OTL logfile created on: 7/27/2012 5:46:11 PM - Run OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222.78 Gb Total Space | 23.55 Gb Free Space | 10.57% Space Free | Partition Type: NTFS Drive D: | 1.87 Gb Total Space | 0.76 Gb Free Space | 41.00% Space Free | Partition Type: FAT Drive H: | 10.00 Gb Total Space | 2.58 Gb Free Space | 25.76% Space Free | Partition Type: NTFS Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet002 [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012/06/28 12:37:04 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012/06/27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012/04/21 19:28:53 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/02/24 05:50:00 | 000,825,664 | -H-- | M] (The Nielsen Company) [Auto] -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe -- (NielsenUpdate) SRV - [2011/12/12 12:03:40 | 000,290,832 | ---- | M] (Verizon) [Auto] -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter) SRV - [2011/06/06 12:36:00 | 004,005,936 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2008/12/01 11:59:52 | 000,033,752 | -H-- | M] (NOS Microsystems Ltd.) [On_Demand] -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus(R) Helper) getPlus(R) SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) SRV - [2008/01/28 11:43:32 | 000,810,320 | ---- | M] (Safer Networking Ltd.) [Auto] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/19 03:36:36 | 000,000,000 | ---- | M] () [On_Demand] -- C:\Windows\System32\ssdpsrv.dll -- (SSDPSRV) SRV - [2007/12/19 09:05:48 | 000,028,728 | ---- | M] (MyWebSearch.com) [Auto] -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService) SRV - [2007/05/17 19:32:19 | 000,072,704 | ---- | M] (Creative Labs) [Auto] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service) SRV - [2006/11/07 13:27:02 | 000,070,656 | ---- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService) SRV - [2006/10/11 17:48:50 | 000,532,480 | ---- | M] ( ) [Auto] -- C:\Windows\System32\dlcxcoms.exe -- (dlcx_device) SRV - [2006/09/29 12:38:50 | 000,081,920 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) [color=#E56717]========== Driver Services (All) ==========[/color] DRV - File not found [Kernel | On_Demand] -- -- (XG762_VS) DRV - File not found [Kernel | Auto] -- -- (X4HSX32) DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt) DRV - File not found [Kernel | Auto] -- -- (MCSTRM) DRV - File not found [Kernel | On_Demand] -- -- (IpInIp) DRV - File not found [Kernel | Disabled] -- -- (blbdrive) DRV - [2012/07/02 13:02:30 | 000,029,904 | ---- | M] () [Kernel | System] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7502AF7B-D9D0-44F0-A841-AC1685747FC2}\MpKsl156dce76.sys -- (MpKsl156dce76) DRV - [2012/05/01 10:03:49 | 000,180,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD) DRV - [2012/03/30 08:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip6) DRV - [2012/03/30 08:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip) DRV - [2012/03/29 09:39:19 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg) DRV - [2012/03/20 20:44:12 | 000,171,064 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter) DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2012/03/20 19:28:50 | 000,053,120 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr) DRV - [2012/03/20 17:33:14 | 000,022,064 | -H-- | M] (The Nielsen Company) [Kernel | System] -- C:\Program Files\NetRatingsNetSight\NetSight\meter9\nnfwdk.sys -- (nnfwdk) DRV - [2012/02/29 09:32:37 | 000,012,800 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec) DRV - [2012/02/15 12:01:50 | 000,043,520 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL) DRV - [2011/11/17 02:48:37 | 000,440,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\ksecdd.sys -- (KSecDD) DRV - [2011/07/06 11:31:47 | 000,214,016 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10) DRV - [2011/05/25 02:09:05 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011/04/29 09:25:10 | 000,146,432 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\srv2.sys -- (srv2) DRV - [2011/04/29 09:25:09 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet) DRV - [2011/04/29 09:24:42 | 000,079,872 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20) DRV - [2011/04/29 09:24:40 | 000,106,496 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\mrxsmb.sys -- (mrxsmb) DRV - [2011/04/21 09:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\system32\drivers\afd.sys -- (AFD) DRV - [2011/04/14 10:59:03 | 000,075,264 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC) DRV - [2011/02/22 09:23:55 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\bowser.sys -- (bowser) DRV - [2011/02/18 10:03:32 | 000,305,152 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\srv.sys -- (srv) DRV - [2011/01/20 12:37:37 | 000,638,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl) DRV - [2010/04/26 22:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2010/04/26 22:25:20 | 000,110,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM) DRV - [2010/04/26 22:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2010/04/26 22:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2010/02/20 16:53:34 | 000,411,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\http.sys -- (HTTP) DRV - [2010/02/18 07:28:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel) DRV - [2009/11/16 01:36:40 | 000,822,272 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u) DRV - [2009/09/30 21:01:54 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WpdUsb.sys -- (WpdUsb) DRV - [2009/09/16 10:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk) DRV - [2009/09/16 10:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk) DRV - [2009/09/16 10:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk) DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk) DRV - [2009/07/14 13:45:07 | 000,445,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000) DRV - [2009/05/18 14:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2009/05/09 01:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nuidfltr.sys -- (NuidFltr) DRV - [2009/04/11 02:33:03 | 000,292,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx) DRV - [2009/04/11 02:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\volsnap.sys -- (volsnap) DRV - [2009/04/11 02:32:55 | 000,149,480 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\pci.sys -- (pci) DRV - [2009/04/11 02:32:52 | 000,053,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\termdd.sys -- (TermDD) DRV - [2009/04/11 02:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs) DRV - [2009/04/11 02:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\ndis.sys -- (NDIS) DRV - [2009/04/11 02:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\acpi.sys -- (ACPI) DRV - [2009/04/11 02:32:46 | 000,245,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\clfs.sys -- (CLFS) Common Log (CLFS) DRV - [2009/04/11 02:32:46 | 000,190,424 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\Windows\System32\drivers\fltMgr.sys -- (FltMgr) DRV - [2009/04/11 02:32:46 | 000,180,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt) DRV - [2009/04/11 02:32:46 | 000,161,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC) DRV - [2009/04/11 02:32:43 | 000,141,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\ecache.sys -- (Ecache) DRV - [2009/04/11 02:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\disk.sys -- (disk) DRV - [2009/04/11 02:32:31 | 000,048,104 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\Windows\System32\drivers\mup.sys -- (Mup) DRV - [2009/04/11 00:46:40 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp) DRV - [2009/04/11 00:46:32 | 000,121,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ndiswan.sys -- (NdisWan) DRV - [2009/04/11 00:46:30 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\raspppoe.sys -- (RasPppoe) DRV - [2009/04/11 00:45:56 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\tdx.sys -- (tdx) DRV - [2009/04/11 00:45:51 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\pacer.sys -- (PSched) DRV - [2009/04/11 00:45:37 | 000,185,856 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\netbt.sys -- (netbt) DRV - [2009/04/11 00:45:22 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\smb.sys -- (Smb) DRV - [2009/04/11 00:43:28 | 000,148,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP) DRV - [2009/04/11 00:43:16 | 000,196,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbhub.sys -- (usbhub) DRV - [2009/04/11 00:43:02 | 000,236,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService) DRV - [2009/04/11 00:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\USBSTOR.SYS -- (USBSTOR) DRV - [2009/04/11 00:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM) DRV - [2009/04/11 00:42:52 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbehci.sys -- (usbehci) DRV - [2009/04/11 00:42:48 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\hidusb.sys -- (HidUsb) DRV - [2009/04/11 00:42:42 | 000,561,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2009/04/11 00:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom) DRV - [2009/04/11 00:38:40 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid) DRV - [2009/04/11 00:14:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\system32\drivers\mrxdav.sys -- (MRxDAV) DRV - [2009/04/11 00:14:29 | 000,225,280 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\Windows\System32\drivers\rdbss.sys -- (rdbss) DRV - [2009/04/11 00:14:01 | 000,035,328 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs) DRV - [2009/04/11 00:13:59 | 000,226,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\Windows\System32\drivers\udfs.sys -- (udfs) DRV - [2009/04/11 00:13:53 | 000,136,704 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\exfat.sys -- (exfat) DRV - [2009/04/11 00:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat) DRV - [2009/04/08 14:29:52 | 000,056,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\xusb21.sys -- (xusb21) DRV - [2009/03/18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2008/10/28 17:15:54 | 000,020,736 | ---- | M] (ZDC., Inc. (ZDC)) [Kernel | On_Demand] -- C:\Windows\System32\ZDCndis5.sys -- (ZDCNDIS5) DRV - [2008/01/19 03:42:31 | 000,058,936 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo) DRV - [2008/01/19 03:42:28 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\mountmgr.sys -- (MountMgr) DRV - [2008/01/19 03:42:18 | 000,052,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr) DRV - [2008/01/19 03:41:52 | 000,035,384 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\kbdclass.sys -- (kbdclass) DRV - [2008/01/19 03:41:52 | 000,034,360 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\mouclass.sys -- (mouclass) DRV - [2008/01/19 03:41:49 | 000,031,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mssmbios.sys -- (mssmbios) DRV - [2008/01/19 03:41:30 | 000,021,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\spldr.sys -- (spldr) DRV - [2008/01/19 03:41:14 | 000,016,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv) DRV - [2008/01/19 03:41:14 | 000,015,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\swenum.sys -- (swenum) DRV - [2008/01/19 02:14:40 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbprint.sys -- (usbprint) DRV - [2008/01/19 02:14:09 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbscan.sys -- (usbscan) DRV - [2008/01/19 02:01:15 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv) DRV - [2008/01/19 02:01:09 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD) DRV - [2008/01/19 02:01:08 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tdtcp.sys -- (TDTCP) DRV - [2008/01/19 02:01:08 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\RDPCDD.sys -- (RDPCDD) DRV - [2008/01/19 02:01:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE) DRV - [2008/01/19 01:57:16 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\modem.sys -- (Modem) DRV - [2008/01/19 01:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ws2ifsl.sys -- (ws2ifsl) DRV - [2008/01/19 01:56:34 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP) DRV - [2008/01/19 01:56:34 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP) DRV - [2008/01/19 01:56:31 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarpv6) DRV - [2008/01/19 01:56:31 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarp) DRV - [2008/01/19 01:56:31 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\rasacd.sys -- (RasAcd) DRV - [2008/01/19 01:56:29 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac) DRV - [2008/01/19 01:56:28 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ipnat.sys -- (IPNAT) DRV - [2008/01/19 01:56:28 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy) DRV - [2008/01/19 01:56:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi) DRV - [2008/01/19 01:56:23 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ipfltdrv.sys -- (IpFilterDriver) DRV - [2008/01/19 01:56:07 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\qwavedrv.sys -- (QWAVEdrv) DRV - [2008/01/19 01:55:50 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy) DRV - [2008/01/19 01:55:45 | 000,035,840 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\Windows\System32\drivers\netbios.sys -- (NetBIOS) DRV - [2008/01/19 01:55:41 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp) DRV - [2008/01/19 01:55:40 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ndisuio.sys -- (Ndisuio) DRV - [2008/01/19 01:55:19 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\irenum.sys -- (IRENUM) DRV - [2008/01/19 01:55:03 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr) DRV - [2008/01/19 01:55:03 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio) DRV - [2008/01/19 01:54:46 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv) DRV - [2008/01/19 01:53:40 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\umbus.sys -- (umbus) DRV - [2008/01/19 01:53:29 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbccgp.sys -- (usbccgp) DRV - [2008/01/19 01:53:20 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbuhci.sys -- (usbuhci) DRV - [2008/01/19 01:53:16 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\drmkaud.sys -- (drmkaud) DRV - [2008/01/19 01:53:04 | 000,083,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WUDFRd.sys -- (WUDFRd) DRV - [2008/01/19 01:52:19 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\monitor.sys -- (monitor) DRV - [2008/01/19 01:52:06 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\vgapnp.sys -- (vga) DRV - [2008/01/19 01:52:06 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave) DRV - [2008/01/19 01:49:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\fdc.sys -- (fdc) DRV - [2008/01/19 01:49:37 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\flpydisk.sys -- (flpydisk) DRV - [2008/01/19 01:49:20 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV) DRV - [2008/01/19 01:49:19 | 000,006,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mstee.sys -- (MSTEE) DRV - [2008/01/19 01:49:18 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt) DRV - [2008/01/19 01:49:18 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mspclock.sys -- (MSPCLOCK) DRV - [2008/01/19 01:49:18 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mspqm.sys -- (MSPQM) DRV - [2008/01/19 01:49:16 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sermouse.sys -- (sermouse) DRV - [2008/01/19 01:49:16 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mouhid.sys -- (mouhid) DRV - [2008/01/19 01:49:12 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\null.sys -- (Null) DRV - [2008/01/19 01:49:10 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\beep.sys -- (Beep) DRV - [2008/01/19 01:30:36 | 000,084,480 | ---- | M] (Microsoft Corporation) [File_System | Auto] -- C:\Windows\system32\drivers\luafv.sys -- (luafv) DRV - [2008/01/19 01:30:23 | 000,027,648 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace) DRV - [2008/01/19 01:28:09 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs) DRV - [2008/01/19 01:28:02 | 000,070,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs) DRV - [2008/01/19 01:27:21 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\intelppm.sys -- (intelppm) DRV - [2008/01/19 00:25:05 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R) DRV - [2007/05/18 03:19:35 | 000,025,784 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\msahci.sys -- (msahci) DRV - [2007/05/18 03:19:35 | 000,021,688 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\atapi.sys -- (atapi) DRV - [2007/05/18 03:19:35 | 000,020,152 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2007/05/18 03:19:35 | 000,019,128 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2007/05/18 03:19:35 | 000,018,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\amdide.sys -- (amdide) DRV - [2007/05/18 03:19:35 | 000,017,592 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\intelide.sys -- (intelide) DRV - [2007/05/18 03:19:35 | 000,017,592 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007/05/18 03:19:35 | 000,016,056 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\pciide.sys -- (pciide) DRV - [2007/05/18 03:19:11 | 000,242,688 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\rdpdr.sys -- (rdpdr) DRV - [2007/05/18 03:19:11 | 000,106,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\nv_agp.sys -- (nv_agp) DRV - [2007/05/18 03:19:11 | 000,058,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\uliagpkx.sys -- (uliagpkx) DRV - [2007/05/18 03:19:11 | 000,054,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\amdagp.sys -- (amdagp) DRV - [2007/05/18 03:19:11 | 000,054,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\viaagp.sys -- (viaagp) DRV - [2007/05/18 03:19:11 | 000,053,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\agp440.sys -- (agp440) DRV - [2007/05/18 03:19:11 | 000,053,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sisagp.sys -- (sisagp) DRV - [2007/05/18 03:19:11 | 000,047,208 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\isapnp.sys -- (isapnp) DRV - [2007/04/09 10:56:22 | 000,021,248 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2007/04/09 10:55:08 | 000,022,912 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2007/04/09 10:53:24 | 000,012,672 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2007/02/09 12:34:16 | 000,051,768 | ---- | M] (Roxio) [File_System | Auto] -- C:\Windows\System32\drivers\DRVNDDM.SYS -- (DRVNDDM) DRV - [2007/02/08 20:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System] -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M) DRV - [2007/02/08 20:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System] -- C:\Windows\System32\drivers\DLACDBHM.SYS -- (DLACDBHM) DRV - [2007/02/08 01:16:26 | 000,647,680 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2006/12/21 10:52:24 | 000,029,522 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Capt913D.sys -- (SQTECH913D) DRV - [2006/11/02 05:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006/11/02 05:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006/11/02 05:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006/11/02 05:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006/11/02 05:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006/11/02 05:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\pcmcia.sys -- (pcmcia) DRV - [2006/11/02 05:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006/11/02 05:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006/11/02 05:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006/11/02 05:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 05:50:17 | 000,080,488 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\msdsm.sys -- (msdsm) DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 05:50:16 | 000,078,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mpio.sys -- (mpio) DRV - [2006/11/02 05:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sbp2port.sys -- (sbp2port) DRV - [2006/11/02 05:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 05:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006/11/02 05:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006/11/02 05:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006/11/02 05:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006/11/02 05:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 05:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 05:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006/11/02 05:50:04 | 000,058,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\gagp30kx.sys -- (gagp30kx) DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 05:49:59 | 000,056,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\uagp35.sys -- (uagp35) DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 05:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006/11/02 05:49:49 | 000,027,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\i2omp.sys -- (i2omp) DRV - [2006/11/02 05:49:43 | 000,022,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk) DRV - [2006/11/02 05:49:38 | 000,019,560 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\wd.sys -- (Wd) DRV - [2006/11/02 05:49:32 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\compbatt.sys -- (Compbatt) DRV - [2006/11/02 05:04:35 | 000,878,080 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH) DRV - [2006/11/02 04:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\bthmodem.sys -- (BTHMODEM) DRV - [2006/11/02 04:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\hidbth.sys -- (HidBth) DRV - [2006/11/02 04:55:16 | 000,062,080 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ohci1394.sys -- (ohci1394) DRV - [2006/11/02 04:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR) DRV - [2006/11/02 04:55:08 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\circlass.sys -- (circlass) DRV - [2006/11/02 04:55:05 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\usbohci.sys -- (usbohci) DRV - [2006/11/02 04:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\hidir.sys -- (HidIr) DRV - [2006/11/02 04:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\wacompen.sys -- (WacomPen) DRV - [2006/11/02 04:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sfloppy.sys -- (sfloppy) DRV - [2006/11/02 04:51:40 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sffp_sd.sys -- (sffp_sd) DRV - [2006/11/02 04:51:40 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sffp_mmc.sys -- (sffp_mmc) DRV - [2006/11/02 04:51:38 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sffdisk.sys -- (sffdisk) DRV - [2006/11/02 04:51:30 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\serial.sys -- (Serial) DRV - [2006/11/02 04:51:30 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\parport.sys -- (Parport) DRV - [2006/11/02 04:51:25 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\serenum.sys -- (Serenum) DRV - [2006/11/02 04:51:23 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\Windows\system32\drivers\parvdm.sys -- (Parvdm) DRV - [2006/11/02 04:42:03 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ipmidrv.sys -- (IPMIDRV) DRV - [2006/11/02 04:35:03 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\wmiacpi.sys -- (WmiAcpi) DRV - [2006/11/02 04:30:19 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\viac7.sys -- (ViaC7) DRV - [2006/11/02 04:30:18 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\amdk8.sys -- (AmdK8) DRV - [2006/11/02 04:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\crusoe.sys -- (Crusoe) DRV - [2006/11/02 04:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\amdk7.sys -- (AmdK7) DRV - [2006/11/02 04:30:18 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\processr.sys -- (Processor) DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2006/11/02 03:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2006/11/02 03:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\Windows\System32\WINSOCK.DLL -- (Winsock) DRV - [2006/11/02 02:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv) DRV - [2006/10/26 16:22:02 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM) DRV - [2006/10/26 16:21:34 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM) DRV - [2006/10/26 16:21:34 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM) DRV - [2006/10/26 16:21:32 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M) DRV - [2006/10/26 16:21:30 | 000,026,296 | ---- | M] (Roxio) [File_System | Auto] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM) DRV - [2006/10/26 16:21:28 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM) DRV - [2006/10/26 16:21:26 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM) DRV - [2006/10/26 16:21:24 | 000,104,536 | ---- | M] (Roxio) [File_System | Auto] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M) DRV - [2006/10/18 14:09:26 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV) DRV - [2006/10/18 14:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2) DRV - [2006/10/18 14:08:04 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf) DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct) DRV - [2006/09/29 15:59:58 | 000,250,368 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor) DRV - [2006/08/17 15:43:52 | 000,007,424 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\Program Files\DellSupport\Drivers\dsunidrv.sys -- (dsunidrv) DRV - [2006/08/04 20:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2006/07/24 03:00:00 | 000,036,528 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\Windows\System32\drivers\pxhelp20.sys -- (PxHelp20) DRV - [2006/07/21 11:21:26 | 000,099,176 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\Windows\System32\drivers\DRVMCDB.SYS -- (DRVMCDB) DRV - [2006/06/19 17:26:58 | 000,012,672 | ---- | M] (Conexant) [Kernel | Auto] -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk) [color=#E56717]========== Standard Registry (All) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/ IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\Heidi_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKU\Heidi_ON_C\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKU\Heidi_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com IE - HKU\Heidi_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://yahoo.com/ [binary data] IE - HKU\Heidi_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://gmail.com/ IE - HKU\Heidi_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\Heidi_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) IE - HKU\Heidi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Heidi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\LocalService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) IE - HKU\NetworkService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\System32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Heidi\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Heidi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 16:40:21 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Users\Heidi\AppData\Roaming\Move Networks [2009/12/22 09:25:58 | 000,000,000 | -H-D | M] [2010/05/02 07:44:47 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Heidi\AppData\Roaming\Mozilla\Firefox\extensions [2010/05/02 07:44:47 | 000,000,000 | -H-D | M] (XfireXO Toolbar) -- C:\Users\Heidi\AppData\Roaming\Mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} O1 HOSTS File: ([2008/03/17 20:45:29 | 000,228,410 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.1001-search.info O1 - Hosts: 127.0.0.1 1001-search.info O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 8012 more lines... O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC) O3 - HKU\Heidi_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [Corel Photo Downloader] File not found O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKLM..\Run: [DLCXCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.DLL () O4 - HKLM..\Run: [dlcxmon.exe] C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe () O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( ) O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( ) O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Dell PC Fax\fm3032.exe () O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 926\memcard.exe () O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.) O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\Run: [DelayShred] File not found O4 - HKU\Heidi_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.) O4 - HKU\Heidi_ON_C..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKU\Heidi_ON_C..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation) O4 - HKU\Heidi_ON_C..\Run: [googletalk] C:\Users\Heidi\AppData\Roaming\Google\Google Talk\googletalk.exe (Google) O4 - HKU\Heidi_ON_C..\Run: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe () O4 - HKU\Heidi_ON_C..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - HKU\Heidi_ON_C..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKU\Heidi_ON_C..\Run: [Search Protection] File not found O4 - HKU\Heidi_ON_C..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) O4 - HKU\Heidi_ON_C..\Run: [Spino] File not found O4 - HKU\Heidi_ON_C..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKU\Heidi_ON_C..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation) O4 - HKU\Heidi_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\Heidi_ON_C..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - HKU\Heidi_ON_C..\Run: [xBuRdeRWhJWa.exe] File not found O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\.DEFAULT..\RunOnce: [DelayShred] File not found O4 - HKU\Heidi_ON_C..\RunOnce: [Shockwave Updater] File not found O4 - Startup: C:\Users\Heidi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Kuma_Tray.lnk = C:\Program Files\Animal Planet Games\kgsystray\Kuma_tray.exe () O4 - Startup: C:\Users\Heidi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control) O16 - DPF: {41F841C1-AE16-11D5-8817-0050DA6EF5E5} https://www.dentaquestgov.com/Services/SPR32X60.cab (FarPoint Spread 6.0) O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} http://archives.gametap.com/static/cab_headless/GameTapWebPlayer.cab (GameTap Player) O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} http://www.myheritage.com/Genoogle/Components/ActiveX/SearchEngineQuery.dll (CSEQueryObject Object) O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.122.0.cab (Battlefield Heroes Updater) O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab (Verizon Wireless Media Upload) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner) O16 - DPF: {C8AEB218-8B7A-4E15-AC17-0EE8D99B80EB} http://archives.gametap.com/static/cab_headless/GameTapWebUpdater.cab (GameTap Web Updater) O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} http://esis-app3.mesd.k12.or.us:7777/forms/jinitiator/jinit.exe (JInitiator 1.3.1.22) O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {FE5B9F54-7764-4C01-89F0-4862601EE954} http://photos.msn.com/resources/neutral/controls/DigWebX2.cab?10,0,910,0 (DigWebHelper Class) O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation) O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2012/01/29 07:36:44 | 000,000,027 | -HS- | M] () - D:\autorun.bak -- [ FAT ] O32 - AutoRun File - [2012/01/29 07:36:44 | 000,000,027 | -HS- | M] () - D:\autorun.inf.orig -- [ FAT ] O32 - AutoRun File - [2012/07/04 13:57:12 | 000,000,433 | -HS- | M] () - D:\autorun.inf -- [ FAT ] O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{2d8a3a85-1085-11dc-b04e-0019d1631bf8}\Shell - "" = AutoRun O33 - MountPoints2\{2d8a3a85-1085-11dc-b04e-0019d1631bf8}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{3ce2b06a-45f7-11dc-a21b-0019d1631bf8}\Shell - "" = AutoRun O33 - MountPoints2\{3ce2b06a-45f7-11dc-a21b-0019d1631bf8}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{8293326e-9ddd-11dd-9f0a-0019d1631bf8}\Shell\AutoRun\command - "" = H:\autorun.exe O33 - MountPoints2\{8293326e-9ddd-11dd-9f0a-0019d1631bf8}\Shell\phone\command - "" = H:\autorun.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/07/22 15:22:55 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012/07/02 15:09:33 | 000,000,000 | ---D | C] -- C:\Users\Heidi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Recovery [2012/07/02 07:20:55 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys [2012/07/02 07:20:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2012/07/02 07:20:32 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi [2012/07/02 07:20:30 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012/06/30 22:09:46 | 000,000,000 | -H-D | C] -- C:\Users\Heidi\AppData\Roaming\wargaming.net [2012/06/30 22:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks [2007/05/29 16:39:48 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\dlcxhcp.dll [2007/05/29 16:39:47 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlcxinpa.dll [2007/05/29 16:39:47 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcxiesc.dll [2007/05/29 16:39:46 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlcxusb1.dll [2007/05/29 16:39:45 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlcxserv.dll [2007/05/29 16:39:45 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlcxprox.dll [2007/05/29 16:39:44 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlcxpmui.dll [2007/05/29 16:39:44 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcxlmpm.dll [2007/05/29 16:39:44 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlcxpplc.dll [2007/05/29 16:39:43 | 000,380,928 | ---- | C] ( ) -- C:\Windows\System32\dlcxih.exe [2007/05/29 16:39:42 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcxhbn3.dll [2007/05/29 16:39:40 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcxcomc.dll [2007/05/29 16:39:40 | 000,532,480 | ---- | C] ( ) -- C:\Windows\System32\dlcxcoms.exe [2007/05/29 16:39:40 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcxcomm.dll [2007/05/29 16:39:39 | 000,381,832 | ---- | C] ( ) -- C:\Windows\System32\dlcxcfg.exe [64 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/07/27 16:10:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/07/02 15:09:35 | 000,000,256 | ---- | M] () -- C:\ProgramData\8YiLcmFFsOhOQD [2012/07/02 15:09:34 | 000,000,136 | ---- | M] () -- C:\ProgramData\-8YiLcmFFsOhOQDr [2012/07/02 15:09:34 | 000,000,000 | ---- | M] () -- C:\ProgramData\-8YiLcmFFsOhOQD [2012/07/02 15:09:33 | 000,000,633 | ---- | M] () -- C:\Users\Heidi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Data_Recovery.lnk [2012/07/02 15:09:15 | 000,255,736 | ---- | M] () -- C:\ProgramData\8YiLcmFFsOhOQD.exe [2012/07/02 15:08:28 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/07/02 15:08:05 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\FinalTorrent Update Checker.job [2012/07/02 15:02:15 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012/07/02 15:02:15 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012/07/02 15:02:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/07/02 14:43:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/07/02 12:36:10 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft [2012/07/02 12:22:09 | 000,346,872 | -H-- | M] () -- C:\ProgramData\xBuRdeRWhJWa.exe.vir [2012/07/02 07:20:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2012/06/30 22:09:04 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks [2012/06/28 12:25:42 | 000,089,600 | -H-- | M] () -- C:\Users\Heidi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [64 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/07/02 15:09:34 | 000,000,136 | ---- | C] () -- C:\ProgramData\-8YiLcmFFsOhOQDr [2012/07/02 15:09:34 | 000,000,000 | ---- | C] () -- C:\ProgramData\-8YiLcmFFsOhOQD [2012/07/02 15:09:33 | 000,000,633 | ---- | C] () -- C:\Users\Heidi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Data_Recovery.lnk [2012/07/02 15:09:30 | 000,000,256 | ---- | C] () -- C:\ProgramData\8YiLcmFFsOhOQD [2012/07/02 15:09:12 | 000,255,736 | ---- | C] () -- C:\ProgramData\8YiLcmFFsOhOQD.exe [2012/07/02 12:25:14 | 000,346,872 | -H-- | C] () -- C:\ProgramData\xBuRdeRWhJWa.exe.vir [2012/06/25 20:22:51 | 000,003,672 | ---- | C] () -- C:\Windows\System32\wbers.dat [2012/06/25 20:22:42 | 000,028,016 | ---- | C] () -- C:\Windows\System32\wbers.dat.dmp [2012/04/25 21:58:58 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2012/01/13 15:45:10 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat [2011/09/28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011/08/30 12:34:54 | 000,140,232 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2011/08/30 12:34:54 | 000,138,904 | -H-- | C] () -- C:\Users\Heidi\AppData\Roaming\PnkBstrK.sys [2011/08/30 12:34:39 | 000,283,416 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2011/08/30 12:34:33 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2010/12/29 11:29:48 | 000,870,128 | -H-- | C] () -- C:\Users\Heidi\AppData\Roaming\mcs.rma [2010/12/29 11:29:48 | 000,000,004 | -H-- | C] () -- C:\Users\Heidi\AppData\Roaming\B97458 [2010/12/25 08:10:51 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010/06/24 20:25:15 | 000,002,032 | -H-- | C] () -- C:\Users\Heidi\AppData\Local\d3d9caps.dat [2010/06/24 20:25:14 | 000,000,552 | -H-- | C] () -- C:\Users\Heidi\AppData\Local\d3d8caps.dat [2009/09/22 17:31:42 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009/09/22 17:31:41 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/09/22 17:30:59 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ncrypt.dll [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe [2009/06/11 10:19:32 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2009/02/18 20:53:43 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008/10/23 07:01:51 | 000,023,232 | -H-- | C] () -- C:\Users\Heidi\AppData\Roaming\wklnhst.dat [2008/09/11 07:08:20 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ssdpsrv.dll [2008/08/05 18:02:12 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2008/08/05 17:58:14 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll [2008/04/07 09:01:23 | 000,000,763 | ---- | C] () -- C:\Windows\MyHeritage.INI [2008/04/07 09:00:39 | 000,454,656 | ---- | C] () -- C:\Windows\System32\PaintX.dll [2008/02/05 17:49:04 | 000,002,097 | ---- | C] () -- C:\Windows\checkip.dat [2008/01/05 10:09:29 | 000,036,962 | ---- | C] () -- C:\Windows\System32\ActPanel.dll [2007/08/21 18:58:06 | 000,000,231 | ---- | C] () -- C:\Windows\SIERRA.INI [2007/08/02 09:12:20 | 000,049,152 | ---- | C] () -- C:\Windows\System32\VZWDLManager.dll [2007/07/03 20:47:42 | 000,000,192 | ---- | C] () -- C:\Windows\ka.ini [2007/07/02 10:26:35 | 000,024,206 | -H-- | C] () -- C:\Users\Heidi\AppData\Roaming\UserTile.png [2007/07/01 10:43:56 | 000,000,221 | ---- | C] () -- C:\Windows\PowerReg.dat [2007/06/01 18:27:46 | 000,000,896 | ---- | C] () -- C:\Windows\eReg.dat [2007/05/29 16:43:33 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlcxcoin.dll [2007/05/29 16:40:56 | 000,045,056 | ---- | C] () -- C:\Windows\System32\DLPRMON.DLL [2007/05/29 16:40:56 | 000,032,768 | ---- | C] () -- C:\Windows\System32\DLPMONUI.DLL [2007/05/29 16:39:48 | 000,274,432 | ---- | C] () -- C:\Windows\System32\dlcxinst.dll [2007/05/29 16:39:46 | 000,454,656 | ---- | C] () -- C:\Windows\System32\dlcxutil.dll [2007/05/29 16:39:43 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcxinsb.dll [2007/05/29 16:39:43 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcxins.dll [2007/05/29 16:39:43 | 000,139,264 | ---- | C] () -- C:\Windows\System32\dlcxjswr.dll [2007/05/29 16:39:43 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlcxinsr.dll [2007/05/29 16:39:42 | 000,188,416 | ---- | C] () -- C:\Windows\System32\dlcxgrd.dll [2007/05/29 16:39:41 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcxcub.dll [2007/05/29 16:39:41 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcxcur.dll [2007/05/29 16:39:40 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcxcu.dll [2007/05/29 16:39:38 | 000,073,728 | ---- | C] () -- C:\Windows\System32\DLCXcfg.dll [2007/05/23 17:15:49 | 000,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL [2007/05/23 17:15:48 | 000,000,473 | ---- | C] () -- C:\Windows\wininit.ini [2007/05/23 17:13:54 | 000,000,093 | -H-- | C] () -- C:\Users\Heidi\AppData\Local\fusioncache.dat [2007/05/23 17:04:25 | 000,089,600 | -H-- | C] () -- C:\Users\Heidi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/05/17 19:48:05 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2007/05/17 19:32:52 | 000,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll [2007/05/17 19:32:52 | 000,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll [2007/05/17 19:32:52 | 000,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini [2006/11/10 09:26:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2006/11/07 15:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini [2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 08:47:37 | 000,457,016 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 06:33:01 | 000,650,910 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 06:33:01 | 000,123,424 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006/09/22 07:42:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dlcxcaps.dll [2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll [2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll [2006/08/08 15:58:04 | 000,692,224 | ---- | C] () -- C:\Windows\System32\dlcxdrs.dll [2006/04/24 15:09:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlcxvs.dll [2006/03/19 20:03:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlcxcnv4.dll [1997/06/13 21:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll [color=#E56717]========== LOP Check ==========[/color] [2012/07/01 10:07:54 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\.minecraft [2008/03/31 19:40:14 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\Boomzap [2011/04/02 13:06:40 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\Catalina Marketing Corp [2011/01/11 18:15:31 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011/07/23 20:24:32 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\FinalTorrent [2012/05/26 17:10:40 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\Firefly Studios [2007/07/01 20:11:50 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\Gaijin Ent [2008/09/27 10:37:13 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\GetRightToGo [2007/06/25 16:15:33 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\iWin [2011/12/04 12:53:31 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\Kuma Games [2011/10/18 21:31:02 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\MinMaxGames [2011/12/09 16:29:16 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\mjusbsp [2011/10/15 21:12:07 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\mm [2011/09/17 11:52:10 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\My Games [2008/08/20 19:06:39 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\PeerNetworking [2012/04/09 14:08:29 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\Petroglyph [2007/06/21 16:31:30 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\PlayFirst [2008/03/25 19:33:31 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\PTV Game [2012/06/07 17:25:56 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\RotMG.Production [2012/02/26 13:51:12 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\SoftGrid Client [2012/01/13 15:55:01 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\TechWizard [2007/06/11 15:41:59 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\Template [2008/11/04 11:18:48 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\The Complete Genealogy Reporter - FTB [2012/06/25 13:13:51 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\The Creative Assembly [2012/02/20 21:31:43 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\TP [2012/07/01 14:20:16 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\wargaming.net [2012/06/22 18:59:44 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\Warner Bros. Interactive Entertainment [2011/02/09 19:15:30 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\wb [2012/06/11 05:50:54 | 000,000,000 | -H-D | M] -- C:\Users\Heidi\AppData\Roaming\WildTangent [2010/02/20 18:07:47 | 000,000,000 | -H-D | M] -- C:\ProgramData\Age of Empires 3 [2007/05/23 16:54:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data [2007/05/23 16:54:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop [2007/05/23 16:54:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents [2012/05/18 16:06:08 | 000,000,000 | -H-D | M] -- C:\ProgramData\F4D55EFF00015C5D000AB29D570F1C8B [2007/05/23 16:54:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites [2007/05/28 19:18:27 | 000,000,000 | -H-D | M] -- C:\ProgramData\HipSoft [2011/10/07 22:35:34 | 000,000,000 | -H-D | M] -- C:\ProgramData\InstallMate [2011/07/27 12:37:28 | 000,000,000 | -H-D | M] -- C:\ProgramData\magicJack [2007/06/21 16:31:30 | 000,000,000 | -H-D | M] -- C:\ProgramData\PlayFirst [2011/12/18 21:01:12 | 000,000,000 | -H-D | M] -- C:\ProgramData\PMB Files [2011/10/07 22:30:31 | 000,000,000 | -H-D | M] -- C:\ProgramData\Premium [2007/11/21 17:00:47 | 000,000,000 | -H-D | M] -- C:\ProgramData\PrettyGoodGames [2010/12/25 08:11:51 | 000,000,000 | -H-D | M] -- C:\ProgramData\Samsung [2008/06/04 20:41:28 | 000,000,000 | -H-D | M] -- C:\ProgramData\Sony Online Entertainment [2008/04/12 19:23:11 | 000,000,000 | -H-D | M] -- C:\ProgramData\SpinTop Games [2007/05/23 16:54:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu [2008/01/29 20:08:46 | 000,000,000 | -H-D | M] -- C:\ProgramData\SupportSoft [2011/08/14 10:27:45 | 000,000,000 | -H-D | M] -- C:\ProgramData\Tarma Installer [2009/11/29 10:07:12 | 000,000,000 | -H-D | M] -- C:\ProgramData\TEMP [2007/05/23 16:54:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates [2012/02/20 21:32:36 | 000,000,000 | -H-D | M] -- C:\ProgramData\Virtualized Applications [2011/04/01 20:06:48 | 000,000,000 | -H-D | M] -- C:\ProgramData\VirtualizedApplications [2011/07/23 20:00:11 | 000,000,000 | -H-D | M] -- C:\ProgramData\W3i [2012/06/11 05:45:54 | 000,000,000 | -H-D | M] -- C:\ProgramData\WildTangent [2011/05/31 15:55:00 | 000,000,000 | -H-D | M] -- C:\ProgramData\WindowsSearch [2008/09/28 11:02:29 | 000,000,000 | -H-D | M] -- C:\ProgramData\YAHOO [2010/11/26 12:37:57 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009/09/26 11:05:34 | 000,000,000 | -H-D | M] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009/07/30 11:10:11 | 000,000,000 | -H-D | M] -- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2012/07/02 15:08:05 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\FinalTorrent Update Checker.job [2012/07/02 13:00:26 | 000,032,546 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2007/05/18 03:19:11 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\drivers\AGP440.sys [2007/05/18 03:19:11 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_8ed06b47\AGP440.sys [2007/05/18 03:19:11 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16400_none_b82caac9c18a4e3b\AGP440.sys [2007/05/18 03:19:11 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=BF34B4A0E0B64440C5389AA6B902F4AD -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20496_none_b85af81edaeb8461\AGP440.sys [2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008/01/19 03:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008/01/19 03:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006/11/02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2007/05/18 03:19:41 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=5653737BAD8C6C10136451C195C19881 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20485_none_db8a029f3dbd443b\atapi.sys [2007/05/18 03:19:35 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\System32\drivers\atapi.sys [2007/05/18 03:19:35 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_5a9555b4\atapi.sys [2007/05/18 03:19:35 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20509_none_dbe4850d3d78c736\atapi.sys [2007/05/18 03:19:41 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_82339ef2\atapi.sys [2007/05/18 03:19:41 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16391_none_daf194c024ab5b06\atapi.sys [2008/02/13 17:35:02 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys [2008/02/13 17:35:02 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys [2008/02/13 17:35:01 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_64dfd8ea\atapi.sys [2008/02/13 17:35:01 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2008/10/29 23:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2007/11/15 06:56:04 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe [2007/11/15 06:56:04 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008/10/27 22:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2006/11/02 05:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe [2008/01/19 03:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe [color=#A23BEC]< MD5 for: IASTOR.SYS >[/color] [2006/09/29 13:16:20 | 000,495,896 | ---- | M] (Intel Corporation) MD5=C212BE4F068A02E54EB0CF6F5B23569B -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys [2006/09/29 15:59:58 | 000,250,368 | -H-- | M] (Intel Corporation) MD5=E9F704CA833BD24BFAA3B4A59707633A -- C:\Drivers\storage\R139843\iaStor.sys [2006/09/29 11:59:58 | 000,250,368 | ---- | M] (Intel Corporation) MD5=E9F704CA833BD24BFAA3B4A59707633A -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\iaStor.sys [2006/09/29 15:59:58 | 000,250,368 | ---- | M] (Intel Corporation) MD5=E9F704CA833BD24BFAA3B4A59707633A -- C:\Windows\System32\drivers\iaStor.sys [2006/09/29 15:59:58 | 000,250,368 | ---- | M] (Intel Corporation) MD5=E9F704CA833BD24BFAA3B4A59707633A -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_6a23f079\iaStor.sys [2006/09/29 15:59:58 | 000,250,368 | ---- | M] (Intel Corporation) MD5=E9F704CA833BD24BFAA3B4A59707633A -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_0afadd92\iaStor.sys [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2008/01/19 03:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008/01/19 03:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys [2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2006/11/02 05:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll [2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008/01/19 03:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll [color=#A23BEC]< MD5 for: NTOSKRNL.EXE >[/color] [2008/09/18 00:35:07 | 003,470,904 | ---- | M] (Microsoft Corporation) MD5=03279407E78F76BA1131DAB35A5E55C0 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_6a18166cb7216faf\ntoskrnl.exe [2009/08/05 10:10:22 | 003,548,216 | ---- | M] (Microsoft Corporation) MD5=09C5FB44F152EFF551A112C931DDE640 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b\ntoskrnl.exe [2007/11/15 06:56:07 | 003,471,032 | ---- | M] (Microsoft Corporation) MD5=0E8F7801D17C7437CEE216099B975163 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16551_none_6a1511c2b724295c\ntoskrnl.exe [2010/10/15 10:08:12 | 003,550,096 | ---- | M] (Microsoft Corporation) MD5=1ACD7FC485D0E0FF9097E08900D834CC -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_6e08411ab1533fb9\ntoskrnl.exe [2008/09/18 00:27:44 | 003,472,952 | ---- | M] (Microsoft Corporation) MD5=1E09CE4D9BB7B6521FB023CAE2E55F63 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_6abf2403d0296cc8\ntoskrnl.exe [2008/09/18 01:09:09 | 003,549,240 | ---- | M] (Microsoft Corporation) MD5=1FD3E8BFFD38F9B145E4B2B238B692F7 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_6c0a2548b43efe06\ntoskrnl.exe [2009/12/08 16:52:16 | 003,546,200 | ---- | M] (Microsoft Corporation) MD5=20D040ECE9A8F578D1D938256F34B663 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18377_none_6bebb9e4b4557ed5\ntoskrnl.exe [2008/04/26 04:11:33 | 003,549,240 | ---- | M] (Microsoft Corporation) MD5=22D444D3D88A4C299894B3638A114BF7 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_6c8020e9cd6b0b39\ntoskrnl.exe [2009/12/08 18:29:12 | 003,469,912 | ---- | M] (Microsoft Corporation) MD5=2972EEF8E834883EEC7C1995639341EF -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21175_none_6a8cef97d04e8e42\ntoskrnl.exe [2007/12/12 16:45:46 | 003,470,520 | ---- | M] (Microsoft Corporation) MD5=2D202D94C6D0EC6B1483D2D47016FA0A -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16575_none_6a037312b730c69a\ntoskrnl.exe [2007/12/12 16:45:46 | 003,472,056 | ---- | M] (Microsoft Corporation) MD5=2DF67260DD3167402ABC14DC11112686 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20697_none_6a797099d05cd0f4\ntoskrnl.exe [2010/02/18 10:21:55 | 003,550,088 | ---- | M] (Microsoft Corporation) MD5=31289DD6914686D088582EED4B43F826 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_6e763a6bca868234\ntoskrnl.exe [2009/03/03 00:24:50 | 003,469,280 | ---- | M] (Microsoft Corporation) MD5=3910FE042C707E6BACD0FEC5AB9ECDE6 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_6a29b702b714cf98\ntoskrnl.exe [2009/03/03 00:46:01 | 003,547,632 | ---- | M] (Microsoft Corporation) MD5=393BB8FE05D66ABA7B091E6032179272 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_6c20c750b42ddca2\ntoskrnl.exe [2009/08/05 13:15:59 | 003,547,736 | ---- | M] (Microsoft Corporation) MD5=3EEEDCCFB587BCB0E2DE075332498C11 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e\ntoskrnl.exe [2009/08/05 10:28:44 | 003,467,864 | ---- | M] (Microsoft Corporation) MD5=4765C66A89E7151626FF3545B01D2601 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243\ntoskrnl.exe [2010/06/08 12:47:40 | 003,548,552 | ---- | M] (Microsoft Corporation) MD5=47DB9968B8CF2031C46007F42CCE2437 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_6cc10bd5cd3a527d\ntoskrnl.exe [2007/08/29 17:26:28 | 003,470,008 | ---- | M] (Microsoft Corporation) MD5=4F2488EC5D0EBFE868F47681BCF315D3 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16514_none_6a435250b701059d\ntoskrnl.exe [2009/08/05 10:22:41 | 003,546,184 | ---- | M] (Microsoft Corporation) MD5=5302026B0FADB0819009798D3F6BCD77 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39\ntoskrnl.exe [2009/08/04 08:34:19 | 003,548,216 | ---- | M] (Microsoft Corporation) MD5=575DD16BF4C21C2F7E2BBE203AC1E957 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137\ntoskrnl.exe [2010/02/18 10:49:31 | 003,545,992 | ---- | M] (Microsoft Corporation) MD5=6025E5530E2C43E1983CC8B840DF2108 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_6c21cb66b42cf047\ntoskrnl.exe [2009/12/08 16:01:02 | 003,548,216 | ---- | M] (Microsoft Corporation) MD5=664CA09C523FAB9D01BE6C4028C1B58B -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18160_none_6dd5fb98b17a03ce\ntoskrnl.exe [2008/01/19 03:43:47 | 003,548,728 | ---- | M] (Microsoft Corporation) MD5=6700F35EBA206E5C89AC27C9A124DC01 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_6c3061a0b4231268\ntoskrnl.exe [2009/04/11 02:32:49 | 003,549,672 | ---- | M] (Microsoft Corporation) MD5=6798DBF3F25721637AEF5B6C69911C9C -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_6e1bdaacb144ddb4\ntoskrnl.exe [2009/03/03 00:22:43 | 003,471,328 | ---- | M] (Microsoft Corporation) MD5=808C86316AED98716C5F305A6265F393 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_6ac0fcb9d027d2b8\ntoskrnl.exe [2006/11/02 05:51:48 | 003,467,880 | ---- | M] (Microsoft Corporation) MD5=883D5B644BFA3DC7298D4731B13AF499 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16386_none_69f99fa4b7380194\ntoskrnl.exe [2010/10/15 10:08:12 | 003,552,144 | ---- | M] (Microsoft Corporation) MD5=8B5EEAA99965E26C3FBB9FAC8BD3B6A1 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_6ea57f0fca62721a\ntoskrnl.exe [2007/08/29 17:26:29 | 003,470,520 | ---- | M] (Microsoft Corporation) MD5=99B743BE7149970EB8D9C48FB0A41BF7 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20629_none_6ac720a1d022400b\ntoskrnl.exe [2007/11/15 06:56:07 | 003,471,544 | ---- | M] (Microsoft Corporation) MD5=9E6991F557248A5E6E742D1081583969 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20670_none_6a880e6bd052e7b1\ntoskrnl.exe [2008/02/13 17:35:02 | 003,470,392 | ---- | M] (Microsoft Corporation) MD5=A0BF353A68B434F2BBFF238FEEB51486 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16584_none_69f7a2dcb739c934\ntoskrnl.exe [2010/10/15 10:08:12 | 003,548,048 | ---- | M] (Microsoft Corporation) MD5=A573338BDCED710795C618EA5FCF48D5 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_6c17fdaab43422b6\ntoskrnl.exe [2010/02/18 10:07:05 | 003,548,040 | ---- | M] (Microsoft Corporation) MD5=A5D0B405442724448D23D61821BEA92A -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_6e1fdfa0b1413d5e\ntoskrnl.exe [2008/02/13 17:35:02 | 003,471,928 | ---- | M] (Microsoft Corporation) MD5=B23072AE0FD60A2BE57FD48F81DDB5BB -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20707_none_6adac1cbd013d2a2\ntoskrnl.exe [2012/04/03 04:16:12 | 003,552,640 | ---- | M] (Microsoft Corporation) MD5=B9907DD4BE7B1B39573BF66554AB224E -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_6e8113d5ca7e5806\ntoskrnl.exe [2012/04/03 04:16:11 | 003,550,080 | ---- | M] (Microsoft Corporation) MD5=BA4C485548914034B471EB6FC2B50082 -- C:\Windows\System32\ntoskrnl.exe [2012/04/03 04:16:11 | 003,550,080 | ---- | M] (Microsoft Corporation) MD5=BA4C485548914034B471EB6FC2B50082 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18607_none_6e1de6a4b142ff4c\ntoskrnl.exe [2011/06/20 04:54:36 | 003,552,144 | ---- | M] (Microsoft Corporation) MD5=BF4B9F40116DF26B2FC7C20CB69B9D9A -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22662_none_6e61a08fca95cae2\ntoskrnl.exe [2010/02/18 13:36:43 | 003,548,560 | ---- | M] (Microsoft Corporation) MD5=C5759C9345A06EE52C7F5ECCF685CA6D -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_6c9f99e1cd538fd2\ntoskrnl.exe [2010/06/08 14:04:17 | 003,550,600 | ---- | M] (Microsoft Corporation) MD5=C5AB434D0C8FA38EAD136FB29E2504B7 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_6e8adbdfca772e22\ntoskrnl.exe [2011/06/20 04:54:36 | 003,550,096 | ---- | M] (Microsoft Corporation) MD5=C73E0BEB5062C94B68581642304F7BB4 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18484_none_6dc4629ab1869881\ntoskrnl.exe [2011/10/27 04:01:53 | 003,550,080 | ---- | M] (Microsoft Corporation) MD5=C7D1507B837BC41D13D6EAC31A032AE3 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18533_none_6df973d2b15ef09c\ntoskrnl.exe [2008/04/26 04:25:54 | 003,549,240 | ---- | M] (Microsoft Corporation) MD5=C9CD31B3CBA8134F2B47FB5E78376ACC -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_6bf282f6b4510613\ntoskrnl.exe [2009/12/08 16:54:53 | 003,467,848 | ---- | M] (Microsoft Corporation) MD5=CD2EEBFA39E742C8C066CCE09382A19B -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16973_none_6a017a16b7328888\ntoskrnl.exe [2009/12/08 16:36:58 | 003,548,760 | ---- | M] (Microsoft Corporation) MD5=D32E95B17477E183F6019A99BE799BA9 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22577_none_6c755895cd731bc6\ntoskrnl.exe [2010/06/08 13:00:41 | 003,545,992 | ---- | M] (Microsoft Corporation) MD5=D5FA5D17F03E6D39E1A12431DD6F2A39 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_6be1ec28b45cb144\ntoskrnl.exe [2009/08/05 10:10:15 | 003,469,896 | ---- | M] (Microsoft Corporation) MD5=D8DCA438CE571DB20BD8C4915CAC0760 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f\ntoskrnl.exe [2011/10/27 04:01:53 | 003,552,640 | ---- | M] (Microsoft Corporation) MD5=D91407C7DF48B369E35E9E1426563EFA -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22732_none_6e821239ca7d7436\ntoskrnl.exe [2012/03/06 02:39:00 | 003,550,080 | ---- | M] (Microsoft Corporation) MD5=D960F9E1FCA0C86387E806D9AED319FB -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18595_none_6dba94deb18dcaf0\ntoskrnl.exe [2010/02/18 10:54:03 | 003,468,168 | ---- | M] (Microsoft Corporation) MD5=DC44BF78DEB87B7737D0D29B5B8EDAE3 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_6a356140b70bfd67\ntoskrnl.exe [2008/09/18 00:54:49 | 003,549,752 | ---- | M] (Microsoft Corporation) MD5=DEA801F2D9FD1DB35ED6B9BC4A6657F1 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_6c822363cd693b0e\ntoskrnl.exe [2009/03/03 00:37:19 | 003,548,656 | ---- | M] (Microsoft Corporation) MD5=DFF34C5D66AB4BF1EED47BF19D1267BB -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_6c6c8571cd797017\ntoskrnl.exe [2010/10/15 10:08:12 | 003,550,608 | ---- | M] (Microsoft Corporation) MD5=F276ABE13DD0BA1024A42A443E47A4A2 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_6c755c61cd731614\ntoskrnl.exe [2010/06/08 13:35:04 | 003,548,040 | ---- | M] (Microsoft Corporation) MD5=F2BEE482023F146CF85EBB15B9E1CD35 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_6ddcff84b173b256\ntoskrnl.exe [2010/02/18 10:34:36 | 003,470,216 | ---- | M] (Microsoft Corporation) MD5=F8BEC470EAA8621751F739585C5871CD -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_6ac40163d025190b\ntoskrnl.exe [2009/12/08 16:14:53 | 003,550,264 | ---- | M] (Microsoft Corporation) MD5=FB82B0147B7D93379B68F8A6A5828C70 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22283_none_6e4cf969caa5277f\ntoskrnl.exe [2012/03/06 02:39:00 | 003,552,640 | ---- | M] (Microsoft Corporation) MD5=FEA4425645424D66DCCC6CD3F417A40D -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22811_none_6e96b3adca6e2024\ntoskrnl.exe [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys [2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008/01/19 03:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008/01/19 03:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2008/01/19 03:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2006/11/02 05:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll [2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll [color=#A23BEC]< MD5 for: SERVICES.EXE >[/color] [2008/01/19 03:33:28 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe [2006/11/02 05:45:40 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=329CF3C97CE4C19375C8ABCABAE258B0 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe [2009/04/11 02:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe [2009/04/11 02:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2008/01/19 03:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008/01/19 03:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [2006/11/02 05:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe [color=#A23BEC]< MD5 for: UXTHEME.DLL >[/color] [2008/01/19 03:36:47 | 000,240,128 | ---- | M] (Microsoft Corporation) MD5=999D69DEB576C2C424294DF025891CC6 -- C:\Windows\System32\uxtheme.dll [2008/01/19 03:36:47 | 000,240,128 | ---- | M] (Microsoft Corporation) MD5=999D69DEB576C2C424294DF025891CC6 -- C:\Windows\winsxs\x86_microsoft-windows-uxtheme_31bf3856ad364e35_6.0.6001.18000_none_a5e49ad4068f9b12\uxtheme.dll [2006/11/02 05:46:13 | 000,240,640 | ---- | M] (Microsoft Corporation) MD5=E340D47578B8CB8A86D3578EA50A3B83 -- C:\Windows\winsxs\x86_microsoft-windows-uxtheme_31bf3856ad364e35_6.0.6000.16386_none_a3add8d809a48a3e\uxtheme.dll [color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color] [2006/11/02 05:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys [2009/04/11 02:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\drivers\volsnap.sys [2009/04/11 02:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys [2009/04/11 02:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys [2008/01/09 18:09:07 | 000,211,000 | ---- | M] (Microsoft Corporation) MD5=327639D2EC931B057F3826A51ADC73E9 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6000.20709_none_146318401803edb5\volsnap.sys [2008/01/09 18:09:07 | 000,211,000 | ---- | M] (Microsoft Corporation) MD5=80DC0C9BCB579ED9815001A4D37CBFD5 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_f47b2c78\volsnap.sys [2008/01/09 18:09:07 | 000,211,000 | ---- | M] (Microsoft Corporation) MD5=80DC0C9BCB579ED9815001A4D37CBFD5 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6000.16586_none_137ff950ff29e447\volsnap.sys [2008/01/19 03:42:48 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys [2008/01/19 03:42:48 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2006/11/02 05:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe [2008/01/19 03:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe [color=#A23BEC]< C:\*.* >[/color] [2007/11/06 19:56:53 | 000,000,035 | ---- | M] () -- C:\aa.txt [2009/04/19 13:33:30 | 000,000,000 | ---- | M] () -- C:\AILog.txt [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/04/11 02:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2006/11/10 09:22:24 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2007/05/18 03:20:49 | 000,005,245 | RH-- | M] () -- C:\dell.sdr [2010/02/23 16:26:25 | 000,000,629 | ---- | M] () -- C:\dlcx.log [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt [2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt [2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt [2011/05/24 17:01:07 | 000,000,000 | ---- | M] () -- C:\extensions.sqlite [2009/03/06 08:45:37 | 000,000,471 | ---- | M] () -- C:\faxend.log [2009/03/06 08:45:36 | 000,000,242 | ---- | M] () -- C:\faxendPdoc.log [2009/03/06 08:45:36 | 000,000,365 | ---- | M] () -- C:\faxfile.log [2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini [2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe [2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini [2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll [2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll [2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll [2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll [2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll [2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll [2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll [2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll [2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll [2007/06/01 18:21:23 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2007/06/01 18:21:23 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008/08/17 12:02:58 | 000,000,827 | ---- | M] () -- C:\net_save.dna [2008/11/10 17:55:44 | 000,000,439 | ---- | M] () -- C:\nsinst.log [2010/05/18 15:21:05 | 000,000,217 | ---- | M] () -- C:\NTDClient.log [2012/07/27 16:09:58 | 2459,127,808 | -HS- | M] () -- C:\pagefile.sys [2007/05/17 19:53:39 | 000,000,087 | ---- | M] () -- C:\SystemInfo.ini [2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp [2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab [2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI [2008/11/26 12:42:36 | 000,000,162 | ---- | M] () -- C:\YServer.txt [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 191 bytes -> C:\ProgramData\TEMP:238AA907 @Alternate Data Stream - 162 bytes -> C:\ProgramData\TEMP:D455373F @Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:C4532973 < End of report >