave3737].zip
[2011/02/03 17:45:20 | 000,000,358 | -H-- | M] () -- C:\IPH.PH
[2011/02/03 17:45:13 | 000,001,933 | ---- | M] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/02/03 17:45:13 | 000,001,909 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/02/03 13:29:35 | 436,410,868 | ---- | M] () -- C:\Users\aaa\Desktop\[재] 쇼오락 무한도전.E234.110129.SDTV.XviD-SeSang™.avi
[2011/02/02 00:37:32 | 000,238,592 | ---- | M] () -- C:\Users\aaa\Desktop\Oh_Daniel_RECRUIT_iPHQ.doc
[2011/02/01 19:42:47 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/01/31 14:00:04 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/01/29 22:12:28 | 000,034,706 | ---- | M] () -- C:\Windows\Irremote.ini
[2011/01/29 22:12:28 | 000,001,000 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
[2011/01/29 22:12:08 | 000,001,122 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status..lnk
[2011/01/29 22:12:08 | 000,001,087 | ---- | M] () -- C:\Users\Public\Desktop\WinTV 7.lnk
[2011/01/29 22:12:08 | 000,000,209 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2011/01/29 22:12:08 | 000,000,135 | ---- | M] () -- C:\Windows\ODBC.INI
[2011/01/29 22:10:28 | 000,003,568 | ---- | M] () -- C:\Windows\HCWPNP.INI
[2011/01/29 18:04:40 | 000,001,093 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2011/01/29 17:58:49 | 000,001,963 | ---- | M] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/01/29 17:58:49 | 000,001,939 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/01/28 19:35:01 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/01/28 19:35:01 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011/01/28 17:34:49 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/01/28 17:34:31 | 000,722,382 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/01/28 17:34:23 | 000,001,897 | ---- | M] () -- C:\Users\aaa\Desktop\Microsoft Security Essentials.lnk
[2011/01/28 17:32:33 | 000,002,535 | ---- | M] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk
[2011/01/28 17:32:33 | 000,002,511 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2011/01/28 17:32:33 | 000,002,451 | ---- | M] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero Home Essentials SE.lnk
[2011/01/28 17:28:46 | 000,021,764 | ---- | M] () -- C:\Windows\SysWow64\CoreAAC-uninstall.exe
[2011/01/28 17:27:17 | 000,001,024 | ---- | M] () -- C:\Users\aaa\.rnd
[2011/01/28 17:24:47 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/01/28 17:14:36 | 000,001,081 | ---- | M] () -- C:\Users\Public\Desktop\알집.lnk
[2011/01/28 17:13:21 | 000,001,133 | ---- | M] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2011/01/28 17:13:21 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2011/01/28 16:45:30 | 000,001,437 | ---- | M] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

========== Files Created - No Company Name ==========

[2011/02/07 00:05:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\SBRC.dat
[2011/02/06 23:41:17 | 000,165,407 | ---- | C] () -- C:\AVGInstLog.cab
[2011/02/06 23:26:57 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/06 23:02:59 | 000,003,240 | ---- | C] () -- C:\bootsqm.dat
[2011/02/06 21:52:06 | 353,531,296 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/02/03 17:51:09 | 000,001,008 | ---- | C] () -- C:\Users\Public\Desktop\Mixcraft 4.lnk
[2011/02/03 17:49:13 | 089,717,256 | ---- | C] () -- C:\Users\aaa\Desktop\Acoustica Mixcraft [4.5] Build [118][h33t][Dave3737].zip
[2011/02/03 17:47:17 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011/02/03 17:45:13 | 000,001,933 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/02/03 17:45:13 | 000,001,909 | ---- | C] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/02/03 17:44:55 | 000,000,358 | -H-- | C] () -- C:\IPH.PH
[2011/02/03 13:20:44 | 436,410,868 | ---- | C] () -- C:\Users\aaa\Desktop\[재] 쇼오락 무한도전.E234.110129.SDTV.XviD-SeSang™.avi
[2011/02/02 00:37:30 | 000,238,592 | ---- | C] () -- C:\Users\aaa\Desktop\Oh_Daniel_RECRUIT_iPHQ.doc
[2011/02/01 19:42:47 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/01/31 14:00:04 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/01/31 14:00:04 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/01/31 13:59:30 | 000,001,866 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011/01/31 13:59:30 | 000,001,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/01/29 22:12:28 | 000,001,000 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
[2011/01/29 22:12:08 | 000,001,122 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status..lnk
[2011/01/29 22:12:08 | 000,001,087 | ---- | C] () -- C:\Users\Public\Desktop\WinTV 7.lnk
[2011/01/29 22:12:08 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/01/29 22:12:08 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/01/29 22:11:33 | 000,142,337 | ---- | C] () -- C:\Windows\SysWow64\Wait.exe
[2011/01/29 22:09:45 | 000,003,568 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2011/01/29 17:58:49 | 000,001,963 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/01/29 17:58:49 | 000,001,939 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/01/29 17:46:58 | 000,001,093 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2011/01/28 19:34:53 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011/01/28 19:34:50 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/01/28 19:32:09 | 3220,561,920 | -HS- | C] () -- C:\hiberfil.sys
[2011/01/28 17:58:50 | 000,007,621 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2011/01/28 17:34:49 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/01/28 17:34:31 | 000,722,382 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/01/28 17:34:23 | 000,001,897 | ---- | C] () -- C:\Users\aaa\Desktop\Microsoft Security Essentials.lnk
[2011/01/28 17:32:33 | 000,002,535 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk
[2011/01/28 17:32:33 | 000,002,511 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2011/01/28 17:32:33 | 000,002,451 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero Home Essentials SE.lnk
[2011/01/28 17:28:46 | 000,021,764 | ---- | C] () -- C:\Windows\SysWow64\CoreAAC-uninstall.exe
[2011/01/28 17:27:25 | 000,034,706 | ---- | C] () -- C:\Windows\Irremote.ini
[2011/01/28 17:27:15 | 000,001,024 | ---- | C] () -- C:\Users\aaa\.rnd
[2011/01/28 17:24:47 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/01/28 17:14:36 | 000,001,081 | ---- | C] () -- C:\Users\Public\Desktop\알집.lnk
[2011/01/28 17:13:21 | 000,001,133 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2011/01/28 17:13:21 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2011/01/28 16:45:30 | 000,001,437 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/01/28 16:40:44 | 000,001,409 | ---- | C] () -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/01/28 16:40:40 | 000,001,443 | ---- | C] () -- C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/01/28 16:40:22 | 000,000,290 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/01/28 16:40:22 | 000,000,272 | ---- | C] () -- C:\Users\aaa\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2011/02/03 17:45:26 | 000,000,000 | ---D | M] -- C:\Users\aaa\AppData\Roaming\acccore
[2011/02/03 17:51:12 | 000,000,000 | ---D | M] -- C:\Users\aaa\AppData\Roaming\Acoustica
[2011/01/30 23:06:55 | 000,000,000 | ---D | M] -- C:\Users\aaa\AppData\Roaming\BoneTown
[2009/07/14 00:08:49 | 000,004,862 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
[2011/02/07 00:16:40 | 000,717,260 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/02/07 00:16:40 | 000,609,092 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/02/07 00:16:40 | 000,104,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/02/06 23:33:53 | 000,412,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/01/28 19:35:01 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf

========== LOP Check ==========

[2011/02/03 17:45:26 | 000,000,000 | ---D | M] -- C:\Users\aaa\AppData\Roaming\acccore
[2011/02/03 17:51:12 | 000,000,000 | ---D | M] -- C:\Users\aaa\AppData\Roaming\Acoustica
[2011/01/30 23:06:55 | 000,000,000 | ---D | M] -- C:\Users\aaa\AppData\Roaming\BoneTown
[2009/07/14 00:08:49 | 000,004,862 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
Salagubang
Posted 14 February 2011 - 03:23 AM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Hi deezy,

Welcome to Geekstogo. My name is Salagubang and I'll be helping you with this problem.

