This topic is locked
sorry for long delay but here is the final scan log
OTL logfile created on: 4/6/2011 9:30:52 PM - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Zheng\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 70.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.51 Gb Total Space | 239.96 Gb Free Space | 25.76% Space Free | Partition Type: NTFS
Drive E: | 1863.01 Gb Total Space | 1218.60 Gb Free Space | 65.41% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 188.58 Gb Free Space | 20.24% Space Free | Partition Type: NTFS
Computer Name: ZHENG-59D095A87 | User Name: Zheng | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/04/01 00:47:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Zheng\Desktop\OTL.exe
PRC - [2011/03/23 13:49:21 | 001,004,088 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Zheng\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/03/18 13:53:06 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/03/13 00:02:14 | 000,016,384 | ---- | M] () -- C:\WINDOWS\runservice.exe
PRC - [2010/11/24 00:18:34 | 000,397,176 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\bittorrent.exe
PRC - [2010/04/01 05:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009/08/22 14:25:00 | 002,781,184 | ---- | M] () -- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner.exe
PRC - [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011/04/01 00:47:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Zheng\Desktop\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- -- (6to4)
SRV - [2011/03/13 00:02:14 | 000,016,384 | ---- | M] () [Auto | Running] -- C:\WINDOWS\runservice.exe -- (LicCtrlService)
SRV - [2010/11/19 06:57:14 | 001,150,936 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010/06/11 12:01:35 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- c:\Program Files\Steam\steamapps\common\dragon age origins\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2010/06/09 16:53:50 | 000,316,816 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\WINDOWS\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2010/04/26 20:07:18 | 003,562,408 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
========== Driver Services (SafeList) ==========
DRV - [2011/02/24 18:21:10 | 006,340,200 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2011/01/19 10:46:56 | 000,010,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ampa.sys -- (ampa)
DRV - [2010/12/10 13:24:12 | 000,239,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/07/16 14:59:54 | 000,656,320 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pctEFA.sys -- (pctEFA)
DRV - [2010/07/16 14:59:54 | 000,338,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pctDS.sys -- (pctDS)
DRV - [2010/06/10 23:22:18 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010/06/10 23:22:18 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010/06/09 16:53:50 | 003,110,512 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2010/06/05 20:35:46 | 000,697,328 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/11/18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/08/22 14:25:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys -- (RivaTuner32)
DRV - [2009/04/08 12:59:00 | 000,008,704 | ---- | M] (SNEG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\FStarForce.sys -- (FStarForce)
DRV - [2009/02/13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/14 08:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)
DRV - [2008/04/07 04:06:50 | 000,124,928 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/04/07 04:06:50 | 000,102,400 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2008/04/07 04:06:50 | 000,054,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/04/07 04:06:50 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/26 17:51:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/29 23:59:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2011/03/30 00:02:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Zheng\Application Data\Mozilla\Extensions
[2011/03/29 23:59:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/03/18 13:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
O1 HOSTS File: ([2011/04/03 19:26:46 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RivaTuner] C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner.exe ()
O4 - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/06/04 18:40:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3967ceb5-558d-11e0-88f7-002185933370}\Shell - "" = AutoRun
O33 - MountPoints2\{3967ceb5-558d-11e0-88f7-002185933370}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3967ceb5-558d-11e0-88f7-002185933370}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Seagate\Installer\InstallSeagateManager.exe
O33 - MountPoints2\G\Shell\Install\command - "" = G:\Seagate\Installer\InstallSeagateManager.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17183584330711040)
========== Files/Folders - Created Within 30 Days ==========
[2011/04/04 22:10:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\Desktop\Need for Speed Shift 2
[2011/04/04 20:10:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\My Documents\SHIFT 2 UNLEASHED
[2011/04/04 19:47:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Solidshield
[2011/04/02 17:50:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AOMEI Partition Assistant 3.0
[2011/04/02 17:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\AOMEI Partition Assistant 3.0
[2011/04/02 14:29:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011/04/02 09:21:48 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/04/01 12:57:47 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/04/01 12:56:20 | 002,322,184 | ---- | C] (ESET) -- C:\Documents and Settings\Zheng\Desktop\esetsmartinstaller_enu.exe
[2011/04/01 09:39:38 | 001,377,112 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Zheng\Desktop\tdsskiller.exe
[2011/04/01 00:48:29 | 000,566,272 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Zheng\Desktop\aswMBR.exe
[2011/04/01 00:47:40 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Zheng\Desktop\OTL.exe
