Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I ran Malware and I am still haveing problems with UDISK Assistant.lnk


  • Please log in to reply

#1
gerjamr97

gerjamr97

    New Member

  • Member
  • Pip
  • 2 posts
When I boot my computer I ger an error message saying.........

Windows cannot open this file: File: UDisk Assistant.lnk.disabled

To open this file, Windows needs to know what program created it.

How do I enable UDisk Assistant.lnk?

I ran OTL, RootLogs, and Malwarebytes', the problem is still happening.


OTL logfile created on: 8/15/2009 2:47:35 AM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Jim\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

758.42 Mb Total Physical Memory | 241.50 Mb Available Physical Memory | 31.84% Memory free
1.44 Gb Paging File | 0.95 Gb Available in Paging File | 66.40% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.52 Gb Total Space | 38.14 Gb Free Space | 54.87% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Unable to calculate disk information.
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LAPTOP
Current User Name: Jim
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2006/08/02 01:39:20 | 00,434,176 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2006/08/02 01:31:22 | 00,937,984 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2002/09/12 03:16:04 | 00,053,248 | ---- | M] (ActivCard S.A.) -- C:\Program Files\Common Files\ActivCard\acautoreg.exe
PRC - [2002/08/12 12:54:58 | 00,159,744 | ---- | M] (ActivCard) -- C:\Program Files\Common Files\ActivCard\accoca.exe
PRC - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2006/01/09 13:56:04 | 00,049,152 | ---- | M] () -- C:\WINDOWS\System32\LxrSII1s.exe
PRC - [2008/01/09 15:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2008/01/25 01:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2007/08/15 12:36:04 | 00,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2007/07/24 12:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2007/07/18 12:54:42 | 00,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MPFSrv.exe
PRC - [2006/08/02 01:24:22 | 00,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2006/09/28 21:18:00 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2006/08/11 20:09:18 | 00,176,128 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2005/02/09 13:43:50 | 00,270,336 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2005/02/22 20:37:58 | 00,106,496 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxext.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007/11/01 18:12:38 | 00,582,992 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2003/11/07 20:21:28 | 00,114,688 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2005/01/14 20:18:18 | 00,184,320 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2005/01/14 17:43:28 | 00,151,552 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
PRC - [2005/01/31 14:10:44 | 00,192,512 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
PRC - [2002/08/29 06:07:06 | 00,131,072 | ---- | M] (ActivCard S.A.) -- C:\Program Files\ActivCard\ActivCard Gold\agquickp.exe
PRC - [2005/03/23 14:28:16 | 14,202,368 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009/07/13 14:03:10 | 00,292,128 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/06/29 14:46:44 | 37,408,768 | ---- | M] (PC Utility, Inc.) -- C:\Program Files\PCTuneUp\PCTuneUp.exe
PRC - [2006/02/19 05:21:22 | 00,288,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2003/02/26 14:08:42 | 00,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apntex.exe
PRC - [2006/05/10 10:23:48 | 00,069,673 | ---- | M] () -- C:\Program Files\Magentic\bin\MgApp.exe
PRC - [2005/02/09 09:43:58 | 00,143,360 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
PRC - [2006/02/10 08:56:12 | 00,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [2006/02/19 06:24:52 | 00,239,320 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
PRC - [2009/07/13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2007/12/05 10:04:10 | 00,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/08/15 02:44:20 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jim\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2002/09/12 03:16:04 | 00,053,248 | ---- | M] (ActivCard S.A.) -- C:\Program Files\Common Files\ActivCard\acautoreg.exe -- (acautoreg [Auto | Running])
SRV - [2002/08/12 12:54:58 | 00,159,744 | ---- | M] (ActivCard) -- C:\Program Files\Common Files\ActivCard\accoca.exe -- (Accoca [Auto | Running])
SRV - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2004/10/23 06:16:36 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2006/08/02 01:39:20 | 00,434,176 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng [Auto | Running])
SRV - [2008/05/25 19:25:30 | 00,137,200 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2004/10/16 06:31:06 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\System32\spool\drivers\w32x86\3\HPBOID.EXE -- (HP Status Server [On_Demand | Stopped])
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2005/02/15 01:30:02 | 00,032,768 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment [On_Demand | Stopped])
SRV - [2009/07/13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2006/01/09 13:56:04 | 00,049,152 | ---- | M] () -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s [Auto | Running])
SRV - [2008/01/09 15:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc [Auto | Running])
SRV - [2008/01/25 01:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc [Auto | Running])
SRV - [2007/11/07 09:35:40 | 00,378,184 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS [On_Demand | Stopped])
SRV - [2007/08/15 12:36:04 | 00,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy [Auto | Running])
SRV - [2007/07/24 12:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield [Unknown | Running])
SRV - [2007/12/05 10:04:10 | 00,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon [On_Demand | Running])
SRV - [2007/07/18 12:54:42 | 00,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService [Auto | Running])
SRV - [2006/12/14 03:21:20 | 00,045,056 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV [On_Demand | Stopped])
SRV - [2005/02/17 18:31:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Stopped])
SRV - [2003/07/28 16:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/12/14 02:46:16 | 00,057,344 | ---- | M] () -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR [On_Demand | Stopped])
SRV - [2007/08/09 03:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Stopped])
SRV - [2006/08/02 01:24:22 | 00,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc [Auto | Running])
SRV - [2006/09/28 21:18:00 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2006/08/02 01:31:22 | 00,937,984 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor [Auto | Running])
SRV - [2006/12/14 03:02:08 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV [On_Demand | Stopped])
SRV - [2005/02/09 09:43:58 | 00,143,360 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe -- (VAIO Entertainment Aggregation and Control Service [On_Demand | Running])
SRV - [2005/02/10 16:44:04 | 00,397,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe -- (VAIO Entertainment Task Scheduler [On_Demand | Stopped])
SRV - [2005/02/09 13:43:52 | 00,073,728 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service [On_Demand | Stopped])
SRV - [2006/08/11 20:09:18 | 00,176,128 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service [Auto | Running])
SRV - [2006/06/12 15:09:00 | 01,953,792 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer [On_Demand | Stopped])
SRV - [2005/01/14 19:21:32 | 00,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP [On_Demand | Stopped])
SRV - [2006/05/22 13:34:12 | 00,770,048 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP [On_Demand | Stopped])
SRV - [2006/05/17 18:19:26 | 00,155,648 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway [On_Demand | Stopped])
SRV - [2005/02/09 13:43:50 | 00,270,336 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw [On_Demand | Running])
SRV - [2005/02/09 13:43:52 | 00,167,936 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc [Auto | Stopped])
SRV - [2005/02/09 13:43:52 | 00,135,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw [Auto | Stopped])
SRV - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,AutoSearch = http://ie.search.msn...autosearch.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/07/15 08:43:50 | 00,000,000 | ---D | M]