  • Please read all of my response through at least once before attempting to follow the procedures described. I would recommend printing them out, if you can, as you can check off each step as you complete it. If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you
  • English is not my first language, so please do not use slang or idioms, as this makes it difficult to understand for me.

+++++++++++++++++++++++++++++++++++++++++++

Posted Image ERUNT - Download here
Removing modern malware infections often requires making changes to the registry, and a corrupt registry can prevent a system from booting. Compatible with Windows NT, 2000, 2003, XP, Vista, 32 & 64-bit versions. To ensure that we have a valid registry backup. Install and run ERUNT (Emergency Recovery Utility NT) which will allows you to store a complete backup of your registry and restore if needed.
  • Download ERUNT
  • Double-click erunt_setup.exe to run.
  • Follow the prompts and install using the default configuration (setup language, install location, shortcuts...).
  • Say No to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later.
    Posted Image
  • Start ERUNT
  • Choose a location for the backup
    The default location C:\WINDOWS\ERDNT\[today's date] is preferred
    Posted Image
  • The first two check boxes are ticked by default (System registry and Current user registry).
  • Press OK
  • When prompted, click YES to create a new folder.
  • Progress bars will show backup status.
  • A confirmation window will popup when complete. Click OK to close.

+++++++++++++++++++++++++++++++++++++++++++

A couple of question:

What is the make and brand of the machine?
Are you using an discreet video card or an onboard video card?
What are the current issues you are experiencing?
What is the title Vista?

First, we need a fresh log.

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    netsvcs
    drivers32
    /md5start
    userinit.exe
    winlogon.exe
    explorer.exe
    /md5stop
    %SYSTEMDRIVE%\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them in your next reply

Next

Submit a File For Analysis
We need to have the files below Scanned by Uploading them/it to Jotti

Please visit Jotti
Copy/paste the the following file path into the window
C:\WINDOWS\system32
Click Submit/Send File
Please post back, to let me know the results.
  • 0

#3
deezy
Posted 14 February 2011 - 02:38 PM

deezy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Hello thank you for the response. I will first attach the OTL Files. Located here,
OTL logfile created on: 2/14/2011 2:21:10 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\deezy\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 80.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 114.94 Gb Total Space | 87.19 Gb Free Space | 75.86% Space Free | Partition Type: NTFS
Drive D: | 6.99 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: DEEZY-PC | User Name: deezy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/14 14:20:48 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\deezy\Desktop\OTL.exe


========== Modules (SafeList) ==========

MOD - [2011/02/14 14:20:48 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\deezy\Desktop\OTL.exe
MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 15:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:32:06 | 001,649,024 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hcw72ATV.sys -- (hcw72ATV)
DRV:64bit: - [2009/06/10 15:32:06 | 001,643,520 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hcw72DTV.sys -- (hcw72DTV)
DRV:64bit: - [2009/06/10 15:32:06 | 000,037,632 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hcw72ADFilter.sys -- (hcw72ADFilter)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0E CF 43 B0 7B CC CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.237.161.12
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/24 23:56:52 | 000,000,046 | -H-- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{f252dcc1-3804-11e0-baed-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f252dcc1-3804-11e0-baed-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Installer.exe -- [2010/05/24 23:56:52 | 002,505,256 | ---- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/02/14 14:20:46 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\deezy\Desktop\OTL.exe
[2011/02/14 14:19:56 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/02/14 14:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011/02/14 14:19:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2011/02/14 03:01:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011/02/14 03:01:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011/02/14 01:41:05 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/02/14 01:38:50 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011/02/14 01:35:46 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/02/14 01:33:48 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011/02/13 23:47:58 | 000,000,000 | ---D | C] -- C:\Users\deezy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2011/02/13 23:28:20 | 000,000,000 | ---D | C] -- C:\Users\deezy\Documents\StarCraft II
[2011/02/13 23:28:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2011/02/13 23:28:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2011/02/13 23:28:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011/02/13 23:28:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2011/02/13 23:25:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/02/13 23:25:32 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011/02/13 22:47:38 | 000,000,000 | R--D | C] -- C:\Users\deezy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/02/13 22:47:38 | 000,000,000 | R--D | C] -- C:\Users\deezy\Searches
[2011/02/13 22:47:38 | 000,000,000 | R--D | C] -- C:\Users\deezy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/02/13 22:47:37 | 000,000,000 | -H-D | C] -- C:\Users\deezy\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/02/13 22:47:26 | 000,000,000 | ---D | C] -- C:\Users\deezy\AppData\Roaming\Identities
[2011/02/13 22:47:12 | 000,000,000 | R--D | C] -- C:\Users\deezy\Contacts
[2011/02/13 22:47:07 | 000,000,000 | ---D | C] -- C:\Users\deezy\AppData\Local\VirtualStore
[2011/02/13 22:46:42 | 000,000,000 | -HSD | C] -- C:\Users\deezy\AppData\Local\Temporary Internet Files
[2011/02/13 22:46:42 | 000,000,000 | -HSD | C] -- C:\Users\deezy\Templates
[2011/02/13 22:46:42 | 000,000,000 | -HSD | C] -- C:\Users\deezy\Start Menu
[2011/02/13 22:46:42 | 000,000,000 | -HSD | C] -- C:\Users\deezy\SendTo
[2011/02/13 22:46:42 | 000,000,000 | -HSD | C] -- C:\Users\deezy\Recent
[2011/02/13 22:46:42 | 000,000,000 | -HSD | C] -- C:\Users\deezy\PrintHood
[2011/02/13 22:46:42 | 000,000,000 | -HSD | C] -- C:\Users\deezy\NetHood
[2011/02/13 22:46:42 | 000,000,000 | -HSD | C] -- C:\Users\deezy\Documents\My Videos
[2011/02/13 22:46:42 | 000,000,000 | -HSD | C] -- C:\Users\deezy\Documents\My Pictures
[2011/02/13 22:46:42 | 000,000,000 | -HSD | C] -- C:\Users\deezy\Documents\My Music
[2011/02/13 22:46:42 | 000,000,000 | -HSD | C] -- C:\Users\deezy\My Documents
[2011/02/13 22:46:42 | 000,000,000 | -HSD | C] -- C:\Users\deezy\Local Settings
[2011/02/13 22:46:42 | 000,000,000 | -HSD | C] -- C:\Users\deezy\AppData\Local\History
[2011/02/13 22:46:42 | 000,000,000 | -HSD | C] -- C:\Users\deezy\Cookies
[2011/02/13 22:46:42 | 000,000,000 | -HSD | C] -- C:\Users\deezy\Application Data
[2011/02/13 22:46:42 | 000,000,000 | -HSD | C] -- C:\Users\deezy\AppData\Local\Application Data
[2011/02/13 22:46:41 | 000,000,000 | --SD | C] -- C:\Users\deezy\AppData\Roaming\Microsoft
[2011/02/13 22:46:41 | 000,000,000 | R--D | C] -- C:\Users\deezy\Videos
[2011/02/13 22:46:41 | 000,000,000 | R--D | C] -- C:\Users\deezy\Saved Games
[2011/02/13 22:46:41 | 000,000,000 | R--D | C] -- C:\Users\deezy\Pictures
[2011/02/13 22:46:41 | 000,000,000 | R--D | C] -- C:\Users\deezy\Music
[2011/02/13 22:46:41 | 000,000,000 | R--D | C] -- C:\Users\deezy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/02/13 22:46:41 | 000,000,000 | R--D | C] -- C:\Users\deezy\Links
[2011/02/13 22:46:41 | 000,000,000 | R--D | C] -- C:\Users\deezy\Favorites
[2011/02/13 22:46:41 | 000,000,000 | R--D | C] -- C:\Users\deezy\Downloads
[2011/02/13 22:46:41 | 000,000,000 | R--D | C] -- C:\Users\deezy\My Documents
[2011/02/13 22:46:41 | 000,000,000 | R--D | C] -- C:\Users\deezy\Desktop
[2011/02/13 22:46:41 | 000,000,000 | R--D | C] -- C:\Users\deezy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/02/13 22:46:41 | 000,000,000 | -H-D | C] -- C:\Users\deezy\AppData
[2011/02/13 22:46:41 | 000,000,000 | ---D | C] -- C:\Users\deezy\AppData\Local\Temp
[2011/02/13 22:46:41 | 000,000,000 | ---D | C] -- C:\Users\deezy\AppData\Local\Microsoft
[2011/02/13 22:46:41 | 000,000,000 | ---D | C] -- C:\Users\deezy\AppData\Roaming\Media Center Programs
[2011/02/13 22:46:27 | 000,000,000 | -HSD | C] -- C:\Recovery

========== Files - Modified Within 30 Days ==========

[2011/02/14 14:20:48 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\deezy\Desktop\OTL.exe
[2011/02/14 14:19:32 | 000,000,924 | ---- | M] () -- C:\Users\deezy\Desktop\NTREGOPT.lnk
[2011/02/14 14:19:32 | 000,000,905 | ---- | M] () -- C:\Users\deezy\Desktop\ERUNT.lnk
[2011/02/14 14:16:28 | 000,001,437 | ---- | M] () -- C:\Users\deezy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/14 14:16:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/14 01:41:33 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/02/14 01:41:33 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011/02/13 23:47:22 | 000,001,093 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2011/02/13 23:32:45 | 000,737,238 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/02/13 23:32:45 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/02/13 23:32:45 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/02/13 23:21:10 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/02/13 23:21:05 | 000,013,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/13 23:21:05 | 000,013,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/13 23:20:19 | 3220,561,920 | -HS- | M] () -- C:\hiberfil.sys

========== Files Created - No Company Name ==========

[2011/02/14 14:19:32 | 000,000,924 | ---- | C] () -- C:\Users\deezy\Desktop\NTREGOPT.lnk
[2011/02/14 14:19:32 | 000,000,905 | ---- | C] () -- C:\Users\deezy\Desktop\ERUNT.lnk
[2011/02/14 14:16:28 | 000,001,437 | ---- | C] () -- C:\Users\deezy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/14 01:41:25 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011/02/14 01:41:21 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/02/14 01:37:57 | 3220,561,920 | -HS- | C] () -- C:\hiberfil.sys
[2011/02/13 23:28:20 | 000,001,093 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2011/02/13 22:49:28 | 000,001,409 | ---- | C] () -- C:\Users\deezy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/02/13 22:49:24 | 000,001,443 | ---- | C] () -- C:\Users\deezy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/02/13 22:46:41 | 000,000,290 | ---- | C] () -- C:\Users\deezy\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/02/13 22:46:41 | 000,000,272 | ---- | C] () -- C:\Users\deezy\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2009/07/14 00:08:49 | 000,001,374 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: EXPLORER.EXE >
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009/08/03 01:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/31 01:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009/10/31 01:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 00:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009/10/31 01:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 00:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 01:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/03 01:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: USERINIT.EXE >
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 02:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 01:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009/10/28 01:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< %SYSTEMDRIVE%\*.* >
[2011/02/13 23:20:19 | 3220,561,920 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/13 23:20:26 | 4294,086,656 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< >

< End of report >


EXTRAS here,

OTL Extras logfile created on: 2/14/2011 2:21:10 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\deezy\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 80.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 114.94 Gb Total Space | 87.19 Gb Free Space | 75.86% Space Free | Partition Type: NTFS
Drive D: | 6.99 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: DEEZY-PC | User Name: deezy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ERUNT_is1" = ERUNT 1.1j
"StarCraft II" = StarCraft II

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/14/2011 12:27:53 AM | Computer Name = deezy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A certificate chain could not be built to a trusted root authority.
.

[ System Events ]
Error - 2/13/2011 11:49:17 PM | Computer Name = deezy-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Search service hung on starting.

Error - 2/14/2011 12:23:47 AM | Computer Name = deezy-PC | Source = DCOM | ID = 10010
Description =

Error - 2/14/2011 12:23:58 AM | Computer Name = deezy-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80080005: Update for Windows 7 for x64-based Systems (KB971033).


< End of report >


I cannot copy and paste that command line to Jotti. I can only select individual files not folders. I apologize.

To answer your questions,
What is the make and brand of the machine?
Are you using an discreet video card or an onboard video card?
What are the current issues you are experiencing?
What is the title Vista?

The Make and Brand is a custom built computer from tigerdirect. I see SYX, systemax.
I do not understand the meaning of discreet video card or onboard but it is internal if that is what you are referring to. It is titled NVIDIA GeForce 9800 GT (Microsoft Coporation - WDDM v1.1)
The current issues I am facing is computer freezes with blue screen. I have reinstalled windows multiple times while deleting partitions and I still experience this problem. Blue screens such as memory_management and NTFS.sys crashes. I took this computer to a tech and the result was a reformat of my computer and he claimed it was a virus. I proceeded to install videogames such as Starcraft 2 and programs such as mozilla firefox, java, quicktime. A few days later I would experience the same freeze/blue screen while attempting to either play a video game, watch a movie or simple internet surfing or word processing. I took it back once again to the tech and he replaced my harddrive. He explained it was an harddrive error. However, I recently blue screened again with the same message. I reinstalled windows last night and as of now I have not blue screened.
The Title of my Vista is actually Windows 7 Home Premium. 64 bit operating system. My Processor is a Pentium® Dual Core CPU, E5300 @ 2.60 GHZ 2.60 GHz


Thank you for taking the time to respond.
  • 0

#4
Salagubang
Posted 14 February 2011 - 08:08 PM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Is this the new harddrive you mentioned the tech mounted?

Lets do a virus sweep. I may need to make a tech out you.

:D

Step One

Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Step Two

Save these instructions so you can have access to them while in Safe Mode.

Please click here to download AVP Tool by Kaspersky.
  • Save it to your desktop.
  • Reboot your computer into SafeMode.

    You can do this by restarting your computer and continually tapping the F8 key until a menu appears.
    Use your up arrow key to highlight SafeMode then hit enter    .

  • Double click the setup file to run it.
  • Click Next to continue.
  • Accept the Licence agreement and click on next
  • It will by default install it to your desktop folder.Click Next.
  • It will then open a box There will be a tab that says Automatic scan.
  • Under Automatic scan make sure these are checked.

  • Hidden Startup Objects
  • System Memory
  • Disk Boot Sectors.
  • My Computer.
  • Also any other drives (Removable that you may have)


Leave the rest of the settings as they appear as default.

  • Then click on Scan at the to right hand Corner.
  • It will automatically Neutralize any objects found.
  • If some objects are left un-neutralized then click the button that says Neutralize all
  • If it says it cannot be Neutralized then chooose The delete option when prompted.
  • After that is done click on the reports button at the bottom and save it to file name it Kas.
  • Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.

    Note: This tool will self uninstall when you close it so please save the log before closing it.


  • 0

#5
deezy
Posted 14 February 2011 - 11:22 PM

deezy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Hello,

Here is the Malwarebyte file,
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5764

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

2/14/2011 11:12:45 PM
mbam-log-2011-02-14 (23-12-45).txt

Scan type: Quick scan
Objects scanned: 153193
Time elapsed: 56 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


for the AVP tool, I downloaded it and ran setup in safemode.. however, when i clicked scan it said database corrupted.
  • 0

#6
Salagubang
Posted 15 February 2011 - 12:25 AM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts

for the AVP tool, I downloaded it and ran setup in safemode.. however, when i clicked scan it said database corrupted.


Probably an incomplete download. You can try downloading a fresh copy and try again.
  • 0

#7
deezy
Posted 17 February 2011 - 05:27 PM

deezy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Sorry about the delay. This is the other report.

Autoscan: completed <1 minute ago (events: 2, objects: 301896, time: 00:37:47)
2/17/2011 4:47:17 PM Task started
2/17/2011 5:25:04 PM Task completed
  • 0

#8
Salagubang
Posted 17 February 2011 - 08:18 PM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
How is the computer running now?
  • 0

#9
Salagubang
Posted 21 February 2011 - 09:19 PM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP