Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

"System Tool Version 2.20" owns my computer

Started by Dadeatworld , Dec 16 2010 12:46 AM

This topic is locked

#16
Salagubang

Posted 20 December 2010 - 03:59 PM

Trusted Helper

Malware Removal
3,891 posts

Hi Dadeatworld,

Don't continue if the the option to Repair Install is NOT available.

We'll try another tact.

1. Insert your Windows XP CD into your CD and assure that your CD-ROM drive is capable of booting the CD.
2. Once you have booted from CD, do NOT select the option that states: Press F2 to initiate the Automated System Recovery (ASR) tool.
You’re going to proceed until you see the following screen, at which point you will press the “R” key to enter the recovery console:

Posted Image

3. After you have selected the appropriate option from step two, you will be prompted to select a valid Windows installation (typically number “1?).
Select the installation number, and hit Enter.
If there is an administrator password for the administrator account, enter it and hit Enter (if asked for the password, and you don't know it, you're out of luck).
You will be greeted with this screen, which indicates a recovery console at the ready:

Posted Image

4. You must enter the commands in sequence.

NOTE. Make sure, you press Enter after each command. Make sure, all commands are exact, including "spaces".
These commands are as follows:

CD..
ATTRIB -H C:\\boot.ini
ATTRIB -S C:\\boot.ini
ATRIB -R C:\\boot.ini
del boot.ini
BOOTCFG /Rebuild

Note about the above command.
BOOTCFG /REBUILD command which searches for pre-existing installations of Windows XP and rebuilds sundry essential components of the Windows operating system, recompiles the BOOT.INI file and corrects a litany of common Windows errors.

A.) Every Windows XP owner must use /FASTDETECT as OS Load Option when the rebuild process is finalizing.
B.) If you are the owner of a CPU featuring Intel’s XD or AMD’s NX buffer overflow protection, you must also use /NOEXECUTE=OPTIN as an OS Load Option.
For the Enter Load Identifier portion of this command, you should enter the name of the operating system you have installed.
If, for example, you are using Windows XP Home, you could type Microsoft Windows XP Home Edition for the identifier (it's not crucial, however what the name is, as long, as it's meaningful).
Here is your computer screen:

Posted Image

5. Type exit and restart computer.

Try booting your computer into normal or safe mode if it pushes through, else attempt the repair install again and see if the repair option would now available.

Edited by Salagubang, 20 December 2010 - 04:14 PM.

#17
Dadeatworld

Posted 21 December 2010 - 10:57 AM

Member

Topic Starter
Member
17 posts

I followed all of your instructions. No problems encountered. Rebooting into normal or safe mode failed (normal just sits at the Win XP splash screen and the world turns endlessly ... safe mode loads a page of instructions then hangs). Booted from Win XP CD and the screen choices don't lead to the repair option, they go to the "picking a hard drive partition to install on" screen.

I loaded and ran OTLPE scans. The first scan has "Lop and Purity" checked, the second scan has them unchecked. OTLPE was still set to "unchecked" since we ran a fix last time we used it, that's how I ended up with the unchecked scan. Maybe it will be of some help to you?

First scan ("Lop and Purity" checked)

OTL logfile created on: 12/21/2010 11:40:50 AM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.83 Gb Total Space | 112.66 Gb Free Space | 77.79% Space Free | Partition Type: NTFS
Drive D: | 116.88 Mb Total Space | 43.10 Mb Free Space | 36.87% Space Free | Partition Type: FAT
Drive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Auto] -- C:\WINDOWS\TEMP\002878~1.EXE -- (0028781290710659mcinstcleanup) McAfee Application Installer Cleanup (0028781290710659)
SRV - [2010/11/23 13:26:51 | 001,375,992 | ---- | M] (Lavasoft) [Auto] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/10/13 21:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/10/13 21:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/10/07 20:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/08/24 13:57:38 | 000,171,168 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe -- (McShield)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/05/02 01:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2007/03/19 11:44:44 | 000,070,656 | ---- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/07/06 06:14:30 | 000,090,112 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2006/02/17 06:19:55 | 000,139,264 | ---- | M] (OTi) [Auto] -- C:\WINDOWS\System32\UStorSrv.exe -- (UStorage Server Service)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\usbicp.sys -- (uisp)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (mfeavfk01)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2010/11/05 12:34:55 | 000,015,264 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010/10/13 21:28:54 | 000,386,840 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/10/13 21:28:54 | 000,313,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/10/13 21:28:54 | 000,152,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/10/13 21:28:54 | 000,095,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/10/13 21:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2010/10/13 21:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2010/10/13 21:28:54 | 000,084,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/10/13 21:28:54 | 000,084,072 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2010/10/13 21:28:54 | 000,055,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/10/13 21:28:54 | 000,052,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/08/12 07:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2009/11/25 10:06:44 | 000,028,032 | ---- | M] (Susteen, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sustucau.sys -- (SUSTUCAU)
DRV - [2009/11/25 10:06:43 | 000,047,360 | ---- | M] (Susteen, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sustucap.sys -- (SUSTUCAP)
DRV - [2009/11/25 10:06:43 | 000,047,360 | ---- | M] (Susteen, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sustucam.sys -- (SUSTUCAM)
DRV - [2008/11/12 14:54:00 | 006,188,320 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/05/21 11:26:40 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2008/04/13 14:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/02/29 02:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/02/29 02:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/06/18 02:01:28 | 000,514,560 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/12/19 07:36:54 | 001,160,504 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2006/12/19 07:36:46 | 000,090,936 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2006/12/19 07:36:42 | 000,156,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2006/12/19 07:36:36 | 000,014,648 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2006/12/19 07:36:32 | 000,128,312 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2006/12/19 07:35:40 | 000,511,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2006/11/01 09:39:16 | 000,246,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/18 12:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 12:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 12:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 12:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 12:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 12:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 12:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 12:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 10:05:58 | 000,051,768 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2006/08/11 09:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 09:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2006/07/21 10:21:26 | 000,099,176 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2006/07/06 05:59:42 | 000,246,784 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2006/02/24 14:06:48 | 000,107,392 | ---- | M] (AGEIA Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\athena.sys -- (athena)
DRV - [2005/07/13 01:18:48 | 000,340,704 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2002/10/01 08:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001/08/17 13:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 13:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 13:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 13:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 13:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 12:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 12:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 12:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 12:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 12:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 12:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 12:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 12:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 12:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 12:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co...html?channel=us
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/22 15:33:10 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2010/12/18 18:44:45 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (no name) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Virus Tools\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101105230046.dll (McAfee, Inc.)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No CLSID value found.
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Auto EPSON Stylus CX6600 Series on JILL] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [CTDVDDET] C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\Ross_Durbin_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Ross_Durbin_ON_C..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\Ross_Durbin_ON_C..\Run: [SpybotSD TeaTimer] C:\Virus Tools\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Ross_Durbin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Virus Tools\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} http://download.micr...tualEarth3D.cab (SentinelProxy Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - C:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/18 18:44:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/12/16 17:30:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\LocalService\My Documents
[2010/12/16 17:30:43 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\LocalService\Recent
[2010/12/15 15:39:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/12/15 15:39:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/12/15 13:15:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ross Durbin\Recent
[2010/11/30 14:38:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ross Durbin\My Documents\My Scans
[2010/11/21 21:15:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ross Durbin\My Documents\Heat Index
[2007/10/04 21:23:38 | 000,034,816 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll

========== Files - Modified Within 30 Days ==========

[2010/12/21 06:21:00 | 000,000,322 | RHS- | M] () -- C:\boot.ini
[2010/12/18 18:44:45 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/12/14 13:27:05 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/12/10 16:09:34 | 000,011,183 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taliban.docx
[2010/12/10 13:55:02 | 000,194,826 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/12/10 13:54:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/09 20:50:28 | 000,033,912 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Colorado ski from ITT.pdf
[2010/12/07 03:41:00 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/05 02:14:38 | 000,064,756 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2010/12/05 02:14:38 | 000,053,968 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2010/12/05 02:14:38 | 000,053,968 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2010/12/05 02:14:38 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010/12/05 02:14:38 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010/12/03 15:56:57 | 000,011,475 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taylor.docx
[2010/11/30 00:06:07 | 000,052,091 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Ferguson Reservoir.pdf

========== Files Created - No Company Name ==========

[2010/12/21 06:21:00 | 000,000,322 | RHS- | C] () -- C:\boot.ini
[2010/12/10 16:09:34 | 000,011,183 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taliban.docx
[2010/12/09 20:50:28 | 000,033,912 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Colorado ski from ITT.pdf
[2010/12/03 15:56:57 | 000,011,475 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taylor.docx
[2010/11/30 00:06:07 | 000,052,091 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Ferguson Reservoir.pdf
[2010/08/19 16:16:02 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/08/19 16:16:02 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/05/31 19:45:56 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Application Data\setup_ldm.iss
[2010/03/22 20:39:58 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\OPDSL.DLL
[2009/11/30 12:51:36 | 000,061,224 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\GoToAssistDownloadHelper.exe
[2009/03/30 16:53:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/09/28 23:34:22 | 000,003,072 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Application Data\dvd.bmk
[2008/09/28 23:31:05 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Local Settings\Application Data\fusioncache.dat
[2008/09/14 12:37:45 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007/11/06 20:00:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/11/06 20:00:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/11/06 20:00:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/11/06 20:00:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/10/10 15:04:10 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/10 12:14:51 | 000,259,170 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\REBOOT=ReallySuppress
[2007/10/10 12:14:06 | 000,259,170 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\REBOOT=ReallySuppress
[2007/10/04 21:58:04 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/10/04 21:42:27 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007/10/04 21:42:27 | 000,000,120 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/10/04 21:20:47 | 000,050,432 | ---- | C] () -- C:\WINDOWS\System32\claptn.ini
[2007/10/04 21:20:47 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2007/10/04 21:20:47 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2007/10/04 21:20:47 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007/10/04 21:20:14 | 000,876,544 | ---- | C] () -- C:\WINDOWS\System32\TEACico2.dll
[2007/10/04 21:19:17 | 000,001,123 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/01/03 10:24:36 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/01/03 10:22:46 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/01/03 10:22:14 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/12/19 06:15:20 | 000,065,154 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2006/11/07 03:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/16 22:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 22:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2001/12/03 15:50:58 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\LTTLS13N.DLL
[2001/12/03 15:50:20 | 000,708,608 | R--- | C] () -- C:\WINDOWS\System32\LTCRY13N.DLL
[2000/07/07 05:49:30 | 000,069,120 | R--- | C] () -- C:\WINDOWS\System32\LTDLL.DLL
[2000/04/12 15:28:12 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2000/04/12 15:24:10 | 000,338,944 | R--- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL

========== LOP Check ==========

[2007/10/16 13:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\Final Draft
[2009/07/21 15:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\GARMIN
[2010/11/09 02:41:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\LimeWire
[2008/12/04 14:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\NASA
[2009/12/09 14:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\Uniblue
[2007/10/10 13:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\Windows Desktop Search
[2010/12/14 13:27:05 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========

< End of report >

Second Scan (Lop and Purity unchecked)

OTL logfile created on: 12/21/2010 11:37:11 AM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.83 Gb Total Space | 112.66 Gb Free Space | 77.79% Space Free | Partition Type: NTFS
Drive D: | 116.88 Mb Total Space | 43.16 Mb Free Space | 36.92% Space Free | Partition Type: FAT
Drive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Auto] -- C:\WINDOWS\TEMP\002878~1.EXE -- (0028781290710659mcinstcleanup) McAfee Application Installer Cleanup (0028781290710659)
SRV - [2010/11/23 13:26:51 | 001,375,992 | ---- | M] (Lavasoft) [Auto] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/10/13 21:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/10/13 21:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/10/07 20:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/08/24 13:57:38 | 000,171,168 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe -- (McShield)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/05/02 01:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2007/03/19 11:44:44 | 000,070,656 | ---- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/07/06 06:14:30 | 000,090,112 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2006/02/17 06:19:55 | 000,139,264 | ---- | M] (OTi) [Auto] -- C:\WINDOWS\System32\UStorSrv.exe -- (UStorage Server Service)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\usbicp.sys -- (uisp)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (mfeavfk01)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2010/11/05 12:34:55 | 000,015,264 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010/10/13 21:28:54 | 000,386,840 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/10/13 21:28:54 | 000,313,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/10/13 21:28:54 | 000,152,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/10/13 21:28:54 | 000,095,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/10/13 21:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2010/10/13 21:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2010/10/13 21:28:54 | 000,084,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/10/13 21:28:54 | 000,084,072 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2010/10/13 21:28:54 | 000,055,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/10/13 21:28:54 | 000,052,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/08/12 07:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2009/11/25 10:06:44 | 000,028,032 | ---- | M] (Susteen, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sustucau.sys -- (SUSTUCAU)
DRV - [2009/11/25 10:06:43 | 000,047,360 | ---- | M] (Susteen, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sustucap.sys -- (SUSTUCAP)
DRV - [2009/11/25 10:06:43 | 000,047,360 | ---- | M] (Susteen, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sustucam.sys -- (SUSTUCAM)
DRV - [2008/11/12 14:54:00 | 006,188,320 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/05/21 11:26:40 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2008/04/13 14:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/02/29 02:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/02/29 02:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/06/18 02:01:28 | 000,514,560 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/12/19 07:36:54 | 001,160,504 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2006/12/19 07:36:46 | 000,090,936 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2006/12/19 07:36:42 | 000,156,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2006/12/19 07:36:36 | 000,014,648 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2006/12/19 07:36:32 | 000,128,312 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2006/12/19 07:35:40 | 000,511,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2006/11/01 09:39:16 | 000,246,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/18 12:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 12:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 12:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 12:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 12:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 12:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 12:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 12:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 10:05:58 | 000,051,768 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2006/08/11 09:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 09:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2006/07/21 10:21:26 | 000,099,176 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2006/07/06 05:59:42 | 000,246,784 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2006/02/24 14:06:48 | 000,107,392 | ---- | M] (AGEIA Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\athena.sys -- (athena)
DRV - [2005/07/13 01:18:48 | 000,340,704 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2002/10/01 08:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001/08/17 13:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 13:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 13:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 13:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 13:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 12:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 12:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 12:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 12:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 12:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 12:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 12:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 12:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 12:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 12:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co...html?channel=us
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/22 15:33:10 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2010/12/18 18:44:45 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (no name) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Virus Tools\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101105230046.dll (McAfee, Inc.)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No CLSID value found.
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Auto EPSON Stylus CX6600 Series on JILL] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [CTDVDDET] C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\Ross_Durbin_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Ross_Durbin_ON_C..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\Ross_Durbin_ON_C..\Run: [SpybotSD TeaTimer] C:\Virus Tools\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Ross_Durbin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Virus Tools\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} http://download.micr...tualEarth3D.cab (SentinelProxy Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - C:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/18 18:44:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/12/16 17:30:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\LocalService\My Documents
[2010/12/16 17:30:43 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\LocalService\Recent
[2010/12/15 15:39:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/12/15 15:39:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/12/15 13:15:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ross Durbin\Recent
[2010/11/30 14:38:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ross Durbin\My Documents\My Scans
[2010/11/21 21:15:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ross Durbin\My Documents\Heat Index
[2007/10/04 21:23:38 | 000,034,816 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll

========== Files - Modified Within 30 Days ==========

[2010/12/21 06:21:00 | 000,000,322 | RHS- | M] () -- C:\boot.ini
[2010/12/18 18:44:45 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/12/14 13:27:05 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/12/10 16:09:34 | 000,011,183 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taliban.docx
[2010/12/10 13:55:02 | 000,194,826 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/12/10 13:54:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/09 20:50:28 | 000,033,912 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Colorado ski from ITT.pdf
[2010/12/07 03:41:00 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/05 02:14:38 | 000,064,756 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2010/12/05 02:14:38 | 000,053,968 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2010/12/05 02:14:38 | 000,053,968 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2010/12/05 02:14:38 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010/12/05 02:14:38 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010/12/03 15:56:57 | 000,011,475 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taylor.docx
[2010/11/30 00:06:07 | 000,052,091 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Ferguson Reservoir.pdf

========== Files Created - No Company Name ==========

[2010/12/21 06:21:00 | 000,000,322 | RHS- | C] () -- C:\boot.ini
[2010/12/10 16:09:34 | 000,011,183 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taliban.docx
[2010/12/09 20:50:28 | 000,033,912 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Colorado ski from ITT.pdf
[2010/12/03 15:56:57 | 000,011,475 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taylor.docx
[2010/11/30 00:06:07 | 000,052,091 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Ferguson Reservoir.pdf
[2010/08/19 16:16:02 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/08/19 16:16:02 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/05/31 19:45:56 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Application Data\setup_ldm.iss
[2010/03/22 20:39:58 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\OPDSL.DLL
[2009/11/30 12:51:36 | 000,061,224 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\GoToAssistDownloadHelper.exe
[2009/03/30 16:53:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/09/28 23:34:22 | 000,003,072 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Application Data\dvd.bmk
[2008/09/28 23:31:05 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Local Settings\Application Data\fusioncache.dat
[2008/09/14 12:37:45 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007/11/06 20:00:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/11/06 20:00:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/11/06 20:00:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/11/06 20:00:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/10/10 15:04:10 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/10 12:14:51 | 000,259,170 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\REBOOT=ReallySuppress
[2007/10/10 12:14:06 | 000,259,170 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\REBOOT=ReallySuppress
[2007/10/04 21:58:04 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/10/04 21:42:27 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007/10/04 21:42:27 | 000,000,120 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/10/04 21:20:47 | 000,050,432 | ---- | C] () -- C:\WINDOWS\System32\claptn.ini
[2007/10/04 21:20:47 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2007/10/04 21:20:47 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2007/10/04 21:20:47 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007/10/04 21:20:14 | 000,876,544 | ---- | C] () -- C:\WINDOWS\System32\TEACico2.dll
[2007/10/04 21:19:17 | 000,001,123 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/01/03 10:24:36 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/01/03 10:22:46 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/01/03 10:22:14 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/12/19 06:15:20 | 000,065,154 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2006/11/07 03:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/16 22:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 22:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2001/12/03 15:50:58 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\LTTLS13N.DLL
[2001/12/03 15:50:20 | 000,708,608 | R--- | C] () -- C:\WINDOWS\System32\LTCRY13N.DLL
[2000/07/07 05:49:30 | 000,069,120 | R--- | C] () -- C:\WINDOWS\System32\LTDLL.DLL
[2000/04/12 15:28:12 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2000/04/12 15:24:10 | 000,338,944 | R--- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
< End of report >

I'm sorry my computer isn't cooperating very well. I hope you can still find a way to fix it.

Thank you, again, for all your time and effort,

#18
Salagubang

Posted 21 December 2010 - 07:14 PM

Trusted Helper

Malware Removal
3,891 posts

Hi Dadeatworld,

Let's inspect the machine for possible restore options.

On the clean computer.

Creating a bootable USB using xPUD

Please download the following files and save it to the desktop
- Unetbootin.exe
- xPUD latest version is xpud-0.9.2.iso
Insert the USB device to make bootable to the computer. (Make sure that no other USB's are inserted)
Double-click on unetbootin.exe to run
Select Disk Image, ISO and in the space provided, enter the path location of xpud-0.9.2.iso (ex. C:\Documents and Settings\yourusername\Desktop\xpud-0.9.2.iso) Alternatively, you can just click the browse button and point to the location of the file.
Select USB Drive type and the drive letter assigned to your USB stick.
Click "OK" and wait until the program finishes. You now have a bootable xPUD.
Download the following tool and save it inside the bootable USB
- rst.sh
- driver.sh

Please note: if you prefer to create a bootable CD using xPUD, you may download the ISO image found here and burn it to a CD.

On the infected computer.

Reboot your system using the xPUD bootable USB you just created.
Note : If you do not know how to set your computer to boot from USB follow the steps here
Your system should now display a xPUD desktop.
Select on the File icon; on the right pane click on the "mnt" folder and highlight "sdb1" - this is your USB device.

sda1,2...usually corresponds to your HDD
sdb1 is likely your USB
Click on the "Tool" menu and select Open Terminal
In the open terminal window, type in the following:

bash rst.sh
Press "Enter" and let it run uninterrupted.
(The program lists available Restore Points and will save a report enum.log located in the USB drive.)
The program is finished when it say's "Done".
Next, type

bash driver.sh
Press Enter
After it has finished a report will be located on your USB drive named report.txt
Type "Exit" to close the terminal window.
Please attached the enum.log and report.txt file in your reply. (You may remove your USB drive when transferring log to a clean computer).

Please note: If you have an ethernet connection you can access the internet by way of xPUD (Firefox). You can perform all these steps on your sick computer. When you download the download will reside in the Download folder. It can be found under the File tab also. You can similarly access our thread by way of this OS too so you can send the logs that way.

#19
Dadeatworld

Posted 22 December 2010 - 01:14 PM

Member

Topic Starter
Member
17 posts

My computer won't boot the xPUD program. I get to the language selection screen, pick "english", and the hard drive spins a bit ... but then everything hangs. The screen is a blue, two-tone flickering mess. When I hold the power button to restart, I get a brief glimpse of a black screen with " /can't xxxxx" commands. I've reburned the CD, tried different CDs, and always the same result. My computer will boot up the OTLPE and Windows XP CD's. I guess the virus doesn't like xPUD.

Sorry. Any other ideas?

#20
Salagubang

Posted 22 December 2010 - 05:21 PM

Trusted Helper

Malware Removal
3,891 posts

Hi Dadeatworld,

Reboot your computer into SafeMode.

You can do this by restarting your computer and continually tapping the F8 key until a menu appears.
Use your up arrow key to highlight SafeMode then hit enter.

Your screen will list a scroll of files loading. Please note down the filename of the last file that won't seem to load.(Give it about 5 minutes just to be sure it is the one freezing)

Next

Start OTLPE again, click on the none button and in the custom scan box type this in:

c:\windows\system32\drivers\*.sys /md5

Click on the "Run Scan" and post the scan result.

#21
Dadeatworld

Posted 23 December 2010 - 12:37 AM

Member

Topic Starter
Member
17 posts

Thank you for keeping with me on this problem ...

Safe mode hangs at multi(0)disk(0)partition(2)\WINDOWS\System32\Drivers\Mup.sys

Results of scan:

OTL logfile created on: 12/23/2010 1:29:46 AM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.83 Gb Total Space | 112.66 Gb Free Space | 77.79% Space Free | Partition Type: NTFS
Drive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Auto] -- C:\WINDOWS\TEMP\002878~1.EXE -- (0028781290710659mcinstcleanup) McAfee Application Installer Cleanup (0028781290710659)
SRV - [2010/11/23 13:26:51 | 001,375,992 | ---- | M] (Lavasoft) [Auto] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/10/13 21:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/10/13 21:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/10/07 20:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/08/24 13:57:38 | 000,171,168 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe -- (McShield)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/05/02 01:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2007/03/19 11:44:44 | 000,070,656 | ---- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/07/06 06:14:30 | 000,090,112 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2006/02/17 06:19:55 | 000,139,264 | ---- | M] (OTi) [Auto] -- C:\WINDOWS\System32\UStorSrv.exe -- (UStorage Server Service)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\usbicp.sys -- (uisp)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (mfeavfk01)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2010/11/05 12:34:55 | 000,015,264 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010/10/13 21:28:54 | 000,386,840 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/10/13 21:28:54 | 000,313,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/10/13 21:28:54 | 000,152,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/10/13 21:28:54 | 000,095,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/10/13 21:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2010/10/13 21:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2010/10/13 21:28:54 | 000,084,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/10/13 21:28:54 | 000,084,072 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2010/10/13 21:28:54 | 000,055,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/10/13 21:28:54 | 000,052,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/08/12 07:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2009/11/25 10:06:44 | 000,028,032 | ---- | M] (Susteen, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sustucau.sys -- (SUSTUCAU)
DRV - [2009/11/25 10:06:43 | 000,047,360 | ---- | M] (Susteen, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sustucap.sys -- (SUSTUCAP)
DRV - [2009/11/25 10:06:43 | 000,047,360 | ---- | M] (Susteen, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sustucam.sys -- (SUSTUCAM)
DRV - [2008/11/12 14:54:00 | 006,188,320 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/05/21 11:26:40 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2008/04/13 14:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/02/29 02:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/02/29 02:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/06/18 02:01:28 | 000,514,560 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/12/19 07:36:54 | 001,160,504 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2006/12/19 07:36:46 | 000,090,936 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2006/12/19 07:36:42 | 000,156,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2006/12/19 07:36:36 | 000,014,648 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2006/12/19 07:36:32 | 000,128,312 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2006/12/19 07:35:40 | 000,511,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2006/11/01 09:39:16 | 000,246,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/18 12:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 12:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 12:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 12:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 12:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 12:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 12:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 12:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 10:05:58 | 000,051,768 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2006/08/11 09:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 09:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2006/07/21 10:21:26 | 000,099,176 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2006/07/06 05:59:42 | 000,246,784 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2006/02/24 14:06:48 | 000,107,392 | ---- | M] (AGEIA Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\athena.sys -- (athena)
DRV - [2005/07/13 01:18:48 | 000,340,704 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2002/10/01 08:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001/08/17 13:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 13:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 13:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 13:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 13:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 12:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 12:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 12:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 12:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 12:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 12:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 12:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 12:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 12:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 12:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co...html?channel=us
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/22 15:33:10 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2010/12/18 18:44:45 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (no name) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Virus Tools\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101105230046.dll (McAfee, Inc.)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No CLSID value found.
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Auto EPSON Stylus CX6600 Series on JILL] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [CTDVDDET] C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\Ross_Durbin_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Ross_Durbin_ON_C..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\Ross_Durbin_ON_C..\Run: [SpybotSD TeaTimer] C:\Virus Tools\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Ross_Durbin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Virus Tools\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} http://download.micr...tualEarth3D.cab (SentinelProxy Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - C:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/18 18:44:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/12/16 17:30:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\LocalService\My Documents
[2010/12/16 17:30:43 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\LocalService\Recent
[2010/12/15 15:39:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/12/15 15:39:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/12/15 13:15:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ross Durbin\Recent
[2010/11/30 14:38:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ross Durbin\My Documents\My Scans
[2007/10/04 21:23:38 | 000,034,816 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll

========== Files - Modified Within 30 Days ==========

[2010/12/21 06:21:00 | 000,000,322 | RHS- | M] () -- C:\boot.ini
[2010/12/18 18:44:45 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/12/14 13:27:05 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/12/10 16:09:34 | 000,011,183 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taliban.docx
[2010/12/10 13:55:02 | 000,194,826 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/12/10 13:54:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/09 20:50:28 | 000,033,912 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Colorado ski from ITT.pdf
[2010/12/07 03:41:00 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/05 02:14:38 | 000,064,756 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2010/12/05 02:14:38 | 000,053,968 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2010/12/05 02:14:38 | 000,053,968 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2010/12/05 02:14:38 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010/12/05 02:14:38 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010/12/03 15:56:57 | 000,011,475 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taylor.docx
[2010/11/30 00:06:07 | 000,052,091 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Ferguson Reservoir.pdf

========== Files Created - No Company Name ==========

[2010/12/21 06:21:00 | 000,000,322 | RHS- | C] () -- C:\boot.ini
[2010/12/10 16:09:34 | 000,011,183 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taliban.docx
[2010/12/09 20:50:28 | 000,033,912 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Colorado ski from ITT.pdf
[2010/12/03 15:56:57 | 000,011,475 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taylor.docx
[2010/11/30 00:06:07 | 000,052,091 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Ferguson Reservoir.pdf
[2010/08/19 16:16:02 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/08/19 16:16:02 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/05/31 19:45:56 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Application Data\setup_ldm.iss
[2010/03/22 20:39:58 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\OPDSL.DLL
[2009/11/30 12:51:36 | 000,061,224 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\GoToAssistDownloadHelper.exe
[2009/03/30 16:53:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/09/28 23:34:22 | 000,003,072 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Application Data\dvd.bmk
[2008/09/28 23:31:05 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Local Settings\Application Data\fusioncache.dat
[2008/09/14 12:37:45 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007/11/06 20:00:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/11/06 20:00:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/11/06 20:00:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/11/06 20:00:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/10/10 15:04:10 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/10 12:14:51 | 000,259,170 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\REBOOT=ReallySuppress
[2007/10/10 12:14:06 | 000,259,170 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\REBOOT=ReallySuppress
[2007/10/04 21:58:04 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/10/04 21:42:27 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007/10/04 21:42:27 | 000,000,120 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/10/04 21:20:47 | 000,050,432 | ---- | C] () -- C:\WINDOWS\System32\claptn.ini
[2007/10/04 21:20:47 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2007/10/04 21:20:47 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2007/10/04 21:20:47 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007/10/04 21:20:14 | 000,876,544 | ---- | C] () -- C:\WINDOWS\System32\TEACico2.dll
[2007/10/04 21:19:17 | 000,001,123 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/01/03 10:24:36 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/01/03 10:22:46 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/01/03 10:22:14 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/12/19 06:15:20 | 000,065,154 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2006/11/07 03:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/16 22:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 22:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2001/12/03 15:50:58 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\LTTLS13N.DLL
[2001/12/03 15:50:20 | 000,708,608 | R--- | C] () -- C:\WINDOWS\System32\LTCRY13N.DLL
[2000/07/07 05:49:30 | 000,069,120 | R--- | C] () -- C:\WINDOWS\System32\LTDLL.DLL
[2000/04/12 15:28:12 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2000/04/12 15:24:10 | 000,338,944 | R--- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL

========== LOP Check ==========

[2007/10/16 13:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\Final Draft
[2009/07/21 15:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\GARMIN
[2010/11/09 02:41:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\LimeWire
[2008/12/04 14:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\NASA
[2009/12/09 14:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\Uniblue
[2007/10/10 13:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\Windows Desktop Search
[2010/12/14 13:27:05 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========

========== Custom Scans ==========

< c:\windows\system32\drivers\*.sys /md5 >
[2001/08/17 12:52:00 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=6ABB91494FE6C59089B9336452AB2EA3 -- C:\WINDOWS\system32\drivers\ABP480N5.SYS
[2008/04/13 13:36:35 | 000,187,776 | ---- | M] (Microsoft Corporation) MD5=8FD99680A539792A30E97944FDAECF17 -- C:\WINDOWS\system32\drivers\acpi.sys
[2004/08/04 04:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) MD5=9859C0F6936E723E4892D7141B1327D5 -- C:\WINDOWS\system32\drivers\acpiec.sys
[2001/08/17 13:07:32 | 000,101,888 | ---- | M] (Microsoft Corporation) MD5=9A11864873DA202C996558B2106B0BBC -- C:\WINDOWS\system32\drivers\adpu160m.sys
[2008/04/13 11:39:23 | 000,142,592 | ---- | M] (Microsoft Corporation) MD5=8BED39E3C35D6A489438B8141717A557 -- C:\WINDOWS\system32\drivers\aec.sys
[2008/08/14 05:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- C:\WINDOWS\system32\drivers\afd.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2008/04/13 13:36:39 | 000,044,928 | ---- | M] (Microsoft Corporation) MD5=03A7E0922ACFE1B07D5DB2EEB0773063 -- C:\WINDOWS\system32\drivers\agpcpq.sys
[2001/08/17 12:52:02 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=C23EA9B5F46C7F7910DB3EAB648FF013 -- C:\WINDOWS\system32\drivers\aha154x.sys
[2001/08/17 13:07:36 | 000,055,168 | ---- | M] (Microsoft Corporation) MD5=19DD0FB48B0C18892F70E2E7D61A1529 -- C:\WINDOWS\system32\drivers\aic78u2.sys
[2001/08/17 13:07:38 | 000,056,960 | ---- | M] (Microsoft Corporation) MD5=B7FE594A7468AA0132DEB03FB8E34326 -- C:\WINDOWS\system32\drivers\aic78xx.sys
[2001/08/17 12:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) MD5=1140AB9938809700B46BB88E46D72A96 -- C:\WINDOWS\system32\drivers\aliide.sys
[2008/04/13 13:36:38 | 000,042,752 | ---- | M] (Microsoft Corporation) MD5=CB08AED0DE2DD889A8A820CD8082D83C -- C:\WINDOWS\system32\drivers\alim1541.sys
[2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) MD5=95B4FB835E28AA1336CEEB07FD5B9398 -- C:\WINDOWS\system32\drivers\amdagp.sys
[2008/04/13 13:31:32 | 000,037,376 | ---- | M] (Microsoft Corporation) MD5=D7701D7E72243286CC88C9973D891057 -- C:\WINDOWS\system32\drivers\amdk6.sys
[2008/04/13 13:31:33 | 000,037,760 | ---- | M] (Microsoft Corporation) MD5=8FCE268CDBDD83B23419D1F35F42C7B1 -- C:\WINDOWS\system32\drivers\amdk7.sys
[2001/08/17 12:52:04 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=79F5ADD8D24BD6893F2903A3E2F3FAD6 -- C:\WINDOWS\system32\drivers\amsint.sys
[2008/04/13 13:51:25 | 000,060,800 | ---- | M] (Microsoft Corporation) MD5=B5B8A80875C1DEDEDA8B02765642C32F -- C:\WINDOWS\system32\drivers\arp1394.sys
[2001/08/17 12:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) MD5=62D318E9A0C8FC9B780008E724283707 -- C:\WINDOWS\system32\drivers\asc.sys
[2001/08/17 12:52:04 | 000,022,400 | ---- | M] (Microsoft Corporation) MD5=69EB0CC7714B32896CCBFD5EDCBEA447 -- C:\WINDOWS\system32\drivers\asc3350p.sys
[2001/08/17 12:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) MD5=5D8DE112AA0254B907861E9E9C31D597 -- C:\WINDOWS\system32\drivers\asc3550.sys
[2008/04/13 13:57:27 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=B153AFFAC761E7F5FCFA822B9C4E97BC -- C:\WINDOWS\system32\drivers\asyncmac.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006/02/24 14:06:48 | 000,107,392 | ---- | M] (AGEIA Technologies) MD5=22910F4DEF0AC92B90D89884FA6407EB -- C:\WINDOWS\system32\drivers\athena.sys
[2004/08/03 21:29:30 | 000,056,623 | ---- | M] (ATI Technologies Inc.) MD5=D649C57DA6FA762C64013747E5D7D2D6 -- C:\WINDOWS\system32\drivers\ati1btxx.sys
[2004/08/03 21:29:30 | 000,011,615 | ---- | M] (ATI Technologies Inc.) MD5=60B6AA2DC1521DA343F781B70EB7895A -- C:\WINDOWS\system32\drivers\ati1mdxx.sys
[2004/08/03 21:29:30 | 000,012,047 | ---- | M] (ATI Technologies Inc.) MD5=6FDC61E8E8E17F6ECC2D9A10FA8DF347 -- C:\WINDOWS\system32\drivers\ati1pdxx.sys
[2004/08/03 21:29:32 | 000,030,671 | ---- | M] (ATI Technologies Inc.) MD5=9D318099BF3876A4AF4BC75966D27603 -- C:\WINDOWS\system32\drivers\ati1raxx.sys
[2004/08/03 21:29:32 | 000,063,663 | ---- | M] (ATI Technologies Inc.) MD5=BCAF267B10620F8C93F6E87AB726E145 -- C:\WINDOWS\system32\drivers\ati1rvxx.sys
[2004/08/03 21:29:32 | 000,026,367 | ---- | M] (ATI Technologies Inc.) MD5=DAC7D785CF62F5BD41441E9D6F5A6EFE -- C:\WINDOWS\system32\drivers\ati1snxx.sys
[2004/08/03 21:29:32 | 000,021,343 | ---- | M] (ATI Technologies Inc.) MD5=F7706DAE7D101F1B19CE552D772EBFCE -- C:\WINDOWS\system32\drivers\ati1ttxx.sys
[2004/08/03 21:29:32 | 000,036,463 | ---- | M] (ATI Technologies Inc.) MD5=6F714B4720DD80FFA9F8D2731594EA4C -- C:\WINDOWS\system32\drivers\ati1tuxx.sys
[2004/08/03 21:29:32 | 000,029,455 | ---- | M] (ATI Technologies Inc.) MD5=67FFBC158DD4D27BA3FC92C6ACD87F73 -- C:\WINDOWS\system32\drivers\ati1xbxx.sys
[2004/08/03 21:29:32 | 000,034,735 | ---- | M] (ATI Technologies Inc.) MD5=0D8CAB1F08F7D3C4DE228B49E12E596A -- C:\WINDOWS\system32\drivers\ati1xsxx.sys
[2004/08/03 21:29:28 | 000,327,040 | ---- | M] (ATI Technologies Inc.) MD5=2D030C2F6B036CA0BC243E1B16D924D1 -- C:\WINDOWS\system32\drivers\ati2mtaa.sys
[2004/08/03 21:29:28 | 000,701,440 | ---- | M] (ATI Technologies Inc.) MD5=8759322FFC1A50569C1E5528EE8026B7 -- C:\WINDOWS\system32\drivers\ati2mtag.sys
[2004/08/03 21:29:28 | 000,057,856 | ---- | M] (ATI Technologies Inc.) MD5=993E7BD6438FE989E328C6B4BCA246A9 -- C:\WINDOWS\system32\drivers\atinbtxx.sys
[2004/08/03 21:29:30 | 000,013,824 | ---- | M] (ATI Technologies Inc.) MD5=ED4C2BF8403F4437987C0BA09CF48716 -- C:\WINDOWS\system32\drivers\atinmdxx.sys
[2004/08/03 21:29:30 | 000,014,336 | ---- | M] (ATI Technologies Inc.) MD5=E90AC2B14E98F1A4372E5891B4278784 -- C:\WINDOWS\system32\drivers\atinpdxx.sys
[2004/08/03 21:29:30 | 000,052,224 | ---- | M] (ATI Technologies Inc.) MD5=DA36687D701C833430605A298731410B -- C:\WINDOWS\system32\drivers\atinraxx.sys
[2004/08/03 21:29:32 | 000,104,960 | ---- | M] (ATI Technologies Inc.) MD5=A7A01B907DB63898D40B0A14248FF9A2 -- C:\WINDOWS\system32\drivers\atinrvxx.sys
[2004/08/03 21:29:32 | 000,028,672 | ---- | M] (ATI Technologies Inc.) MD5=CEDDEE2E0591894D19654D458FD3B9BE -- C:\WINDOWS\system32\drivers\atinsnxx.sys
[2004/08/03 21:29:32 | 000,013,824 | ---- | M] (ATI Technologies Inc.) MD5=D80A8F6C0A717446496C3A06D33B0D9C -- C:\WINDOWS\system32\drivers\atinttxx.sys
[2004/08/03 21:29:32 | 000,073,216 | ---- | M] (ATI Technologies Inc.) MD5=EDD66332608D27F4FD5069BCD0BC5164 -- C:\WINDOWS\system32\drivers\atintuxx.sys
[2004/08/03 21:29:32 | 000,031,744 | ---- | M] (ATI Technologies Inc.) MD5=3E7D485CBD0B0D9F6EA2AD9442411831 -- C:\WINDOWS\system32\drivers\atinxbxx.sys
[2004/08/03 21:29:32 | 000,063,488 | ---- | M] (ATI Technologies Inc.) MD5=77B575D7AAB35D5908AE6CE681608D62 -- C:\WINDOWS\system32\drivers\atinxsxx.sys
[2008/04/13 13:51:25 | 000,059,904 | ---- | M] (Microsoft Corporation) MD5=9916C1225104BA14794209CFA8012159 -- C:\WINDOWS\system32\drivers\atmarpc.sys
[2004/08/04 04:00:00 | 000,031,360 | ---- | M] (Microsoft Corporation) MD5=39A0A59180F19946374275745B21AEBA -- C:\WINDOWS\system32\drivers\atmepvc.sys
[2008/04/13 13:51:30 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=AE76348A2605FB197FA8FF1D6F547836 -- C:\WINDOWS\system32\drivers\atmlane.sys
[2004/08/04 04:00:00 | 000,352,256 | ---- | M] (Microsoft Corporation) MD5=E7EF69B38D17BA01F914AE8F66216A38 -- C:\WINDOWS\system32\drivers\atmuni.sys
[2001/08/17 12:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) MD5=D9F724AA26C010A217C97606B160ED68 -- C:\WINDOWS\system32\drivers\audstub.sys
[2004/08/04 04:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys
[2008/04/13 13:53:23 | 000,071,552 | ---- | M] (Microsoft Corporation) MD5=F934D1B230F84E1D19DD00AC5A7A83ED -- C:\WINDOWS\system32\drivers\bridge.sys
[2008/04/13 13:46:33 | 000,017,024 | ---- | M] (Microsoft Corporation) MD5=B279426E3C0C344893ED78A613A73BDE -- C:\WINDOWS\system32\drivers\bthenum.sys
[2008/04/13 13:46:33 | 000,037,888 | ---- | M] (Microsoft Corporation) MD5=FCA6F069597B62D42495191ACE3FC6C1 -- C:\WINDOWS\system32\drivers\bthmodem.sys
[2008/04/13 13:51:34 | 000,101,120 | ---- | M] (Microsoft Corporation) MD5=80602B8746D3738F5886CE3D67EF06B6 -- C:\WINDOWS\system32\drivers\bthpan.sys
[2008/06/13 06:05:51 | 000,272,128 | ---- | M] (Microsoft Corporation) MD5=662BFD909447DD9CC15B1A1C366583B4 -- C:\WINDOWS\system32\drivers\bthport.sys
[2008/04/13 13:46:31 | 000,036,480 | ---- | M] (Microsoft Corporation) MD5=BB68CEBFFD181E18A26112D1B9F90F3D -- C:\WINDOWS\system32\drivers\bthprint.sys
[2008/04/13 13:46:29 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=61364CD71EF63B0F038B7E9DF00F1EFA -- C:\WINDOWS\system32\drivers\bthusb.sys
[2008/05/21 11:26:40 | 000,049,904 | R--- | M] (Avanquest Software) MD5=248DFA5762DDE38DFDDBBD44149E9D7A -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
[2001/08/17 12:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) MD5=90A673FC8E12A79AFBED2576F6A7AAF9 -- C:\WINDOWS\system32\drivers\cbidf2k.sys
[2001/08/17 12:52:06 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=F3EC03299634490E97BBCE94CD2954C7 -- C:\WINDOWS\system32\drivers\cd20xrnt.sys
[2004/08/04 04:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) MD5=C1B486A7658353D33A10CC15211A873B -- C:\WINDOWS\system32\drivers\cdaudio.sys
[2008/04/13 14:14:21 | 000,063,744 | ---- | M] (Microsoft Corporation) MD5=C885B02847F5D2FD45A24E219ED93B32 -- C:\WINDOWS\system32\drivers\cdfs.sys
[2006/07/24 02:00:00 | 000,002,432 | ---- | M] (Sonic Solutions) MD5=BF79E659C506674C0497CC9C61F1A165 -- C:\WINDOWS\system32\drivers\cdr4_xp.sys
[2006/07/24 02:00:00 | 000,002,560 | ---- | M] (Sonic Solutions) MD5=2C41CD49D82D5FD85C72D57B6CA25471 -- C:\WINDOWS\system32\drivers\cdralw2k.sys
[2008/04/13 13:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2010/10/13 21:28:54 | 000,055,840 | ---- | M] (McAfee, Inc.) MD5=7E6F7DA1C4DE5680820F964562548949 -- C:\WINDOWS\system32\drivers\cfwids.sys
[2004/08/04 04:00:00 | 000,262,528 | ---- | M] (RAVISENT Technologies Inc.) MD5=B562592B7F5759C99E179CA467ECFB4C -- C:\WINDOWS\system32\drivers\cinemst2.sys
[2008/04/13 14:16:22 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=FE47DD8FE6D7768FF94EBEC6C74B2719 -- C:\WINDOWS\system32\drivers\classpnp.sys
[2001/08/17 12:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) MD5=E5DCB56C533014ECBC556A8357C929D5 -- C:\WINDOWS\system32\drivers\cmdide.sys
[2001/08/17 12:52:06 | 000,014,976 | ---- | M] (Microsoft Corporation) MD5=3EE529119EED34CD212A215E8C40D4B6 -- C:\WINDOWS\system32\drivers\cpqarray.sys
[2004/08/04 04:00:00 | 000,011,776 | ---- | M] (Compaq Computer Corporation) MD5=9624293E55AD405415862B504CA95B73 -- C:\WINDOWS\system32\drivers\cpqdap01.sys
[2008/04/13 13:31:32 | 000,036,736 | ---- | M] (Microsoft Corporation) MD5=F50D9BDBB25CCE075E514DC07472A22F -- C:\WINDOWS\system32\drivers\crusoe.sys
[2006/12/19 07:35:40 | 000,511,288 | ---- | M] (Creative Technology Ltd) MD5=177BC4EE3840119A780EAFAD5A010F8F -- C:\WINDOWS\system32\drivers\ctac32k.sys
[2007/06/18 02:01:28 | 000,514,560 | ---- | M] (Creative Technology Ltd) MD5=EB0C0D62D8D2B8F41DA149C866E93397 -- C:\WINDOWS\system32\drivers\ctaud2k.sys
[2005/07/13 01:18:48 | 000,340,704 | R--- | M] (Creative Technology Ltd) MD5=5A0EEB00B02FC78605AA9D3590B24978 -- C:\WINDOWS\system32\drivers\ctdvda2k.sys
[2002/12/29 18:53:36 | 000,012,160 | ---- | M] (Creative Technology Ltd.) MD5=BFC40092329CF4AB838CC4A6F2FAD659 -- C:\WINDOWS\system32\drivers\CTGAME.SYS
[2006/12/19 07:36:32 | 000,128,312 | ---- | M] (Creative Technology Ltd.) MD5=611B58C2FD89AA9E80743A197BA62277 -- C:\WINDOWS\system32\drivers\ctoss2k.sys
[2006/12/19 07:36:36 | 000,014,648 | ---- | M] (Creative Technology Ltd) MD5=7D7EEA7FFBC19E1B712D241490BE51ED -- C:\WINDOWS\system32\drivers\ctprxy2k.sys
[2006/12/19 07:36:42 | 000,156,984 | ---- | M] (Creative Technology Ltd) MD5=538122D33DD4B04CC189D5CA72BD6706 -- C:\WINDOWS\system32\drivers\ctsfm2k.sys
[2001/08/17 12:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) MD5=E550E7418984B65A78299D248F0A7F36 -- C:\WINDOWS\system32\drivers\dac2w2k.sys
[2001/08/17 12:52:16 | 000,014,720 | ---- | M] (Microsoft Corporation) MD5=683789CAA3864EB46125AE86FF677D34 -- C:\WINDOWS\system32\drivers\dac960nt.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys
[2008/04/13 13:40:44 | 000,014,208 | ---- | M] (Microsoft Corporation) MD5=E65E2353A5D74EA89971CB918EEEB2F6 -- C:\WINDOWS\system32\drivers\diskdump.sys
[2006/08/11 09:35:18 | 000,012,920 | ---- | M] (Roxio) MD5=76167B5EB2DFFC729EDC36386876B40B -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS
[2006/08/11 09:35:16 | 000,028,184 | ---- | M] (Roxio) MD5=91886FED52A3F9966207BCE46CFD794F -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS
[2008/04/13 13:44:48 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) MD5=D992FE1274BDE0F84AD826ACAE022A41 -- C:\WINDOWS\system32\drivers\dmboot.sys
[2008/04/13 13:44:46 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) MD5=7C824CF7BBDE77D95C08005717A95F6F -- C:\WINDOWS\system32\drivers\dmio.sys
[2004/08/04 04:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) MD5=E9317282A63CA4D188C0DF5E09C6AC5F -- C:\WINDOWS\system32\drivers\dmload.sys
[2008/04/13 13:45:01 | 000,052,864 | ---- | M] (Microsoft Corporation) MD5=8A208DFCF89792A484E76C40E5F50B45 -- C:\WINDOWS\system32\drivers\dmusic.sys
[2001/08/17 13:07:44 | 000,020,192 | ---- | M] (Microsoft Corporation) MD5=40F3B93B4E5B0126F2F5C0A7A5E22660 -- C:\WINDOWS\system32\drivers\dpti2o.sys
[2008/04/13 13:45:14 | 000,060,160 | ---- | M] (Microsoft Corporation) MD5=6CB08593487F5701D2D2254E693EAFCE -- C:\WINDOWS\system32\drivers\drmk.sys
[2008/04/13 13:45:13 | 000,002,944 | ---- | M] (Microsoft Corporation) MD5=8F5FCFF8E8848AFAC920905FBD9D33C8 -- C:\WINDOWS\system32\drivers\drmkaud.sys
[2006/07/21 10:21:26 | 000,099,176 | ---- | M] (Sonic Solutions) MD5=C00440385CF9F3D142917C63F989E244 -- C:\WINDOWS\system32\drivers\DRVMCDB.SYS
[2006/08/11 10:05:58 | 000,051,768 | ---- | M] (Roxio) MD5=6E6AB29D3C06E64CE81FEACDA85394B5 -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS
[2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) MD5=DFEABB7CFFFADEA4A912AB95BDC3177A -- C:\WINDOWS\system32\drivers\dsunidrv.sys
[2004/08/04 04:00:00 | 000,010,496 | ---- | M] (Microsoft Corporation) MD5=FE97D0343ACFDEBDD578FC67CC91FA87 -- C:\WINDOWS\system32\drivers\dxapi.sys
[2008/04/13 13:38:29 | 000,071,168 | ---- | M] (Microsoft Corporation) MD5=AC7280566A7BB85CB3291F04DDC1198E -- C:\WINDOWS\system32\drivers\dxg.sys
[2004/08/04 04:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) MD5=A73F5D6705B1D820C19B18782E176EFD -- C:\WINDOWS\system32\drivers\dxgthk.sys
[2001/08/17 11:12:10 | 000,117,760 | ---- | M] (Intel Corporation) MD5=3FCA03CBCA11269F973B70FA483C88EF -- C:\WINDOWS\system32\drivers\e100b325.sys
[2006/11/01 09:39:16 | 000,246,680 | ---- | M] (Intel Corporation) MD5=D0E8DD3F56BD8488995F67B80FF51461 -- C:\WINDOWS\system32\drivers\e1e5132.sys
[2006/12/19 07:36:46 | 000,090,936 | ---- | M] (Creative Technology Ltd) MD5=8E0EB62BE9F9BEE7C2E4C50685038E8D -- C:\WINDOWS\system32\drivers\emupia2k.sys
[2008/04/13 14:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys
[2008/04/13 13:40:25 | 000,027,392 | ---- | M] (Microsoft Corporation) MD5=92CDD60B6730B9F50F6A1A0C1F8CDC81 -- C:\WINDOWS\system32\drivers\fdc.sys
[2008/04/13 13:33:28 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=D45926117EB9FA946A6AF572FBE1CAA3 -- C:\WINDOWS\system32\drivers\fips.sys
[2008/04/13 13:40:25 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=9D27E7B80BFCDF1CDD9B555862D5E7F0 -- C:\WINDOWS\system32\drivers\flpydisk.sys
[2008/04/13 13:32:59 | 000,129,792 | ---- | M] (Microsoft Corporation) MD5=B2CF4B0786F8212CB92ED2B50C6DB6B0 -- C:\WINDOWS\system32\drivers\fltmgr.sys
[2004/08/04 04:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) MD5=455F778EE14368468560BD7CB8C854D0 -- C:\WINDOWS\system32\drivers\fsvga.sys
[2004/08/04 04:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) MD5=3E1E2BD4F39B0E2B7DC4F4D2BCC2779A -- C:\WINDOWS\system32\drivers\fs_rec.sys
[2001/08/17 12:52:50 | 000,125,056 | ---- | M] (Microsoft Corporation) MD5=6AC26732762483366C3969C9E4D2259D -- C:\WINDOWS\system32\drivers\ftdisk.sys
[2008/04/13 13:36:40 | 000,046,464 | ---- | M] (Microsoft Corporation) MD5=3A74C423CF6BCCA6982715878F450A3B -- C:\WINDOWS\system32\drivers\gagp30kx.sys
[2005/11/08 04:15:02 | 000,751,104 | R--- | M] (Creative Technology Ltd) MD5=43EF4C441DAA46361B400D7AA3C003BA -- C:\WINDOWS\system32\drivers\ha10kx2k.sys
[2006/12/19 07:36:54 | 001,160,504 | ---- | M] (Creative Technology Ltd) MD5=F2607D0D89F57D3564CF65A61A237F1A -- C:\WINDOWS\system32\drivers\ha20x2k.sys
[2005/11/08 04:15:04 | 000,153,088 | R--- | M] (Creative Technology Ltd) MD5=571AC8AC1F9B07312E9284FB236F4AC2 -- C:\WINDOWS\system32\drivers\haP16v2k.sys
[2005/11/08 04:15:06 | 000,178,688 | R--- | M] (Creative Technology Ltd) MD5=156F39005E8DCAA0035DFFE609360970 -- C:\WINDOWS\system32\drivers\haP17v2k.sys
[2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) MD5=573C7D0A32852B48F3058CFD8026F511 -- C:\WINDOWS\system32\drivers\hdaudbus.sys
[2004/08/12 16:45:52 | 000,113,664 | ---- | M] (Windows ® Server 2003 DDK provider) MD5=9131EDE087AF04A7D80F7EBADC164254 -- C:\WINDOWS\system32\drivers\Hdaudio.sys
[2008/04/13 13:46:30 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=7BD2DE4C85EB4241EED57672B16A7D8D -- C:\WINDOWS\system32\drivers\hidbth.sys
[2008/04/13 13:45:26 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=1AF592532532A402ED7C060F6954004F -- C:\WINDOWS\system32\drivers\hidclass.sys
[2008/04/13 13:45:26 | 000,019,200 | ---- | M] (Microsoft Corporation) MD5=BB1A6FB7D35A91E599973FA74A619056 -- C:\WINDOWS\system32\drivers\hidir.sys
[2008/04/13 13:45:22 | 000,024,960 | ---- | M] (Microsoft Corporation) MD5=96ECCF28FDBF1B2CC12725818A63628D -- C:\WINDOWS\system32\drivers\hidparse.sys
[2008/04/13 13:45:27 | 000,010,368 | ---- | M] (Microsoft Corporation) MD5=CCF82C5EC8A7326C3066DE870C06DAF1 -- C:\WINDOWS\system32\drivers\hidusb.sys
[2001/08/17 13:07:44 | 000,025,952 | ---- | M] (Microsoft Corporation) MD5=B028377DEA0546A5FCFBA928A8AEFAE0 -- C:\WINDOWS\system32\drivers\hpn.sys
[2008/10/28 05:27:07 | 000,049,920 | R--- | M] (HP) MD5=D03D10F7DED688FECF50F8FBF1EA9B8A -- C:\WINDOWS\system32\drivers\HPZid412.sys
[2008/10/28 05:27:07 | 000,016,496 | R--- | M] (HP) MD5=89F41658929393487B6B7D13C8528CE3 -- C:\WINDOWS\system32\drivers\HPZipr12.sys
[2008/10/28 05:27:07 | 000,021,568 | R--- | M] (HP) MD5=ABCB05CCDBF03000354B9553820E39F8 -- C:\WINDOWS\system32\drivers\HPZius12.sys
[2004/08/03 21:41:48 | 000,220,032 | ---- | M] (Conexant Systems, Inc.) MD5=970178E8E003EB1481293830069624B9 -- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
[2004/08/03 21:41:50 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) MD5=1225EBEA76AAC3C84DF6C54FE5E5D8BE -- C:\WINDOWS\system32\drivers\hsfcxts2.sys
[2004/08/03 21:41:56 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) MD5=EBB354438A4C5A3327FB97306260714A -- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
[2009/10/20 11:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) MD5=F80A415EF82CD06FFAF0D971528EAD38 -- C:\WINDOWS\system32\drivers\http.sys
[2008/04/13 13:41:22 | 000,008,576 | ---- | M] (Microsoft Corporation) MD5=9368670BD426EBEA5E8B18A62416EC28 -- C:\WINDOWS\system32\drivers\i2omgmt.sys
[2008/04/13 13:41:22 | 000,018,560 | ---- | M] (Microsoft Corporation) MD5=F10863BF1CCC290BABD1A09188AE49E0 -- C:\WINDOWS\system32\drivers\i2omp.sys
[2008/04/13 14:18:00 | 000,052,480 | ---- | M] (Microsoft Corporation) MD5=4A0B06AA8943C1E332520F7440C0AA30 -- C:\WINDOWS\system32\drivers\i8042prt.sys
[2006/07/06 05:59:42 | 000,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\WINDOWS\system32\drivers\iaStor.sys
[2008/04/13 13:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) MD5=083A052659F5310DD8B6A6CB05EDCF8E -- C:\WINDOWS\system32\drivers\imapi.sys
[2001/08/17 12:52:08 | 000,016,000 | ---- | M] (Microsoft Corporation) MD5=4A40E045FAEE58631FD8D91AFC620719 -- C:\WINDOWS\system32\drivers\ini910u.sys
[2008/04/13 13:40:29 | 000,005,504 | ---- | M] (Microsoft Corporation) MD5=B5466A9250342A7AA0CD1FBA13420678 -- C:\WINDOWS\system32\drivers\intelide.sys
[2008/04/13 13:31:32 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=8C953733D8F36EB2133F5BB58808B66B -- C:\WINDOWS\system32\drivers\intelppm.sys
[2008/04/13 13:53:34 | 000,036,608 | ---- | M] (Microsoft Corporation) MD5=3BB22519A194418D5FEC05D800A19AD0 -- C:\WINDOWS\system32\drivers\ip6fw.sys
[2004/08/04 04:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) MD5=731F22BA402EE4B62748ADAF6363C182 -- C:\WINDOWS\system32\drivers\ipfltdrv.sys
[2008/04/13 13:57:07 | 000,020,864 | ---- | M] (Microsoft Corporation) MD5=B87AB476DCF76E72010632B5550955F5 -- C:\WINDOWS\system32\drivers\ipinip.sys
[2008/04/13 13:57:15 | 000,152,832 | ---- | M] (Microsoft Corporation) MD5=CC748EA12C6EFFDE940EE98098BF96BB -- C:\WINDOWS\system32\drivers\ipnat.sys
[2008/04/13 14:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\system32\drivers\ipsec.sys
[2006/11/15 06:40:46 | 000,031,072 | ---- | M] (Intel Corporation ) MD5=2EA7A186289C2807BA2E8A5502C0D065 -- C:\WINDOWS\system32\drivers\iqvw32.sys
[2008/04/13 13:54:28 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=C93C9FF7B04D772627A3646D89F7BF89 -- C:\WINDOWS\system32\drivers\irenum.sys
[2008/04/13 13:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008/04/13 13:39:47 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=463C1EC80CD17420A542B7F36A36F128 -- C:\WINDOWS\system32\drivers\kbdclass.sys
[2008/04/13 13:39:48 | 000,014,592 | ---- | M] (Microsoft Corporation) MD5=9EF487A186DEA361AA06913A75B3FA99 -- C:\WINDOWS\system32\drivers\kbdhid.sys
[2008/04/13 13:45:09 | 000,172,416 | ---- | M] (Microsoft Corporation) MD5=692BCF44383D056AED41B045A323D378 -- C:\WINDOWS\system32\drivers\kmixer.sys
[2008/04/13 14:16:36 | 000,141,056 | ---- | M] (Microsoft Corporation) MD5=0753515F78DF7F271A5E61C20BCD36A1 -- C:\WINDOWS\system32\drivers\ks.sys
[2009/06/24 06:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) MD5=B467646C54CC746128904E1654C750C1 -- C:\WINDOWS\system32\drivers\ksecdd.sys
[2010/08/12 07:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) MD5=B7C19EC8B0DD7EFA58AD41FFEB8B8CDA -- C:\WINDOWS\system32\drivers\Lbd.sys
[2008/02/29 02:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) MD5=24E0DDB99AECCF86BB37702611761459 -- C:\WINDOWS\system32\drivers\LHidFilt.Sys
[2008/02/29 02:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) MD5=D58B330D318361A66A9FE60D7C9B4951 -- C:\WINDOWS\system32\drivers\LMouFilt.Sys
[2004/08/04 04:00:00 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D1F8BE91ED4DDB671D42E473E3FE71AB -- C:\WINDOWS\system32\drivers\mcd.sys
[2004/08/03 21:41:56 | 000,011,868 | ---- | M] (Conexant) MD5=195741AEE20369980796B557358CD774 -- C:\WINDOWS\system32\drivers\mdmxsdk.sys
[2008/04/13 13:36:41 | 000,063,744 | ---- | M] (Microsoft Corporation) MD5=A7DA20AB18A1BDAE28B0F349E57DA0D1 -- C:\WINDOWS\system32\drivers\mf.sys
[2010/10/13 21:28:54 | 000,095,600 | ---- | M] (McAfee, Inc.) MD5=84D59A3EDDFB9438FB94F7F80D37859D -- C:\WINDOWS\system32\drivers\mfeapfk.sys
[2010/10/13 21:28:54 | 000,152,960 | ---- | M] (McAfee, Inc.) MD5=67E961988312B1A28D6F93357B0BF998 -- C:\WINDOWS\system32\drivers\mfeavfk.sys
[2010/10/13 21:28:54 | 000,052,104 | ---- | M] (McAfee, Inc.) MD5=19161B1796CF74A6A326ABDE309062BA -- C:\WINDOWS\system32\drivers\mfebopk.sys
[2010/10/13 21:28:54 | 000,009,344 | ---- | M] (McAfee, Inc.) MD5=D723B22A3003711D3106DD2689768491 -- C:\WINDOWS\system32\drivers\mfeclnk.sys
[2010/10/13 21:28:54 | 000,313,288 | ---- | M] (McAfee, Inc.) MD5=D5F89B4934960C70882924D992C6ABFC -- C:\WINDOWS\system32\drivers\mfefirek.sys
[2010/10/13 21:28:54 | 000,386,840 | ---- | M] (McAfee, Inc.) MD5=0EFAB2B91B27543FE589DE700DE07136 -- C:\WINDOWS\system32\drivers\mfehidk.sys
[2010/10/13 21:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) MD5=549DD4966BF0B1D1FC205CA0755A745B -- C:\WINDOWS\system32\drivers\mfendisk.sys
[2010/10/13 21:28:54 | 000,084,264 | ---- | M] (McAfee, Inc.) MD5=C9EDA1EADA2AB6E34CD1A10C3A24AB25 -- C:\WINDOWS\system32\drivers\mferkdet.sys
[2010/10/13 21:28:54 | 000,084,072 | ---- | M] (McAfee, Inc.) MD5=E6C5F7AADE5A31C057D73201ACFE8ADF -- C:\WINDOWS\system32\drivers\mfetdi2k.sys
[2004/08/04 04:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=4AE068242760A1FB6E1A44BF4E16AFA6 -- C:\WINDOWS\system32\drivers\mnmdd.sys
[2008/04/13 14:00:19 | 000,030,080 | ---- | M] (Microsoft Corporation) MD5=DFCBAD3CEC1C5F964962AE10E0BCC8E1 -- C:\WINDOWS\system32\drivers\modem.sys
[2008/04/13 13:39:48 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=35C9E97194C8CFB8430125F8DBC34D04 -- C:\WINDOWS\system32\drivers\mouclass.sys
[2001/08/17 12:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) MD5=B1C303E17FB9D46E87A98E4BA6769685 -- C:\WINDOWS\system32\drivers\mouhid.sys
[2008/04/13 13:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=A80B9A0BAD1B73637DBCBBA7DF72D3FD -- C:\WINDOWS\system32\drivers\mountmgr.sys
[2001/08/17 12:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) MD5=3F4BB95E5A44F3BE34824E8E7CAF0737 -- C:\WINDOWS\system32\drivers\mraid35x.sys
[2008/04/13 13:32:44 | 000,180,608 | ---- | M] (Microsoft Corporation) MD5=11D42BB6206F33FBB3BA0288D3EF81BD -- C:\WINDOWS\system32\drivers\mrxdav.sys
[2010/02/24 08:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=F3AEFB11ABC521122B67095044169E98 -- C:\WINDOWS\system32\drivers\mrxsmb.sys
[2008/04/13 13:32:39 | 000,019,072 | ---- | M] (Microsoft Corporation) MD5=C941EA2454BA8350021D774DAF0F1027 -- C:\WINDOWS\system32\drivers\msfs.sys
[2008/04/13 13:56:32 | 000,035,072 | ---- | M] (Microsoft Corporation) MD5=0A02C63C8B144BD8C86B103DEE7C86A2 -- C:\WINDOWS\system32\drivers\msgpc.sys
[2008/04/13 13:39:52 | 000,007,552 | ---- | M] (Microsoft Corporation) MD5=D1575E71568F4D9E14CA56B7B0453BF1 -- C:\WINDOWS\system32\drivers\mskssrv.sys
[2008/04/13 13:39:50 | 000,005,376 | ---- | M] (Microsoft Corporation) MD5=325BB26842FC7CCC1FCCE2C457317F3E -- C:\WINDOWS\system32\drivers\mspclock.sys
[2008/04/13 13:39:51 | 000,004,992 | ---- | M] (Microsoft Corporation) MD5=BAD59648BA099DA4A17680B39730CB3D -- C:\WINDOWS\system32\drivers\mspqm.sys
[2008/04/13 13:36:46 | 000,015,488 | ---- | M] (Microsoft Corporation) MD5=AF5F4F3F14A8EA2C26DE30F7A1E17136 -- C:\WINDOWS\system32\drivers\mssmbios.sys
[2004/08/03 21:41:40 | 000,126,686 | ---- | M] (Smart Link) MD5=C53775780148884AC87C455489A0C070 -- C:\WINDOWS\system32\drivers\mtlmnt5.sys
[2004/08/03 21:41:38 | 001,309,184 | ---- | M] (Smart Link) MD5=54886A652BF5685192141DF304E923FD -- C:\WINDOWS\system32\drivers\mtlstrm.sys
[2004/08/03 21:29:38 | 000,452,736 | ---- | M] (Matrox Graphics Inc.) MD5=6DDA78A0BE692B61B668FAB860F276CF -- C:\WINDOWS\system32\drivers\mtxparhm.sys
[2008/04/13 14:17:05 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=2F625D11385B1A94360BFC70AAEFDEE1 -- C:\WINDOWS\system32\drivers\mup.sys
[2008/04/13 13:43:55 | 000,012,672 | ---- | M] (Microsoft Corporation) MD5=B538DCD9816EA35FA4F637CFC261AAA8 -- C:\WINDOWS\system32\drivers\mutohpen.sys
[2008/04/13 14:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2008/04/13 13:57:27 | 000,010,112 | ---- | M] (Microsoft Corporation) MD5=1AB3D00C991AB086E69DB84B6C0ED78F -- C:\WINDOWS\system32\drivers\ndistapi.sys
[2008/04/13 13:55:58 | 000,014,592 | ---- | M] (Microsoft Corporation) MD5=F927A4434C5028758A842943EF1A3849 -- C:\WINDOWS\system32\drivers\ndisuio.sys
[2008/04/13 14:20:42 | 000,091,520 | ---- | M] (Microsoft Corporation) MD5=EDC1531A49C80614B2CFDA43CA8659AB -- C:\WINDOWS\system32\drivers\ndiswan.sys
[2008/04/13 13:57:29 | 000,040,576 | ---- | M] (Microsoft Corporation) MD5=6215023940CFD3702B46ABC304E1D45A -- C:\WINDOWS\system32\drivers\ndproxy.sys
[2008/04/13 13:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation) MD5=5D81CF9A2F1A3A756B66CF684911CDF0 -- C:\WINDOWS\system32\drivers\netbios.sys
[2008/04/13 14:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -- C:\WINDOWS\system32\drivers\netbt.sys
[2008/04/13 13:51:25 | 000,061,824 | ---- | M] (Microsoft Corporation) MD5=E9E47CFB2D461FA0FC75B7A74C6383EA -- C:\WINDOWS\system32\drivers\nic1394.sys
[2004/08/04 04:00:00 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) MD5=BE984D604D91C217355CDD3737AAD25D -- C:\WINDOWS\system32\drivers\nikedrv.sys
[2008/04/13 13:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) MD5=1E421A6BCF2203CC61B821ADA9DE878B -- C:\WINDOWS\system32\drivers\nmnt.sys
[2008/04/13 13:32:39 | 000,030,848 | ---- | M] (Microsoft Corporation) MD5=3182D64AE053D6FB034F44B6DEF8034A -- C:\WINDOWS\system32\drivers\npfs.sys
[2008/04/13 14:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004/08/03 21:41:40 | 000,180,360 | ---- | M] (Smart Link) MD5=576B34CEAE5B7E5D9FD2775E93B3DB53 -- C:\WINDOWS\system32\drivers\ntmtlfax.sys
[2004/08/04 04:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) MD5=73C1E1F395918BC2C6DD67AF7591A3AD -- C:\WINDOWS\system32\drivers\null.sys
[2008/11/12 14:54:00 | 006,188,320 | ---- | M] (NVIDIA Corporation) MD5=61BF339927F7A02C395F89FD8AD7CCFB -- C:\WINDOWS\system32\drivers\nv4_mini.sys
[2004/08/04 04:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) MD5=B305F3FAD35083837EF46A0BBCE2FC57 -- C:\WINDOWS\system32\drivers\nwlnkflt.sys
[2004/08/04 04:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) MD5=C99B3415198D1AAB7227F2C88FD664B9 -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys
[2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) MD5=8B8B1BE2DBA4025DA6786C645F77F123 -- C:\WINDOWS\system32\drivers\nwlnkipx.sys
[2004/08/04 04:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) MD5=56D34A67C05E94E16377C60609741FF8 -- C:\WINDOWS\system32\drivers\nwlnknb.sys
[2004/08/04 04:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) MD5=C0BB7D1615E1ACBDC99757F6CEAF8CF0 -- C:\WINDOWS\system32\drivers\nwlnkspx.sys
[2004/08/04 04:00:00 | 000,003,456 | ---- | M] (Microsoft Corporation) MD5=4BB30DDC53EBC76895E38694580CDFE9 -- C:\WINDOWS\system32\drivers\oprghdlr.sys
[2008/04/13 13:31:31 | 000,042,752 | ---- | M] (Microsoft Corporation) MD5=C90018BAFDC7098619A4A95B046B30F3 -- C:\WINDOWS\system32\drivers\p3.sys
[2008/04/13 13:40:10 | 000,080,128 | ---- | M] (Microsoft Corporation) MD5=5575FAF8F97CE5E713D108C2A58D7C7C -- C:\WINDOWS\system32\drivers\parport.sys
[2008/04/13 13:40:49 | 000,019,712 | ---- | M] (Microsoft Corporation) MD5=BEB3BA25197665D82EC7065B724171C6 -- C:\WINDOWS\system32\drivers\partmgr.sys
[2004/08/04 04:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) MD5=70E98B3FD8E963A6A46A2E6247E0BEA1 -- C:\WINDOWS\system32\drivers\parvdm.sys
[2008/04/13 13:36:44 | 000,068,224 | ---- | M] (Microsoft Corporation) MD5=A219903CCF74233761D92BEF471A07B1 -- C:\WINDOWS\system32\drivers\pci.sys
[2001/08/17 12:51:52 | 000,003,328 | ---- | M] (Microsoft Corporation) MD5=CCF5F451BB1A5A2A522A76E670000FF0 -- C:\WINDOWS\system32\drivers\pciide.sys
[2008/04/13 13:40:29 | 000,024,960 | ---- | M] (Microsoft Corporation) MD5=52E60F29221D0D1AC16737E8DBF7C3E9 -- C:\WINDOWS\system32\drivers\pciidex.sys
[2008/04/13 13:36:43 | 000,120,192 | ---- | M] (Microsoft Corporation) MD5=9E89EF60E9EE05E3F2EEF2DA7397F1C1 -- C:\WINDOWS\system32\drivers\pcmcia.sys
[2001/08/17 13:07:40 | 000,027,296 | ---- | M] (Microsoft Corporation) MD5=6C14B9C19BA84F73D3A86DBA11133101 -- C:\WINDOWS\system32\drivers\perc2.sys
[2001/08/17 13:07:42 | 000,005,504 | ---- | M] (Microsoft Corporation) MD5=F50F7C27F131AFE7BEBA13E14A3B9416 -- C:\WINDOWS\system32\drivers\perc2hib.sys
[2002/10/01 08:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) MD5=ED2E7F396B4098608C95BC3806BDF6FC -- C:\WINDOWS\system32\drivers\pfc.sys
[2006/12/19 07:37:02 | 000,016,184 | ---- | M] (Creative Technology Ltd.) MD5=BE7D79615D5D4DF1F26F97C52C46D0A8 -- C:\WINDOWS\system32\drivers\pfmodnt.sys
[2008/04/13 14:19:41 | 000,146,048 | ---- | M] (Microsoft Corporation) MD5=E82A496C3961EFC6828B508C310CE98F -- C:\WINDOWS\system32\drivers\portcls.sys
[2008/04/13 13:31:30 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=A32BEBAF723557681BFC6BD93E98BD26 -- C:\WINDOWS\system32\drivers\processr.sys
[2008/04/13 13:56:38 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=09298EC810B07E5D582CB3A3F9255424 -- C:\WINDOWS\system32\drivers\psched.sys
[2004/08/04 04:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) MD5=80D317BD1C3DBC5D4FE7B1678C60CADD -- C:\WINDOWS\system32\drivers\ptilink.sys
[2006/07/24 02:00:00 | 000,036,528 | ---- | M] (Sonic Solutions) MD5=FEFFCFDC528764A04C8ED63D5FA6E711 -- C:\WINDOWS\system32\drivers\pxhelp20.sys
[2001/08/17 12:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) MD5=0A63FB54039EB5662433CABA3B26DBA7 -- C:\WINDOWS\system32\drivers\ql1080.sys
[2001/08/17 12:52:16 | 000,033,152 | ---- | M] (Microsoft Corporation) MD5=6503449E1D43A0FF0201AD5CB1B8C706 -- C:\WINDOWS\system32\drivers\ql10wnt.sys
[2001/08/17 12:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) MD5=156ED0EF20C15114CA097A34A30D8A01 -- C:\WINDOWS\system32\drivers\ql12160.sys
[2001/08/17 12:52:16 | 000,040,448 | ---- | M] (Microsoft Corporation) MD5=70F016BEBDE6D29E864C1230A07CC5E6 -- C:\WINDOWS\system32\drivers\ql1240.sys
[2001/08/17 12:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) MD5=907F0AEEA6BC451011611E732BD31FCF -- C:\WINDOWS\system32\drivers\ql1280.sys
[2004/08/04 04:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys
[2008/04/13 14:19:43 | 000,051,328 | ---- | M] (Microsoft Corporation) MD5=11B4A627BC9614B885C4969BFA5FF8A6 -- C:\WINDOWS\system32\drivers\rasl2tp.sys
[2008/04/13 13:57:32 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=5BC962F2654137C9909C3D4603587DEE -- C:\WINDOWS\system32\drivers\raspppoe.sys
[2008/04/13 14:19:48 | 000,048,384 | ---- | M] (Microsoft Corporation) MD5=EFEEC01B1D3CF84F16DDD24D9D9D8F99 -- C:\WINDOWS\system32\drivers\raspptp.sys
[2004/08/04 04:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) MD5=FDBB1D60066FCFBB7452FD8F9829B242 -- C:\WINDOWS\system32\drivers\raspti.sys
[2004/08/04 04:00:00 | 000,034,432 | ---- | M] (Microsoft Corporation) MD5=01524CD237223B18ADBB48F70083F101 -- C:\WINDOWS\system32\drivers\rawwan.sys
[2008/04/13 14:28:39 | 000,175,744 | ---- | M] (Microsoft Corporation) MD5=7AD224AD1A1437FE28D89CF22B17780A -- C:\WINDOWS\system32\drivers\rdbss.sys
[2004/08/04 04:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=4912D5B403614CE99C28420F75353332 -- C:\WINDOWS\system32\drivers\rdpcdd.sys
[2008/04/13 13:32:51 | 000,196,224 | ---- | M] (Microsoft Corporation) MD5=15CABD0F7C00C47C70124907916AF3F1 -- C:\WINDOWS\system32\drivers\rdpdr.sys
[2008/04/13 19:13:22 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\drivers\rdpwd.sys
[2004/08/03 21:41:40 | 000,013,776 | ---- | M] (Smart Link) MD5=E9AAA0092D74A9D371659C4C38882E12 -- C:\WINDOWS\system32\drivers\recagent.sys
[2008/04/13 13:40:27 | 000,057,600 | ---- | M] (Microsoft Corporation) MD5=F828DD7E1419B6653894A8F97A0094C5 -- C:\WINDOWS\system32\drivers\redbook.sys
[2008/04/13 13:46:32 | 000,059,136 | ---- | M] (Microsoft Corporation) MD5=851C30DF2807FCFA21E4C681A7D6440E -- C:\WINDOWS\system32\drivers\rfcomm.sys
[2004/08/04 04:00:00 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) MD5=A56FE08EC7473E8580A390BB1081CDD7 -- C:\WINDOWS\system32\drivers\rio8drv.sys
[2004/08/04 04:00:00 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) MD5=0A854DF84C77A0BE205BFEAB2AE4F0EC -- C:\WINDOWS\system32\drivers\riodrv.sys
[2008/05/08 09:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) MD5=96F7A9A7BF0C9C0440A967440065D33C -- C:\WINDOWS\system32\drivers\rmcast.sys
[2008/04/13 13:56:49 | 000,030,592 | ---- | M] (Microsoft Corporation) MD5=601844CBCF617FF8C868130CA5B2039D -- C:\WINDOWS\system32\drivers\rndismp.sys
[2008/04/13 13:56:49 | 000,030,592 | ---- | M] (Microsoft Corporation) MD5=726548542AFECA56257FF01EB13BB6D7 -- C:\WINDOWS\system32\drivers\rndismpx.sys
[2004/08/04 04:00:00 | 000,005,888 | ---- | M] (Microsoft Corporation) MD5=D8B0B4ADE32574B2D9C5CC34DC0DBBE7 -- C:\WINDOWS\system32\drivers\rootmdm.sys
[2004/08/03 21:29:52 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) MD5=0DBCC071A268E0340A2BA6BDD98BACE4 -- C:\WINDOWS\system32\drivers\s3gnbm.sys
[2010/11/05 12:34:58 | 000,098,392 | ---- | M] (Sunbelt Software) MD5=C1AE5D1F53285D79A0B73A62AF20734F -- C:\WINDOWS\system32\drivers\SBREDrv.sys
[2008/04/13 13:40:30 | 000,096,384 | ---- | M] (Microsoft Corporation) MD5=76C465F570E90C28942D52CCB2580A10 -- C:\WINDOWS\system32\drivers\scsiport.sys
[2008/04/13 13:36:44 | 000,079,232 | ---- | M] (Microsoft Corporation) MD5=8D04819A3CE51B9EB47E5689B44D43C4 -- C:\WINDOWS\system32\drivers\sdbus.sys
[2007/11/13 05:25:53 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) MD5=90A3935D05B494A5A39D37E71F09A677 -- C:\WINDOWS\system32\drivers\secdrv.sys
[2008/04/13 13:40:12 | 000,015,744 | ---- | M] (Microsoft Corporation) MD5=0F29512CCD6BEAD730039FB4BD2C85CE -- C:\WINDOWS\system32\drivers\serenum.sys
[2008/04/13 14:15:45 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=CCA207A8896D4C6A0C9CE29A4AE411A7 -- C:\WINDOWS\system32\drivers\serial.sys
[2001/08/17 13:53:32 | 000,006,784 | ---- | M] (Microsoft Corporation) MD5=A9573045BAA16EAB9B1085205B82F1ED -- C:\WINDOWS\system32\drivers\serscan.sys
[2008/04/13 13:40:47 | 000,011,904 | ---- | M] (Microsoft Corporation) MD5=0FA803C64DF0914B41F807EA276BF2A6 -- C:\WINDOWS\system32\drivers\sffdisk.sys
[2008/04/13 13:40:48 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=D66D22D76878BF3483A6BE30183FB648 -- C:\WINDOWS\system32\drivers\sffp_mmc.sys
[2008/04/13 13:40:47 | 000,011,008 | ---- | M] (Microsoft Corporation) MD5=C17C331E435ED8737525C86A7557B3AC -- C:\WINDOWS\system32\drivers\sffp_sd.sys
[2008/04/13 13:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\system32\drivers\sfloppy.sys
[2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) MD5=6B33D0EBD30DB32E27D1D78FE946A754 -- C:\WINDOWS\system32\drivers\sisagp.sys
[2004/08/03 21:41:42 | 000,129,535 | ---- | M] (Smart Link) MD5=D9673011648A71ED1E1F77B831BC85E6 -- C:\WINDOWS\system32\drivers\slnt7554.sys
[2004/08/03 21:41:44 | 000,404,990 | ---- | M] (Smart Link) MD5=2C1779C0FEB1F4A6033600305EBA623A -- C:\WINDOWS\system32\drivers\slntamr.sys
[2004/08/03 21:41:46 | 000,095,424 | ---- | M] (Smart Link) MD5=F9B8E30E82EE95CF3E1D3E495599B99C -- C:\WINDOWS\system32\drivers\slnthal.sys
[2004/08/03 21:41:46 | 000,013,240 | ---- | M] (Smart Link) MD5=DB56BB2C55723815CF549D7FC50CFCEB -- C:\WINDOWS\system32\drivers\slwdmsup.sys
[2008/04/13 13:36:34 | 000,005,888 | ---- | M] (Microsoft Corporation) MD5=895BE38A993B9BD5ABBE570D63D88A2E -- C:\WINDOWS\system32\drivers\smbali.sys
[2004/08/04 04:00:00 | 000,014,592 | ---- | M] (Microsoft Corporation) MD5=017DAECF0ED3AA731313433601EC40FA -- C:\WINDOWS\system32\drivers\smclib.sys
[2008/04/13 13:46:07 | 000,025,344 | ---- | M] (Microsoft Corporation) MD5=489703624DAC94ED943C2ABDA022A1CD -- C:\WINDOWS\system32\drivers\sonydcam.sys
[2001/08/17 13:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) MD5=83C0F71F86D3BDAF915685F3D568B20E -- C:\WINDOWS\system32\drivers\sparrow.sys
[2008/04/13 13:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\drivers\splitter.sys
[2008/04/13 13:36:52 | 000,073,472 | ---- | M] (Microsoft Corporation) MD5=76BB022C2FB6902FD5BDD4F78FC13A5D -- C:\WINDOWS\system32\drivers\sr.sys
[2010/08/26 08:39:50 | 000,357,248 | ---- | M] (Microsoft Corporation) MD5=0F6AEFAD3641A657E18081F52D0C15AF -- C:\WINDOWS\system32\drivers\srv.sys
[2008/04/13 13:45:15 | 000,049,408 | ---- | M] (Microsoft Corporation) MD5=3E5D89099DED9E86E5639F411693218F -- C:\WINDOWS\system32\drivers\stream.sys
[2009/11/25 10:06:43 | 000,047,360 | ---- | M] (Susteen, Inc.) MD5=5807C125AAEA590A464C7C4AA96A1BA0 -- C:\WINDOWS\system32\drivers\sustucam.sys
[2009/11/25 10:06:43 | 000,047,360 | ---- | M] (Susteen, Inc.) MD5=54BF7B09A79F8CCCFD0C897E382337DB -- C:\WINDOWS\system32\drivers\sustucap.sys
[2009/11/25 10:06:44 | 000,028,032 | ---- | M] (Susteen, Inc.) MD5=CC99A2B9065F6C9DFBD3F57F52238D5C -- C:\WINDOWS\system32\drivers\sustucau.sys
[2008/04/13 13:39:53 | 000,004,352 | ---- | M] (Microsoft Corporation) MD5=3941D127AEF12E93ADDF6FE6EE027E0F -- C:\WINDOWS\system32\drivers\swenum.sys
[2008/04/13 13:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\drivers\swmidi.sys
[2001/08/17 13:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) MD5=1FF3217614018630D0A6758630FC698C -- C:\WINDOWS\system32\drivers\symc810.sys
[2001/08/17 13:07:36 | 000,032,640 | ---- | M] (LSI Logic) MD5=070E001D95CF725186EF8B20335F933C -- C:\WINDOWS\system32\drivers\symc8xx.sys
[2001/08/17 13:07:40 | 000,028,384 | ---- | M] (LSI Logic) MD5=80AC1C4ABBE2DF3B738BF15517A51F2C -- C:\WINDOWS\system32\drivers\sym_hi.sys
[2001/08/17 13:07:42 | 000,030,688 | ---- | M] (LSI Logic) MD5=BF4FAB949A382A8E105F46EBB4937058 -- C:\WINDOWS\system32\drivers\sym_u3.sys
[2008/04/13 14:15:55 | 000,060,800 | ---- | M] (Microsoft Corporation) MD5=8B83F3ED0F1688B4958F77CD6D2BF290 -- C:\WINDOWS\system32\drivers\sysaudio.sys
[2008/04/13 13:40:50 | 000,014,976 | ---- | M] (Microsoft Corporation) MD5=FD6093E3DECD925F1CFFC8A0DD539D72 -- C:\WINDOWS\system32\drivers\tape.sys
[2008/06/20 06:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2010/02/11 07:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) MD5=4E53BBCC4BE37D7A4BD6EF1098C89FF7 -- C:\WINDOWS\system32\drivers\tcpip6.sys
[2008/04/13 14:00:05 | 000,019,072 | ---- | M] (Microsoft Corporation) MD5=0539D5E53587F82D1B4FD74C5BE205CF -- C:\WINDOWS\system32\drivers\tdi.sys
[2008/04/13 19:13:20 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\drivers\tdpipe.sys
[2008/04/13 19:13:21 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\drivers\tdtcp.sys
[2008/04/13 19:13:20 | 000,040,840 | ---- | M] (Microsoft Corporation) MD5=88155247177638048422893737429D9E -- C:\WINDOWS\system32\drivers\termdd.sys
[2004/08/04 04:00:00 | 000,051,712 | ---- | M] (Microsoft Corporation) MD5=699450901C5CCFD82357CBC531CEDD23 -- C:\WINDOWS\system32\drivers\tosdvd.sys
[2001/08/17 12:51:56 | 000,004,992 | ---- | M] (Microsoft Corporation) MD5=F2790F6AF01321B172AA62F8E1E187D9 -- C:\WINDOWS\system32\drivers\toside.sys
[2004/08/04 04:00:00 | 000,021,376 | ---- | M] (Toshiba Corporation) MD5=D74A8EC75305F1D3CFDE7C7FC1BD62A9 -- C:\WINDOWS\system32\drivers\tsbvcap.sys
[2008/04/13 13:56:01 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=8F861EDA21C05857EB8197300A92501C -- C:\WINDOWS\system32\drivers\tunmp.sys
[2008/04/13 13:36:40 | 000,044,672 | ---- | M] (Microsoft Corporation) MD5=D85938F272D1BCF3DB3A31FC0A048928 -- C:\WINDOWS\system32\drivers\uagp35.sys
[2008/04/13 13:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) MD5=5787B80C2E3C5E2F56C2A233D91FA2C9 -- C:\WINDOWS\system32\drivers\udfs.sys
[2001/08/17 12:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) MD5=1B698A51CD528D8DA4FFAED66DFC51B9 -- C:\WINDOWS\system32\drivers\ultra.sys
[2008/04/13 13:39:46 | 000,384,768 | ---- | M] (Microsoft Corporation) MD5=402DDC88356B1BAC0EE3DD1580C76A31 -- C:\WINDOWS\system32\drivers\update.sys
[2008/04/13 13:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=BEE793D4A059CAEA55D6AC20E19B3A8F -- C:\WINDOWS\system32\drivers\usb8023.sys
[2008/04/13 13:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=B6CC50279D6CD28E090A5D33244ADC9A -- C:\WINDOWS\system32\drivers\usb8023x.sys
[2008/04/13 14:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) MD5=E919708DB44ED8543A7C017953148330 -- C:\WINDOWS\system32\drivers\USBAUDIO.sys
[2008/04/13 13:45:40 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=1C1A47B40C23358245AA8D0443B6935E -- C:\WINDOWS\system32\drivers\usbcamd.sys
[2008/04/13 13:45:41 | 000,025,728 | ---- | M] (Microsoft Corporation) MD5=CE97845D2E3F0D274B8BAC1ED07C6149 -- C:\WINDOWS\system32\drivers\usbcamd2.sys
[2008/04/13 13:45:39 | 000,032,128 | ---- | M] (Microsoft Corporation) MD5=173F317CE0DB8E21322E71B7E60A27E8 -- C:\WINDOWS\system32\drivers\usbccgp.sys
[2004/08/04 04:00:00 | 000,004,736 | ---- | M] (Microsoft Corporation) MD5=596EB39B50D6EBD9B734DC4AE0544693 -- C:\WINDOWS\system32\drivers\usbd.sys
[2008/04/13 13:45:35 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=65DCF09D0E37D4C6B11B5B0B76D470A7 -- C:\WINDOWS\system32\drivers\usbehci.sys
[2008/04/13 13:45:37 | 000,059,520 | ---- | M] (Microsoft Corporation) MD5=1AB3CDDE553B6E064D2E754EFE20285C -- C:\WINDOWS\system32\drivers\usbhub.sys
[2008/04/13 13:45:43 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=290913DC4F1125E5A82DE52579A44C43 -- C:\WINDOWS\system32\drivers\usbintel.sys
[2008/04/13 13:45:36 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=791912E524CC2CC6F50B5F2B52D1EB71 -- C:\WINDOWS\system32\drivers\usbport.sys
[2008/04/13 13:47:38 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\system32\drivers\usbprint.sys
[2008/04/13 13:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\drivers\usbscan.sys
[2008/04/13 13:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\usbstor.sys
[2008/04/13 13:45:35 | 000,020,608 | ---- | M] (Microsoft Corporation) MD5=26496F9DEE2D787FC3E61AD54821FFE6 -- C:\WINDOWS\system32\drivers\usbuhci.sys
[2008/04/13 13:46:20 | 000,121,984 | ---- | M] (Microsoft Corporation) MD5=63BBFCA7F390F4C49ED4B96BFB1633E0 -- C:\WINDOWS\system32\drivers\usbvideo.sys
[2004/08/04 04:00:00 | 000,058,112 | ---- | M] (RAVISENT Technologies Inc.) MD5=55E01061C74A8CEFFF58DC36114A8D3F -- C:\WINDOWS\system32\drivers\vdmindvd.sys
[2008/04/13 13:44:40 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=0D3A8FAFCEACD8B7625CD549757A7DF1 -- C:\WINDOWS\system32\drivers\vga.sys
[2008/04/13 13:36:40 | 000,042,240 | ---- | M] (Microsoft Corporation) MD5=754292CE5848B3738281B4F3607EAEF4 -- C:\WINDOWS\system32\drivers\viaagp.sys
[2008/04/13 13:40:31 | 000,005,376 | ---- | M] (Microsoft Corporation) MD5=3B3EFCDA263B8AC14FDF9CBDD0791B2E -- C:\WINDOWS\system32\drivers\viaide.sys
[2008/04/13 13:44:40 | 000,081,664 | ---- | M] (Microsoft Corporation) MD5=E28726B72C46821A28830E077D39A55B -- C:\WINDOWS\system32\drivers\videoprt.sys
[2008/04/13 13:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\system32\drivers\volsnap.sys
[2008/04/13 13:43:55 | 000,014,208 | ---- | M] (Microsoft Corporation) MD5=ACED8C149B30F8496C237BCBA3727B48 -- C:\WINDOWS\system32\drivers\wacompen.sys
[2004/08/03 21:29:40 | 000,011,807 | ---- | M] (Intel® Corporation) MD5=0308AEF61941E4AF478FA1A0F83812F5 -- C:\WINDOWS\system32\drivers\wadv07nt.sys
[2004/08/03 21:29:40 | 000,011,295 | ---- | M] (Intel® Corporation) MD5=714038A8AA5DE08E12062202CD7EAEB5 -- C:\WINDOWS\system32\drivers\wadv08nt.sys
[2004/08/03 21:29:42 | 000,011,871 | ---- | M] (Intel® Corporation) MD5=7BB3AA595E4507A788DE1CDC63F4C8C4 -- C:\WINDOWS\system32\drivers\wadv09nt.sys
[2004/08/03 21:29:42 | 000,011,935 | ---- | M] (Intel® Corporation) MD5=36E6C405B6143D09687F4056FD9A0D10 -- C:\WINDOWS\system32\drivers\wadv11nt.sys
[2008/04/13 13:57:21 | 000,034,560 | ---- | M] (Microsoft Corporation) MD5=E20B95BAEDB550F32DD489265C1DA1F6 -- C:\WINDOWS\system32\drivers\wanarp.sys
[2004/08/03 21:29:46 | 000,022,271 | ---- | M] (Intel® Corporation) MD5=352FA0E98BC461CE1CE5D41F64DB558D -- C:\WINDOWS\system32\drivers\watv06nt.sys
[2004/08/03 21:29:46 | 000,025,471 | ---- | M] (Intel® Corporation) MD5=791CC45DE6E50445BE72E8AD6401FF45 -- C:\WINDOWS\system32\drivers\watv10nt.sys
[2006/11/02 06:22:54 | 000,492,000 | ---- | M] (Microsoft Corporation) MD5=FD47474BD21794508AF449D9D91AF6E6 -- C:\WINDOWS\system32\drivers\wdf01000.sys
[2006/11/02 06:22:52 | 000,032,224 | ---- | M] (Microsoft Corporation) MD5=DED98A3E466251CCAB93D579144B048C -- C:\WINDOWS\system32\drivers\wdfldr.sys
[2008/04/13 14:17:18 | 000,083,072 | ---- | M] (Microsoft Corporation) MD5=6768ACF64B18196494413695F0C3A00F -- C:\WINDOWS\system32\drivers\wdmaud.sys
[2004/08/04 04:00:00 | 000,004,352 | ---- | M] (Microsoft Corporation) MD5=2F31B7F954BED437F2C75026C65CAF7B -- C:\WINDOWS\system32\drivers\wmilib.sys
[2006/10/18 19:00:00 | 000,038,528 | ---- | M] (Microsoft Corporation) MD5=CF4DEF1BF66F06964DC0D91844239104 -- C:\WINDOWS\system32\drivers\wpdusb.sys
[2004/08/04 04:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
[2006/09/28 17:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) MD5=F15FEAFFFBB3644CCC80C5DA584E6311 -- C:\WINDOWS\system32\drivers\WudfPf.sys
[2006/09/28 18:00:34 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=28B524262BCE6DE1F7EF9F510BA3985B -- C:\WINDOWS\system32\drivers\WudfRd.sys
< End of report >

#22
Salagubang

Posted 23 December 2010 - 12:51 AM

Trusted Helper

Malware Removal
3,891 posts

Hi Dadeatworld,

Thank you for posting the logs I requested.

Do you think you can find/borrow another XP installation CD. To try if it recognizes the windows installation (for the repair install).

#23
Salagubang

Posted 23 December 2010 - 02:54 AM

Trusted Helper

Malware Removal
3,891 posts

Hi Dadeatworld,

I need additional information.

Start OTLPE as you did previously from CD
Copy the attached scan.txt to a USB

scan.txt 150bytes 110 downloads

Insert your USB drive with scan.txt on it
Start OTLPE
Doule click on the Custom scans and fixes box; a dialogue box will pop up asking for the location of the scan.txt- select the file on your USB drive
Then click the Run Scan button at the top
Let the program run unhindered, post the log on your next reply.

#24
Salagubang

Posted 24 December 2010 - 04:26 AM

Trusted Helper

Malware Removal
3,891 posts

Hi Dadeatworld,

The tech experts provided us with a possible solution with the hanging problem.

===========================
To fix the issue, we need to access the computer from Recovery Console.

If you do have your Windows CD

1. To start the Recovery Console directly from the Windows XP CD you would do the following:

Insert the Windows XP cd in your computer.
Restart your computer so you are booting off of the CD.
When the Welcome to Setup screen appears, press the R button on your keyboard to start the Recovery Console.
The Recovery Console will start and ask you which Windows installation you would like to log on to. If you have multiple Windows installations, it will list each one, and you would enter the number associated with the installation you would like to work on and press enter. If you have just one Windows installation, type 1 and press enter.
It will then prompt you for the Administrator's password. If there is no password, simply press enter. Otherwise type in the password and then press enter.
If you entered the correct password you will now be presented with a C:\Windows> prompt and you can start using the Recovery Console.

2. Type map and press enter.
It will give you the drive letters.
Note down the letter of you CD-ROM.
If it is a letter other than E you should replace the letter E with your CD drive letter when applying the expand command later on if the command is needed to be applied.

Type following commmands, pressing Enter after each one.

ren c:\windows\system32\drivers\atapi.sys atapi.old
(It will returns to the prompt again without notification)
copy c:\windows\servicepackfiles\i386\atapi.sys c:\windows\system32\drivers
(If you get a notification "1 file(s) copied" you don't need to do the next expand command and go to exit command. But if you get notification that the file doesn't exist proceed with expand command)
expand e:\I386\atapi.sy_ c:\windows\system32\drivers
(You should be notified that the file expanded)
exit

You may remove the CD or let Windows boot normally.

Thanks to rshaffer61 for the canned.
============================

Tell me how it goes.

#25
Dadeatworld

Posted 24 December 2010 - 06:41 PM

Member

Topic Starter
Member
17 posts

Here are the results from the OTLPE scan you asked me to run:

OTL logfile created on: 12/24/2010 7:09:38 PM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.83 Gb Total Space | 112.66 Gb Free Space | 77.79% Space Free | Partition Type: NTFS
Drive J: | 116.88 Mb Total Space | 43.00 Mb Free Space | 36.79% Space Free | Partition Type: FAT
Drive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Auto] -- C:\WINDOWS\TEMP\002878~1.EXE -- (0028781290710659mcinstcleanup) McAfee Application Installer Cleanup (0028781290710659)
SRV - [2010/11/23 13:26:51 | 001,375,992 | ---- | M] (Lavasoft) [Auto] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/10/13 21:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/10/13 21:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/10/07 20:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/08/24 13:57:38 | 000,171,168 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe -- (McShield)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/05/02 01:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2007/03/19 11:44:44 | 000,070,656 | ---- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/07/06 06:14:30 | 000,090,112 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2006/02/17 06:19:55 | 000,139,264 | ---- | M] (OTi) [Auto] -- C:\WINDOWS\System32\UStorSrv.exe -- (UStorage Server Service)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\usbicp.sys -- (uisp)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (mfeavfk01)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2010/11/05 12:34:55 | 000,015,264 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010/10/13 21:28:54 | 000,386,840 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/10/13 21:28:54 | 000,313,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/10/13 21:28:54 | 000,152,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/10/13 21:28:54 | 000,095,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/10/13 21:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2010/10/13 21:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2010/10/13 21:28:54 | 000,084,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/10/13 21:28:54 | 000,084,072 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2010/10/13 21:28:54 | 000,055,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/10/13 21:28:54 | 000,052,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/08/12 07:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2009/11/25 10:06:44 | 000,028,032 | ---- | M] (Susteen, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sustucau.sys -- (SUSTUCAU)
DRV - [2009/11/25 10:06:43 | 000,047,360 | ---- | M] (Susteen, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sustucap.sys -- (SUSTUCAP)
DRV - [2009/11/25 10:06:43 | 000,047,360 | ---- | M] (Susteen, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sustucam.sys -- (SUSTUCAM)
DRV - [2008/11/12 14:54:00 | 006,188,320 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/05/21 11:26:40 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2008/04/13 14:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/02/29 02:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/02/29 02:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/06/18 02:01:28 | 000,514,560 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/12/19 07:36:54 | 001,160,504 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2006/12/19 07:36:46 | 000,090,936 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2006/12/19 07:36:42 | 000,156,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2006/12/19 07:36:36 | 000,014,648 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2006/12/19 07:36:32 | 000,128,312 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2006/12/19 07:35:40 | 000,511,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2006/11/01 09:39:16 | 000,246,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/18 12:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 12:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 12:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 12:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 12:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 12:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 12:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 12:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 10:05:58 | 000,051,768 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2006/08/11 09:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 09:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2006/07/21 10:21:26 | 000,099,176 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2006/07/06 05:59:42 | 000,246,784 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2006/02/24 14:06:48 | 000,107,392 | ---- | M] (AGEIA Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\athena.sys -- (athena)
DRV - [2005/07/13 01:18:48 | 000,340,704 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2002/10/01 08:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001/08/17 13:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 13:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 13:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 13:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 13:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 12:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 12:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 12:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 12:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 12:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 12:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 12:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 12:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 12:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 12:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co...html?channel=us
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/22 15:33:10 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2010/12/18 18:44:45 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (no name) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Virus Tools\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101105230046.dll (McAfee, Inc.)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No CLSID value found.
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Auto EPSON Stylus CX6600 Series on JILL] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [CTDVDDET] C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\Ross_Durbin_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Ross_Durbin_ON_C..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\Ross_Durbin_ON_C..\Run: [SpybotSD TeaTimer] C:\Virus Tools\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Ross_Durbin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Virus Tools\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} http://download.micr...tualEarth3D.cab (SentinelProxy Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - C:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/18 18:44:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/12/16 17:30:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\LocalService\My Documents
[2010/12/16 17:30:43 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\LocalService\Recent
[2010/12/15 15:39:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/12/15 15:39:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/12/15 13:15:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ross Durbin\Recent
[2010/11/30 14:38:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ross Durbin\My Documents\My Scans
[2007/10/04 21:23:38 | 000,034,816 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll

========== Files - Modified Within 30 Days ==========

[2010/12/21 06:21:00 | 000,000,322 | RHS- | M] () -- C:\boot.ini
[2010/12/18 18:44:45 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/12/14 13:27:05 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/12/10 16:09:34 | 000,011,183 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taliban.docx
[2010/12/10 13:55:02 | 000,194,826 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/12/10 13:54:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/09 20:50:28 | 000,033,912 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Colorado ski from ITT.pdf
[2010/12/07 03:41:00 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/05 02:14:38 | 000,064,756 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2010/12/05 02:14:38 | 000,053,968 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2010/12/05 02:14:38 | 000,053,968 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2010/12/05 02:14:38 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010/12/05 02:14:38 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010/12/03 15:56:57 | 000,011,475 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taylor.docx
[2010/11/30 00:06:07 | 000,052,091 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Ferguson Reservoir.pdf

========== Files Created - No Company Name ==========

[2010/12/21 06:21:00 | 000,000,322 | RHS- | C] () -- C:\boot.ini
[2010/12/10 16:09:34 | 000,011,183 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taliban.docx
[2010/12/09 20:50:28 | 000,033,912 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Colorado ski from ITT.pdf
[2010/12/03 15:56:57 | 000,011,475 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taylor.docx
[2010/11/30 00:06:07 | 000,052,091 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Ferguson Reservoir.pdf
[2010/08/19 16:16:02 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/08/19 16:16:02 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/05/31 19:45:56 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Application Data\setup_ldm.iss
[2010/03/22 20:39:58 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\OPDSL.DLL
[2009/11/30 12:51:36 | 000,061,224 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\GoToAssistDownloadHelper.exe
[2009/03/30 16:53:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/09/28 23:34:22 | 000,003,072 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Application Data\dvd.bmk
[2008/09/28 23:31:05 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Local Settings\Application Data\fusioncache.dat
[2008/09/14 12:37:45 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007/11/06 20:00:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/11/06 20:00:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/11/06 20:00:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/11/06 20:00:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/10/10 15:04:10 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/10 12:14:51 | 000,259,170 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\REBOOT=ReallySuppress
[2007/10/10 12:14:06 | 000,259,170 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\REBOOT=ReallySuppress
[2007/10/04 21:58:04 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/10/04 21:42:27 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007/10/04 21:42:27 | 000,000,120 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/10/04 21:20:47 | 000,050,432 | ---- | C] () -- C:\WINDOWS\System32\claptn.ini
[2007/10/04 21:20:47 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2007/10/04 21:20:47 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2007/10/04 21:20:47 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007/10/04 21:20:14 | 000,876,544 | ---- | C] () -- C:\WINDOWS\System32\TEACico2.dll
[2007/10/04 21:19:17 | 000,001,123 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/01/03 10:24:36 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/01/03 10:22:46 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/01/03 10:22:14 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/12/19 06:15:20 | 000,065,154 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2006/11/07 03:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/16 22:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 22:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2001/12/03 15:50:58 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\LTTLS13N.DLL
[2001/12/03 15:50:20 | 000,708,608 | R--- | C] () -- C:\WINDOWS\System32\LTCRY13N.DLL
[2000/07/07 05:49:30 | 000,069,120 | R--- | C] () -- C:\WINDOWS\System32\LTDLL.DLL
[2000/04/12 15:28:12 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2000/04/12 15:24:10 | 000,338,944 | R--- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL

========== LOP Check ==========

[2007/10/16 13:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\Final Draft
[2009/07/21 15:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\GARMIN
[2010/11/09 02:41:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\LimeWire
[2008/12/04 14:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\NASA
[2009/12/09 14:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\Uniblue
[2007/10/10 13:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\Windows Desktop Search
[2010/12/14 13:27:05 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========

========== Custom Scans ==========

< c:\system volume information|_REGISTRY_MACHINE_SYSTEM;true;true;true /FP >
[2010/09/17 03:00:55 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1078\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/09/18 03:43:06 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1079\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/09/19 04:43:06 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1080\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/09/20 05:44:01 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1081\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/09/21 06:08:55 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1082\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/09/22 06:31:58 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1083\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/09/23 06:32:21 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1084\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/09/24 06:53:41 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1085\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/09/25 07:30:52 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1086\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/09/26 08:04:20 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1087\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/09/27 08:04:25 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1088\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/09/28 08:30:52 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1089\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/09/29 08:32:11 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1090\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/09/30 02:00:14 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1091\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/01 02:31:07 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1092\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/02 03:31:07 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1093\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/03 04:11:12 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1094\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/04 05:10:49 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1095\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/05 05:11:11 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1096\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/06 06:11:12 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1097\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/07 07:40:42 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1098\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/08 02:00:14 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1099\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/09 02:50:41 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1100\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/10 03:50:41 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1101\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/11 03:51:46 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1102\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/12 04:50:41 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1103\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/13 05:50:41 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1104\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/14 02:00:26 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1105\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/15 02:24:33 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1106\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/16 02:24:40 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1107\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/17 03:24:40 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1108\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/18 04:24:40 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1109\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/19 05:24:40 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1110\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/20 06:57:33 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1111\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/21 07:12:06 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1112\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/22 07:25:45 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1113\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/23 08:38:10 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1114\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/24 09:24:40 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1115\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/25 13:26:28 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1116\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/26 14:24:40 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1117\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/27 15:30:23 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1118\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/28 15:45:42 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1119\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/29 16:25:06 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1120\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/30 16:26:25 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1121\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/10/31 17:26:25 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1122\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/01 17:45:08 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1123\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/02 17:53:18 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1124\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/03 18:26:25 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1125\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/04 19:01:08 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1126\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/05 19:53:25 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1127\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/06 20:11:20 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1128\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/07 21:11:20 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1129\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/08 22:12:25 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1130\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/09 02:46:52 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1131\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/09 15:56:10 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1132\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/10 16:36:01 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1133\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/11 16:55:27 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1134\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/12 17:06:38 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1135\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/13 18:18:38 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1136\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/14 18:36:40 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1137\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/15 18:57:53 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1138\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/16 19:07:43 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1139\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/17 20:48:57 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1140\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/18 21:06:39 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1141\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/19 21:06:48 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1142\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/20 21:07:53 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1143\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/21 21:37:38 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1144\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/22 22:06:48 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1145\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/23 23:06:48 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1146\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/25 00:06:48 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1147\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/26 03:53:02 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1148\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/27 04:07:05 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1149\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/28 04:56:54 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1150\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/29 05:56:53 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1151\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/11/30 06:56:53 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1152\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/12/01 07:56:53 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1153\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/12/02 07:57:59 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1154\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/12/03 10:38:37 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1155\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/12/04 10:56:53 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1156\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/12/05 11:19:14 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1157\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/12/06 12:19:14 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1158\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/12/07 13:30:10 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1159\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/12/08 15:02:21 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1160\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/12/09 15:19:15 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1161\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/12/10 17:39:49 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1162\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/12/11 17:58:08 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1163\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/12/12 18:31:37 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1164\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/12/13 18:58:08 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1165\snapshot\_REGISTRY_MACHINE_SYSTEM
[2010/12/14 19:03:22 | 008,957,952 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1166\snapshot\_REGISTRY_MACHINE_SYSTEM

< c:\system volume information|_REGISTRY_MACHINE_SOFTWARE;true;true;true /FP >
[2010/09/17 03:00:54 | 046,792,704 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1078\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/09/18 03:43:06 | 046,792,704 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1079\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/09/19 04:43:06 | 046,792,704 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1080\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/09/20 05:44:00 | 046,792,704 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1081\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/09/21 06:08:54 | 046,792,704 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1082\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/09/22 06:31:57 | 046,792,704 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1083\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/09/23 06:32:21 | 046,792,704 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1084\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/09/24 06:53:41 | 046,792,704 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1085\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/09/25 07:30:51 | 046,792,704 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1086\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/09/26 08:04:19 | 046,792,704 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1087\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/09/27 08:04:25 | 046,792,704 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1088\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/09/28 08:30:51 | 046,792,704 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1089\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/09/29 08:32:11 | 046,792,704 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1090\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/09/30 02:00:13 | 046,792,704 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1091\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/01 02:31:06 | 046,899,200 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1092\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/02 03:31:07 | 046,903,296 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1093\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/03 04:11:11 | 046,936,064 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1094\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/04 05:10:49 | 046,936,064 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1095\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/05 05:11:11 | 046,936,064 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1096\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/06 06:11:12 | 046,936,064 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1097\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/07 07:40:42 | 046,936,064 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1098\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/08 02:00:14 | 046,936,064 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1099\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/09 02:50:41 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1100\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/10 03:50:41 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1101\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/11 03:51:46 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1102\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/12 04:50:41 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1103\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/13 05:50:41 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1104\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/14 02:00:26 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1105\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/15 02:24:32 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1106\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/16 02:24:40 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1107\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/17 03:24:40 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1108\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/18 04:24:40 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1109\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/19 05:24:40 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1110\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/20 06:57:33 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1111\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/21 07:12:05 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1112\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/22 07:25:45 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1113\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/23 08:38:10 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1114\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/24 09:24:40 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1115\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/25 13:26:28 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1116\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/26 14:24:40 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1117\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/27 15:30:23 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1118\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/28 15:45:42 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1119\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/29 16:25:06 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1120\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/30 16:26:25 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1121\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/10/31 17:26:25 | 046,944,256 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1122\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/01 17:45:07 | 046,964,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1123\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/02 17:53:18 | 046,964,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1124\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/03 18:26:25 | 046,964,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1125\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/04 19:01:08 | 046,964,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1126\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/05 19:53:25 | 046,964,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1127\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/06 20:11:20 | 046,989,312 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1128\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/07 21:11:19 | 046,989,312 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1129\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/08 22:12:25 | 046,989,312 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1130\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/09 02:46:51 | 047,857,664 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1131\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/09 15:56:10 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1132\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/10 16:36:01 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1133\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/11 16:55:26 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1134\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/12 17:06:38 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1135\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/13 18:18:38 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1136\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/14 18:36:40 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1137\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/15 18:57:53 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1138\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/16 19:07:43 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1139\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/17 20:48:57 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1140\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/18 21:06:39 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1141\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/19 21:06:48 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1142\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/20 21:07:53 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1143\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/21 21:37:37 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1144\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/22 22:06:48 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1145\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/23 23:06:48 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1146\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/25 00:06:48 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1147\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/26 03:53:01 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1148\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/27 04:07:05 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1149\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/28 04:56:53 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1150\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/29 05:56:53 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1151\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/11/30 06:56:53 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1152\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/12/01 07:56:53 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1153\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/12/02 07:57:59 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1154\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/12/03 10:38:37 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1155\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/12/04 10:56:53 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1156\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/12/05 11:19:14 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1157\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/12/06 12:19:14 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1158\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/12/07 13:30:10 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1159\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/12/08 15:02:20 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1160\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/12/09 15:19:15 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1161\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/12/10 17:39:48 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1162\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/12/11 17:58:08 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1163\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/12/12 18:31:37 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1164\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/12/13 18:58:08 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1165\snapshot\_REGISTRY_MACHINE_SOFTWARE
[2010/12/14 19:03:21 | 048,500,736 | ---- | M] () -- c:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1166\snapshot\_REGISTRY_MACHINE_SOFTWARE
< End of report >

On your second email, you ask me to run the MAP command and follow your instructions. Everything went fine but it didn't keep the computer from hanging at startup. I have the windows splash screen and the continually running loading bar.

I have a question. This may seem obvious but I don't want to do anything without asking you. I ran MAP and my CD drives are I: and J: I'm using the I: drive for all these repairs). I ran the "ren" and "copy" commands and I received the "one file copied" message. So, following your instructions, I did not run the "expand" command. I just used the "exit" command. Is there a problem if my CD drive is I: and not E: ?

Thank you for your help .... Happy Holidays to you and family.

#26
Salagubang

Posted 24 December 2010 - 07:14 PM

Trusted Helper

Malware Removal
3,891 posts

Hi Dadeatworld,

If you try to boot into safe mode, does is still hangs at mup.sys?

I have a question. This may seem obvious but I don't want to do anything without asking you. I ran MAP and my CD drives are I: and J: I'm using the I: drive for all these repairs). I ran the "ren" and "copy" commands and I received the "one file copied" message. So, following your instructions, I did not run the "expand" command. I just used the "exit" command. Is there a problem if my CD drive is I: and not E: ?

You did fine using the I: drive and followed the instruction correctly.

Happy Holidays to you and your family as well.

#27
Dadeatworld

Posted 24 December 2010 - 11:26 PM

Member

Topic Starter
Member
17 posts

Yes, safe mode hangs at Mup.sys ...

#28
Salagubang

Posted 24 December 2010 - 11:53 PM

Trusted Helper

Malware Removal
3,891 posts

Hi Dadeatworld,

Reboot your computer with Bootlogging enabled. This will create a boot log in the form of a plain TXT file in the C:\Windows folder called ntbtlog.txt.

You can do this by restarting your computer and continually tapping the F8 key until a menu appears.
Use your up arrow key to highlight the option that says "Enable Boot Logging" then hit enter.
Let the computer attempt booting for a good 10 minutes, then restart computer and boot using your Reatogo CD. Find and post C:\Windows\ntbtlog.txt

#29
Salagubang

Posted 25 December 2010 - 03:43 AM

Trusted Helper

Malware Removal
3,891 posts

Hi Dadeatworld,

We'll attempt a system restore.

Start OTLPE as you did previously from CD
Copy the attached Fix.txt to a USB

fix.txt 1.07KB 110 downloads

Insert your USB drive with fix.txt on it
Start OTLPE
Drag and drop fix.txt into the Custom scans and fixes box
If you cannot drag and drop for some reason. Then press the Run Fix button and a dialogue box will pop up asking for the location - select the file on your USB drive
Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done to normal mode if possible
Post a new log in your next reply.

#30
Dadeatworld

Posted 26 December 2010 - 06:36 PM

Member

Topic Starter
Member
17 posts

First, Thank you for staying with me on this problem, I know it's taken a lot of your time!

In my C:\Windows folder I have over 100 folders titled "$NtUninstallkb######$" where the # symbols are numbers. Each folder has a single subfolder titled "spuninst". It has four items; "spuninst.exe", "updispapi.dll", "spuninst.inf", and "spuninst.txt". I haven't seen these folders in my windows directory until now ... were they just "hidden" folders or are they part of the problem?

I ran the bootlogging as you requested. There isn't a file called "ntbtlog.txt" anywhere on my computer. I searched everywhere, with every option ...

I ran the "fix.txt" in OTLPE as you requested. Windows hangs at the exact same place ... WinXP splash screen with endless running bar.

Here is the new log you asked for ...

OTL logfile created on: 12/26/2010 7:30:58 PM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.83 Gb Total Space | 108.47 Gb Free Space | 74.89% Space Free | Partition Type: NTFS
Drive D: | 116.88 Mb Total Space | 43.15 Mb Free Space | 36.92% Space Free | Partition Type: FAT
Drive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Auto] -- C:\WINDOWS\TEMP\002878~1.EXE -- (0028781290710659mcinstcleanup) McAfee Application Installer Cleanup (0028781290710659)
SRV - [2010/11/23 13:26:51 | 001,375,992 | ---- | M] (Lavasoft) [Auto] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/10/13 21:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/10/13 21:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/10/07 20:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/08/24 13:57:38 | 000,171,168 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe -- (McShield)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/05/02 01:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2007/03/19 11:44:44 | 000,070,656 | ---- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/07/06 06:14:30 | 000,090,112 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2006/02/17 06:19:55 | 000,139,264 | ---- | M] (OTi) [Auto] -- C:\WINDOWS\System32\UStorSrv.exe -- (UStorage Server Service)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\usbicp.sys -- (uisp)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (mfeavfk01)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2010/11/05 12:34:55 | 000,015,264 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010/10/13 21:28:54 | 000,386,840 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/10/13 21:28:54 | 000,313,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/10/13 21:28:54 | 000,152,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/10/13 21:28:54 | 000,095,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/10/13 21:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2010/10/13 21:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2010/10/13 21:28:54 | 000,084,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/10/13 21:28:54 | 000,084,072 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2010/10/13 21:28:54 | 000,055,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/10/13 21:28:54 | 000,052,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/08/12 07:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2009/11/25 10:06:44 | 000,028,032 | ---- | M] (Susteen, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sustucau.sys -- (SUSTUCAU)
DRV - [2009/11/25 10:06:43 | 000,047,360 | ---- | M] (Susteen, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sustucap.sys -- (SUSTUCAP)
DRV - [2009/11/25 10:06:43 | 000,047,360 | ---- | M] (Susteen, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sustucam.sys -- (SUSTUCAM)
DRV - [2008/11/12 14:54:00 | 006,188,320 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/05/21 11:26:40 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2008/04/13 14:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/02/29 02:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/02/29 02:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/06/18 02:01:28 | 000,514,560 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/12/19 07:36:54 | 001,160,504 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2006/12/19 07:36:46 | 000,090,936 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2006/12/19 07:36:42 | 000,156,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2006/12/19 07:36:36 | 000,014,648 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2006/12/19 07:36:32 | 000,128,312 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2006/12/19 07:35:40 | 000,511,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2006/11/01 09:39:16 | 000,246,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/18 12:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 12:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 12:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 12:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 12:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 12:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 12:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 12:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 10:05:58 | 000,051,768 | ---- | M] (Roxio) [File_System | Auto] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2006/08/11 09:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 09:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2006/07/21 10:21:26 | 000,099,176 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2006/07/06 05:59:42 | 000,246,784 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2006/02/24 14:06:48 | 000,107,392 | ---- | M] (AGEIA Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\athena.sys -- (athena)
DRV - [2005/07/13 01:18:48 | 000,340,704 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2002/10/01 08:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001/08/17 13:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 13:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 13:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 13:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 13:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 12:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 12:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 12:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 12:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 12:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 12:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 12:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 12:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 12:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 12:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co...html?channel=us
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071005
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Ross_Durbin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/22 15:33:10 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2010/12/18 18:44:45 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (no name) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Virus Tools\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101105230046.dll (McAfee, Inc.)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No CLSID value found.
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Auto EPSON Stylus CX6600 Series on JILL] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [CTDVDDET] C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\Ross_Durbin_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Ross_Durbin_ON_C..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\Ross_Durbin_ON_C..\Run: [SpybotSD TeaTimer] C:\Virus Tools\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Ross_Durbin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Virus Tools\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} http://download.micr...tualEarth3D.cab (SentinelProxy Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - C:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/26 19:03:20 | 000,000,000 | ---D | C] -- C:\Transfer Files
[2010/12/26 13:18:16 | 000,553,984 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2010/12/18 18:44:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/12/16 17:30:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\LocalService\My Documents
[2010/12/16 17:30:43 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\LocalService\Recent
[2010/12/15 15:39:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/12/15 15:39:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/12/15 13:15:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ross Durbin\Recent
[2010/11/30 14:38:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ross Durbin\My Documents\My Scans
[2007/10/04 21:23:38 | 000,034,816 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll

========== Files - Modified Within 30 Days ==========

[2010/12/21 06:21:00 | 000,000,322 | RHS- | M] () -- C:\boot.ini
[2010/12/18 18:44:45 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/12/14 13:27:05 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/12/10 16:09:34 | 000,011,183 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taliban.docx
[2010/12/10 13:55:02 | 000,194,826 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/12/10 13:54:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/09 20:50:28 | 000,033,912 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Colorado ski from ITT.pdf
[2010/12/07 03:41:00 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/05 02:14:38 | 000,064,756 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2010/12/05 02:14:38 | 000,053,968 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2010/12/05 02:14:38 | 000,053,968 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2010/12/05 02:14:38 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010/12/05 02:14:38 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010/12/03 15:56:57 | 000,011,475 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taylor.docx
[2010/11/30 00:06:07 | 000,052,091 | ---- | M] () -- C:\Documents and Settings\Ross Durbin\My Documents\Ferguson Reservoir.pdf

========== Files Created - No Company Name ==========

[2010/12/21 06:21:00 | 000,000,322 | RHS- | C] () -- C:\boot.ini
[2010/12/10 16:09:34 | 000,011,183 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taliban.docx
[2010/12/09 20:50:28 | 000,033,912 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Colorado ski from ITT.pdf
[2010/12/03 15:56:57 | 000,011,475 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Taylor.docx
[2010/11/30 00:06:07 | 000,052,091 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\My Documents\Ferguson Reservoir.pdf
[2010/08/19 16:16:02 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/08/19 16:16:02 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/05/31 19:45:56 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Application Data\setup_ldm.iss
[2010/03/22 20:39:58 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\OPDSL.DLL
[2009/11/30 12:51:36 | 000,061,224 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\GoToAssistDownloadHelper.exe
[2009/03/30 16:53:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/09/28 23:34:22 | 000,003,072 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Application Data\dvd.bmk
[2008/09/28 23:31:05 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Local Settings\Application Data\fusioncache.dat
[2008/09/14 12:37:45 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007/11/06 20:00:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/11/06 20:00:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/11/06 20:00:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/11/06 20:00:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/10/10 15:04:10 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/10 12:14:51 | 000,259,170 | ---- | C] () -- C:\Documents and Settings\Ross Durbin\REBOOT=ReallySuppress
[2007/10/10 12:14:06 | 000,259,170 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\REBOOT=ReallySuppress
[2007/10/04 21:58:04 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/10/04 21:42:27 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007/10/04 21:42:27 | 000,000,120 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/10/04 21:20:47 | 000,050,432 | ---- | C] () -- C:\WINDOWS\System32\claptn.ini
[2007/10/04 21:20:47 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2007/10/04 21:20:47 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2007/10/04 21:20:47 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007/10/04 21:20:14 | 000,876,544 | ---- | C] () -- C:\WINDOWS\System32\TEACico2.dll
[2007/10/04 21:19:17 | 000,001,123 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/01/03 10:24:36 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/01/03 10:22:46 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/01/03 10:22:14 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/12/19 06:15:20 | 000,065,154 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2006/11/07 03:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/16 22:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 22:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2001/12/03 15:50:58 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\LTTLS13N.DLL
[2001/12/03 15:50:20 | 000,708,608 | R--- | C] () -- C:\WINDOWS\System32\LTCRY13N.DLL
[2000/07/07 05:49:30 | 000,069,120 | R--- | C] () -- C:\WINDOWS\System32\LTDLL.DLL
[2000/04/12 15:28:12 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2000/04/12 15:24:10 | 000,338,944 | R--- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL

========== LOP Check ==========

[2007/10/16 13:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\Final Draft
[2009/07/21 15:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\GARMIN
[2010/11/09 02:41:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\LimeWire
[2008/12/04 14:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\NASA
[2009/12/09 14:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\Uniblue
[2007/10/10 13:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ross Durbin\Application Data\Windows Desktop Search
[2010/12/14 13:27:05 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========

< End of report >