[2011/03/31 10:30:33 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/03/31 10:30:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2011/03/31 10:30:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\setupupd
[2011/03/30 17:24:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\Desktop\backups
[2011/03/30 17:19:18 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Zheng\Desktop\HijackThis.exe
[2011/03/30 15:33:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2011/03/29 23:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\Application Data\Mozilla
[2011/03/29 23:59:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/03/29 23:26:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\Start Menu\Programs\Google Chrome
[2011/03/29 23:21:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/03/29 23:21:36 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/03/29 23:21:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/03/29 23:21:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/03/29 23:07:38 | 000,359,016 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2011/03/29 23:07:36 | 000,129,640 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2011/03/29 23:07:36 | 000,055,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtkCoInstXP.dll
[2011/03/29 23:07:35 | 001,395,800 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys
[2011/03/29 23:07:34 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2011/03/29 23:02:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\Local Settings\Application Data\SlimWare Utilities Inc
[2011/03/29 23:02:06 | 000,000,000 | ---D | C] -- C:\Program Files\DriverUpdate
[2011/03/29 23:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DriverUpdate
[2011/03/29 23:01:49 | 000,000,000 | ---D | C] -- C:\Program Files\Downloaded Installers
[2011/03/29 22:27:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Real
[2011/03/29 17:30:26 | 000,656,320 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctEFA.sys
[2011/03/29 17:30:26 | 000,338,880 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctDS.sys
[2011/03/29 17:30:25 | 000,251,560 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2011/03/29 17:30:23 | 000,239,168 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2011/03/29 17:30:23 | 000,160,448 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2011/03/29 17:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Tools Security
[2011/03/29 17:30:20 | 000,070,536 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2011/03/29 17:30:16 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2011/03/29 17:30:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/03/29 17:30:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\Application Data\PC Tools
[2011/03/29 17:30:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/03/29 17:29:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2011/03/29 16:37:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2011/03/29 16:37:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/03/29 16:34:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2011/03/29 14:35:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/03/29 14:34:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/03/29 14:08:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/03/29 14:08:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/03/27 12:13:56 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity
[2011/03/27 12:04:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\Application Data\foobar2000
[2011/03/27 12:03:10 | 000,000,000 | ---D | C] -- C:\Program Files\foobar2000
[2011/03/26 16:46:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2011/03/25 12:29:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\My Documents\Crysis2
[2011/03/25 12:28:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\EA Core
[2011/03/24 10:00:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\Application Data\facemoods.com
[2011/03/23 21:05:20 | 000,011,520 | ---- | C] (Western Digital Technologies) -- C:\WINDOWS\System32\drivers\wdcsam.sys
[2011/03/23 21:05:20 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2011/03/23 21:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\Local Settings\Application Data\Western Digital
[2011/03/23 17:52:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader
[2011/03/23 17:52:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/03/23 17:52:15 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/03/23 17:52:15 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/03/23 17:52:04 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/03/23 17:51:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\Application Data\Sun
[2011/03/23 17:51:42 | 000,000,000 | ---D | C] -- C:\Program Files\facemoods.com
[2011/03/23 17:51:38 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2011/03/22 17:23:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\My Documents\orcsoft
[2011/03/22 16:58:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ffdshow
[2011/03/22 16:51:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Combined Community Codec Pack
[2011/03/22 16:51:34 | 000,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack
[2011/03/22 16:13:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\Start Menu\Programs\FoxTab FLV Player
[2011/03/22 16:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\FoxTabFlvPlayer
[2011/03/22 16:04:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\Local Settings\Application Data\3DMGAME
[2011/03/22 15:55:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Homefront
[2011/03/19 11:55:16 | 000,000,000 | ---D | C] -- C:\Program Files\Assassin's Creed II
[2011/03/19 11:41:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\Local Settings\Application Data\Ubisoft Game Launcher
[2011/03/19 11:37:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\Application Data\PunkBuster
[2011/03/19 11:37:11 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2011/03/18 23:35:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\Start Menu\Programs\Empire Total War
[2011/03/10 10:44:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dragon Age II
[2011/03/08 21:25:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\My Documents\PolluxGamelabs
[2011/03/08 21:22:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lost Empire - Immortals
[2011/03/08 20:38:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Darkstar One
[2011/03/07 22:22:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zheng\My Documents\Warhammer Mark of Chaos
[2011/03/07 22:10:56 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2011/03/07 22:10:56 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2011/03/07 22:10:56 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2011/03/07 22:10:56 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2011/03/07 22:10:56 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2011/03/07 22:10:56 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2011/03/07 22:10:56 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2011/03/07 22:10:56 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2011/03/07 22:10:56 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2011/03/07 22:10:56 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2011/03/07 22:10:56 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2011/03/07 22:10:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2011/03/07 22:10:56 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2011/03/07 22:10:56 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2011/03/07 22:10:56 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2011/03/07 22:10:56 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2011/03/07 22:10:56 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2011/03/07 22:10:56 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2011/03/07 22:10:56 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2011/03/07 22:10:56 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2011/03/07 22:10:56 | 000,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2011/03/07 22:10:55 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax
[2011/03/07 22:10:55 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2011/03/07 22:10:53 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe
[2011/03/07 22:10:53 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pid.dll
[2011/03/07 22:08:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NAMCO BANDAI Games
========== Files - Modified Within 30 Days ==========
[2011/04/06 21:31:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1788223648-1801674531-1004UA.job
[2011/04/06 21:28:37 | 000,042,496 | ---- | M] () -- C:\Documents and Settings\Zheng\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/06 20:56:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/06 17:24:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-448539723-1788223648-1801674531-1004.job
[2011/04/06 16:29:50 | 000,001,385 | -HS- | M] () -- C:\WINDOWS\System32\mmf.sys
[2011/04/06 16:29:20 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-448539723-1788223648-1801674531-1004.job
[2011/04/06 16:29:19 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/06 16:29:15 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/06 16:29:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/05 23:31:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1788223648-1801674531-1004Core.job
[2011/04/05 20:12:50 | 000,000,023 | ---- | M] () -- C:\WINDOWS\BlendSettings.ini
[2011/04/03 20:29:44 | 000,000,025 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[2011/04/03 19:26:46 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/04/02 17:50:52 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Aomei Partition Assistant 3.0 Home Edition.lnk
[2011/04/01 13:17:41 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/01 12:56:27 | 002,322,184 | ---- | M] (ESET) -- C:\Documents and Settings\Zheng\Desktop\esetsmartinstaller_enu.exe
[2011/04/01 09:39:38 | 001,377,112 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Zheng\Desktop\tdsskiller.exe
[2011/04/01 01:25:27 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Zheng\Desktop\MBR.dat
[2011/04/01 00:57:28 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Zheng\Desktop\Microsoft Office Word 2007.lnk
[2011/04/01 00:48:32 | 000,566,272 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Zheng\Desktop\aswMBR.exe
[2011/04/01 00:47:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Zheng\Desktop\OTL.exe
[2011/03/31 10:30:46 | 000,000,414 | -HS- | M] () -- C:\boot.ini
[2011/03/30 17:25:01 | 000,000,343 | -HS- | M] () -- C:\BOOT.BAK
[2011/03/30 17:19:18 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Zheng\Desktop\HijackThis.exe
[2011/03/29 23:59:48 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Zheng\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/03/29 23:59:48 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/03/29 23:28:49 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Zheng\Desktop\Google Chrome.lnk
[2011/03/29 23:28:49 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Zheng\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/03/29 23:07:43 | 000,565,684 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/03/29 16:28:28 | 000,108,032 | RHS- | M] () -- C:\WINDOWS\System32\dspropd.dll
[2011/03/27 12:13:56 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\Zheng\Desktop\Audacity.lnk
[2011/03/27 12:03:11 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\Zheng\Application Data\Microsoft\Internet Explorer\Quick Launch\foobar2000.lnk
[2011/03/27 12:03:11 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\foobar2000.lnk
[2011/03/26 16:46:17 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/03/23 17:52:35 | 000,000,763 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\JDownloader.lnk
[2011/03/22 16:49:43 | 000,001,698 | ---- | M] () -- C:\Documents and Settings\Zheng\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Player Classic - Home Cinema.lnk
[2011/03/22 16:49:43 | 000,001,680 | ---- | M] () -- C:\Documents and Settings\Zheng\Desktop\Media Player Classic - Home Cinema.lnk
[2011/03/22 16:47:12 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/03/22 16:13:49 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\Zheng\Desktop\FoxTab FLV Player.lnk
[2011/03/18 23:35:03 | 000,001,053 | ---- | M] () -- C:\Documents and Settings\Zheng\Desktop\RivaTuner (2).lnk
[2011/03/13 10:06:40 | 000,444,016 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/13 10:06:40 | 000,072,274 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/13 00:02:14 | 000,249,856 | ---- | M] () -- C:\WINDOWS\lcmmfu.cpl
[2011/03/13 00:02:14 | 000,048,640 | ---- | M] () -- C:\WINDOWS\mmfs.dll
[2011/03/13 00:02:14 | 000,016,384 | ---- | M] () -- C:\WINDOWS\runservice.exe
========== Files Created - No Company Name ==========
[2011/04/02 20:03:36 | 000,042,496 | ---- | C] () -- C:\Documents and Settings\Zheng\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/02 17:50:52 | 001,098,680 | ---- | C] () -- C:\WINDOWS\ampa.exe
[2011/04/02 17:50:52 | 000,010,936 | ---- | C] () -- C:\WINDOWS\System32\ampa.sys
[2011/04/02 17:50:52 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Aomei Partition Assistant 3.0 Home Edition.lnk
[2011/04/01 01:25:27 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Zheng\Desktop\MBR.dat
[2011/03/31 10:30:45 | 000,000,343 | -HS- | C] () -- C:\BOOT.BAK
[2011/03/31 10:30:43 | 000,260,288 | RHS- | C] () -- C:\cmldr
[2011/03/30 21:34:58 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2011/03/29 23:59:48 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Zheng\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/03/29 23:59:48 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/03/29 23:59:48 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/03/29 23:26:37 | 000,002,284 | ---- | C] () -- C:\Documents and Settings\Zheng\Desktop\Google Chrome.lnk
[2011/03/29 23:26:37 | 000,002,262 | ---- | C] () -- C:\Documents and Settings\Zheng\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/03/29 23:26:12 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1788223648-1801674531-1004UA.job
[2011/03/29 23:26:12 | 000,000,926 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1788223648-1801674531-1004Core.job
[2011/03/29 17:30:26 | 000,565,684 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/03/29 16:28:28 | 000,108,032 | RHS- | C] () -- C:\WINDOWS\System32\dspropd.dll
[2011/03/29 14:10:10 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/27 12:13:56 | 000,000,636 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Audacity.lnk
[2011/03/27 12:13:56 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\Zheng\Desktop\Audacity.lnk
[2011/03/27 12:03:11 | 000,000,782 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\foobar2000.lnk
[2011/03/27 12:03:11 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\Zheng\Application Data\Microsoft\Internet Explorer\Quick Launch\foobar2000.lnk
[2011/03/27 12:03:11 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\foobar2000.lnk
[2011/03/26 16:46:17 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/03/23 17:52:35 | 000,000,763 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\JDownloader.lnk
[2011/03/22 16:58:35 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/03/22 16:58:35 | 000,050,688 | ---- | C] () -- C:\WINDOWS\System32\ff_acm.acm
[2011/03/22 16:49:43 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\Zheng\Desktop\Media Player Classic - Home Cinema.lnk
[2011/03/22 16:13:49 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Zheng\Desktop\FoxTab FLV Player.lnk
[2011/03/18 23:35:03 | 000,001,053 | ---- | C] () -- C:\Documents and Settings\Zheng\Desktop\RivaTuner (2).lnk
[2011/03/13 00:02:16 | 000,001,385 | -HS- | C] () -- C:\WINDOWS\System32\mmf.sys
[2011/03/13 00:02:14 | 000,249,856 | ---- | C] () -- C:\WINDOWS\lcmmfu.cpl
[2011/03/13 00:02:14 | 000,048,640 | ---- | C] () -- C:\WINDOWS\mmfs.dll
[2011/03/13 00:02:14 | 000,016,384 | ---- | C] () -- C:\WINDOWS\runservice.exe
[2011/03/07 22:10:56 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2011/03/07 22:10:56 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2011/03/07 22:10:56 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2011/03/07 22:10:56 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2011/03/07 22:10:56 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2011/03/07 22:10:56 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2011/01/30 03:23:02 | 000,602,264 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/12/04 19:42:56 | 000,354,304 | ---- | C] () -- C:\WINDOWS\System32\pythoncom26.dll
[2010/12/04 19:42:56 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\pywintypes26.dll
[2010/12/04 18:24:18 | 000,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll
[2010/12/04 18:24:18 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll
[2010/11/29 18:04:29 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/11/29 18:04:29 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/11/29 18:04:15 | 000,694,981 | ---- | C] () -- C:\WINDOWS\RON 2010 ENGLISH DL Uninstaller.exe
[2010/11/25 01:31:54 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Zheng\Application Data\chrtmp
[2010/10/26 12:15:55 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/10/26 12:15:54 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/10/26 12:15:53 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/09/12 13:26:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/09/12 13:26:27 | 000,182,272 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2010/08/22 12:23:04 | 000,004,514 | ---- | C] () -- C:\WINDOWS\Fred2.INI
[2010/08/08 10:21:39 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\_SCII.dll
[2010/07/18 00:03:47 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010/07/14 22:11:17 | 000,008,192 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2010/07/07 13:48:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Xscan.INI
[2010/07/01 01:50:20 | 000,000,392 | ---- | C] () -- C:\WINDOWS\{27018D57-D152-44EF-BCE0-5E3B3445EABE}_WiseFW.ini
[2010/06/11 00:35:17 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2010/06/09 18:18:35 | 000,000,060 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010/06/08 11:05:57 | 000,139,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/06/08 11:05:57 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Zheng\Application Data\PnkBstrK.sys
[2010/06/08 11:05:43 | 000,189,248 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010/06/08 11:05:42 | 000,669,184 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2010/06/08 11:05:42 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010/06/08 10:25:50 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010/06/08 10:25:50 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010/06/05 22:39:34 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/06/05 12:53:28 | 000,001,311 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2010/06/05 12:41:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/06/05 09:25:09 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/06/05 09:05:32 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/06/05 09:01:51 | 000,003,636 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2010/06/04 18:41:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/06/04 18:39:09 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/06/04 14:26:41 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/06/04 14:25:38 | 000,272,576 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008/04/14 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 08:00:00 | 000,444,016 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 08:00:00 | 000,072,274 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2007/10/31 10:56:34 | 000,000,647 | ---- | C] () -- C:\WINDOWS\System32\hppapr04.dat
[2006/08/21 15:45:40 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\hppapr04.dll
========== LOP Check ==========
[2010/06/05 20:28:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2010/07/01 23:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BC
[2010/06/11 23:14:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2010/06/29 11:52:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Codemasters
[2010/06/06 19:19:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/06/05 20:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2010/10/16 16:21:53 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\DSS
[2011/03/25 12:28:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Core
[2010/06/08 22:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010/11/29 17:13:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LittleGamesCompany
[2010/06/27 12:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Muzzy Lane
[2011/03/01 18:55:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2010/09/18 20:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SEGA Corporation
[2011/04/04 19:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Solidshield
[2010/09/25 22:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Stardock
[2010/06/23 21:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Synetic
[2010/06/08 10:26:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tages
[2011/03/29 17:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/03/19 11:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2010/07/01 01:51:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\XBlades
[2010/06/08 11:16:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
[2010/09/25 22:19:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{1EB63B4B-5639-4477-8E24-05C31B5F8019}
[2010/06/05 20:28:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\acccore
[2011/03/22 16:14:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\alot
[2010/11/03 16:46:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\BDL+D
[2010/11/16 11:50:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\Bioshock2
[2011/04/06 21:32:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\BitTorrent
[2010/06/10 21:28:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\bonetown
[2010/06/08 12:50:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\Code Force Limited
[2010/07/03 13:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\Command and Conquer 4
[2010/06/06 19:20:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\DAEMON Tools Lite
[2010/06/06 08:37:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\DAEMON Tools Pro
[2011/03/24 10:00:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\facemoods.com
[2011/03/27 12:13:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\foobar2000
[2010/07/10 15:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\FSW2
[2010/06/10 21:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\Gearbox Software
[2011/01/29 18:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\Kalypso Media
[2010/06/23 14:58:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\Leadertech
[2010/11/29 17:13:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\LittleGamesCompany
[2011/01/25 20:30:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\MinerWars
[2010/07/02 21:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\Mount&Blade Warband
[2011/03/29 23:19:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\PriceGong
[2011/03/19 11:37:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\PunkBuster
[2010/08/25 00:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\RenPy
[2011/02/10 14:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\Rift
[2010/06/30 00:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\SPORE
[2010/09/29 16:00:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\Star Ruler
[2011/03/23 21:07:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\The Creative Assembly
[2011/03/19 11:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\Ubisoft
[2010/09/02 23:57:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\W
[2010/07/12 12:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\wargaming.net
[2010/09/01 11:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zheng\Application Data\WorldShift
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: EXPLORER.EXE >
[2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: SVCHOST.EXE >
[2008/04/14 08:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/14 08:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: USERINIT.EXE >
[2008/04/14 08:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 08:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008/04/14 08:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 08:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< %systemroot%\*. /mp /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 171 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
Sign In
Create Account
