OTL:
OTL logfile created on: 5/31/2011 9:51:09 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Jason\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.18 Gb Available Physical Memory | 58.92% Memory free
3.82 Gb Paging File | 2.70 Gb Available in Paging File | 70.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48.73 Gb Total Space | 1.23 Gb Free Space | 2.53% Space Free | Partition Type: NTFS
Drive D: | 184.05 Gb Total Space | 0.30 Gb Free Space | 0.16% Space Free | Partition Type: NTFS
Computer Name: JASON-PC | User Name: Jason | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/05/31 21:48:31 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
PRC - [2010/09/07 09:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/08/04 01:51:38 | 000,380,928 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010/08/04 01:51:12 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/06/07 03:35:35 | 000,618,496 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2010/06/02 17:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2009/10/30 22:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/13 18:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/13 18:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
PRC - [2007/07/11 16:10:10 | 000,416,768 | ---- | M] () -- C:\Program Files\Airlink101\Airlink101 PS Software\PsLink.exe
PRC - [2006/10/26 17:30:28 | 000,125,440 | ---- | M] () -- C:\Windows\PsMon.exe
========== Modules (SafeList) ==========
MOD - [2011/05/31 21:48:31 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
MOD - [2009/07/13 18:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/04/26 14:58:41 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 09:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/08/04 01:51:12 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/10/20 11:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 18:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 18:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2010/09/07 08:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 08:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 08:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 08:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/09/07 08:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/08/04 02:21:44 | 006,096,384 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010/08/04 02:21:44 | 006,096,384 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010/08/04 01:15:30 | 000,214,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2009/11/08 20:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/10/20 11:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2009/09/30 07:33:56 | 000,104,976 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/07/28 17:55:38 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2009/07/13 18:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 18:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 18:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 16:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 16:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 16:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/03/02 15:12:10 | 000,038,400 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2007/05/30 11:36:28 | 000,043,008 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BusRMUSB.sys -- (BusRMUSB)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.9223.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/iat/us_ca.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B5 BD 69 D6 09 D6 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...?FORM=IEFM1&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://go.microsoft..../?LinkId=69157"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://www.bing.com/...?FORM=IEFM1&q="
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 21:42:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 21:42:02 | 000,000,000 | ---D | M]
[2009/11/02 17:16:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\Mozilla\Extensions
[2011/04/30 10:48:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\zgbu1wjw.default\extensions
[2010/09/11 13:30:28 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\zgbu1wjw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2009/11/02 19:02:44 | 000,002,171 | ---- | M] () -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\zgbu1wjw.default\searchplugins\bing.xml
[2011/04/30 10:48:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/26 12:28:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/04/13 16:07:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2010/04/06 14:22:23 | 000,000,861 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 174.37.158.171 www.revscene.net
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Steam] D:\Program Files\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.144.90 64.59.144.91 64.59.150.134 192.168.1.1 64.59.144.90 64.59.144.91 64.59.150.134
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
========== Files/Folders - Created Within 30 Days ==========
[2011/05/31 21:48:29 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
[2011/05/29 23:30:41 | 000,000,000 | ---D | C] -- C:\Users\Jason\Desktop\fd
[2011/05/09 00:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP
[2011/05/09 00:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\WinSCP
========== Files - Modified Within 30 Days ==========
[2011/05/31 21:48:31 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
[2011/05/31 21:19:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4235213651-3451392230-372578873-1001UA.job
[2011/05/31 21:19:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4235213651-3451392230-372578873-1001Core.job
[2011/05/31 20:59:36 | 004,234,367 | ---- | M] () -- C:\Users\Jason\Desktop\jane-wmshd.zip
[2011/05/31 20:58:16 | 004,499,375 | ---- | M] () -- C:\Users\Jason\Desktop\我走以后.mp3
[2011/05/31 20:55:59 | 005,025,792 | ---- | M] () -- C:\Users\Jason\Desktop\After I left (我走以后) - 张靓颖(Zhang Liang-Ying).mp3
[2011/05/31 19:03:06 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/31 19:03:06 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/31 18:57:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/31 18:57:36 | 1607,380,992 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/29 21:59:55 | 003,684,352 | ---- | M] () -- C:\Users\Jason\Desktop\Jane Zhang 'A Promise' MV (张靓颖 我们说好的).mp3
[2011/05/29 21:59:01 | 006,994,634 | ---- | M] () -- C:\Users\Jason\Desktop\张靓颖 - 想你零点零一分.mp3
[2011/05/25 06:19:37 | 000,002,397 | ---- | M] () -- C:\Users\Jason\Desktop\Google Chrome.lnk
[2011/05/19 23:50:38 | 134,217,970 | ---- | M] () -- C:\Users\Jason\Desktop\5592P.rar
[2011/05/16 00:18:32 | 000,609,896 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/16 00:18:32 | 000,397,684 | ---- | M] () -- C:\Windows\System32\perfh012.dat
[2011/05/16 00:18:32 | 000,386,252 | ---- | M] () -- C:\Windows\System32\perfh011.dat
[2011/05/16 00:18:32 | 000,374,004 | ---- | M] () -- C:\Windows\System32\prfh0404.dat
[2011/05/16 00:18:32 | 000,358,034 | ---- | M] () -- C:\Windows\System32\prfh0804.dat
[2011/05/16 00:18:32 | 000,104,214 | ---- | M] () -- C:\Windows\System32\perfc011.dat
[2011/05/16 00:18:32 | 000,104,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/16 00:18:32 | 000,102,502 | ---- | M] () -- C:\Windows\System32\perfc012.dat
[2011/05/16 00:18:32 | 000,102,074 | ---- | M] () -- C:\Windows\System32\prfc0804.dat
[2011/05/16 00:18:32 | 000,097,160 | ---- | M] () -- C:\Windows\System32\prfc0404.dat
[2011/05/09 00:43:02 | 000,000,600 | ---- | M] () -- C:\Users\Jason\AppData\Roaming\winscp.rnd
[2011/05/09 00:38:03 | 000,001,707 | ---- | M] () -- C:\Users\Jason\Desktop\WinSCP.lnk
[2011/05/02 20:27:13 | 004,798,621 | ---- | M] () -- C:\Users\Jason\Desktop\吳听徹-我是壞人 .mp3
[2011/05/02 20:05:18 | 003,388,949 | ---- | M] () -- C:\Users\Jason\Desktop\张韶涵 - 伤日快乐.mp3
[2011/05/02 19:52:33 | 004,241,137 | ---- | M] () -- C:\Users\Jason\Desktop\张靓颖 - 来不及说爱你.mp3
========== Files Created - No Company Name ==========
[2011/05/31 20:59:31 | 004,234,367 | ---- | C] () -- C:\Users\Jason\Desktop\jane-wmshd.zip
[2011/05/31 20:58:08 | 004,499,375 | ---- | C] () -- C:\Users\Jason\Desktop\我走以后.mp3
[2011/05/31 20:55:53 | 005,025,792 | ---- | C] () -- C:\Users\Jason\Desktop\After I left (我走以后) - 张靓颖(Zhang Liang-Ying).mp3
[2011/05/29 21:59:48 | 003,684,352 | ---- | C] () -- C:\Users\Jason\Desktop\Jane Zhang 'A Promise' MV (张靓颖 我们说好的).mp3
[2011/05/29 21:58:20 | 006,994,634 | ---- | C] () -- C:\Users\Jason\Desktop\张靓颖 - 想你零点零一分.mp3
[2011/05/19 23:53:30 | 134,217,728 | ---- | C] () -- C:\Users\Jason\Desktop\5592P.nds
[2011/05/19 23:53:30 | 000,000,111 | ---- | C] () -- C:\Users\Jason\Desktop\Download NDS ROMs.url
[2011/05/19 23:42:21 | 134,217,970 | ---- | C] () -- C:\Users\Jason\Desktop\5592P.rar
[2011/05/09 00:38:05 | 000,000,600 | ---- | C] () -- C:\Users\Jason\AppData\Roaming\winscp.rnd
[2011/05/09 00:38:03 | 000,001,707 | ---- | C] () -- C:\Users\Jason\Desktop\WinSCP.lnk
[2011/05/02 20:27:11 | 004,798,621 | ---- | C] () -- C:\Users\Jason\Desktop\吳听徹-我是壞人 .mp3
[2011/05/02 20:05:11 | 003,388,949 | ---- | C] () -- C:\Users\Jason\Desktop\张韶涵 - 伤日快乐.mp3
[2011/05/02 19:52:33 | 004,241,137 | ---- | C] () -- C:\Users\Jason\Desktop\张靓颖 - 来不及说爱你.mp3
[2011/04/16 22:06:18 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
[2010/10/02 16:18:34 | 000,000,400 | ---- | C] () -- C:\Windows\NJCOM.INI
[2010/09/29 18:37:27 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2010/09/25 15:40:24 | 098,149,745 | ---- | C] () -- C:\Program Files\EViews7.rar
[2010/09/25 14:45:41 | 000,000,045 | RH-- | C] () -- C:\Windows\sgc_user.dat
[2010/08/04 01:14:28 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2010/06/16 13:22:58 | 000,219,348 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010/06/15 22:28:54 | 000,002,857 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010/06/07 17:08:23 | 000,006,144 | ---- | C] () -- C:\Users\Jason\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/26 02:25:57 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009/11/02 23:44:50 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009/11/02 23:18:26 | 000,125,440 | ---- | C] () -- C:\Windows\PsMon.exe
[2009/11/02 23:18:26 | 000,008,704 | ---- | C] () -- C:\Windows\rmubcntl.dll
[2009/11/02 23:18:26 | 000,007,680 | ---- | C] () -- C:\Windows\cvnet05.dll
[2009/11/02 23:18:26 | 000,000,090 | ---- | C] () -- C:\Windows\PsLink.ini
[2009/11/02 17:16:54 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/11/02 16:23:47 | 000,386,252 | ---- | C] () -- C:\Windows\System32\perfh011.dat
[2009/11/02 16:23:47 | 000,141,988 | ---- | C] () -- C:\Windows\System32\perfi011.dat
[2009/11/02 16:23:47 | 000,104,214 | ---- | C] () -- C:\Windows\System32\perfc011.dat
[2009/11/02 16:23:47 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd011.dat
[2009/11/02 16:12:19 | 000,374,004 | ---- | C] () -- C:\Windows\System32\prfh0404.dat
[2009/11/02 16:12:19 | 000,117,840 | ---- | C] () -- C:\Windows\System32\prfi0404.dat
[2009/11/02 16:12:19 | 000,097,160 | ---- | C] () -- C:\Windows\System32\prfc0404.dat
[2009/11/02 16:12:19 | 000,031,548 | ---- | C] () -- C:\Windows\System32\prfd0404.dat
[2009/11/02 16:08:00 | 000,397,684 | ---- | C] () -- C:\Windows\System32\perfh012.dat
[2009/11/02 16:08:00 | 000,157,694 | ---- | C] () -- C:\Windows\System32\perfi012.dat
[2009/11/02 16:08:00 | 000,102,502 | ---- | C] () -- C:\Windows\System32\perfc012.dat
[2009/11/02 16:08:00 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd012.dat
[2009/11/02 16:04:17 | 000,111,310 | ---- | C] () -- C:\Windows\System32\prfi0804.dat
[2009/11/02 16:04:17 | 000,031,548 | ---- | C] () -- C:\Windows\System32\prfd0804.dat
[2009/11/02 16:04:16 | 000,358,034 | ---- | C] () -- C:\Windows\System32\prfh0804.dat
[2009/11/02 16:04:16 | 000,102,074 | ---- | C] () -- C:\Windows\System32\prfc0804.dat
[2009/11/02 12:34:00 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/11/02 12:34:00 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009/11/02 12:33:59 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/11/02 12:33:59 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/11/02 12:33:58 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/11/02 11:09:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/10/20 11:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2009/07/13 21:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:33:53 | 000,409,584 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 19:05:48 | 000,609,896 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 19:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 19:05:48 | 000,104,214 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 19:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 19:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 19:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 17:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/13 16:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/02/18 18:55:22 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009/02/03 21:52:04 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2008/06/04 10:23:14 | 000,026,624 | ---- | C] () -- C:\Windows\System32\ssp7ml3.dll
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009/07/13 18:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/13 18:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/13 18:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/13 18:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/13 18:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/13 18:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/13 18:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/13 18:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: IASTORV.SYS >
[2009/07/13 18:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009/07/13 18:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/13 18:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009/07/13 18:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009/07/13 18:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009/07/13 18:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009/07/13 18:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/13 18:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009/07/13 18:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009/07/13 18:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2010/08/04 01:52:06 | 000,450,560 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2009/07/13 18:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\LocationApi.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< End of report >