CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2010/08/21 14:09:11 | 000,000,000 | --SD | C] -- C:\commy24941c
[2010/08/21 14:08:46 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/08/21 14:08:44 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/08/21 13:56:28 | 000,000,000 | --SD | C] -- C:\commy13063c
[2010/08/21 13:41:42 | 000,000,000 | --SD | C] -- C:\commy9035c
[2010/08/21 13:24:03 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\temp
[2010/08/21 13:24:02 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/08/21 13:14:57 | 000,000,000 | --SD | C] -- C:\commy2526c
[2010/08/21 12:59:57 | 000,000,000 | --SD | C] -- C:\commy
[2010/08/18 18:29:40 | 000,000,000 | ---D | C] -- C:\Users\Jason\Desktop\gmer
[2010/08/17 12:53:06 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/08/16 21:04:22 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/08/16 21:04:22 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/08/16 21:04:22 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/08/16 21:04:17 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/08/16 21:03:50 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/08/15 17:01:45 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/08/15 12:35:51 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2010/08/15 12:32:31 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2010/08/15 12:32:30 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2010/08/15 12:32:30 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2010/08/15 12:32:02 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2010/08/15 12:32:01 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2010/08/15 12:32:00 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010/08/15 12:32:00 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2010/08/15 12:32:00 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2010/08/15 12:32:00 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2010/08/15 12:32:00 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010/08/15 12:32:00 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2010/08/15 12:32:00 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010/08/15 12:32:00 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2010/08/15 12:32:00 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2010/08/15 12:32:00 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2010/08/15 12:32:00 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010/08/15 12:32:00 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2010/08/15 12:32:00 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010/08/15 12:31:59 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2010/08/15 12:31:59 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2010/08/15 12:31:59 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2010/08/15 12:31:59 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2010/08/15 12:31:59 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2010/08/15 12:31:59 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2010/08/15 12:31:59 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2010/08/15 12:31:59 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2010/08/15 12:31:59 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2010/08/15 12:31:59 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2010/08/15 12:31:21 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2010/08/15 12:31:21 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2010/08/15 12:31:19 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2010/08/15 12:31:15 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2010/08/15 12:31:15 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll
[2010/08/15 12:31:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll
[2010/08/15 12:31:14 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2010/08/15 12:31:14 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010/08/15 12:31:14 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtp.dll
[2010/08/15 12:31:14 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2010/08/15 12:31:14 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010/08/15 12:31:14 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010/08/15 12:30:12 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2010/08/15 12:30:11 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2010/08/15 12:28:25 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/08/15 12:28:18 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/08/15 02:07:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/08/14 23:31:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2010/08/14 23:31:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2010/08/14 23:31:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2010/08/14 23:12:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2010/08/14 23:08:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/08/14 22:58:39 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/08/14 22:58:38 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/08/14 22:58:37 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/08/14 22:58:37 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/08/14 22:58:36 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/08/14 22:58:36 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/08/14 22:58:36 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/08/14 22:58:36 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/08/14 22:58:35 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/08/14 22:58:35 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/08/14 22:58:35 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/08/14 22:58:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/08/14 22:58:34 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/08/14 22:58:34 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/08/14 22:58:34 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/08/14 22:57:12 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010/08/14 22:57:12 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010/08/14 22:57:11 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010/08/14 22:57:11 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2010/08/14 22:57:11 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2010/08/14 22:57:11 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2010/08/14 22:57:11 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2010/08/14 22:57:10 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/08/14 22:57:10 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010/08/14 22:57:10 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2010/08/14 22:57:10 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2010/08/14 22:57:10 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/08/14 22:57:09 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2010/08/14 22:57:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010/08/14 22:57:09 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2010/08/14 22:57:09 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010/08/14 22:57:08 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/08/14 22:57:08 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2010/08/14 22:57:07 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010/08/14 22:57:07 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/08/14 22:57:07 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2010/08/14 22:57:07 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2010/08/14 22:57:07 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2010/08/14 22:57:07 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2010/08/14 22:57:07 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2010/08/14 19:45:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/08/14 19:45:34 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/08/14 18:35:15 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/08/14 18:03:21 | 000,000,000 | ---D | C] -- C:\ProgramData\CA
[2010/08/14 17:38:36 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Malwarebytes
[2010/08/14 17:38:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/08/14 17:38:21 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/08/14 17:38:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/14 17:38:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/14 17:33:23 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Jason\Desktop\mbam-setup-1.46.exe
[2010/08/14 17:33:20 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\Jason\Desktop\spybotsd162.exe
[2010/08/14 16:48:48 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\SafeReturner
[2010/08/14 16:48:43 | 000,000,000 | ---D | C] -- C:\Program Files\Safe Returner
[2010/08/14 16:44:40 | 003,121,552 | ---- | C] (SafeReturner Anti-Malware Studio ) -- C:\Users\Jason\Desktop\safereturner.exe
[2010/08/14 15:29:26 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/08/14 12:15:05 | 000,201,968 | ---- | C] (CA, Inc.) -- C:\Windows\System32\Isafprod.dll
[2010/08/14 12:15:05 | 000,128,240 | ---- | C] (Computer Associates International, Inc.) -- C:\Windows\System32\Isafeif.dll
[2010/08/14 12:15:05 | 000,095,472 | ---- | C] (Computer Associates International, Inc.) -- C:\Windows\System32\Vetredir.dll
[2010/08/14 12:15:05 | 000,000,000 | -H-D | C] -- C:\Config.msi
[2010/08/14 12:14:02 | 000,000,000 | ---D | C] -- C:\Program Files\CA
[2010/08/14 01:50:25 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\vlc
[2010/08/14 00:20:51 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\Graboid
[2010/08/14 00:19:17 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\Graboid_Inc
[2010/08/14 00:19:12 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\MozillaControl
[2010/08/14 00:19:11 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\Graboid
[2010/08/14 00:18:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla ActiveX Control v1.7.12
[2010/08/14 00:18:08 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010/08/14 00:17:55 | 000,000,000 | ---D | C] -- C:\Program Files\Graboid
[2010/08/13 12:37:17 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\fpignxftt
[2010/08/11 16:05:10 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010/08/11 16:02:23 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/08/11 16:02:21 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010/08/11 16:02:18 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/08/11 16:02:16 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/08/02 15:31:41 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\Yahoo!
[2010/08/01 13:06:05 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
[2010/08/01 13:05:59 | 000,000,000 | ---D | C] -- C:\Program Files\ZooskMessenger
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/08/21 14:39:36 | 002,883,584 | -HS- | M] () -- C:\Users\Jason\NTUSER.DAT
[2010/08/21 14:38:04 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/21 14:20:57 | 000,000,294 | ---- | M] () -- C:\Windows\tasks\WefiStartup.job
[2010/08/21 14:20:55 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/21 14:14:41 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/21 14:14:41 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/21 14:14:34 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/21 14:14:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/21 14:14:30 | 2009,067,520 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/21 14:14:28 | 178,724,515 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/08/21 13:55:43 | 003,820,278 | R--- | M] () -- C:\Users\Jason\Desktop\commy.exe
[2010/08/21 13:44:57 | 000,657,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\perfh009.dat
[2010/08/21 13:44:56 | 000,130,830 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/21 13:44:56 | 000,124,902 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/21 13:24:21 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/08/21 13:09:56 | 000,004,791 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k0
[2010/08/21 13:09:56 | 000,000,209 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k1
[2010/08/21 13:09:56 | 000,000,081 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k7
[2010/08/21 13:09:56 | 000,000,081 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k6
[2010/08/21 13:09:56 | 000,000,081 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k5
[2010/08/21 13:09:56 | 000,000,081 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k4
[2010/08/21 13:09:56 | 000,000,081 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k3
[2010/08/21 13:09:56 | 000,000,081 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k2
[2010/08/21 13:09:56 | 000,000,045 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k7
[2010/08/21 13:09:56 | 000,000,045 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k6
[2010/08/21 13:09:56 | 000,000,045 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k5
[2010/08/21 13:09:56 | 000,000,045 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k4
[2010/08/21 13:09:56 | 000,000,045 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k3
[2010/08/21 13:09:56 | 000,000,045 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k2
[2010/08/21 13:09:56 | 000,000,045 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k1
[2010/08/21 13:09:56 | 000,000,045 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k0
[2010/08/21 13:04:39 | 000,524,288 | -HS- | M] () -- C:\Users\Jason\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/08/21 13:04:39 | 000,065,536 | -HS- | M] () -- C:\Users\Jason\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/08/21 12:53:53 | 003,960,897 | -H-- | M] () -- C:\Users\Jason\AppData\Local\IconCache.db
[2010/08/21 10:59:57 | 000,001,356 | ---- | M] () -- C:\Users\Jason\AppData\Local\d3d9caps.dat
[2010/08/21 08:31:28 | 000,205,738 | ---- | M] () -- C:\Users\Jason\Documents\a.jpg
[2010/08/21 08:31:06 | 000,191,929 | ---- | M] () -- C:\Users\Jason\Documents\Untitled.jpg
[2010/08/21 08:06:17 | 000,002,587 | ---- | M] () -- C:\Users\Jason\Desktop\Microsoft Office Word 2007.lnk
[2010/08/21 03:39:06 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/08/20 23:46:41 | 000,065,024 | ---- | M] () -- C:\Users\Jason\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/18 18:29:40 | 000,293,376 | ---- | M] () -- C:\Users\Jason\Desktop\gmer.exe
[2010/08/18 18:26:50 | 000,284,915 | ---- | M] () -- C:\Users\Jason\Desktop\gmer.zip
[2010/08/17 12:49:26 | 000,000,799 | ---- | M] () -- C:\Users\Jason\Desktop\OTL - Shortcut.lnk
[2010/08/15 17:01:45 | 000,001,845 | ---- | M] () -- C:\Users\Jason\Desktop\HijackThis.lnk
[2010/08/15 12:35:43 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010/08/15 12:35:36 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/08/14 23:36:15 | 000,326,088 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/08/14 23:07:43 | 000,000,914 | ---- | M] () -- C:\Users\Jason\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/08/14 19:45:42 | 000,001,050 | ---- | M] () -- C:\Users\Jason\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/08/14 19:45:42 | 000,001,026 | ---- | M] () -- C:\Users\Jason\Desktop\Spybot - Search & Destroy.lnk
[2010/08/14 17:38:25 | 000,000,829 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/14 17:30:38 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Jason\Desktop\mbam-setup-1.46.exe
[2010/08/14 16:48:45 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\Safe Returner.lnk
[2010/08/14 16:43:37 | 000,000,859 | ---- | M] () -- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk
[2010/08/14 16:39:52 | 003,121,552 | ---- | M] (SafeReturner Anti-Malware Studio ) -- C:\Users\Jason\Desktop\safereturner.exe
[2010/08/14 16:00:13 | 000,036,864 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2010/08/13 17:32:38 | 000,016,031 | ---- | M] () -- C:\Users\Jason\Documents\allies.docx
[2010/08/02 15:31:50 | 000,524,288 | -HS- | M] () -- C:\ProgramData\ntuser.dat{61978eed-9e59-11df-8736-001e33c5be97}.TMContainer00000000000000000002.regtrans-ms
[2010/08/02 15:31:50 | 000,524,288 | -HS- | M] () -- C:\ProgramData\ntuser.dat{61978eed-9e59-11df-8736-001e33c5be97}.TMContainer00000000000000000001.regtrans-ms
[2010/08/02 15:31:50 | 000,262,144 | ---- | M] () -- C:\ProgramData\ntuser.dat
[2010/08/02 15:31:50 | 000,065,536 | -HS- | M] () -- C:\ProgramData\ntuser.dat{61978eed-9e59-11df-8736-001e33c5be97}.TM.blf
[2010/08/02 15:30:50 | 000,000,975 | ---- | M] () -- C:\Users\Jason\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/08/02 15:30:50 | 000,000,951 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/08/21 14:14:29 | 2009,067,520 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/21 13:55:43 | 003,820,278 | R--- | C] () -- C:\Users\Jason\Desktop\commy.exe
[2010/08/21 08:31:28 | 000,205,738 | ---- | C] () -- C:\Users\Jason\Documents\a.jpg
[2010/08/21 08:31:05 | 000,191,929 | ---- | C] () -- C:\Users\Jason\Documents\Untitled.jpg
[2010/08/18 18:26:49 | 000,284,915 | ---- | C] () -- C:\Users\Jason\Desktop\gmer.zip
[2010/08/17 12:49:26 | 000,000,799 | ---- | C] () -- C:\Users\Jason\Desktop\OTL - Shortcut.lnk
[2010/08/16 21:04:22 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/08/16 21:04:22 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/08/16 21:04:22 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/08/16 21:04:22 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/08/16 21:04:22 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/08/15 17:01:45 | 000,001,845 | ---- | C] () -- C:\Users\Jason\Desktop\HijackThis.lnk
[2010/08/15 12:35:43 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010/08/15 12:35:36 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/08/14 22:58:35 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/08/14 19:45:42 | 000,001,050 | ---- | C] () -- C:\Users\Jason\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/08/14 19:45:42 | 000,001,026 | ---- | C] () -- C:\Users\Jason\Desktop\Spybot - Search & Destroy.lnk
[2010/08/14 19:21:11 | 000,004,791 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k0
[2010/08/14 19:21:11 | 000,000,209 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k1
[2010/08/14 19:21:11 | 000,000,081 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k7
[2010/08/14 19:21:11 | 000,000,081 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k6
[2010/08/14 19:21:11 | 000,000,081 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k5
[2010/08/14 19:21:11 | 000,000,081 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k4
[2010/08/14 19:21:11 | 000,000,081 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k3
[2010/08/14 19:21:11 | 000,000,081 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k2
[2010/08/14 18:34:46 | 178,724,515 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/08/14 18:17:28 | 000,000,045 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k7
[2010/08/14 18:17:28 | 000,000,045 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k6
[2010/08/14 18:17:28 | 000,000,045 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k5
[2010/08/14 18:17:28 | 000,000,045 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k4
[2010/08/14 18:17:28 | 000,000,045 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k3
[2010/08/14 18:17:28 | 000,000,045 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k2
[2010/08/14 18:17:28 | 000,000,045 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k1
[2010/08/14 18:17:28 | 000,000,045 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k0
[2010/08/14 17:38:25 | 000,000,829 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/14 16:48:45 | 000,000,808 | ---- | C] () -- C:\Users\Public\Desktop\Safe Returner.lnk
[2010/08/13 17:14:32 | 000,016,031 | ---- | C] () -- C:\Users\Jason\Documents\allies.docx
[2010/08/02 15:31:49 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{61978eed-9e59-11df-8736-001e33c5be97}.TMContainer00000000000000000002.regtrans-ms
[2010/08/02 15:31:49 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{61978eed-9e59-11df-8736-001e33c5be97}.TMContainer00000000000000000001.regtrans-ms
[2010/08/02 15:31:49 | 000,262,144 | ---- | C] () -- C:\ProgramData\ntuser.dat
[2010/08/02 15:31:49 | 000,065,536 | -HS- | C] () -- C:\ProgramData\ntuser.dat{61978eed-9e59-11df-8736-001e33c5be97}.TM.blf
[2010/08/02 15:31:49 | 000,005,120 | -H-- | C] () -- C:\ProgramData\ntuser.dat.LOG1
[2010/08/02 15:31:49 | 000,000,000 | -H-- | C] () -- C:\ProgramData\ntuser.dat.LOG2
[2010/08/02 15:30:50 | 000,000,975 | ---- | C] () -- C:\Users\Jason\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/08/02 15:30:50 | 000,000,951 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/08/01 13:06:05 | 000,000,859 | ---- | C] () -- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk
[2010/02/18 16:50:22 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010/02/18 16:50:22 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010/02/18 16:50:22 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009/11/29 22:33:04 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/10/23 02:43:30 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/10/11 04:41:26 | 000,001,356 | ---- | C] () -- C:\Users\Jason\AppData\Local\d3d9caps.dat
[2009/09/23 23:20:34 | 000,065,024 | ---- | C] () -- C:\Users\Jason\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/18 12:12:11 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/26 16:03:43 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009/08/07 13:17:36 | 000,000,013 | RHS- | C] () -- C:\Windows\System32\drivers\fbd.sys
[2009/08/07 13:17:34 | 000,000,004 | RHS- | C] () -- C:\Windows\System32\drivers\taishop.sys
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/06/09 05:25:37 | 000,131,072 | ---- | C] () -- C:\Windows\System32\EnumDevLib.dll
[2009/06/09 05:18:46 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2009/06/09 05:18:46 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2009/06/09 05:18:46 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2009/06/09 05:18:46 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2008/08/18 14:36:20 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/08/18 14:07:48 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/08/18 14:07:48 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/08/18 14:07:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/08/18 14:07:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/08/18 14:07:48 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/08/18 14:07:48 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/06/12 21:59:22 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1502.dll
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 12:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
========== Custom Scans ==========
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009/04/11 02:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009/04/11 02:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
< %systemroot%\system32\*.exe /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008/08/18 13:51:06 | 012,820,480 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/08/18 13:51:02 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/08/18 13:51:06 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2008/08/18 13:51:12 | 017,186,816 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2008/08/18 13:51:13 | 006,635,520 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.sys >
[2006/11/02 03:09:42 | 000,009,029 | ---- | M] () -- C:\Windows\System32\ANSI.SYS
[2009/04/11 02:32:46 | 000,245,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys
[2006/11/02 03:09:45 | 000,027,097 | ---- | M] () -- C:\Windows\System32\country.sys
[2006/11/02 03:09:41 | 000,004,768 | ---- | M] () -- C:\Windows\System32\HIMEM.SYS
[2006/11/02 03:09:44 | 000,042,809 | ---- | M] () -- C:\Windows\System32\KEY01.SYS
[2006/11/02 03:09:44 | 000,042,537 | ---- | M] () -- C:\Windows\System32\KEYBOARD.SYS
[2006/11/02 03:09:29 | 000,027,866 | ---- | M] () -- C:\Windows\System32\NTDOS.SYS
[2006/11/02 03:09:35 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS404.SYS
[2006/11/02 03:09:38 | 000,029,370 | ---- | M] () -- C:\Windows\System32\NTDOS411.SYS
[2006/11/02 03:09:40 | 000,029,274 | ---- | M] () -- C:\Windows\System32\NTDOS412.SYS
[2006/11/02 03:09:31 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS804.SYS
[2006/11/02 03:09:20 | 000,033,952 | ---- | M] () -- C:\Windows\System32\NTIO.SYS
[2006/11/02 03:09:23 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO404.SYS
[2006/11/02 03:09:24 | 000,035,776 | ---- | M] () -- C:\Windows\System32\NTIO411.SYS
[2006/11/02 03:09:26 | 000,035,536 | ---- | M] () -- C:\Windows\System32\NTIO412.SYS
[2006/11/02 03:09:22 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO804.SYS
[2010/06/21 09:37:03 | 002,037,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
< %systemroot%\system32\drivers\*.dll >
< %systemroot%\system32\drivers\*.ini >
< %systemroot%\system32\drivers\*.exe >
< %SYSTEMDRIVE%\*.* >
[2006/09/18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 02:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/08/18 13:51:16 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010/08/14 18:12:36 | 007,174,140 | ---- | M] () -- C:\caisslog.txt
[2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/08/21 14:14:30 | 2009,067,520 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/09 17:28:28 | 000,000,719 | -H-- | M] () -- C:\IPH.PH
[2010/08/21 14:14:28 | 2322,862,080 | -HS- | M] () -- C:\pagefile.sys
< %PROGRAMFILES%\*. >
[2010/08/01 13:05:56 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/07/09 17:28:22 | 000,000,000 | ---D | M] -- C:\Program Files\AIM
[2010/02/13 16:36:58 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2009/08/07 15:35:59 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2009/09/21 14:16:38 | 000,000,000 | ---D | M] -- C:\Program Files\AskBarDis
[2010/02/02 03:16:03 | 000,000,000 | ---D | M] -- C:\Program Files\Best Buy Digital Music Store Powered by Rhapsody
[2010/08/14 18:06:11 | 000,000,000 | ---D | M] -- C:\Program Files\CA
[2010/08/21 13:21:54 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/02/21 16:30:32 | 000,000,000 | ---D | M] -- C:\Program Files\Diablo II
[2010/05/27 14:56:20 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2010/03/06 01:29:20 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/08/14 12:27:08 | 000,000,000 | ---D | M] -- C:\Program Files\Graboid
[2009/06/09 05:50:49 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/06/09 05:20:25 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2010/08/14 23:32:34 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2008/08/18 14:07:48 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2008/08/18 14:09:39 | 000,000,000 | ---D | M] -- C:\Program Files\Intuit
[2008/08/18 14:11:17 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/10/23 02:43:50 | 000,000,000 | ---D | M] -- C:\Program Files\K-Lite Codec Pack
[2010/01/27 13:38:41 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2009/06/09 05:18:46 | 000,000,000 | ---D | M] -- C:\Program Files\ltmoh
[2010/08/14 17:38:26 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/09 19:47:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2009/12/21 21:49:50 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft LifeCam
[2009/06/09 04:59:03 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2009/06/09 05:09:15 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office Suite Activation Assistant
[2010/08/15 02:07:16 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/08/14 22:56:46 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2009/06/09 04:58:46 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/08/14 23:32:35 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/08/14 00:18:53 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla ActiveX Control v1.7.12
[2010/08/01 12:34:04 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2008/08/18 14:43:18 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/08/10 01:43:15 | 000,000,000 | ---D | M] -- C:\Program Files\MySpace
[2009/11/16 16:43:37 | 000,000,000 | ---D | M] -- C:\Program Files\NOS
[2010/01/11 20:06:51 | 000,000,000 | ---D | M] -- C:\Program Files\Pando Networks
[2008/08/18 14:16:32 | 000,000,000 | ---D | M] -- C:\Program Files\Picasa2
[2009/08/07 15:37:05 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/02/02 03:15:22 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2009/06/09 05:25:38 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2009/06/09 05:24:09 | 000,000,000 | ---D | M] -- C:\Program Files\REALTEK RTL8187B Wireless LAN Driver
[2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2010/02/02 03:25:11 | 000,000,000 | ---D | M] -- C:\Program Files\Rhapsody
[2010/08/14 16:57:05 | 000,000,000 | ---D | M] -- C:\Program Files\Safe Returner
[2009/11/29 22:29:48 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2010/08/14 19:45:43 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2009/06/09 05:22:23 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2009/11/29 22:30:17 | 000,000,000 | ---D | M] -- C:\Program Files\tbh
[2010/06/06 21:46:18 | 000,000,000 | ---D | M] -- C:\Program Files\The Rosetta Stone
[2009/06/09 05:50:50 | 000,000,000 | ---D | M] -- C:\Program Files\Toshiba
[2008/08/18 14:18:53 | 000,000,000 | ---D | M] -- C:\Program Files\Toshiba Registration
[2010/08/15 17:01:45 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2010/01/27 13:35:28 | 000,000,000 | ---D | M] -- C:\Program Files\Turbine
[2008/08/18 14:03:34 | 000,000,000 | ---D | M] -- C:\Program Files\Ulead Systems
[2006/11/02 09:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010/08/14 00:18:08 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2010/03/02 17:46:59 | 000,000,000 | ---D | M] -- C:\Program Files\Vuze
[2010/03/21 23:01:44 | 000,000,000 | ---D | M] -- C:\Program Files\WeFi
[2010/08/14 23:32:35 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2010/08/14 23:32:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2010/08/14 23:32:31 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2010/08/14 23:32:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2009/08/07 15:26:43 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/08/07 15:26:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2010/08/14 23:32:35 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2008/08/18 14:07:17 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Components
[2010/08/14 23:32:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2010/08/14 23:32:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2010/08/15 12:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2010/08/14 23:32:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2009/11/11 18:50:14 | 000,000,000 | ---D | M] -- C:\Program Files\Womble Multimedia
[2010/08/02 15:31:48 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2010/08/14 16:51:31 | 000,000,000 | ---D | M] -- C:\Program Files\ZooskMessenger
< %appdata%\*.* >
< MD5 for: AGP440.SYS >
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2008/03/24 23:22:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86AE099CE -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_3e1ecd89\AGP440.sys
[2008/03/24 23:22:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86AE099CE -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.22142_none_ba734aead7ed1bb6\AGP440.sys
[2008/03/25 23:38:23 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD763A49FE -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_e4087235\AGP440.sys
[2008/03/25 23:38:23 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD763A49FE -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20800_none_b8b64d46daa7e57a\AGP440.sys
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2008/03/12 02:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\drivers\atapi.sys
[2008/03/12 02:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008/03/12 02:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 22:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 22:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/03/12 02:24:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: DISK.SYS >
[2009/04/11 02:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys
[2009/04/11 02:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys
[2009/04/11 02:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008/01/20 22:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/20 22:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 05:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys
< MD5 for: IASTOR.SYS >
[2008/04/15 20:54:16 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008/04/15 20:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008/04/15 20:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\drivers\iaStor.sys
[2008/04/15 20:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_77c04a30\iaStor.sys
< MD5 for: IASTORV.SYS >
[2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: KR10N.SYS >
[2006/11/09 02:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6A4ADB9186DD0E114E623DAF57E42B31 -- C:\Windows\System32\drivers\KR10N.sys
[2006/11/09 02:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6A4ADB9186DD0E114E623DAF57E42B31 -- C:\Windows\System32\DriverStore\FileRepository\kr10.inf_c681c175\KR10N.sys
[2005/09/27 04:57:00 | 000,207,104 | ---- | M] (TOSHIBA CORPORATION) MD5=A1963360E74931222A67356C8AD48378 -- C:\Windows\System32\DriverStore\FileRepository\kr10n.inf_f8c77270\KR10N.sys
< MD5 for: NETLOGON.DLL >
[2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/20 22:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008/01/20 22:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USBSTOR.SYS >
[2008/01/20 22:23:24 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=87BA6B83C5D19B69160968D07D6E2982 -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_b9f18584\USBSTOR.SYS
[2008/01/20 22:23:24 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=87BA6B83C5D19B69160968D07D6E2982 -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6001.18000_none_48864eb697d31b43\USBSTOR.SYS
[2009/04/11 00:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\System32\drivers\USBSTOR.SYS
[2009/04/11 00:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_72a6a3e5\USBSTOR.SYS
[2009/04/11 00:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6002.18005_none_4a71c7c294f4e68f\USBSTOR.SYS
[2006/11/02 04:55:05 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=FDBAABF07244C60B0F4E0A6E71A107C6 -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_bb2778a0\USBSTOR.SYS
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-15 16:33:05
========== Alternate Data Streams ==========
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >