I copy pasted them to the body of this message because when I tried to attach them I got a message that this type of documents could not be attached.
Thank you in advance for any help that can be offered.
Eddieram36
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-01-05 11:31:47
Windows 6.1.7100
Running: gmer.exe; Driver: C:\Users\Eddie\AppData\Local\Temp\uwlcapod.sys
---- System - GMER 1.0.15 ----
INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83246AF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83246104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 832463F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322F2D8
INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322E898
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 832461DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83246958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 832466F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83246F2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 832471A8
---- Registry - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Servers\06F05ECB-CE2A-471B-8E3C-CB457EAA91BC@IPAddress 127.0.0.1
Reg HKLM\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Servers\E402E2CB-1450-46C4-A43D-C750542F2E6A@IPAddress 127.0.0.1
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sector 01: copy of MBR
Disk \Device\Harddisk0\DR0 sector 02: copy of MBR
Disk \Device\Harddisk0\DR0 sector 03: copy of MBR
Disk \Device\Harddisk0\DR0 sector 04: copy of MBR
Disk \Device\Harddisk0\DR0 sector 05: copy of MBR
Disk \Device\Harddisk0\DR0 sector 06: copy of MBR
Disk \Device\Harddisk0\DR0 sector 07: copy of MBR
Disk \Device\Harddisk0\DR0 sector 08: copy of MBR
Disk \Device\Harddisk0\DR0 sector 09: copy of MBR
Disk \Device\Harddisk0\DR0 sector 10: copy of MBR
Disk \Device\Harddisk0\DR0 sector 11: copy of MBR
Disk \Device\Harddisk0\DR0 sector 12: copy of MBR
Disk \Device\Harddisk0\DR0 sector 13: copy of MBR
Disk \Device\Harddisk0\DR0 sector 14: copy of MBR
Disk \Device\Harddisk0\DR0 sector 15: copy of MBR
Disk \Device\Harddisk0\DR0 sector 16: copy of MBR
Disk \Device\Harddisk0\DR0 sector 17: copy of MBR
Disk \Device\Harddisk0\DR0 sector 18: copy of MBR
Disk \Device\Harddisk0\DR0 sector 19: copy of MBR
Disk \Device\Harddisk0\DR0 sector 20: copy of MBR
Disk \Device\Harddisk0\DR0 sector 21: copy of MBR
Disk \Device\Harddisk0\DR0 sector 22: copy of MBR
Disk \Device\Harddisk0\DR0 sector 23: copy of MBR
Disk \Device\Harddisk0\DR0 sector 24: copy of MBR
Disk \Device\Harddisk0\DR0 sector 25: copy of MBR
Disk \Device\Harddisk0\DR0 sector 26: copy of MBR
Disk \Device\Harddisk0\DR0 sector 27: copy of MBR
Disk \Device\Harddisk0\DR0 sector 28: copy of MBR
Disk \Device\Harddisk0\DR0 sector 29: copy of MBR
Disk \Device\Harddisk0\DR0 sector 30: copy of MBR
Disk \Device\Harddisk0\DR0 sector 31: copy of MBR
Disk \Device\Harddisk0\DR0 sector 32: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 33: copy of MBR
Disk \Device\Harddisk0\DR0 sector 34: copy of MBR
Disk \Device\Harddisk0\DR0 sector 35: copy of MBR
Disk \Device\Harddisk0\DR0 sector 36: copy of MBR
Disk \Device\Harddisk0\DR0 sector 37: copy of MBR
Disk \Device\Harddisk0\DR0 sector 38: copy of MBR
Disk \Device\Harddisk0\DR0 sector 39: copy of MBR
Disk \Device\Harddisk0\DR0 sector 40: copy of MBR
Disk \Device\Harddisk0\DR0 sector 41: copy of MBR
Disk \Device\Harddisk0\DR0 sector 42: copy of MBR
Disk \Device\Harddisk0\DR0 sector 43: copy of MBR
Disk \Device\Harddisk0\DR0 sector 44: copy of MBR
Disk \Device\Harddisk0\DR0 sector 45: copy of MBR
Disk \Device\Harddisk0\DR0 sector 46: copy of MBR
Disk \Device\Harddisk0\DR0 sector 47: copy of MBR
Disk \Device\Harddisk0\DR0 sector 48: copy of MBR
Disk \Device\Harddisk0\DR0 sector 49: copy of MBR
Disk \Device\Harddisk0\DR0 sector 50: copy of MBR
Disk \Device\Harddisk0\DR0 sector 51: copy of MBR
Disk \Device\Harddisk0\DR0 sector 52: copy of MBR
Disk \Device\Harddisk0\DR0 sector 53: copy of MBR
Disk \Device\Harddisk0\DR0 sector 54: copy of MBR
Disk \Device\Harddisk0\DR0 sector 55: copy of MBR
Disk \Device\Harddisk0\DR0 sector 56: copy of MBR
Disk \Device\Harddisk0\DR0 sector 57: copy of MBR
Disk \Device\Harddisk0\DR0 sector 58: copy of MBR
Disk \Device\Harddisk0\DR0 sector 59: copy of MBR
Disk \Device\Harddisk0\DR0 sector 60: copy of MBR
Disk \Device\Harddisk0\DR0 sector 61: copy of MBR
Disk \Device\Harddisk0\DR0 sector 62: copy of MBR
Disk \Device\Harddisk0\DR0 sector 63: rootkit-like behavior; copy of MBR
---- EOF - GMER 1.0.15 ----
OTL logfile created on: 1/5/2010 12:26:33 PM - Run 2
OTL by OldTimer - Version 3.1.21.0 Folder = C:\Users\Eddie\Desktop
Ultimate Edition (Version = 6.1.7100) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7100.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 342.94 Gb Free Space | 73.63% Space Free | Partition Type: NTFS
Drive D: | 37.26 Gb Total Space | 37.10 Gb Free Space | 99.56% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 942.25 Mb Total Space | 5.25 Mb Free Space | 0.56% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: EDDIE-PC
Current User Name: Eddie
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/01/05 12:16:39 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Eddie\Desktop\OTL.exe
PRC - [2009/12/07 18:52:35 | 02,346,400 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe
PRC - [2009/12/01 06:34:18 | 00,285,296 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2009/11/24 19:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 19:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 19:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 19:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 19:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/11/20 20:33:00 | 00,122,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009/11/20 19:17:00 | 00,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/11/20 13:51:34 | 02,335,880 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2009/11/17 20:46:50 | 08,092,192 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2009/11/14 11:51:22 | 00,312,592 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Security 360\is360srv.exe
PRC - [2009/08/17 05:20:24 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/04/22 01:23:15 | 00,674,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/04/22 01:19:35 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/04/22 01:19:02 | 02,607,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/30 16:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/03/30 16:28:36 | 00,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/03/27 22:10:56 | 00,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2009/02/06 18:21:00 | 00,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2007/04/19 15:43:42 | 00,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxczcoms.exe
PRC - [2006/09/11 04:40:32 | 00,218,032 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2006/02/28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
========== Modules (SafeList) ==========
MOD - [2010/01/05 12:16:39 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Eddie\Desktop\OTL.exe
MOD - [2009/05/13 02:15:18 | 01,679,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7100.19_none_b6a32c7c247ee542\comctl32.dll
MOD - [2009/04/22 01:22:04 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/04/22 01:21:49 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/04/22 01:21:46 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/04/22 01:21:43 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/04/22 01:21:19 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/04/22 01:20:43 | 00,280,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/04/22 01:20:19 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/04/22 01:20:14 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/04/22 01:20:07 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/04/22 01:20:00 | 00,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (Lavasoft Ad-Aware Service)
SRV - [2009/11/24 19:51:35 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 19:51:21 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 19:48:48 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 19:43:56 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/11/20 20:33:00 | 00,122,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)
SRV - [2009/11/20 19:17:00 | 00,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009/11/14 11:51:22 | 00,312,592 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Security 360\is360srv.exe -- (IS360service)
SRV - [2009/09/06 12:11:57 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)
SRV - [2009/09/01 14:13:37 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/08/17 05:20:20 | 00,190,448 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/08/05 22:48:42 | 00,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/07/08 17:53:41 | 00,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/04/22 01:22:25 | 00,185,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/04/22 01:22:12 | 00,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/04/22 01:22:10 | 00,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/04/22 01:22:07 | 00,037,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/04/22 01:22:02 | 00,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/04/22 01:21:49 | 00,025,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/04/22 01:21:46 | 00,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/04/22 01:21:43 | 00,164,864 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/04/22 01:21:42 | 00,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/04/22 01:21:42 | 00,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/04/22 01:21:42 | 00,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/04/22 01:21:40 | 01,004,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/04/22 01:20:52 | 00,680,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/04/22 01:20:30 | 00,797,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/04/22 01:20:14 | 00,252,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/04/22 01:20:13 | 00,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/04/22 01:19:55 | 00,076,288 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/04/22 01:19:54 | 00,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/04/22 01:19:51 | 00,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/04/22 01:19:20 | 03,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/03/30 16:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/03/27 22:10:56 | 00,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/25 11:44:08 | 00,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008/03/06 16:19:44 | 00,313,840 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -- (RoxLiveShare9)
SRV - [2008/03/06 16:19:44 | 00,170,480 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9)
SRV - [2008/03/06 16:19:40 | 01,108,464 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - [2007/12/06 23:20:56 | 00,088,560 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe -- (Roxio UPnP Renderer 9)
SRV - [2007/12/06 23:20:52 | 00,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe -- (Roxio Upnp Server 9)
SRV - [2007/04/19 15:43:42 | 00,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxczcoms.exe -- (lxcz_device)
SRV - [2007/03/20 16:41:24 | 00,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/02/28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/en
IE - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/defaulta.aspx
IE - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 3C A9 03 17 1F CA 01 [binary data]
IE - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\..\URLSearchHook: {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\S-1-5-21-3837001003-3996375579-2318281523-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\S-1-5-21-3837001003-3996375579-2318281523-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
O1 HOSTS File: (824 bytes) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMorePrograms = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 0
O7 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O7 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoResize = 1
O7 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = [binary data]
O7 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108811
O7 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 1
O7 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O7 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMorePrograms = 0
O7 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files\ieSpell\Merriam Webster.HTM ()
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3837001003-3996375579-2318281523-1001\..Trusted Domains: 25 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {63F5866B-A7C5-40B4-9A89-0CCA99726C8D} https://secure.logme...eDownloader.cab (LogMeIn Rescue Applet Downloader)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} http://mobileapps.bl...re/AxLoader.cab (RIM AxLoader)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O16 - DPF: CabBuilder http://kiw.imgag.com...llerControl.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/20 11:42:25 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2d37e540-8b17-11de-982c-001921f3885b}\Shell - "" = AutoRun
O33 - MountPoints2\{2d37e540-8b17-11de-982c-001921f3885b}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -- File not found
O33 - MountPoints2\{bb383b2f-ea2a-11de-9b01-001921f3885b}\Shell - "" = AutoRun
O33 - MountPoints2\{bb383b2f-ea2a-11de-9b01-001921f3885b}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2009/04/22 02:17:33 | 00,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
========== Files/Folders - Created Within 14 Days ==========
[2010/01/05 12:16:37 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Users\Eddie\Desktop\OTL.exe
[2010/01/05 09:16:47 | 00,000,000 | ---D | C] -- C:\Users\Eddie\Desktop\Tune Up
[2010/01/05 08:44:46 | 00,000,000 | ---D | C] -- C:\Users\Eddie\AppData\Roaming\Malwarebytes
[2010/01/05 08:44:43 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/01/05 08:44:41 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/01/05 08:44:41 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/05 08:44:41 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/01/05 08:40:12 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/01/04 17:24:42 | 00,000,000 | ---D | C] -- C:\Users\Eddie\AppData\Local\ICS
[2010/01/03 08:17:20 | 00,000,000 | ---D | C] -- C:\Windows\sr-Latn-CS
[2010/01/03 08:15:41 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\sr-Latn-CS
[2010/01/03 07:34:57 | 00,000,000 | ---D | C] -- C:\Windows\ko-KR
[2010/01/03 07:34:49 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\ko-KR
[2010/01/03 07:33:41 | 00,000,000 | ---D | C] -- C:\Windows\System32\ko
[2010/01/03 07:16:10 | 00,003,072 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\ko-KR\pscr.sys.mui
[2010/01/03 07:16:01 | 00,031,232 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\ko-KR\yk62x86.sys.mui
[2010/01/03 07:06:23 | 00,006,656 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ko-KR\BrSerIb.sys.mui
[2010/01/03 07:06:23 | 00,006,144 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\ko-KR\ltmdmnt.sys.mui
[2010/01/03 07:06:19 | 00,006,656 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ko-KR\BrSerId.sys.mui
[2010/01/03 07:06:19 | 00,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ko-KR\BrParwdm.sys.mui
[2010/01/03 06:54:55 | 00,000,000 | ---D | C] -- C:\Windows\pt-PT
[2010/01/03 06:53:30 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\pt-PT
[2010/01/03 06:53:19 | 00,000,000 | ---D | C] -- C:\Windows\System32\pt
[2010/01/03 06:31:24 | 00,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\pt-PT\pscr.sys.mui
[2010/01/03 06:31:15 | 00,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\pt-PT\yk62x86.sys.mui
[2010/01/03 06:29:42 | 00,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-PT\BrSerIb.sys.mui
[2010/01/03 06:29:41 | 00,011,264 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\pt-PT\ltmdmnt.sys.mui
[2010/01/03 06:29:38 | 00,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-PT\BrSerId.sys.mui
[2010/01/03 06:29:38 | 00,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-PT\BrParwdm.sys.mui
[2010/01/03 06:22:56 | 00,000,000 | ---D | C] -- C:\Windows\pl-PL
[2010/01/03 06:22:48 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\pl-PL
[2010/01/03 06:21:10 | 00,000,000 | ---D | C] -- C:\Windows\System32\pl
[2010/01/03 05:56:43 | 00,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\pl-PL\pscr.sys.mui
[2010/01/03 05:55:06 | 00,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\pl-PL\yk62x86.sys.mui
[2010/01/03 05:51:13 | 00,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pl-PL\BrSerIb.sys.mui
[2010/01/03 05:51:13 | 00,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\pl-PL\ltmdmnt.sys.mui
[2010/01/03 05:46:32 | 00,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pl-PL\BrSerId.sys.mui
[2010/01/03 05:46:32 | 00,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pl-PL\BrParwdm.sys.mui
[2010/01/03 05:38:37 | 00,000,000 | ---D | C] -- C:\Windows\da-DK
[2010/01/03 05:38:30 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\da-DK
[2010/01/03 05:37:18 | 00,000,000 | ---D | C] -- C:\Windows\System32\da
[2010/01/03 05:22:06 | 00,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\da-DK\pscr.sys.mui
[2010/01/03 05:21:49 | 00,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\da-DK\yk62x86.sys.mui
[2010/01/03 05:18:44 | 00,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\da-DK\BrSerIb.sys.mui
[2010/01/03 05:18:44 | 00,010,240 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\da-DK\ltmdmnt.sys.mui
[2010/01/03 05:18:39 | 00,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\da-DK\BrSerId.sys.mui
[2010/01/03 05:18:39 | 00,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\da-DK\BrParwdm.sys.mui
[2010/01/03 01:43:00 | 00,000,000 | ---D | C] -- C:\Windows\el-GR
[2010/01/03 01:39:25 | 00,000,000 | ---D | C] -- C:\Windows\System32\el
[2010/01/03 01:39:10 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\el-GR
[2010/01/03 00:59:31 | 00,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\el-GR\pscr.sys.mui
[2010/01/03 00:59:12 | 00,033,792 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\el-GR\yk62x86.sys.mui
[2010/01/03 00:53:17 | 00,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\el-GR\BrSerIb.sys.mui
[2010/01/03 00:52:58 | 00,011,776 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\el-GR\ltmdmnt.sys.mui
[2010/01/03 00:52:51 | 00,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\el-GR\BrSerId.sys.mui
[2010/01/03 00:52:51 | 00,003,072 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\el-GR\BrParwdm.sys.mui
[2010/01/03 00:42:13 | 00,000,000 | ---D | C] -- C:\Windows\ar-SA
[2010/01/03 00:42:08 | 00,000,000 | ---D | C] -- C:\Windows\System32\ar
[2010/01/03 00:41:52 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\ar-SA
[2010/01/03 00:14:55 | 00,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\ar-SA\pscr.sys.mui
[2010/01/03 00:10:59 | 00,032,768 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\ar-SA\yk62x86.sys.mui
[2010/01/02 23:54:43 | 00,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ar-SA\BrSerIb.sys.mui
[2010/01/02 23:54:43 | 00,009,216 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\ar-SA\ltmdmnt.sys.mui
[2010/01/02 23:54:40 | 00,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ar-SA\BrSerId.sys.mui
[2010/01/02 23:54:40 | 00,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ar-SA\BrParwdm.sys.mui
[2010/01/02 23:47:43 | 00,000,000 | ---D | C] -- C:\Windows\ro-RO
[2010/01/02 23:47:07 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\ro-RO
[2010/01/02 23:29:46 | 00,000,000 | ---D | C] -- C:\Windows\fr-FR
[2010/01/02 23:28:40 | 00,000,000 | ---D | C] -- C:\Windows\System32\040C
[2010/01/02 23:28:35 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\fr-FR
[2010/01/02 23:28:35 | 00,000,000 | ---D | C] -- C:\Windows\System32\fr
[2010/01/02 23:16:40 | 00,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\fr-FR\pscr.sys.mui
[2010/01/02 23:10:10 | 00,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\fr-FR\yk62x86.sys.mui
[2010/01/02 22:53:34 | 00,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fr-FR\BrSerIb.sys.mui
[2010/01/02 22:53:34 | 00,011,264 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\fr-FR\ltmdmnt.sys.mui
[2010/01/02 22:53:31 | 00,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fr-FR\BrSerId.sys.mui
[2010/01/02 22:53:31 | 00,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fr-FR\BrParwdm.sys.mui
[2010/01/02 22:49:26 | 00,000,000 | ---D | C] -- C:\Windows\pt-BR
[2010/01/02 22:48:12 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\pt-BR
[2010/01/02 22:37:04 | 00,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\pt-BR\pscr.sys.mui
[2010/01/02 22:36:55 | 00,033,792 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\pt-BR\yk62x86.sys.mui
[2010/01/02 22:12:38 | 00,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-BR\BrSerIb.sys.mui
[2010/01/02 22:12:36 | 00,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\pt-BR\ltmdmnt.sys.mui
[2010/01/02 22:12:29 | 00,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-BR\BrSerId.sys.mui
[2010/01/02 22:12:29 | 00,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\pt-BR\BrParwdm.sys.mui
[2010/01/02 22:07:46 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\ru-RU
[2010/01/02 22:07:41 | 00,000,000 | ---D | C] -- C:\Windows\System32\ru
[2010/01/02 22:06:23 | 00,000,000 | ---D | C] -- C:\Windows\ru-RU
[2010/01/02 21:56:38 | 00,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\ru-RU\pscr.sys.mui
[2010/01/02 21:56:29 | 00,033,792 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\ru-RU\yk62x86.sys.mui
[2010/01/02 21:56:28 | 00,011,264 | ---- | C] (Корпорация Intel) -- C:\Windows\System32\drivers\ru-RU\e1q6032.sys.mui
[2010/01/02 21:56:28 | 00,011,264 | ---- | C] (Корпорация Intel) -- C:\Windows\System32\drivers\ru-RU\e1k6032.sys.mui
[2010/01/02 21:43:23 | 00,002,560 | ---- | C] (Корпорация Майкрософт) -- C:\Windows\System32\drivers\ru-RU\mountmgr.sys.mui
[2010/01/02 21:37:19 | 00,002,560 | ---- | C] (Корпорация Майкрософт) -- C:\Windows\System32\drivers\ru-RU\volmgrx.sys.mui
[2010/01/02 21:36:55 | 00,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ru-RU\BrSerIb.sys.mui
[2010/01/02 21:36:55 | 00,010,240 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\ru-RU\ltmdmnt.sys.mui
[2010/01/02 21:36:53 | 00,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ru-RU\BrSerId.sys.mui
[2010/01/02 21:36:53 | 00,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ru-RU\BrParwdm.sys.mui
[2010/01/02 21:31:21 | 00,000,000 | ---D | C] -- C:\Windows\lv-LV
[2010/01/02 21:30:51 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\lv-LV
[2010/01/02 21:17:04 | 00,000,000 | ---D | C] -- C:\Windows\nl-NL
[2010/01/02 21:16:59 | 00,000,000 | ---D | C] -- C:\Windows\System32\nl
[2010/01/02 21:16:59 | 00,000,000 | ---D | C] -- C:\Windows\System32\0413
[2010/01/02 21:15:47 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\nl-NL
[2010/01/02 20:00:38 | 00,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\nl-NL\pscr.sys.mui
[2010/01/02 20:00:15 | 00,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\nl-NL\yk62x86.sys.mui
[2010/01/02 19:58:09 | 00,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nl-NL\BrSerIb.sys.mui
[2010/01/02 19:58:09 | 00,011,264 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\nl-NL\ltmdmnt.sys.mui
[2010/01/02 19:58:06 | 00,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nl-NL\BrSerId.sys.mui
[2010/01/02 19:58:06 | 00,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nl-NL\BrParwdm.sys.mui
[2010/01/02 19:55:01 | 00,000,000 | ---D | C] -- C:\Windows\it-IT
[2010/01/02 19:53:49 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\it-IT
[2010/01/02 19:53:48 | 00,000,000 | ---D | C] -- C:\Windows\System32\0410
[2010/01/02 19:53:31 | 00,000,000 | ---D | C] -- C:\Windows\System32\it
[2010/01/02 19:43:15 | 00,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\it-IT\pscr.sys.mui
[2010/01/02 19:43:03 | 00,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\it-IT\yk62x86.sys.mui
[2010/01/02 19:29:19 | 00,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\it-IT\BrSerIb.sys.mui
[2010/01/02 19:29:19 | 00,011,264 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\it-IT\ltmdmnt.sys.mui
[2010/01/02 19:29:09 | 00,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\it-IT\BrSerId.sys.mui
[2010/01/02 19:29:09 | 00,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\it-IT\BrParwdm.sys.mui
[2010/01/02 19:24:25 | 00,000,000 | ---D | C] -- C:\Windows\tr-TR
[2010/01/02 19:23:22 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\tr-TR
[2010/01/02 19:23:22 | 00,000,000 | ---D | C] -- C:\Windows\System32\tr
[2010/01/02 19:04:59 | 00,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\tr-TR\pscr.sys.mui
[2010/01/02 19:04:51 | 00,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\tr-TR\yk62x86.sys.mui
[2010/01/02 19:03:30 | 00,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\tr-TR\BrSerIb.sys.mui
[2010/01/02 19:03:30 | 00,010,240 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\tr-TR\ltmdmnt.sys.mui
[2010/01/02 19:03:28 | 00,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\tr-TR\BrSerId.sys.mui
[2010/01/02 19:03:28 | 00,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\tr-TR\BrParwdm.sys.mui
[2010/01/02 19:00:32 | 00,000,000 | ---D | C] -- C:\Windows\de-DE
[2010/01/02 18:59:22 | 00,000,000 | ---D | C] -- C:\Windows\System32\0407
[2010/01/02 18:59:18 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\de-DE
[2010/01/02 18:59:11 | 00,000,000 | ---D | C] -- C:\Windows\System32\de
[2010/01/02 18:48:27 | 00,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\de-DE\pscr.sys.mui
[2010/01/02 18:48:20 | 00,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\de-DE\yk62x86.sys.mui
[2010/01/02 18:46:29 | 00,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerIb.sys.mui
[2010/01/02 18:46:28 | 00,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\de-DE\ltmdmnt.sys.mui
[2010/01/02 18:46:26 | 00,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerId.sys.mui
[2010/01/02 18:46:26 | 00,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrParwdm.sys.mui
[2010/01/02 18:42:21 | 00,000,000 | ---D | C] -- C:\Windows\fi-FI
[2010/01/02 18:41:18 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\fi-FI
[2010/01/02 18:41:18 | 00,000,000 | ---D | C] -- C:\Windows\System32\fi
[2010/01/02 18:34:11 | 00,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\fi-FI\pscr.sys.mui
[2010/01/02 18:30:56 | 00,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\fi-FI\yk62x86.sys.mui
[2010/01/02 18:26:23 | 00,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fi-FI\BrSerIb.sys.mui
[2010/01/02 18:26:23 | 00,009,728 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\fi-FI\ltmdmnt.sys.mui
[2010/01/02 18:26:20 | 00,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fi-FI\BrSerId.sys.mui
[2010/01/02 18:26:20 | 00,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\fi-FI\BrParwdm.sys.mui
[2010/01/02 18:23:14 | 00,000,000 | ---D | C] -- C:\Windows\System32\he
[2010/01/02 18:23:10 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\he-IL
[2010/01/02 18:20:18 | 00,000,000 | ---D | C] -- C:\Windows\he-IL
[2010/01/02 18:13:27 | 00,003,072 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\he-IL\pscr.sys.mui
[2010/01/02 18:12:21 | 00,032,256 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\he-IL\yk62x86.sys.mui
[2010/01/02 18:10:01 | 00,008,704 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\he-IL\BrSerIb.sys.mui
[2010/01/02 18:10:01 | 00,008,704 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\he-IL\ltmdmnt.sys.mui
[2010/01/02 18:09:58 | 00,008,704 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\he-IL\BrSerId.sys.mui
[2010/01/02 18:09:58 | 00,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\he-IL\BrParwdm.sys.mui
[2010/01/02 18:00:37 | 00,000,000 | ---D | C] -- C:\Windows\lt-LT
[2010/01/02 18:00:06 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\lt-LT
[2010/01/02 17:50:48 | 00,000,000 | ---D | C] -- C:\Windows\nb-NO
[2010/01/02 17:50:45 | 00,000,000 | ---D | C] -- C:\Windows\System32\no
[2010/01/02 17:49:08 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\nb-NO
[2010/01/02 17:41:55 | 00,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\nb-NO\pscr.sys.mui
[2010/01/02 17:41:46 | 00,032,768 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\nb-NO\yk62x86.sys.mui
[2010/01/02 17:36:01 | 00,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nb-NO\BrSerIb.sys.mui
[2010/01/02 17:35:58 | 00,009,728 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\nb-NO\ltmdmnt.sys.mui
[2010/01/02 17:35:10 | 00,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nb-NO\BrParwdm.sys.mui
[2010/01/02 17:35:09 | 00,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\nb-NO\BrSerId.sys.mui
[2010/01/02 17:31:25 | 00,000,000 | ---D | C] -- C:\Windows\ja-JP
[2010/01/02 17:30:05 | 00,000,000 | ---D | C] -- C:\Windows\System32\ja
[2010/01/02 17:30:05 | 00,000,000 | ---D | C] -- C:\Windows\System32\0411
[2010/01/02 17:30:00 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\ja-JP
[2010/01/02 17:11:46 | 00,003,072 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\ja-JP\pscr.sys.mui
[2010/01/02 17:11:32 | 00,031,744 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\ja-JP\yk62x86.sys.mui
[2010/01/02 17:09:57 | 00,006,656 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ja-JP\BrSerIb.sys.mui
[2010/01/02 17:09:56 | 00,006,144 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\ja-JP\ltmdmnt.sys.mui
[2010/01/02 17:09:54 | 00,006,656 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ja-JP\BrSerId.sys.mui
[2010/01/02 17:09:54 | 00,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\ja-JP\BrParwdm.sys.mui
[2010/01/02 17:06:26 | 00,000,000 | ---D | C] -- C:\Windows\cs-CZ
[2010/01/02 17:06:22 | 00,000,000 | ---D | C] -- C:\Windows\System32\cs
[2010/01/02 17:05:21 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\cs-CZ
[2010/01/02 16:58:58 | 00,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\cs-CZ\pscr.sys.mui
[2010/01/02 16:58:49 | 00,033,792 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\cs-CZ\yk62x86.sys.mui
[2010/01/02 16:57:00 | 00,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\cs-CZ\BrSerIb.sys.mui
[2010/01/02 16:56:59 | 00,009,728 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\cs-CZ\ltmdmnt.sys.mui
[2010/01/02 16:56:55 | 00,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\cs-CZ\BrSerId.sys.mui
[2010/01/02 16:56:55 | 00,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\cs-CZ\BrParwdm.sys.mui
[2010/01/02 16:53:37 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\et-EE
[2010/01/02 16:53:03 | 00,000,000 | ---D | C] -- C:\Windows\et-EE
[2010/01/01 12:36:44 | 00,000,000 | ---D | C] -- C:\Program Files\PlayReady
[2009/12/31 12:00:43 | 00,000,000 | ---D | C] -- C:\Users\Eddie\AppData\Local\assembly
[2009/12/31 11:59:30 | 00,000,000 | ---D | C] -- C:\Users\Eddie\AppData\Local\Deployment
[2009/12/31 01:48:29 | 00,000,000 | ---D | C] -- C:\Users\Eddie\AppData\Local\Cooliris
[2009/12/30 13:26:12 | 00,074,328 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\inspect.sys
[2009/12/29 14:34:58 | 00,000,000 | ---D | C] -- C:\Visual Studio
[2009/12/29 11:54:54 | 00,000,000 | ---D | C] -- C:\Program Files\SuperCleaner
[2009/12/24 15:41:55 | 00,000,000 | ---D | C] -- C:\Program Files\PicLensIE
[2009/12/24 11:37:32 | 00,000,000 | ---D | C] -- C:\Program Files\AC3Filter
[2009/12/23 09:49:20 | 00,000,000 | ---D | C] -- C:\Program Files\Lexmark 1200 Series
[2009/12/23 09:49:14 | 01,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxczserv.dll
[2009/12/23 09:49:14 | 00,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxczusb1.dll
[2009/12/23 09:49:14 | 00,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxczhbn3.dll
[2009/12/23 09:49:14 | 00,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxczcomc.dll
[2009/12/23 09:49:14 | 00,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxczpmui.dll
[2009/12/23 09:49:14 | 00,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxczlmpm.dll
[2009/12/23 09:49:14 | 00,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxczcoms.exe
[2009/12/23 09:49:14 | 00,462,848 | ---- | C] (Lexmark International Inc.) -- C:\Windows\System32\lxczjswr.dll
[2009/12/23 09:49:14 | 00,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxczcomm.dll
[2009/12/23 09:49:14 | 00,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxczinpa.dll
[2009/12/23 09:49:14 | 00,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcziesc.dll
[2009/12/23 09:49:14 | 00,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxczih.exe
[2009/12/23 09:49:14 | 00,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxczcfg.exe
[2009/12/23 09:49:14 | 00,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCZhcp.dll
[2009/12/23 09:49:14 | 00,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxczprox.dll
[2009/12/23 09:49:14 | 00,155,648 | ---- | C] (Lexmark International Inc.) -- C:\Windows\System32\lxczinsb.dll
[2009/12/23 09:49:14 | 00,094,208 | ---- | C] (Lexmark International Inc.) -- C:\Windows\System32\lxczcur.dll
[2009/12/23 09:49:14 | 00,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxczpplc.dll
[2009/12/23 09:49:14 | 00,073,728 | ---- | C] (Lexmark International) -- C:\Windows\System32\LXCZcfg.dll
[2009/12/23 09:49:14 | 00,073,728 | ---- | C] (Lexmark International Inc.) -- C:\Windows\System32\lxczcu.dll
[2009/09/16 13:43:26 | 00,061,440 | ---- | C] ( ) -- C:\Windows\vsnpstd3.dll
[2007/03/12 11:41:52 | 00,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
========== Files - Modified Within 14 Days ==========
[2010/01/05 12:26:25 | 04,456,448 | ---- | M] () -- C:\Users\Eddie\ntuser.dat
[2010/01/05 12:22:17 | 00,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/05 12:16:39 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Eddie\Desktop\OTL.exe
[2010/01/05 11:57:10 | 00,013,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/01/05 11:57:10 | 00,013,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/01/05 11:49:41 | 00,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/05 11:49:41 | 00,000,370 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2010/01/05 11:49:32 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/01/05 11:49:24 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/01/05 11:49:15 | 24,147,31264 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/05 11:47:09 | 04,386,892 | -H-- | M] () -- C:\Users\Eddie\AppData\Local\IconCache.db
[2010/01/05 09:16:10 | 00,524,288 | -HS- | M] () -- C:\Users\Eddie\ntuser.dat{3a09d2b7-f9fa-11de-adec-001921f3885b}.TMContainer00000000000000000002.regtrans-ms
[2010/01/05 09:16:10 | 00,524,288 | -HS- | M] () -- C:\Users\Eddie\ntuser.dat{3a09d2b7-f9fa-11de-adec-001921f3885b}.TMContainer00000000000000000001.regtrans-ms
[2010/01/05 09:16:10 | 00,065,536 | -HS- | M] () -- C:\Users\Eddie\ntuser.dat{3a09d2b7-f9fa-11de-adec-001921f3885b}.TM.blf
[2010/01/05 09:15:04 | 04,456,448 | -HS- | M] () -- C:\Users\Eddie\ntuser.bak
[2010/01/04 18:12:25 | 13,468,084 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/01/04 18:12:25 | 00,695,790 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/01/04 18:12:25 | 00,694,816 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2010/01/04 18:12:25 | 00,692,176 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2010/01/04 18:12:25 | 00,690,846 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2010/01/04 18:12:25 | 00,690,482 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2010/01/04 18:12:25 | 00,680,960 | ---- | M] () -- C:\Windows\System32\prfh0816.dat
[2010/01/04 18:12:25 | 00,677,566 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2010/01/04 18:12:25 | 00,665,364 | ---- | M] () -- C:\Windows\System32\prfh0416.dat
[2010/01/04 18:12:25 | 00,644,388 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010/01/04 18:12:25 | 00,624,926 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010/01/04 18:12:25 | 00,618,026 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/01/04 18:12:25 | 00,612,594 | ---- | M] () -- C:\Windows\System32\perfh01F.dat
[2010/01/04 18:12:25 | 00,551,988 | ---- | M] () -- C:\Windows\System32\perfh008.dat
[2010/01/04 18:12:25 | 00,463,816 | ---- | M] () -- C:\Windows\System32\perfh006.dat
[2010/01/04 18:12:25 | 00,450,868 | ---- | M] () -- C:\Windows\System32\perfh014.dat
[2010/01/04 18:12:25 | 00,438,042 | ---- | M] () -- C:\Windows\System32\perfh001.dat
[2010/01/04 18:12:25 | 00,434,192 | ---- | M] () -- C:\Windows\System32\perfh00B.dat
[2010/01/04 18:12:25 | 00,405,814 | ---- | M] () -- C:\Windows\System32\perfh012.dat
[2010/01/04 18:12:25 | 00,394,306 | ---- | M] () -- C:\Windows\System32\perfh011.dat
[2010/01/04 18:12:25 | 00,357,510 | ---- | M] () -- C:\Windows\System32\perfh00D.dat
[2010/01/04 18:12:25 | 00,134,478 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2010/01/04 18:12:25 | 00,131,974 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2010/01/04 18:12:25 | 00,131,346 | ---- | M] () -- C:\Windows\System32\prfc0816.dat
[2010/01/04 18:12:25 | 00,130,392 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2010/01/04 18:12:25 | 00,129,624 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2010/01/04 18:12:25 | 00,127,644 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/01/04 18:12:25 | 00,126,658 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010/01/04 18:12:25 | 00,125,676 | ---- | M] () -- C:\Windows\System32\prfc0416.dat
[2010/01/04 18:12:25 | 00,124,780 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2010/01/04 18:12:25 | 00,119,200 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010/01/04 18:12:25 | 00,118,962 | ---- | M] () -- C:\Windows\System32\perfc01F.dat
[2010/01/04 18:12:25 | 00,104,340 | ---- | M] () -- C:\Windows\System32\perfc011.dat
[2010/01/04 18:12:25 | 00,104,340 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/01/04 18:12:25 | 00,103,834 | ---- | M] () -- C:\Windows\System32\perfc012.dat
[2010/01/04 18:12:25 | 00,086,650 | ---- | M] () -- C:\Windows\System32\perfc008.dat
[2010/01/04 18:12:25 | 00,078,900 | ---- | M] () -- C:\Windows\System32\perfc00B.dat
[2010/01/04 18:12:25 | 00,077,326 | ---- | M] () -- C:\Windows\System32\perfc006.dat
[2010/01/04 18:12:25 | 00,076,902 | ---- | M] () -- C:\Windows\System32\perfc001.dat
[2010/01/04 18:12:25 | 00,074,762 | ---- | M] () -- C:\Windows\System32\perfc014.dat
[2010/01/04 18:12:25 | 00,067,018 | ---- | M] () -- C:\Windows\System32\perfc00D.dat
[2010/01/04 14:09:53 | 01,474,832 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
[2010/01/04 13:01:54 | 00,524,288 | -HS- | M] () -- C:\Users\Eddie\ntuser.dat{f72ec95e-f950-11de-bc33-001921f3885b}.TMContainer00000000000000000002.regtrans-ms
[2010/01/04 13:01:54 | 00,524,288 | -HS- | M] () -- C:\Users\Eddie\ntuser.dat{f72ec95e-f950-11de-bc33-001921f3885b}.TMContainer00000000000000000001.regtrans-ms
[2010/01/04 13:01:54 | 00,065,536 | -HS- | M] () -- C:\Users\Eddie\ntuser.dat{f72ec95e-f950-11de-bc33-001921f3885b}.TM.blf
[2010/01/03 09:44:33 | 00,524,288 | -HS- | M] () -- C:\Users\Eddie\ntuser.dat{e82de21b-f865-11de-8007-001921f3885b}.TMContainer00000000000000000002.regtrans-ms
[2010/01/03 09:44:33 | 00,524,288 | -HS- | M] () -- C:\Users\Eddie\ntuser.dat{e82de21b-f865-11de-8007-001921f3885b}.TMContainer00000000000000000001.regtrans-ms
[2010/01/03 09:44:33 | 00,065,536 | -HS- | M] () -- C:\Users\Eddie\ntuser.dat{e82de21b-f865-11de-8007-001921f3885b}.TM.blf
[2010/01/03 07:33:08 | 00,157,694 | ---- | M] () -- C:\Windows\System32\perfi012.dat
[2010/01/03 07:33:08 | 00,031,270 | ---- | M] () -- C:\Windows\System32\perfd012.dat
[2010/01/03 06:52:39 | 00,336,696 | ---- | M] () -- C:\Windows\System32\prfi0816.dat
[2010/01/03 06:52:39 | 00,040,538 | ---- | M] () -- C:\Windows\System32\prfd0816.dat
[2010/01/03 06:20:34 | 00,337,158 | ---- | M] () -- C:\Windows\System32\perfi015.dat
[2010/01/03 06:20:34 | 00,038,664 | ---- | M] () -- C:\Windows\System32\perfd015.dat
[2010/01/03 05:36:47 | 00,306,518 | ---- | M] () -- C:\Windows\System32\perfi006.dat
[2010/01/03 05:36:47 | 00,039,196 | ---- | M] () -- C:\Windows\System32\perfd006.dat
[2010/01/03 01:37:24 | 00,369,984 | ---- | M] () -- C:\Windows\System32\perfi008.dat
[2010/01/03 01:37:24 | 00,045,140 | ---- | M] () -- C:\Windows\System32\perfd008.dat
[2010/01/03 00:37:42 | 00,289,076 | ---- | M] () -- C:\Windows\System32\perfi001.dat
[2010/01/03 00:37:42 | 00,042,022 | ---- | M] () -- C:\Windows\System32\perfd001.dat
[2010/01/02 23:27:53 | 00,344,522 | ---- | M] () -- C:\Windows\System32\perfi00C.dat
[2010/01/02 23:27:53 | 00,038,162 | ---- | M] () -- C:\Windows\System32\perfd00C.dat
[2010/01/02 22:47:33 | 00,323,212 | ---- | M] () -- C:\Windows\System32\prfi0416.dat
[2010/01/02 22:47:33 | 00,038,518 | ---- | M] () -- C:\Windows\System32\prfd0416.dat
[2010/01/02 22:06:00 | 00,336,702 | ---- | M] () -- C:\Windows\System32\perfi019.dat
[2010/01/02 22:06:00 | 00,039,406 | ---- | M] () -- C:\Windows\System32\perfd019.dat
[2010/01/02 21:15:03 | 00,341,344 | ---- | M] () -- C:\Windows\System32\perfi013.dat
[2010/01/02 21:15:03 | 00,043,080 | ---- | M] () -- C:\Windows\System32\perfd013.dat
[2010/01/02 19:53:07 | 00,335,478 | ---- | M] () -- C:\Windows\System32\perfi010.dat
[2010/01/02 19:53:07 | 00,037,536 | ---- | M] () -- C:\Windows\System32\perfd010.dat
[2010/01/02 19:22:52 | 00,285,034 | ---- | M] () -- C:\Windows\System32\perfi01F.dat
[2010/01/02 19:22:52 | 00,037,150 | ---- | M] () -- C:\Windows\System32\perfd01F.dat
[2010/01/02 18:58:36 | 00,295,938 | ---- | M] () -- C:\Windows\System32\perfi007.dat
[2010/01/02 18:58:36 | 00,038,062 | ---- | M] () -- C:\Windows\System32\perfd007.dat
[2010/01/02 18:40:49 | 00,278,380 | ---- | M] () -- C:\Windows\System32\perfi00B.dat
[2010/01/02 18:40:49 | 00,037,818 | ---- | M] () -- C:\Windows\System32\perfd00B.dat
[2010/01/02 18:19:33 | 00,229,316 | ---- | M] () -- C:\Windows\System32\perfi00D.dat
[2010/01/02 18:19:33 | 00,032,138 | ---- | M] () -- C:\Windows\System32\perfd00D.dat
[2010/01/02 17:48:26 | 00,298,280 | ---- | M] () -- C:\Windows\System32\perfi014.dat
[2010/01/02 17:48:26 | 00,036,144 | ---- | M] () -- C:\Windows\System32\perfd014.dat
[2010/01/02 17:29:18 | 00,141,988 | ---- | M] () -- C:\Windows\System32\perfi011.dat
[2010/01/02 17:29:18 | 00,031,548 | ---- | M] () -- C:\Windows\System32\perfd011.dat
[2010/01/02 17:04:49 | 00,291,582 | ---- | M] () -- C:\Windows\System32\perfi005.dat
[2010/01/02 17:04:49 | 00,036,010 | ---- | M] () -- C:\Windows\System32\perfd005.dat
[2009/12/31 12:00:36 | 00,048,193 | ---- | M] () -- C:\Users\Eddie\Documents\Functional Resume with Border.docx
[2009/12/30 14:55:24 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/30 14:54:58 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/12/30 13:26:10 | 00,074,328 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\inspect.sys
[2009/12/29 15:18:40 | 00,000,054 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2009/12/29 15:18:40 | 00,000,039 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2009/12/29 14:19:49 | 00,024,352 | ---- | M] () -- C:\Windows\System32\LexFiles.ulf
[2009/12/29 08:12:36 | 00,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/12/29 08:12:36 | 00,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 4).job
[2009/12/29 08:12:36 | 00,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 3).job
[2009/12/29 08:12:36 | 00,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 2).job
[2009/12/29 08:12:36 | 00,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 1).job
[2009/12/23 09:50:10 | 00,000,238 | ---- | M] () -- C:\Windows\Lexstat.ini
========== Files Created - No Company Name ==========
[2010/01/05 09:16:10 | 00,524,288 | -HS- | C] () -- C:\Users\Eddie\ntuser.dat{3a09d2b7-f9fa-11de-adec-001921f3885b}.TMContainer00000000000000000002.regtrans-ms
[2010/01/05 09:16:10 | 00,524,288 | -HS- | C] () -- C:\Users\Eddie\ntuser.dat{3a09d2b7-f9fa-11de-adec-001921f3885b}.TMContainer00000000000000000001.regtrans-ms
[2010/01/05 09:16:10 | 00,065,536 | -HS- | C] () -- C:\Users\Eddie\ntuser.dat{3a09d2b7-f9fa-11de-adec-001921f3885b}.TM.blf
[2010/01/04 12:49:52 | 00,524,288 | -HS- | C] () -- C:\Users\Eddie\ntuser.dat{f72ec95e-f950-11de-bc33-001921f3885b}.TMContainer00000000000000000002.regtrans-ms
[2010/01/04 12:49:52 | 00,524,288 | -HS- | C] () -- C:\Users\Eddie\ntuser.dat{f72ec95e-f950-11de-bc33-001921f3885b}.TMContainer00000000000000000001.regtrans-ms
[2010/01/04 12:49:51 | 00,065,536 | -HS- | C] () -- C:\Users\Eddie\ntuser.dat{f72ec95e-f950-11de-bc33-001921f3885b}.TM.blf
[2010/01/03 08:46:31 | 00,524,288 | -HS- | C] () -- C:\Users\Eddie\ntuser.dat{e82de21b-f865-11de-8007-001921f3885b}.TMContainer00000000000000000002.regtrans-ms
[2010/01/03 08:46:31 | 00,524,288 | -HS- | C] () -- C:\Users\Eddie\ntuser.dat{e82de21b-f865-11de-8007-001921f3885b}.TMContainer00000000000000000001.regtrans-ms
[2010/01/03 08:46:31 | 00,065,536 | -HS- | C] () -- C:\Users\Eddie\ntuser.dat{e82de21b-f865-11de-8007-001921f3885b}.TM.blf
[2010/01/03 07:36:23 | 00,405,814 | ---- | C] () -- C:\Windows\System32\perfh012.dat
[2010/01/03 07:36:23 | 00,157,694 | ---- | C] () -- C:\Windows\System32\perfi012.dat
[2010/01/03 07:36:23 | 00,103,834 | ---- | C] () -- C:\Windows\System32\perfc012.dat
[2010/01/03 07:36:23 | 00,031,270 | ---- | C] () -- C:\Windows\System32\perfd012.dat
[2010/01/03 06:56:24 | 00,336,696 | ---- | C] () -- C:\Windows\System32\prfi0816.dat
[2010/01/03 06:56:23 | 00,680,960 | ---- | C] () -- C:\Windows\System32\prfh0816.dat
[2010/01/03 06:56:23 | 00,131,346 | ---- | C] () -- C:\Windows\System32\prfc0816.dat
[2010/01/03 06:56:23 | 00,040,538 | ---- | C] () -- C:\Windows\System32\prfd0816.dat
[2010/01/03 06:24:38 | 00,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2010/01/03 06:24:35 | 00,690,482 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2010/01/03 06:24:35 | 00,131,974 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2010/01/03 06:24:35 | 00,038,664 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2010/01/03 05:39:56 | 00,463,816 | ---- | C] () -- C:\Windows\System32\perfh006.dat
[2010/01/03 05:39:56 | 00,306,518 | ---- | C] () -- C:\Windows\System32\perfi006.dat
[2010/01/03 05:39:56 | 00,077,326 | ---- | C] () -- C:\Windows\System32\perfc006.dat
[2010/01/03 05:39:56 | 00,039,196 | ---- | C] () -- C:\Windows\System32\perfd006.dat
[2010/01/03 01:46:29 | 00,369,984 | ---- | C] () -- C:\Windows\System32\perfi008.dat
[2010/01/03 01:46:28 | 00,551,988 | ---- | C] () -- C:\Windows\System32\perfh008.dat
[2010/01/03 01:46:28 | 00,086,650 | ---- | C] () -- C:\Windows\System32\perfc008.dat
[2010/01/03 01:46:28 | 00,045,140 | ---- | C] () -- C:\Windows\System32\perfd008.dat
[2010/01/03 00:45:25 | 00,438,042 | ---- | C] () -- C:\Windows\System32\perfh001.dat
[2010/01/03 00:45:25 | 00,289,076 | ---- | C] () -- C:\Windows\System32\perfi001.dat
[2010/01/03 00:45:25 | 00,076,902 | ---- | C] () -- C:\Windows\System32\perfc001.dat
[2010/01/03 00:45:25 | 00,042,022 | ---- | C] () -- C:\Windows\System32\perfd001.dat
[2010/01/02 23:31:04 | 00,695,790 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2010/01/02 23:31:04 | 00,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2010/01/02 23:31:04 | 00,127,644 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2010/01/02 23:31:04 | 00,038,162 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2010/01/02 22:50:33 | 00,665,364 | ---- | C] () -- C:\Windows\System32\prfh0416.dat
[2010/01/02 22:50:33 | 00,323,212 | ---- | C] () -- C:\Windows\System32\prfi0416.dat
[2010/01/02 22:50:33 | 00,125,676 | ---- | C] () -- C:\Windows\System32\prfc0416.dat
[2010/01/02 22:50:33 | 00,038,518 | ---- | C] () -- C:\Windows\System32\prfd0416.dat
[2010/01/02 22:09:04 | 00,677,566 | ---- | C] () -- C:\Windows\System32\perfh019.dat
[2010/01/02 22:09:04 | 00,336,702 | ---- | C] () -- C:\Windows\System32\perfi019.dat
[2010/01/02 22:09:04 | 00,129,624 | ---- | C] () -- C:\Windows\System32\perfc019.dat
[2010/01/02 22:09:04 | 00,039,406 | ---- | C] () -- C:\Windows\System32\perfd019.dat
[2010/01/02 21:18:19 | 00,692,176 | ---- | C] () -- C:\Windows\System32\perfh013.dat
[2010/01/02 21:18:19 | 00,341,344 | ---- | C] () -- C:\Windows\System32\perfi013.dat
[2010/01/02 21:18:19 | 00,130,392 | ---- | C] () -- C:\Windows\System32\perfc013.dat
[2010/01/02 21:18:19 | 00,043,080 | ---- | C] () -- C:\Windows\System32\perfd013.dat
[2010/01/02 19:56:07 | 00,690,846 | ---- | C] () -- C:\Windows\System32\perfh010.dat
[2010/01/02 19:56:07 | 00,335,478 | ---- | C] () -- C:\Windows\System32\perfi010.dat
[2010/01/02 19:56:07 | 00,124,780 | ---- | C] () -- C:\Windows\System32\perfc010.dat
[2010/01/02 19:56:07 | 00,037,536 | ---- | C] () -- C:\Windows\System32\perfd010.dat
[2010/01/02 19:25:26 | 00,285,034 | ---- | C] () -- C:\Windows\System32\perfi01F.dat
[2010/01/02 19:25:25 | 00,612,594 | ---- | C] () -- C:\Windows\System32\perfh01F.dat
[2010/01/02 19:25:25 | 00,118,962 | ---- | C] () -- C:\Windows\System32\perfc01F.dat
[2010/01/02 19:25:25 | 00,037,150 | ---- | C] () -- C:\Windows\System32\perfd01F.dat
[2010/01/02 19:01:39 | 00,644,388 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010/01/02 19:01:39 | 00,295,938 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010/01/02 19:01:39 | 00,126,658 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010/01/02 19:01:39 | 00,038,062 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010/01/02 18:43:17 | 00,278,380 | ---- | C] () -- C:\Windows\System32\perfi00B.dat
[2010/01/02 18:43:16 | 00,434,192 | ---- | C] () -- C:\Windows\System32\perfh00B.dat
[2010/01/02 18:43:16 | 00,078,900 | ---- | C] () -- C:\Windows\System32\perfc00B.dat
[2010/01/02 18:43:16 | 00,037,818 | ---- | C] () -- C:\Windows\System32\perfd00B.dat
[2010/01/02 18:24:09 | 00,357,510 | ---- | C] () -- C:\Windows\System32\perfh00D.dat
[2010/01/02 18:24:09 | 00,229,316 | ---- | C] () -- C:\Windows\System32\perfi00D.dat
[2010/01/02 18:24:09 | 00,067,018 | ---- | C] () -- C:\Windows\System32\perfc00D.dat
[2010/01/02 18:24:09 | 00,032,138 | ---- | C] () -- C:\Windows\System32\perfd00D.dat
[2010/01/02 17:51:53 | 00,450,868 | ---- | C] () -- C:\Windows\System32\perfh014.dat
[2010/01/02 17:51:53 | 00,298,280 | ---- | C] () -- C:\Windows\System32\perfi014.dat
[2010/01/02 17:51:53 | 00,074,762 | ---- | C] () -- C:\Windows\System32\perfc014.dat
[2010/01/02 17:51:53 | 00,036,144 | ---- | C] () -- C:\Windows\System32\perfd014.dat
[2010/01/02 17:33:12 | 00,394,306 | ---- | C] () -- C:\Windows\System32\perfh011.dat
[2010/01/02 17:33:12 | 00,141,988 | ---- | C] () -- C:\Windows\System32\perfi011.dat
[2010/01/02 17:33:12 | 00,104,340 | ---- | C] () -- C:\Windows\System32\perfc011.dat
[2010/01/02 17:33:12 | 00,031,548 | ---- | C] () -- C:\Windows\System32\perfd011.dat
[2010/01/02 17:07:10 | 00,624,926 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2010/01/02 17:07:10 | 00,291,582 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2010/01/02 17:07:10 | 00,119,200 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2010/01/02 17:07:10 | 00,036,010 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009/12/31 12:00:35 | 00,048,193 | ---- | C] () -- C:\Users\Eddie\Documents\Functional Resume with Border.docx
[2009/12/30 13:37:32 | 01,474,832 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2009/12/29 08:12:36 | 00,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/12/29 08:12:36 | 00,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 4).job
[2009/12/29 08:12:36 | 00,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 3).job
[2009/12/29 08:12:36 | 00,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 2).job
[2009/12/29 08:12:36 | 00,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 1).job
[2009/12/29 07:08:45 | 00,000,054 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2009/12/29 07:08:45 | 00,000,039 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2009/12/23 09:49:14 | 00,413,696 | ---- | C] () -- C:\Windows\System32\lxczutil.dll
[2009/12/23 09:49:14 | 00,274,432 | ---- | C] () -- C:\Windows\System32\LXCZinst.dll
[2009/12/23 09:49:14 | 00,001,851 | ---- | C] () -- C:\Windows\System32\lxcz.loc
[2009/12/18 04:25:55 | 00,001,068 | ---- | C] () -- C:\Users\Eddie\AppData\Roaming\BBMS_EXCEPTION.txt
[2009/11/30 18:47:39 | 12,201,984 | ---- | C] () -- C:\ProgramData\sandra.mda
[2009/10/12 08:16:59 | 00,016,456 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys
[2009/10/12 08:16:58 | 00,011,088 | ---- | C] () -- C:\Windows\System32\pwdspio.sys
[2009/09/28 09:22:00 | 00,315,392 | ---- | C] () -- C:\Windows\System32\drivers\yk62x86.sys
[2009/09/22 14:09:48 | 00,045,056 | ---- | C] () -- C:\Windows\System32\LXPRMON.DLL
[2009/09/22 14:09:48 | 00,032,768 | ---- | C] () -- C:\Windows\System32\LXPMONUI.DLL
[2009/09/22 14:05:47 | 00,000,238 | ---- | C] () -- C:\Windows\Lexstat.ini
[2009/09/22 14:03:45 | 00,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2009/09/10 13:57:08 | 00,047,360 | ---- | C] () -- C:\Windows\System32\drivers\Surroundhp_kern_i386.sys
[2009/09/10 13:57:08 | 00,047,104 | ---- | C] () -- C:\Windows\System32\drivers\tshd4_kern_i386.sys
[2009/09/10 13:57:08 | 00,042,112 | ---- | C] () -- C:\Windows\System32\drivers\csiidecoder_kern_i386.sys
[2009/08/19 23:58:18 | 00,007,677 | ---- | C] () -- C:\Users\Eddie\AppData\Local\resmon.resmoncfg
[2009/08/17 10:15:35 | 02,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2009/04/21 23:50:07 | 00,073,216 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/04/21 23:40:32 | 00,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2008/11/06 12:37:32 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/11/06 12:34:00 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2007/07/26 09:25:12 | 00,039,808 | ---- | C] () -- C:\Windows\System32\drivers\SRS_SSCFilter_i386.sys
[2007/01/22 09:49:34 | 00,344,064 | ---- | C] () -- C:\Windows\System32\lxczcoin.dll
[2006/06/07 14:23:04 | 00,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv7.dll
[2006/03/27 12:19:14 | 00,040,960 | ---- | C] () -- C:\Windows\System32\lxczvs.dll
[2006/03/07 12:59:04 | 00,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv6.dll
[2006/01/10 18:11:06 | 00,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv4.dll
[2006/01/10 18:11:05 | 00,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv5.dll
========== LOP Check ==========
[2009/10/01 08:11:20 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\Avanquest
[2009/12/31 13:15:11 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\Azureus
[2009/10/24 09:18:55 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\Blackberry Desktop
[2009/11/30 08:01:08 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\Bret Taylor
[2009/12/18 04:22:56 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\CBS Interactive
[2009/09/23 18:19:07 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\com.adobe.ExMan
[2009/09/29 16:11:35 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\Daoisoft
[2009/11/25 09:01:03 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\DassaultSystemes
[2009/12/03 08:32:21 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\DriverCure
[2009/08/18 11:47:14 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\FlashGet
[2009/11/30 09:20:21 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\GoodSync
[2009/10/24 09:19:20 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\IObit
[2009/09/08 18:50:50 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\Maxthon2
[2009/10/24 09:19:20 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\MiniDm
[2009/09/08 09:58:57 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\MxBoost
[2009/12/02 03:55:58 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\OpenOffice.org
[2009/12/02 18:13:07 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\Pegasys Inc
[2009/12/05 08:24:29 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\Research In Motion
[2009/09/25 12:25:45 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\Sahmon Games
[2009/12/07 15:24:45 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\SeriousBit
[2009/12/07 09:48:17 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\Stardock
[2009/10/20 13:14:16 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\System Tweaker
[2009/12/06 15:31:37 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\TuneUp Software
[2009/10/12 19:00:12 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\Uniblue
[2009/09/04 10:56:39 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\WeatherBug
[2009/09/16 15:09:35 | 00,000,000 | ---D | M] -- C:\Users\Eddie\AppData\Roaming\Wolfram Research
[2009/12/29 08:12:36 | 00,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 1).job
[2009/12/29 08:12:36 | 00,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 2).job
[2009/12/29 08:12:36 | 00,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 3).job
[2009/12/29 08:12:36 | 00,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 4).job
[2009/12/29 08:12:36 | 00,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2010/01/05 11:49:41 | 00,000,370 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2009/12/31 12:02:44 | 00,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009/04/22 01:24:12 | 00,053,328 | ---- | M] (Microsoft Corporation) MD5=7DFFC1CD425BCD998D9FDA0192383A19 -- C:\Windows\System32\drivers\AGP440.sys
[2009/04/22 01:24:12 | 00,053,328 | ---- | M] (Microsoft Corporation) MD5=7DFFC1CD425BCD998D9FDA0192383A19 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_e13b2b757efc5205\AGP440.sys
[2009/04/22 01:24:12 | 00,053,328 | ---- | M] (Microsoft Corporation) MD5=7DFFC1CD425BCD998D9FDA0192383A19 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7100.0_none_2b05e59d13c6aac3\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/04/22 01:24:04 | 00,021,584 | ---- | M] (Microsoft Corporation) MD5=80C40F7FDFC376E4C5FEEC28B41C119E -- C:\Windows\System32\drivers\atapi.sys
[2009/04/22 01:24:04 | 00,021,584 | ---- | M] (Microsoft Corporation) MD5=80C40F7FDFC376E4C5FEEC28B41C119E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_b27d5421375ad1cd\atapi.sys
[2009/04/22 01:24:04 | 00,021,584 | ---- | M] (Microsoft Corporation) MD5=80C40F7FDFC376E4C5FEEC28B41C119E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7100.0_none_4e2b207b769f9fe5\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009/04/22 01:20:04 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=EC9930C8CDF46295A1354256435CB5DE -- C:\Windows\System32\cngaudit.dll
[2009/04/22 01:20:04 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=EC9930C8CDF46295A1354256435CB5DE -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7100.0_none_5956e38684aa4f03\cngaudit.dll
< MD5 for: IASTORV.SYS >
[2009/04/22 01:24:21 | 00,332,368 | ---- | M] (Intel Corporation) MD5=AC958B65CDE27ADFDEC628BF7ECCEB8C -- C:\Windows\System32\drivers\iaStorV.sys
[2009/04/22 01:24:21 | 00,332,368 | ---- | M] (Intel Corporation) MD5=AC958B65CDE27ADFDEC628BF7ECCEB8C -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009/04/22 01:24:21 | 00,332,368 | ---- | M] (Intel Corporation) MD5=AC958B65CDE27ADFDEC628BF7ECCEB8C -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7100.0_none_20044ad9dcddcbd8\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009/04/22 01:21:18 | 00,561,152 | ---- | M] (Microsoft Corporation) MD5=A3EA8619FBBC2D270D79C241CE426618 -- C:\Windows\System32\netlogon.dll
[2009/04/22 01:21:18 | 00,561,152 | ---- | M] (Microsoft Corporation) MD5=A3EA8619FBBC2D270D79C241CE426618 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7100.0_none_6eaaafa48d0fb9a0\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009/04/22 01:24:17 | 00,142,416 | ---- | M] (NVIDIA Corporation) MD5=93CF6F974095F7D146AA273F3BF418D7 -- C:\Program Files\IObit\Advanced SystemCare 3\Backup\Drivers\NVIDIA nForce Serial ATA Controller\nvstor.sys
[2009/04/22 01:24:17 | 00,142,416 | ---- | M] (NVIDIA Corporation) MD5=93CF6F974095F7D146AA273F3BF418D7 -- C:\Windows\System32\drivers\nvstor.sys
[2009/04/22 01:24:17 | 00,142,416 | ---- | M] (NVIDIA Corporation) MD5=93CF6F974095F7D146AA273F3BF418D7 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_4d1b6b7b67c54c8c\nvstor.sys
[2009/04/22 01:24:17 | 00,142,416 | ---- | M] (NVIDIA Corporation) MD5=93CF6F974095F7D146AA273F3BF418D7 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7100.0_none_aacdbb89141475b0\nvstor.sys
< MD5 for: NVSTOR32.SYS >
[2007/01/27 17:21:00 | 00,101,160 | ---- | M] (NVIDIA Corporation) MD5=4A9A6368BEF61C9608FE7CC21B1F8886 -- C:\cabs\D20091-001-001\nvstor32.sys
< MD5 for: SCECLI.DLL >
[2009/04/22 01:21:47 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=686BAFE6AF35AF1C8D5EB536A8500430 -- C:\Windows\System32\scecli.dll
[2009/04/22 01:21:47 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=686BAFE6AF35AF1C8D5EB536A8500430 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7100.0_none_a900dabd2e31405b\scecli.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009/04/22 01:20:19 | 00,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/04/22 01:20:19 | 00,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
< %systemroot%\Tasks\*.job /lockedfiles >
========== Alternate Data Streams ==========
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:5A823589
< End of report >
Malwarebytes' Anti-Malware 1.43
Database version: 3495
Windows 6.1.7100
Internet Explorer 8.0.7100.0
1/5/2010 8:52:02 AM
mbam-log-2010-01-05 (08-52-02).txt
Scan type: Quick Scan
Objects scanned: 147772
Time elapsed: 5 minute(s), 3 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuMorePrograms (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Sign In
Create Account
