OTL.txt:
OTL logfile created on: 09/06/2010 5:11:29 PM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Eden\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 46.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 217.84 Gb Total Space | 121.90 Gb Free Space | 55.96% Space Free | Partition Type: NTFS
Drive D: | 6.28 Gb Total Space | 6.22 Gb Free Space | 99.04% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: EDEN-LAPTOP
Current User Name: Eden
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2010/06/09 16:59:15 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Eden\Downloads\OTL.exe
PRC - [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/04/02 23:21:46 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/02/05 02:53:29 | 000,788,880 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/02/05 02:53:28 | 001,181,328 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/11/19 22:29:16 | 000,623,960 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2009/07/26 17:44:34 | 003,883,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/03/08 23:21:02 | 000,386,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jucheck.exe
PRC - [2008/10/24 09:14:36 | 000,206,112 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2008/08/08 05:11:12 | 000,490,952 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
PRC - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2008/01/25 10:24:08 | 002,938,184 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2008/01/22 20:13:08 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2008/01/22 11:00:30 | 004,624,384 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
PRC - [2008/01/21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/01/09 15:02:08 | 001,056,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2007/12/25 14:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2007/12/25 14:06:52 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2007/10/29 14:30:14 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2007/10/25 17:41:18 | 000,413,696 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2007/10/04 18:39:42 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2007/09/28 16:03:46 | 000,075,136 | ---- | M] ( TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2007/02/12 01:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- c:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (SafeList) ========== MOD - [2010/06/09 16:59:15 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Eden\Downloads\OTL.exe
MOD - [2008/01/20 19:50:03 | 000,450,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2008/01/20 19:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2008/01/20 19:48:06 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2010/04/28 08:23:07 | 000,120,832 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (SASCORE)
SRV:
64bit: - [2009/12/09 20:30:34 | 000,017,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV:
64bit: - [2008/01/20 19:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2008/01/17 16:29:48 | 000,434,016 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:
64bit: - [2007/12/03 17:04:48 | 000,175,104 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV:
64bit: - [2007/11/21 17:53:16 | 000,135,168 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:
64bit: - [2007/10/17 23:37:22 | 000,412,672 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV:
64bit: - [2006/11/02 04:16:35 | 000,051,200 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\bthserv.dll -- (BthServ)
SRV - [2010/02/26 00:47:00 | 003,489,788 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010/02/05 02:53:28 | 001,181,328 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/03/23 22:26:07 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2008/10/25 12:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008/07/27 11:01:49 | 000,093,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008/01/21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/12/25 14:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007/09/28 16:06:42 | 000,168,296 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/09/12 18:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/02/12 01:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- c:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2006/11/02 06:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006/11/01 23:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006/11/01 23:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)
SRV - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2010/02/17 11:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:
64bit: - [2010/02/17 11:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:
64bit: - [2010/02/05 02:53:38 | 000,069,152 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\Lbd.sys -- (Lbd)
DRV:
64bit: - [2009/08/28 20:42:52 | 000,049,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:
64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:
64bit: - [2008/09/11 20:45:27 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:
64bit: - [2008/05/20 19:33:36 | 000,028,416 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:
64bit: - [2008/01/31 20:46:54 | 000,222,720 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDART64.sys -- (CnxtHdAudAddService)
DRV:
64bit: - [2008/01/21 15:42:26 | 000,531,968 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\tos_sps64.sys -- (tos_sps64)
DRV:
64bit: - [2008/01/20 19:49:47 | 000,011,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RootMdm.sys -- (ROOTMODEM)
DRV:
64bit: - [2008/01/20 19:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:
64bit: - [2008/01/20 19:47:27 | 000,168,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo)
DRV:
64bit: - [2008/01/20 19:47:03 | 000,276,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHport.sys -- (BTHPORT)
DRV:
64bit: - [2008/01/20 19:47:03 | 000,034,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHUSB.sys -- (BTHUSB)
DRV:
64bit: - [2008/01/20 19:47:03 | 000,023,040 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\BthEnum.sys -- (BthEnum)
DRV:
64bit: - [2008/01/20 19:47:02 | 000,115,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network)
DRV:
64bit: - [2008/01/20 19:46:55 | 000,111,104 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:
64bit: - [2008/01/20 19:46:52 | 000,062,976 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
DRV:
64bit: - [2008/01/20 19:46:51 | 000,017,792 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- (CmBatt)
DRV:
64bit: - [2008/01/14 19:35:34 | 000,058,328 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2mdx64.sys -- (O2MDRDR)
DRV:
64bit: - [2008/01/08 02:40:52 | 000,051,544 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2sdx64.sys -- (O2SDRDR)
DRV:
64bit: - [2007/12/27 19:51:00 | 000,391,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:
64bit: - [2007/12/26 14:13:06 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tosrfbd.sys -- (tosrfbd)
DRV:
64bit: - [2007/12/20 16:10:50 | 000,028,200 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:
64bit: - [2007/11/29 16:47:54 | 000,088,320 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Tosrfhid.sys -- (Tosrfhid)
DRV:
64bit: - [2007/11/29 09:45:58 | 000,044,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tosrfbnp.sys -- (tosrfbnp)
DRV:
64bit: - [2007/11/29 02:58:58 | 000,320,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:
64bit: - [2007/11/09 14:00:30 | 000,026,968 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV:
64bit: - [2007/11/01 02:22:50 | 001,481,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:
64bit: - [2007/11/01 02:19:46 | 000,293,376 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys -- (CAXHWAZL)
DRV:
64bit: - [2007/11/01 02:18:32 | 000,740,864 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:
64bit: - [2007/10/18 14:25:00 | 000,051,328 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tosrfusb.sys -- (Tosrfusb)
DRV:
64bit: - [2007/10/17 23:37:10 | 000,010,240 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:
64bit: - [2007/10/02 11:43:08 | 000,076,160 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\tosrfcom.sys -- (Tosrfcom)
DRV:
64bit: - [2007/09/29 08:03:32 | 000,384,024 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:
64bit: - [2007/09/25 15:19:08 | 003,196,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw4v64.sys -- (NETw4v64) Intel®
DRV:
64bit: - [2007/09/12 23:27:10 | 007,041,312 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2007/06/06 00:23:24 | 000,125,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:
64bit: - [2007/05/01 03:00:00 | 000,052,856 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:
64bit: - [2007/04/09 01:15:44 | 000,009,728 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\QIOMem.sys -- (QIOMem)
DRV:
64bit: - [2006/11/01 22:28:10 | 000,273,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:
64bit: - [2006/10/23 16:33:08 | 000,018,944 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tosrfec.sys -- (tosrfec)
DRV:
64bit: - [2006/10/19 13:10:40 | 000,027,456 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tdcmdpst.sys -- (tdcmdpst)
DRV:
64bit: - [2006/10/11 16:31:00 | 000,050,688 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tosporte.sys -- (tosporte)
DRV:
64bit: - [2006/06/18 22:27:24 | 000,017,024 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV:
64bit: - [2005/07/13 06:43:00 | 000,028,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tosrfnds.sys -- (tosrfnds)
DRV - [2006/09/18 14:36:40 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006/09/18 14:35:23 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2006/06/18 22:26:50 | 000,094,208 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\mdmxsdk.dll -- (mdmxsdk)
DRV - [2005/01/01 02:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.shoptoshiba.ca/welcomeIE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.shoptoshiba.ca/welcomeIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.daemon-search.com/startpageIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "
http://www.google.com/"FF - prefs.js..extensions.enabledItems: {4776510a-a1f4-41f3-a3c8-35b474ecef23}:1.0.8
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/04/14 07:04:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/04/02 23:21:46 | 000,000,000 | ---D | M]
[2008/07/16 12:56:36 | 000,000,000 | ---D | M] -- C:\Users\Eden\AppData\Roaming\Mozilla\Extensions
[2010/06/09 00:06:58 | 000,000,000 | ---D | M] -- C:\Users\Eden\AppData\Roaming\Mozilla\Firefox\Profiles\l6d1t15a.default\extensions
[2010/04/27 10:42:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Eden\AppData\Roaming\Mozilla\Firefox\Profiles\l6d1t15a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/25 16:14:51 | 000,000,000 | ---D | M] (Stealther) -- C:\Users\Eden\AppData\Roaming\Mozilla\Firefox\Profiles\l6d1t15a.default\extensions\{4776510a-a1f4-41f3-a3c8-35b474ecef23}
[2008/09/11 20:51:50 | 000,000,523 | ---- | M] () -- C:\Users\Eden\AppData\Roaming\Mozilla\Firefox\Profiles\l6d1t15a.default\searchplugins\daemon-search.xml
[2010/06/09 00:06:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/03/17 00:59:16 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/03/17 00:59:16 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/03/17 00:59:16 | 000,000,769 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/03/17 00:59:17 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2006/09/18 14:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (moigh Object) - {5B1C0DB8-F2BF-4D42-A7C2-B0D497186931} - C:\Windows\SysWOW64\svdid.dll ()
O3:
64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3:
64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:
64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe ()
O4:
64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe ()
O4:
64bit: - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe ()
O4:
64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [MsnMsgr] C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0}
http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565}
http://messenger.zon...wn.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.144.90 64.59.144.91
O18:
64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll ()
O24 - Desktop WallPaper: C:\TOSHIBA\Wallpapers\wallpaper1.jpg
O24 - Desktop BackupWallPaper: C:\TOSHIBA\Wallpapers\wallpaper1.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6b371379-f30b-11dd-9e9e-001e6871351a}\Shell - "" = AutoRun
O33 - MountPoints2\{6b371379-f30b-11dd-9e9e-001e6871351a}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:
64bit: Ias - C:\Windows\SysNative\ias [2008/01/20 20:06:38 | 000,000,000 | ---D | M]
NetSvcs:
64bit: Irmon - C:\Windows\SysNative\irmon.dll ()
NetSvcs:
64bit: Wmi - C:\Windows\SysNative\wmi.dll ()
NetSvcs: Ias - C:\Windows\SysWOW64\ias [2008/01/20 20:08:35 | 000,000,000 | ---D | M]
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)
Drivers32:
64bit: aux - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:
64bit: aux1 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:
64bit: midi - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:
64bit: midi1 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:
64bit: midimapper - C:\Windows\SysNative\midimap.dll ()
Drivers32:
64bit: mixer - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:
64bit: mixer1 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:
64bit: msacm.imaadpcm - C:\Windows\SysNative\imaadp32.acm ()
Drivers32:
64bit: msacm.l3acm - C:\Windows\SysNative\l3codeca.acm ()
Drivers32:
64bit: msacm.msadpcm - C:\Windows\SysNative\msadp32.acm ()
Drivers32:
64bit: msacm.msg711 - C:\Windows\SysNative\msg711.acm ()
Drivers32:
64bit: msacm.msgsm610 - C:\Windows\SysNative\msgsm32.acm ()
Drivers32:
64bit: MSVideo8 - C:\Windows\SysNative\vfwwdm32.dll ()
Drivers32:
64bit: vidc.i420 - C:\Windows\SysNative\iyuv_32.dll ()
Drivers32:
64bit: VIDC.IYUV - C:\Windows\SysNative\iyuv_32.dll ()
Drivers32:
64bit: vidc.mrle - C:\Windows\SysNative\msrle32.dll ()
Drivers32:
64bit: vidc.msvc - C:\Windows\SysNative\msvidc32.dll ()
Drivers32:
64bit: VIDC.UYVY - C:\Windows\SysNative\msyuv.dll ()
Drivers32:
64bit: VIDC.YUY2 - C:\Windows\SysNative\msyuv.dll ()
Drivers32:
64bit: VIDC.YVU9 - C:\Windows\SysNative\tsbyuv.dll ()
Drivers32:
64bit: VIDC.YVYU - C:\Windows\SysNative\msyuv.dll ()
Drivers32:
64bit: wave - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:
64bit: wave1 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:
64bit: wavemapper - C:\Windows\SysNative\msacm32.drv ()
Drivers32: msacm.dvacm - C:\Program Files (x86)\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\Windows\SysWow64\sirenacm.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\Program Files (x86)\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 90 Days ========== [2010/06/09 14:40:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2010/06/09 14:39:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/06/09 14:31:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010/06/09 02:31:37 | 000,000,000 | ---D | C] -- C:\Users\Eden\Desktop\New Folder
[2010/06/09 02:06:09 | 000,000,000 | ---D | C] -- C:\MGtools
[2010/06/09 01:17:00 | 000,000,000 | ---D | C] -- C:\Users\Eden\Desktop\[S-Cute] 06.07up! 7th No.45 Remon Mizutama
[2010/06/08 21:54:04 | 000,000,000 | ---D | C] -- C:\Users\Eden\AppData\Roaming\SUPERAntiSpyware.com
[2010/06/08 21:54:04 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/06/08 21:53:58 | 000,000,000 | ---D | C] -- C:\ProgramData\SASCORE
[2010/06/08 21:53:56 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/05/30 02:57:05 | 000,000,000 | ---D | C] -- C:\Users\Eden\DoctorWeb
[2010/05/29 19:24:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\$NtUninstallWTF1012$
[2010/05/29 19:23:55 | 000,000,000 | ---D | C] -- C:\Users\Eden\AppData\Local\Windows Server
[2010/05/29 19:23:43 | 000,000,000 | ---D | C] -- C:\Users\Eden\AppData\Roaming\D2C574D6F0342D0A556E35704A359590
[2010/05/24 12:09:11 | 000,000,000 | ---D | C] -- C:\Users\Eden\Desktop\The.Wolfman.UNRATED.DVDRip.XviD-DiAMOND
[2010/05/24 12:05:33 | 000,000,000 | ---D | C] -- C:\Users\Eden\Desktop\Fire of Conscience 2010 BRRip XviD-sailo1
[2010/05/24 12:05:08 | 000,000,000 | ---D | C] -- C:\Users\Eden\Desktop\Worst.Case.Scenario.S01E06.HDTV.XviD-aAF [NO-RAR] - [ www.torrentday.com ]
[2010/05/24 12:04:37 | 000,000,000 | ---D | C] -- C:\Users\Eden\Desktop\Worst.Case.Scenario.S01E05.HDTV.XviD-aAF [NO-RAR] - [ www.torrentday.com ]
[2010/05/17 16:02:37 | 000,000,000 | ---D | C] -- C:\Users\Eden\Desktop\FlashPoint
[2010/04/07 16:40:43 | 003,489,788 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2010/04/07 16:40:39 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2010/04/07 16:40:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2010/04/07 16:39:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\softnyx
[2010/03/17 23:27:01 | 000,000,000 | ---D | C] -- C:\Users\Eden\AppData\Roaming\Research In Motion
[2010/03/17 23:22:03 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2010/03/17 23:21:57 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2010/03/17 23:21:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2010/03/17 23:19:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010/03/17 23:18:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2010/03/17 23:18:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2010/03/17 23:18:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio
[2010/03/17 23:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Research In Motion
[2010/03/17 23:11:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2010/03/17 23:11:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Research In Motion
[2010/03/17 23:11:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Research In Motion
[2010/03/13 16:28:05 | 000,000,000 | ---D | C] -- C:\Users\Eden\AppData\Roaming\Malwarebytes
[2010/03/13 16:28:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/03/13 16:27:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/03/13 16:27:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
========== Files - Modified Within 90 Days ========== [2010/06/09 17:08:30 | 002,621,440 | -HS- | M] () -- C:\Users\Eden\NTUSER.DAT
[2010/06/09 17:02:52 | 000,757,068 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/06/09 17:02:52 | 000,647,686 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/06/09 17:02:52 | 000,123,974 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/06/09 16:56:40 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/06/09 16:56:40 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/06/09 16:56:37 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/06/09 16:56:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/06/09 16:56:21 | 3211,190,272 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/09 16:55:22 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/06/09 16:55:14 | 000,524,288 | -HS- | M] () -- C:\Users\Eden\NTUSER.DAT{b5da9ed6-8842-11de-85b4-001e6871351a}.TMContainer00000000000000000001.regtrans-ms
[2010/06/09 16:55:14 | 000,065,536 | -HS- | M] () -- C:\Users\Eden\NTUSER.DAT{b5da9ed6-8842-11de-85b4-001e6871351a}.TM.blf
[2010/06/09 16:54:55 | 001,884,209 | -H-- | M] () -- C:\Users\Eden\AppData\Local\IconCache.db
[2010/06/09 16:54:07 | 000,002,557 | ---- | M] () -- C:\Users\Eden\Desktop\HiJackThis.lnk
[2010/06/09 14:39:51 | 000,000,953 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/06/09 11:19:00 | 000,427,000 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/06/09 02:30:57 | 000,198,455 | ---- | M] () -- C:\MGlogs.zip
[2010/06/09 02:03:29 | 000,000,036 | ---- | M] () -- C:\Users\Eden\AppData\Local\housecall.guid.cache
[2010/06/09 02:03:13 | 002,392,974 | ---- | M] () -- C:\Users\Eden\Desktop\MGtools.exe
[2010/06/09 00:07:26 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{18D868AC-870C-4EC8-AEB1-862E41CA5336}.job
[2010/06/08 14:07:06 | 000,310,784 | ---- | M] () -- C:\Windows\SysWow64\svdid.dll
[2010/06/08 07:51:54 | 000,040,629 | ---- | M] () -- C:\Windows\SysWow64\nvdid.exe
[2010/06/07 14:57:56 | 000,159,744 | ---- | M] () -- C:\Users\Eden\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/05 19:38:16 | 000,000,496 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Eden.job
[2010/05/29 19:24:18 | 000,050,981 | ---- | M] () -- C:\Windows\SysWow64\fkzldnwpcn.exe
[2010/05/26 09:53:52 | 000,048,128 | ---- | M] () -- C:\Windows\SysNative\atmlib.dll
[2010/05/26 07:56:53 | 000,366,080 | ---- | M] () -- C:\Windows\SysNative\atmfd.dll
[2010/05/24 23:13:59 | 000,020,040 | ---- | M] () -- C:\Users\Eden\Desktop\Eden Wong Resume.docx
[2010/05/24 09:31:20 | 000,040,633 | ---- | M] () -- C:\Windows\SysWow64\mkislnck.exe
[2010/05/16 22:49:16 | 000,194,713 | ---- | M] () -- C:\Users\Eden\Desktop\VCAABusCard.5.pdf
[2010/05/04 12:18:31 | 001,032,704 | ---- | M] () -- C:\Windows\SysNative\wininet.dll
[2010/05/04 12:16:22 | 000,208,896 | ---- | M] () -- C:\Windows\SysNative\occache.dll
[2010/05/04 12:15:02 | 001,129,984 | ---- | M] () -- C:\Windows\SysNative\mstime.dll
[2010/05/04 12:14:31 | 000,758,784 | ---- | M] () -- C:\Windows\SysNative\mshtmled.dll
[2010/05/04 12:14:22 | 000,580,608 | ---- | M] () -- C:\Windows\SysNative\msfeeds.dll
[2010/05/04 12:12:55 | 000,032,256 | ---- | M] () -- C:\Windows\SysNative\jsproxy.dll
[2010/05/04 12:12:27 | 000,375,296 | ---- | M] () -- C:\Windows\SysNative\iertutil.dll
[2010/05/04 12:12:27 | 000,249,856 | ---- | M] () -- C:\Windows\SysNative\iepeers.dll
[2010/05/04 12:12:17 | 000,480,256 | ---- | M] () -- C:\Windows\SysNative\iedkcs32.dll
[2010/05/04 12:12:17 | 000,086,528 | ---- | M] () -- C:\Windows\SysNative\ieencode.dll
[2010/05/04 12:12:16 | 000,422,400 | ---- | M] () -- C:\Windows\SysNative\ieapfltr.dll
[2010/05/04 12:12:16 | 000,267,776 | ---- | M] () -- C:\Windows\SysNative\ieaksie.dll
[2010/05/04 10:53:47 | 000,485,376 | ---- | M] () -- C:\Windows\SysNative\html.iec
[2010/05/04 10:27:37 | 000,032,768 | ---- | M] () -- C:\Windows\SysNative\ieUnatt.exe
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/04/29 15:39:28 | 000,024,664 | ---- | M] () -- C:\Windows\SysNative\drivers\mbam.sys
[2010/04/29 14:22:03 | 004,514,113 | ---- | M] () -- C:\Users\Eden\Desktop\Epik High - Wordkill (Studio Demo).mp3
[2010/04/25 22:04:47 | 009,978,856 | ---- | M] () -- C:\Users\Eden\Desktop\Billy Talent - Saint Veronika.mp3
[2010/04/16 09:40:20 | 001,570,816 | ---- | M] () -- C:\Windows\SysNative\quartz.dll
[2010/04/08 03:10:31 | 000,000,920 | ---- | M] () -- C:\Users\Eden\Desktop\GunboundWC.lnk
[2010/04/05 09:51:12 | 000,084,480 | ---- | M] () -- C:\Windows\SysNative\asycfilt.dll
[2010/04/02 17:17:34 | 000,179,091 | ---- | M] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010/03/22 10:21:40 | 000,013,182 | -HS- | M] () -- C:\Users\Eden\AppData\Local\OIXQ
[2010/03/22 10:21:40 | 000,013,182 | -HS- | M] () -- C:\ProgramData\OIXQ
[2010/03/17 23:49:20 | 000,000,256 | ---- | M] () -- C:\Windows\SysWow64\pool.bin
[2010/03/17 23:25:36 | 000,125,696 | ---- | M] () -- C:\Users\Eden\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/03/12 16:26:03 | 000,012,094 | -HS- | M] () -- C:\Users\Eden\AppData\Local\c58EA
========== Files Created - No Company Name ========== [2010/06/09 16:08:03 | 000,002,557 | ---- | C] () -- C:\Users\Eden\Desktop\HiJackThis.lnk
[2010/06/09 14:39:51 | 000,000,953 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/06/09 14:28:52 | 3211,190,272 | -HS- | C] () -- C:\hiberfil.sys
[2010/06/09 02:06:10 | 000,198,455 | ---- | C] () -- C:\MGlogs.zip
[2010/06/09 02:03:29 | 000,000,036 | ---- | C] () -- C:\Users\Eden\AppData\Local\housecall.guid.cache
[2010/06/09 02:03:09 | 002,392,974 | ---- | C] () -- C:\Users\Eden\Desktop\MGtools.exe
[2010/06/08 14:07:06 | 000,310,784 | ---- | C] () -- C:\Windows\SysWow64\svdid.dll
[2010/06/08 11:05:44 | 000,366,080 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll
[2010/06/08 11:05:42 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll
[2010/06/08 11:05:39 | 000,084,480 | ---- | C] () -- C:\Windows\SysNative\asycfilt.dll
[2010/06/08 11:05:25 | 002,749,952 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2010/06/08 11:05:16 | 005,690,368 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2010/06/08 11:05:14 | 007,006,208 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2010/06/08 11:05:12 | 001,426,944 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2010/06/08 11:05:11 | 001,032,704 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2010/06/08 11:05:11 | 000,208,896 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2010/06/08 11:05:09 | 000,758,784 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll
[2010/06/08 11:05:09 | 000,422,400 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll
[2010/06/08 11:05:08 | 000,580,608 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2010/06/08 11:05:07 | 000,480,256 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2010/06/08 11:05:07 | 000,375,296 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2010/06/08 11:05:07 | 000,249,856 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2010/06/08 11:05:05 | 000,485,376 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2010/06/08 11:05:05 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2010/06/08 11:05:05 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2010/06/08 11:05:04 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\ieencode.dll
[2010/06/08 11:05:03 | 001,129,984 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2010/06/08 11:05:03 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2010/06/08 11:05:02 | 001,383,424 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2010/06/08 11:04:51 | 001,570,816 | ---- | C] () -- C:\Windows\SysNative\quartz.dll
[2010/06/08 07:51:54 | 000,040,629 | ---- | C] () -- C:\Windows\SysWow64\nvdid.exe
[2010/05/29 19:24:18 | 000,050,981 | ---- | C] () -- C:\Windows\SysWow64\fkzldnwpcn.exe
[2010/05/26 12:07:06 | 000,002,048 | ---- | C] () -- C:\Windows\SysNative\tzres.dll
[2010/05/24 09:31:20 | 000,040,633 | ---- | C] () -- C:\Windows\SysWow64\mkislnck.exe
[2010/05/16 22:49:13 | 000,194,713 | ---- | C] () -- C:\Users\Eden\Desktop\VCAABusCard.5.pdf
[2010/05/16 22:38:29 | 000,020,040 | ---- | C] () -- C:\Users\Eden\Desktop\Eden Wong Resume.docx
[2010/05/11 12:37:39 | 000,974,848 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll
[2010/04/29 14:20:41 | 004,514,113 | ---- | C] () -- C:\Users\Eden\Desktop\Epik High - Wordkill (Studio Demo).mp3
[2010/04/25 15:51:53 | 009,978,856 | ---- | C] () -- C:\Users\Eden\Desktop\Billy Talent - Saint Veronika.mp3
[2010/04/13 13:55:05 | 001,420,688 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys
[2010/04/13 13:55:05 | 000,224,256 | ---- | C] () -- C:\Windows\SysNative\iphlpsvc.dll
[2010/04/13 13:55:05 | 000,029,696 | ---- | C] () -- C:\Windows\SysNative\drivers\tunnel.sys
[2010/04/13 13:54:56 | 000,273,920 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2010/04/13 13:54:56 | 000,135,168 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb.sys
[2010/04/13 13:54:56 | 000,105,472 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb20.sys
[2010/04/13 13:54:53 | 004,690,832 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe
[2010/04/13 13:54:43 | 000,603,648 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll
[2010/04/13 13:54:38 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\l3codeca.acm
[2010/04/13 10:42:26 | 000,104,960 | ---- | C] () -- C:\Windows\SysNative\cabview.dll
[2010/04/13 10:42:24 | 000,218,112 | ---- | C] () -- C:\Windows\SysNative\wintrust.dll
[2010/04/07 16:40:39 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2010/04/07 16:40:12 | 000,000,920 | ---- | C] () -- C:\Users\Eden\Desktop\GunboundWC.lnk
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010/03/22 10:18:29 | 000,013,182 | -HS- | C] () -- C:\Users\Eden\AppData\Local\OIXQ
[2010/03/22 10:18:29 | 000,013,182 | -HS- | C] () -- C:\ProgramData\OIXQ
[2010/03/17 23:27:02 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\pool.bin
[2010/03/17 23:21:51 | 000,010,488 | ---- | C] () -- C:\Windows\SysNative\drivers\cdr4_xp.sys
[2010/03/17 23:21:50 | 000,052,856 | ---- | C] () -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2010/03/17 23:21:50 | 000,010,488 | ---- | C] () -- C:\Windows\SysNative\drivers\cdralw2k.sys
[2010/03/17 23:12:56 | 000,031,744 | ---- | C] () -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys
[2010/03/14 02:31:07 | 000,270,208 | ---- | C] () -- C:\Windows\SysNative\MpSigStub.exe
[2010/03/13 16:27:59 | 000,024,664 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2010/03/12 16:24:22 | 000,012,094 | -HS- | C] () -- C:\Users\Eden\AppData\Local\c58EA
[2009/05/24 18:07:04 | 000,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI
[2009/04/04 12:25:24 | 000,000,000 | ---- | C] () -- C:\Windows\ToDisc.INI
[2009/02/25 16:11:30 | 000,000,122 | ---- | C] () -- C:\Windows\WA.INI
[2008/12/11 04:21:19 | 000,017,408 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll
[2008/09/18 19:26:10 | 000,000,260 | ---- | C] () -- C:\Windows\RomeTW.ini
[2008/07/16 12:19:03 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll
[2008/07/16 12:19:03 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll
[2008/07/16 12:19:03 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll
[2008/07/16 12:19:03 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll
[2008/07/16 12:19:03 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll
[2008/07/16 12:19:03 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll
[2008/07/16 12:15:41 | 000,128,113 | ---- | C] () -- C:\Windows\SysWow64\csellang.ini
[2008/07/16 12:15:41 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\csellang.dll
[2008/07/16 12:15:41 | 000,007,671 | ---- | C] () -- C:\Windows\SysWow64\cseltbl.ini
[2008/05/22 08:16:58 | 000,003,584 | ---- | C] () -- C:\Windows\SysWow64\wceprv.dll
[2008/03/04 19:52:34 | 000,286,720 | ---- | C] () -- C:\Windows\SysWow64\libcurl.dll
[2008/02/19 20:09:55 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/02/19 19:28:04 | 000,700,730 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2008/02/19 12:30:20 | 001,238,832 | ---- | C] () -- C:\Windows\SysWow64\igmedkrn.dll
[2008/02/19 12:30:20 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igmedcompkrn.dll
[2008/01/20 19:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/20 19:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007/12/21 16:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\TosBtAcc.dll
[2007/10/31 10:39:54 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2007/05/17 14:58:10 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\libexpatw.dll
[2005/07/22 21:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\TosCommAPI.dll
========== LOP Check ========== [2010/05/29 21:01:02 | 000,000,000 | ---D | M] -- C:\Users\Eden\AppData\Roaming\D2C574D6F0342D0A556E35704A359590
[2008/09/11 20:44:14 | 000,000,000 | ---D | M] -- C:\Users\Eden\AppData\Roaming\DAEMON Tools
[2008/12/29 19:21:42 | 000,000,000 | ---D | M] -- C:\Users\Eden\AppData\Roaming\NCH Swift Sound
[2010/03/17 23:27:01 | 000,000,000 | ---D | M] -- C:\Users\Eden\AppData\Roaming\Research In Motion
[2010/01/15 19:34:57 | 000,000,000 | ---D | M] -- C:\Users\Eden\AppData\Roaming\Stardock
[2008/11/02 14:34:00 | 000,000,000 | ---D | M] -- C:\Users\Eden\AppData\Roaming\TOSHIBA
[2010/06/09 16:55:24 | 000,032,556 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/06/09 00:07:26 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{18D868AC-870C-4EC8-AEB1-862E41CA5336}.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2010/06/09 16:56:19 | 000,047,119 | ---- | M] () -- C:\aaw7boot.log
[2008/01/20 19:50:15 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2008/02/19 18:47:05 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2010/06/09 16:56:21 | 3211,190,272 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2010/05/29 19:37:38 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2010/06/09 02:30:57 | 000,198,455 | ---- | M] () -- C:\MGlogs.zip
[2010/06/09 16:56:19 | 3524,902,912 | -HS- | M] () -- C:\pagefile.sys
[2010/05/29 21:35:48 | 000,000,352 | ---- | M] () -- C:\rkill.log
[2009/05/26 13:03:36 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/07/27 18:12:49 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2009/05/26 13:03:36 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/07/27 18:12:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
< %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\user32.dll /md5 >[2008/01/20 19:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\SysWOW64\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >[2008/01/20 19:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SysWOW64\ws2_32.dll
========== Files - Unicode (All) ==========[2010/03/04 00:45:07 | 004,801,063 | ---- | M] ()(C:\Users\Eden\Desktop\?????? - ??? ?? ??? ? ? ???.MP3) -- C:\Users\Eden\Desktop\드렁큰타이거 - 소외된 모두 왼발을 한 보 앞으로.MP3
[2010/03/04 00:44:53 | 004,801,063 | ---- | C] ()(C:\Users\Eden\Desktop\?????? - ??? ?? ??? ? ? ???.MP3) -- C:\Users\Eden\Desktop\드렁큰타이거 - 소외된 모두 왼발을 한 보 앞으로.MP3
< End of report >