O1 HOSTS File: (288517 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 9942 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickPassword] C:\Program Files\ActivCard\ActivCard Gold\agquickp.exe (ActivCard S.A.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation)
O4 - HKLM..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)
O4 - HKLM..\Run: [VAIO Update 2] C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe (Sony Corporation)
O4 - HKLM..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe (Sony Corporation)
O4 - HKCU..\Run: [Magentic] C:\Program Files\Magentic\bin\Magentic.exe ()
O4 - HKCU..\Run: [PCTuneUp] C:\Program Files\PCTuneUp\PCTuneUp.exe (PC Utility, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\UDisk Assistant.lnk.disabled ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSecCPL = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDevMgrPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoConfigPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVirtMemPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoFileSysPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoNetSetup = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoNetSetupIDPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoNetSetupSecurityPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoWorkgroupContents = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoEntireNetwork = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoFileSharingControl = 0
O8 - Extra context menu item: &Search - File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 50 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: usmc.mil ([www.webmail.us] https in Trusted sites)
O15 - HKCU\..Trusted Domains: 51 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.micr...veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo.walgree...eensActivia.cab (Snapfish Activia)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcaf...01/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/.../GrooveAX27.cab (Groove Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcaf...,26/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://a532.g.akamai...l/installer.exe (Virtools WebPlayer Class)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcaf...600/mcfscan.cab (McFreeScan Class)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\x-excid {9D6CC632-1337-4a33-9214-2DA092E776F4} - Reg Error: Key error. File not found
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (acgina.dll) - C:\WINDOWS\System32\acgina.dll (ActivCard S.A.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O20 - Winlogon\Notify\WRNotifier: DllName - WRLogonNTF.dll - File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/03/09 16:37:07 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{a526495f-ca54-11db-81c4-0013ce09ff65}\Shell - "" = AutoRun
O33 - MountPoints2\{a526495f-ca54-11db-81c4-0013ce09ff65}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a526495f-ca54-11db-81c4-0013ce09ff65}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{fe2b74c2-dfe4-11dd-835f-0013ce09ff65}\Shell - "" = AutoRun
O33 - MountPoints2\{fe2b74c2-dfe4-11dd-835f-0013ce09ff65}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fe2b74c2-dfe4-11dd-835f-0013ce09ff65}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (SsiEfr.e) - File not found

NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)

========== Files/Folders - Created Within 14 Days ==========

[2009/08/15 02:44:09 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jim\Desktop\OTL.exe
[2009/08/15 02:42:17 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Jim\Desktop\settings.dat
[2009/08/15 02:42:04 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Jim\Desktop\RootRepeal.exe
[2009/08/15 02:41:53 | 00,464,491 | ---- | C] () -- C:\Documents and Settings\Jim\Desktop\RootRepeal.zip
[2009/08/15 02:39:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/08/15 02:38:12 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Jim\Desktop\NTREGOPT.lnk
[2009/08/15 02:38:12 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Jim\Desktop\ERUNT.lnk
[2009/08/15 02:38:10 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/08/15 02:36:52 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Jim\Desktop\erunt_setup.exe
[2009/08/15 02:35:04 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Jim\Desktop\SysRestorePoint.exe
[2009/08/15 02:25:32 | 00,272,384 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jim\Desktop\TFC.exe
[2009/08/15 00:55:01 | 79,533,2608 | -HS- | C] () -- C:\hiberfil.sys
[2009/08/15 00:12:18 | 00,050,544 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/08/13 15:30:39 | 00,501,189 | ---- | C] () -- C:\Documents and Settings\Jim\Desktop\MCO%201001R.1K MCRAMM.pdf
[2009/08/12 15:48:17 | 00,000,000 | ---D | C] -- C:\876876c36db77af6139b44dd0ce6165e
[2009/08/11 13:55:59 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2009/08/11 13:47:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Desktop\ROMS
[2009/08/11 13:09:08 | 00,001,696 | ---- | C] () -- C:\WINDOWS\System32\noise.chs
[2009/08/11 13:09:03 | 00,001,696 | ---- | C] () -- C:\WINDOWS\System32\noise.cht
[2009/08/11 13:09:00 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\korwbrkr.lex
[2009/08/11 13:09:00 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009/08/11 13:09:00 | 00,001,486 | ---- | C] () -- C:\WINDOWS\System32\noise.kor
[2009/08/11 13:08:57 | 00,002,060 | ---- | C] () -- C:\WINDOWS\System32\noise.jpn
[2009/08/11 13:08:30 | 00,146,126 | ---- | C] () -- C:\WINDOWS\System32\array30.tab
[2009/08/11 13:08:30 | 00,110,566 | ---- | C] () -- C:\WINDOWS\System32\arphr.tbl
[2009/08/11 13:08:30 | 00,018,600 | ---- | C] () -- C:\WINDOWS\System32\arrayhw.tab
[2009/08/11 13:08:30 | 00,016,312 | ---- | C] () -- C:\WINDOWS\System32\arptr.tbl
[2009/08/11 13:08:29 | 00,211,938 | ---- | C] () -- C:\WINDOWS\System32\lcphrase.tbl
[2009/08/11 13:08:28 | 00,043,242 | ---- | C] () -- C:\WINDOWS\System32\phoncode.tbl
[2009/08/11 13:08:28 | 00,024,114 | ---- | C] () -- C:\WINDOWS\System32\lcptr.tbl
[2009/08/11 13:08:28 | 00,002,714 | ---- | C] () -- C:\WINDOWS\System32\phonptr.tbl
[2009/08/11 13:08:27 | 00,116,285 | ---- | C] () -- C:\WINDOWS\System32\msdayi.tbl
[2009/08/11 13:08:27 | 00,004,071 | ---- | C] () -- C:\WINDOWS\System32\phon.tbl
[2009/08/11 13:08:27 | 00,000,700 | ---- | C] () -- C:\WINDOWS\System32\dayiptr.tbl
[2009/08/11 13:08:27 | 00,000,520 | ---- | C] () -- C:\WINDOWS\System32\dayiphr.tbl
[2009/08/11 13:08:26 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2009/08/11 13:08:26 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\c_10002.nls
[2009/08/11 13:08:26 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\acode.tbl
[2009/08/11 13:08:26 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\a234.tbl
[2009/08/11 13:08:26 | 00,001,460 | ---- | C] () -- C:\WINDOWS\System32\a15.tbl
[2009/08/11 13:08:25 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2009/08/11 13:08:25 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.nls
[2009/08/11 13:08:24 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2009/08/11 13:08:24 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\big5.nls
[2009/08/11 13:08:23 | 00,016,254 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAE.HLP
[2009/08/11 13:08:23 | 00,014,821 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAD.HLP
[2009/08/11 13:07:57 | 01,223,500 | ---- | C] () -- C:\WINDOWS\System32\WINZM.MB
[2009/08/11 13:07:56 | 01,564,868 | ---- | C] () -- C:\WINDOWS\System32\WINSP.MB
[2009/08/11 13:07:54 | 01,783,864 | ---- | C] () -- C:\WINDOWS\System32\WINPY.MB
[2009/08/11 13:07:54 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\prcp.nls
[2009/08/11 13:07:54 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2009/08/11 13:07:52 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\prc.nls
[2009/08/11 13:07:52 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2009/08/11 13:07:51 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2009/08/11 13:07:51 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_10008.nls
[2009/08/11 13:07:37 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009/08/11 13:07:36 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009/08/11 13:07:09 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2009/08/11 13:07:09 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_10003.nls
[2009/08/11 13:07:08 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2009/08/11 13:07:08 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\c_1361.nls
[2009/08/11 13:07:08 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\ksc.nls
[2009/08/11 13:07:08 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2009/08/11 13:05:54 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_20949.nls
[2009/08/11 13:05:53 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_20936.nls
[2009/08/11 13:05:52 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\c_20932.nls
[2009/08/11 13:05:51 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\c_20000.nls
[2009/08/11 13:05:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_21027.nls
[2009/08/11 13:05:48 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\c_10001.nls
[2009/08/11 13:05:48 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20290.nls
[2009/08/11 13:05:47 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\xjis.nls
[2009/08/06 15:45:54 | 00,000,867 | ---- | C] () -- C:\Documents and Settings\Jim\Desktop\Action Replay Code Manager.lnk
[2009/08/06 15:45:51 | 00,000,000 | ---D | C] -- C:\Program Files\Datel

========== Files - Modified Within 14 Days ==========

[2009/08/15 02:44:20 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jim\Desktop\OTL.exe
[2009/08/15 02:42:17 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\settings.dat
[2009/08/15 02:41:55 | 00,464,491 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\RootRepeal.zip
[2009/08/15 02:38:12 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\NTREGOPT.lnk
[2009/08/15 02:38:12 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\ERUNT.lnk
[2009/08/15 02:36:55 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Jim\Desktop\erunt_setup.exe
[2009/08/15 02:35:04 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Jim\Desktop\SysRestorePoint.exe
[2009/08/15 02:31:26 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/08/15 02:30:40 | 00,014,336 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2009/08/15 02:28:54 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/08/15 02:28:49 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/08/15 02:28:47 | 79,533,2608 | -HS- | M] () -- C:\hiberfil.sys
[2009/08/15 02:25:42 | 00,272,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jim\Desktop\TFC.exe
[2009/08/15 01:25:56 | 00,000,336 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2009/08/15 00:54:14 | 04,768,744 | -H-- | M] () -- C:\Documents and Settings\Jim\Local Settings\Application Data\IconCache.db
[2009/08/15 00:12:18 | 00,050,544 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/08/14 13:44:01 | 00,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{911AF168-D223-47D8-B87F-94532F27730C}.job
[2009/08/13 15:30:39 | 00,501,189 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\MCO%201001R.1K MCRAMM.pdf
[2009/08/13 14:30:11 | 00,016,896 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\Passwords.xls
[2009/08/13 12:55:18 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009/08/13 12:43:29 | 00,002,201 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PCTuneUp.lnk
[2009/08/13 12:00:16 | 00,000,418 | ---- | M] () -- C:\WINDOWS\tasks\PCTuneUp Scan.job
[2009/08/13 11:14:18 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Jim\Desktop\RootRepeal.exe
[2009/08/11 13:21:37 | 00,057,040 | ---- | M] () -- C:\Documents and Settings\Jim\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/08/11 13:16:12 | 00,225,616 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/08/06 15:45:54 | 00,000,867 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\Action Replay Code Manager.lnk
[2009/08/03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/08/03 13:36:06 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

========== LOP Check ==========

[1 C:\Documents and Settings\All Users\Application Data\*.tmp files]
[2009/07/16 13:27:15 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/04/19 10:31:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2007/05/12 09:23:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cyberlink
[2009/01/10 10:30:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2006/05/05 10:56:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA
[2007/01/11 08:29:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intel
[2005/03/31 02:18:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2006/08/18 18:43:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Knowledge Adventure
[2006/01/20 18:12:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MCA8B.tmp
[2007/09/25 16:13:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MinigolfVUG_TacoBell3
[2009/03/08 10:49:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2005/03/09 16:45:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2005/12/16 10:11:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2005/10/13 14:47:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/07/16 15:58:30 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Jim\Application Data
[2007/08/12 10:27:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Aim
[2009/03/08 10:13:23 | 00,000,000 | R--D | M] -- C:\Documents and Settings\Jim\Application Data\Brother
[2007/09/06 14:44:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Ceedo
[2007/05/12 09:25:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\CyberLink
[2006/05/05 10:57:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\EA
[2006/05/19 11:56:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\funkitron
[2005/03/31 02:34:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\InterMute
[2005/11/05 12:10:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\InterVideo
[2005/03/31 02:18:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Intuit
[2007/05/12 15:45:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Leadertech
[2007/09/08 20:43:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\OfficeUpdate12
[2009/08/13 12:41:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\PCTuneUp
[2006/06/13 08:55:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Snapfish
[2005/09/24 12:33:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Template
[2009/05/03 14:27:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\U3
[2009/07/09 15:50:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Uniblue
[2009/07/09 11:39:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Windows Desktop Search
[2008/03/21 22:55:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Windows Live Writer
[2009/07/09 12:41:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Windows Search
[2009/05/07 20:34:27 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/04 08:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/08/15 01:25:56 | 00,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job
[2009/08/01 01:00:44 | 00,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\McQcTask.job
[2009/08/13 12:00:16 | 00,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\PCTuneUp Scan.job
[2005/09/23 23:37:21 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 2.job
[2009/08/15 02:28:54 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/08/14 13:44:01 | 00,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{911AF168-D223-47D8-B87F-94532F27730C}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< >
< End of report >


ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/08/15 02:42
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: 1394BUS.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\1394BUS.SYS
Address: 0xF761C000 Size: 57344 File Visible: - Signed: -
Status: -

Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xF74CD000 Size: 187776 File Visible: - Signed: -
Status: -

Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -

Name: ACPIEC.sys
Image Path: ACPIEC.sys
Address: 0xF7A18000 Size: 11648 File Visible: - Signed: -
Status: -

Name: AegisP.sys
Image Path: C:\WINDOWS\system32\DRIVERS\AegisP.sys
Address: 0xF792C000 Size: 19360 File Visible: - Signed: -
Status: -

Name: afd.sys
Image Path: C:\WINDOWS\System32\drivers\afd.sys
Address: 0xA9F0B000 Size: 138496 File Visible: - Signed: -
Status: -

Name: Apfiltr.sys
Image Path: C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
Address: 0xF6141000 Size: 91712 File Visible: - Signed: -
Status: -

Name: arp1394.sys
Image Path: C:\WINDOWS\system32\DRIVERS\arp1394.sys
Address: 0xF777C000 Size: 60800 File Visible: - Signed: -
Status: -

Name: atapi.sys
Image Path: atapi.sys
Address: 0xF7467000 Size: 96512 File Visible: - Signed: -
Status: -

Name: ATMFD.DLL
Image Path: C:\WINDOWS\System32\ATMFD.DLL
Address: 0xBFFA0000 Size: 286720 File Visible: - Signed: -
Status: -

Name: audstub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys
Address: 0xF7CEE000 Size: 3072 File Visible: - Signed: -
Status: -

Name: BATTC.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\BATTC.SYS
Address: 0xF7A14000 Size: 16384 File Visible: - Signed: -
Status: -

Name: Beep.SYS
Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS
Address: 0xF7B70000 Size: 4224 File Visible: - Signed: -
Status: -

Name: BOOTVID.dll
Image Path: C:\WINDOWS\system32\BOOTVID.dll
Address: 0xF7A0C000 Size: 12288 File Visible: - Signed: -
Status: -

Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xF65CD000 Size: 63744 File Visible: - Signed: -
Status: -

Name: cdrom.sys
Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys
Address: 0xF782C000 Size: 62976 File Visible: - Signed: -
Status: -

Name: CLASSPNP.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Address: 0xF765C000 Size: 53248 File Visible: - Signed: -
Status: -

Name: CmBatt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\CmBatt.sys
Address: 0xF72F5000 Size: 13952 File Visible: - Signed: -
Status: -

Name: compbatt.sys
Image Path: compbatt.sys
Address: 0xF7A10000 Size: 10240 File Visible: - Signed: -
Status: -

Name: disk.sys
Image Path: disk.sys
Address: 0xF764C000 Size: 36352 File Visible: - Signed: -
Status: -

Name: DMICall.sys
Image Path: C:\WINDOWS\system32\DRIVERS\DMICall.sys
Address: 0xF7C20000 Size: 3552 File Visible: - Signed: -
Status: -

Name: drmk.sys
Image Path: C:\WINDOWS\system32\drivers\drmk.sys
Address: 0xF770C000 Size: 61440 File Visible: - Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xA8E0D000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7B0C000 Size: 8192 File Visible: No Signed: -
Status: -

Name: Dxapi.sys
Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys
Address: 0xA9222000 Size: 12288 File Visible: - Signed: -
Status: -

Name: dxg.sys
Image Path: C:\WINDOWS\System32\drivers\dxg.sys
Address: 0xBF9C3000 Size: 73728 File Visible: - Signed: -
Status: -

Name: dxgthk.sys
Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys
Address: 0xF7C43000 Size: 4096 File Visible: - Signed: -
Status: -

Name: e100b325.sys
Image Path: C:\WINDOWS\system32\DRIVERS\e100b325.sys
Address: 0xF6158000 Size: 155648 File Visible: - Signed: -
Status: -

Name: Fips.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS
Address: 0xF779C000 Size: 44544 File Visible: - Signed: -
Status: -

Name: fltmgr.sys
Image Path: fltmgr.sys
Address: 0xF7447000 Size: 129792 File Visible: - Signed: -
Status: -

Name: Fs_Rec.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Address: 0xF7B6E000 Size: 7936 File Visible: - Signed: -
Status: -

Name: ftdisk.sys
Image Path: ftdisk.sys
Address: 0xF747F000 Size: 125056 File Visible: - Signed: -
Status: -

Name: GEARAspiWDM.sys
Image Path: C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys
Address: 0xF6D2E000 Size: 9984 File Visible: - Signed: -
Status: -

Name: hal.dll
Image Path: C:\WINDOWS\system32\hal.dll
Address: 0x806D0000 Size: 131840 File Visible: - Signed: -
Status: -

Name: HDAudBus.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
Address: 0xF649B000 Size: 163840 File Visible: - Signed: -
Status: -

Name: HSF_CNXT.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
Address: 0xAA647000 Size: 685184 File Visible: - Signed: -
Status: -

Name: HSF_DP.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
Address: 0xAA709000 Size: 1041536 File Visible: - Signed: -
Status: -

Name: HSFHWAZL.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
Address: 0xAA808000 Size: 161024 File Visible: - Signed: -
Status: -

Name: HTTP.sys
Image Path: C:\WINDOWS\System32\Drivers\HTTP.sys
Address: 0xA7B6C000 Size: 264832 File Visible: - Signed: -
Status: -

Name: i8042prt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Address: 0xF780C000 Size: 52480 File Visible: - Signed: -
Status: -

Name: ialmdd5.DLL
Image Path: C:\WINDOWS\System32\ialmdd5.DLL
Address: 0xBFA2E000 Size: 905216 File Visible: - Signed: -
Status: -

Name: ialmdev5.DLL
Image Path: C:\WINDOWS\System32\ialmdev5.DLL
Address: 0xBFA02000 Size: 180224 File Visible: - Signed: -
Status: -

Name: ialmdnt5.dll
Image Path: C:\WINDOWS\System32\ialmdnt5.dll
Address: 0xBF9E3000 Size: 126976 File Visible: - Signed: -
Status: -

Name: ialmnt5.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
Address: 0xF64D7000 Size: 807616 File Visible: - Signed: -
Status: -

Name: ialmrnt5.dll
Image Path: C:\WINDOWS\System32\ialmrnt5.dll
Address: 0xBF9D5000 Size: 57344 File Visible: - Signed: -
Status: -

Name: imapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\imapi.sys
Address: 0xF781C000 Size: 42112 File Visible: - Signed: -
Status: -

Name: intelide.sys
Image Path: intelide.sys
Address: 0xF7B00000 Size: 5504 File Visible: - Signed: -
Status: -

Name: intelppm.sys
Image Path: C:\WINDOWS\system32\DRIVERS\intelppm.sys
Address: 0xF65ED000 Size: 36352 File Visible: - Signed: -
Status: -

Name: ipfltdrv.sys
Image Path: C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys
Address: 0xF775C000 Size: 32896 File Visible: - Signed: -
Status: -

Name: ipnat.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipnat.sys
Address: 0xA9F7D000 Size: 152832 File Visible: - Signed: -
Status: -

Name: ipsec.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipsec.sys
Address: 0xAA020000 Size: 75264 File Visible: - Signed: -
Status: -

Name: isapnp.sys
Image Path: isapnp.sys
Address: 0xF75FC000 Size: 37248 File Visible: - Signed: -
Status: -

Name: kbdclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Address: 0xF796C000 Size: 24576 File Visible: - Signed: -
Status: -

Name: KDCOM.DLL
Image Path: C:\WINDOWS\system32\KDCOM.DLL
Address: 0xF7AFC000 Size: 8192 File Visible: - Signed: -
Status: -

Name: kmixer.sys
Image Path: C:\WINDOWS\system32\drivers\kmixer.sys
Address: 0xA752E000 Size: 172416 File Visible: - Signed: -
Status: -

Name: ks.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ks.sys
Address: 0xF611E000 Size: 143360 File Visible: - Signed: -
Status: -

Name: KSecDD.sys
Image Path: KSecDD.sys
Address: 0xF741E000 Size: 92928 File Visible: - Signed: -
Status: -

Name: LxrSII1d.sys
Image Path: C:\WINDOWS\system32\Drivers\LxrSII1d.sys
Address: 0xA8A86000 Size: 72672 File Visible: - Signed: -
Status: -

Name: mdmxsdk.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
Address: 0xA8C54000 Size: 11840 File Visible: - Signed: -
Status: -

Name: mfeavfk.sys
Image Path: C:\WINDOWS\system32\drivers\mfeavfk.sys
Address: 0xA7E7D000 Size: 72576 File Visible: - Signed: -
Status: -

Name: mfebopk.sys
Image Path: C:\WINDOWS\system32\drivers\mfebopk.sys
Address: 0xAA093000 Size: 28512 File Visible: - Signed: -
Status: -

Name: mfehidk.sys
Image Path: C:\WINDOWS\system32\drivers\mfehidk.sys
Address: 0xA9E40000 Size: 194592 File Visible: - Signed: -
Status: -

Name: mfesmfk.sys
Image Path: C:\WINDOWS\system32\drivers\mfesmfk.sys
Address: 0xA842C000 Size: 33760 File Visible: - Signed: -
Status: -

Name: mnmdd.SYS
Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Address: 0xF7B72000 Size: 4224 File Visible: - Signed: -
Status: -

Name: Modem.SYS
Image Path: C:\WINDOWS\System32\Drivers\Modem.SYS
Address: 0xF7A04000 Size: 30080 File Visible: - Signed: -
Status: -

Name: mouclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys
Address: 0xF7974000 Size: 23040 File Visible: - Signed: -
Status: -

Name: MountMgr.sys
Image Path: MountMgr.sys
Address: 0xF762C000 Size: 42368 File Visible: - Signed: -
Status: -

Name: Mpfp.sys
Image Path: C:\WINDOWS\System32\Drivers\Mpfp.sys
Address: 0xA9FA3000 Size: 147456 File Visible: - Signed: -
Status: -

Name: mrxdav.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Address: 0xA8C78000 Size: 180608 File Visible: - Signed: -
Status: -

Name: mrxsmb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Address: 0xA9E70000 Size: 455296 File Visible: - Signed: -
Status: -

Name: Msfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS
Address: 0xF78C4000 Size: 19072 File Visible: - Signed: -
Status: -

Name: msgpc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\msgpc.sys
Address: 0xF768C000 Size: 35072 File Visible: - Signed: -
Status: -

Name: mssmbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Address: 0xF7AA4000 Size: 15488 File Visible: - Signed: -
Status: -

Name: Mup.sys
Image Path: Mup.sys
Address: 0xF734A000 Size: 105344 File Visible: - Signed: -
Status: -

Name: NDIS.sys
Image Path: NDIS.sys
Address: 0xF7364000 Size: 182656 File Visible: - Signed: -
Status: -

Name: ndistapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Address: 0xF6D26000 Size: 10112 File Visible: - Signed: -
Status: -

Name: ndisuio.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Address: 0xA8DA9000 Size: 14592 File Visible: - Signed: -
Status: -

Name: ndiswan.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Address: 0xF6107000 Size: 91520 File Visible: - Signed: -
Status: -

Name: NDProxy.SYS
Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Address: 0xF76DC000 Size: 40576 File Visible: - Signed: -
Status: -

Name: netbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbios.sys
Address: 0xF778C000 Size: 34688 File Visible: - Signed: -
Status: -

Name: netbt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbt.sys
Address: 0xA9F2D000 Size: 162816 File Visible: - Signed: -
Status: -

Name: nic1394.sys
Image Path: C:\WINDOWS\system32\DRIVERS\nic1394.sys
Address: 0xF65DD000 Size: 61824 File Visible: - Signed: -
Status: -

Name: Npfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS
Address: 0xF78CC000 Size: 30848 File Visible: - Signed: -
Status: -

Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xF7391000 Size: 574976 File Visible: - Signed: -
Status: -

Name: ntkrnlpa.exe
Image Path: C:\WINDOWS\system32\ntkrnlpa.exe
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -

Name: Null.SYS
Image Path: C:\WINDOWS\System32\Drivers\Null.SYS
Address: 0xF7C0E000 Size: 2944 File Visible: - Signed: -
Status: -

Name: ohci1394.sys
Image Path: ohci1394.sys
Address: 0xF760C000 Size: 61696 File Visible: - Signed: -
Status: -

Name: OPRGHDLR.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
Address: 0xF7BC5000 Size: 4096 File Visible: - Signed: -
Status: -

Name: PartMgr.sys
Image Path: PartMgr.sys
Address: 0xF7884000 Size: 19712 File Visible: - Signed: -
Status: -

Name: pci.sys
Image Path: pci.sys
Address: 0xF74BC000 Size: 68224 File Visible: - Signed: -
Status: -

Name: pciide.sys
Image Path: pciide.sys
Address: 0xF7BC4000 Size: 3328 File Visible: - Signed: -
Status: -

Name: PCIIDEX.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Address: 0xF787C000 Size: 28672 File Visible: - Signed: -
Status: -

Name: pcmcia.sys
Image Path: pcmcia.sys
Address: 0xF749E000 Size: 120192 File Visible: - Signed: -
Status: -

Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -

Name: portcls.sys
Image Path: C:\WINDOWS\system32\drivers\portcls.sys
Address: 0xAA8D0000 Size: 147456 File Visible: - Signed: -
Status: -

Name: psched.sys
Image Path: C:\WINDOWS\system32\DRIVERS\psched.sys
Address: 0xF60F6000 Size: 69120 File Visible: - Signed: -
Status: -

Name: ptilink.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ptilink.sys
Address: 0xF798C000 Size: 17792 File Visible: - Signed: -
Status: -

Name: PxHelp20.sys
Image Path: PxHelp20.sys
Address: 0xF766C000 Size: 35712 File Visible: - Signed: -
Status: -

Name: rasacd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasacd.sys
Address: 0xF7AEC000 Size: 8832 File Visible: - Signed: -
Status: -

Name: rasl2tp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Address: 0xF784C000 Size: 51328 File Visible: - Signed: -
Status: -

Name: raspppoe.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Address: 0xF785C000 Size: 41472 File Visible: - Signed: -
Status: -

Name: raspptp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspptp.sys
Address: 0xF786C000 Size: 48384 File Visible: - Signed: -
Status: -

Name: raspti.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspti.sys
Address: 0xF7994000 Size: 16512 File Visible: - Signed: -
Status: -

Name: RAW
Image Path: \FileSystem\RAW
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -

Name: rdbss.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdbss.sys
Address: 0xA9EE0000 Size: 175744 File Visible: - Signed: -
Status: -

Name: RDPCDD.sys
Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Address: 0xF7B74000 Size: 4224 File Visible: - Signed: -
Status: -

Name: redbook.sys
Image Path: C:\WINDOWS\system32\DRIVERS\redbook.sys
Address: 0xF783C000 Size: 57600 File Visible: - Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA74EE000 Size: 49152 File Visible: No Signed: -
Status: -

Name: RtkHDAud.sys
Image Path: C:\WINDOWS\system32\drivers\RtkHDAud.sys
Address: 0xAA928000 Size: 2547008 File Visible: - Signed: -
Status: -

Name: s24trans.sys
Image Path: C:\WINDOWS\system32\DRIVERS\s24trans.sys
Address: 0xA8DD9000 Size: 12544 File Visible: - Signed: -
Status: -

Name: SCR201.sys
Image Path: C:\WINDOWS\system32\DRIVERS\SCR201.sys
Address: 0xF79F4000 Size: 19392 File Visible: - Signed: -
Status: -

Name: secdrv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\secdrv.sys
Address: 0xF77AC000 Size: 40960 File Visible: - Signed: -
Status: -

Name: SMCLIB.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\SMCLIB.SYS
Address: 0xF72F1000 Size: 16384 File Visible: - Signed: -
Status: -

Name: SonyNC.sys
Image Path: C:\WINDOWS\System32\Drivers\SonyNC.sys
Address: 0xF7964000 Size: 20512 File Visible: - Signed: -
Status: -

Name: sr.sys
Image Path: sr.sys
Address: 0xF7435000 Size: 73472 File Visible: - Signed: -
Status: -

Name: srv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\srv.sys
Address: 0xA8A34000 Size: 333952 File Visible: - Signed: -
Status: -

Name: swenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys
Address: 0xF7B58000 Size: 4352 File Visible: - Signed: -
Status: -

Name: sysaudio.sys
Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys
Address: 0xA88A4000 Size: 60800 File Visible: - Signed: -
Status: -

Name: tcpip.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys
Address: 0xA9FC7000 Size: 361600 File Visible: - Signed: -
Status: -

Name: TDI.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\TDI.SYS
Address: 0xF7984000 Size: 20480 File Visible: - Signed: -
Status: -

Name: termdd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys
Address: 0xF769C000 Size: 40704 File Visible: - Signed: -
Status: -

Name: tifmsony.sys
Image Path: C:\WINDOWS\system32\drivers\tifmsony.sys
Address: 0xF6460000 Size: 94208 File Visible: - Signed: -
Status: -

Name: update.sys
Image Path: C:\WINDOWS\system32\DRIVERS\update.sys
Address: 0xF5F83000 Size: 384768 File Visible: - Signed: -
Status: -

Name: USBD.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS
Address: 0xF7B6A000 Size: 8192 File Visible: - Signed: -
Status: -

Name: usbehci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys
Address: 0xF79EC000 Size: 30208 File Visible: - Signed: -
Status: -

Name: usbhub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys
Address: 0xF772C000 Size: 59520 File Visible: - Signed: -
Status: -

Name: USBPORT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS
Address: 0xF6477000 Size: 147456 File Visible: - Signed: -
Status: -

Name: usbuhci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Address: 0xF79E4000 Size: 20608 File Visible: - Signed: -
Status: -

Name: vga.sys
Image Path: C:\WINDOWS\System32\drivers\vga.sys
Address: 0xF78BC000 Size: 20992 File Visible: - Signed: -
Status: -

Name: VIDEOPRT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
Address: 0xF64C3000 Size: 81920 File Visible: - Signed: -
Status: -

Name: VolSnap.sys
Image Path: VolSnap.sys
Address: 0xF763C000 Size: 52352 File Visible: - Signed: -
Status: -

Name: w29n51.sys
Image Path: C:\WINDOWS\system32\DRIVERS\w29n51.sys
Address: 0xF617E000 Size: 2206720 File Visible: - Signed: -
Status: -

Name: wanarp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wanarp.sys
Address: 0xF776C000 Size: 34560 File Visible: - Signed: -
Status: -

Name: watchdog.sys
Image Path: C:\WINDOWS\System32\watchdog.sys
Address: 0xF797C000 Size: 20480 File Visible: - Signed: -
Status: -

Name: wdmaud.sys
Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys
Address: 0xA83DF000 Size: 83072 File Visible: - Signed: -
Status: -

Name: Win32k
Image Path: \Driver\Win32k
Address: 0xBF800000 Size: 1847296 File Visible: - Signed: -
Status: -

Name: win32k.sys
Image Path: C:\WINDOWS\System32\win32k.sys
Address: 0xBF800000 Size: 1847296 File Visible: - Signed: -
Status: -

Name: WMILIB.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\WMILIB.SYS
Address: 0xF7AFE000 Size: 8192 File Visible: - Signed: -
Status: -

Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -

Name: ws2ifsl.sys
Image Path: C:\WINDOWS\System32\drivers\ws2ifsl.sys
Address: 0xF7309000 Size: 12032 File Visible: - Signed: -
Status: -
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP