Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

random crashes, BSODs -- beep.sys, an8qv6i5

Started by Anamacha , Jan 13 2011 04:09 PM

  • Please log in to reply

#1
Anamacha
Posted 13 January 2011 - 04:09 PM

Anamacha

    Member

  • Member
  • PipPipPip
  • 129 posts
hey there ... I've gotten some great help here over the time I've been in these forums, and I just wanted to say thank you for that.

I am posting in this thread because I was advised to my a G2G Trusted Tech helping me out in another thread (linked below). I noticed some suspicious activity on my machine, notably something called beep.sys and something else with a junk title. Both processes were running and there seems to be no way of stopping them using the tools at my disposal.

For a long time now (6-8 months maybe) I have been experiencing random hard crashes and the occasional BSOD. This started shortly after I installed XP SP3; I have since downgraded to SP2 but the problems have not gone away.

The crashes are always accompanied by a brief crunching noise from the speakers; it is similar yet different every time. After the noise the hard drive gets quiet, the mouse does not move, and I cannot recover using CTRL ALT DEL or any other method known to me. I have to remove power and reapply.

My system doesn't seem to crash when I'm in safe mode. It will, however, sometimes crash if I leave it at the logon screen for a while.

Occasionally (I'd say one time out of five), the crash also includes a slow ramp up of an internal fan, ultimately stopping at what sounds like a jet taking off. At this point I don't know if that's a case fan or the fan on my video card.

I had been getting BSODs as well, always based in win32k.sys. These went away for a while, but now I am starting to get them again, frequently enough to mention (2-3 times in the last 5 days maybe).

I have run malware and virus scanners from an Ultimate Boot CD I made. I have done lots of other things as well, most of which are detailed in this other G2G thread.

It bears mentioning that I do not seem to have problems when running A-list games like Mass Effect 2 or Lord of the Rings Online. Getting into these games is sometimes a problem, however.

My machine seems to crash most reliably when I am trying to download large amounts of data, such as through the browser I use (Google Chrome, mostly) or through Adobe AIR (such as for good old games, or gog.com). Most of the time I am okay with usual browser activity, which for me is 10-15 tabs going all at once. Short bursts seem to be fine, but sustained data transfer will kill my machine.

I have used superantispyware, avast antivirus, ad-aware, spybot and a few other scanning tools. The most recent run of these tools was a month or three ago, and they didn't find anything at that time.

So -- what's my best chance of removing these and any other junk from my system?


OTL log follows:

OTL logfile created on: 11.01.13 3.21.24 PM - Run 1
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Documents and Settings\user1\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: yy.MM.dd

2.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 24.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 62.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.79 Gb Total Space | 18.05 Gb Free Space | 16.14% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive G: | 465.76 Gb Total Space | 88.59 Gb Free Space | 19.02% Space Free | Partition Type: NTFS

Computer Name: GARGANTUBRAIN | User Name: user1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.01.13 15.20.29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user1\desktop\OTL.exe
PRC - [2011.01.10 04.57.19 | 000,995,896 | ---- | M] (Google Inc.) -- C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2010.11.10 19.38.40 | 000,380,928 | ---- | M] () -- C:\Program Files\Launchy\Launchy.exe
PRC - [2010.10.18 14.45.05 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010.10.18 04.24.19 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\user1\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010.09.07 10.12.02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 10.11.59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.08.13 11.58.56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.07.13 13.26.12 | 004,302,704 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
PRC - [2010.07.13 13.26.10 | 006,076,272 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe
PRC - [2010.07.13 13.26.10 | 002,533,232 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
PRC - [2010.07.13 13.26.10 | 000,616,816 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe
PRC - [2010.07.09 13.04.34 | 003,493,776 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\Xfire.exe
PRC - [2010.07.04 17.39.49 | 001,352,832 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010.06.26 17.00.36 | 000,864,112 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010.02.25 23.10.20 | 021,979,992 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2009.10.12 23.16.18 | 003,102,944 | ---- | M] (AnVir Software) -- C:\Program Files\AnVir Task Manager\AnVir.exe
PRC - [2009.05.03 12.28.20 | 000,244,736 | ---- | M] () -- C:\Program Files\AutoHotkey\AutoHotkey.exe
PRC - [2009.04.25 00.00.10 | 000,877,568 | ---- | M] () -- C:\Program Files\HACE\Mmm\Mmm.exe
PRC - [2009.03.05 15.07.20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008.07.26 07.25.36 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2008.07.26 07.23.42 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LVCOMSER\LVComSer.exe
PRC - [2008.07.21 16.54.34 | 000,169,312 | ---- | M] (Maxtor Corporation) -- C:\Program Files\Maxtor\OneTouch Status\MaxMenuMgr.exe
PRC - [2008.07.21 16.53.04 | 000,193,888 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Maxtor\Sync\SyncServices.exe
PRC - [2008.05.02 01.44.08 | 000,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2008.05.02 01.40.56 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2007.10.02 09.10.46 | 000,131,072 | ---- | M] (Saitek) -- C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
PRC - [2007.10.02 09.10.14 | 000,233,472 | ---- | M] (Saitek) -- C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
PRC - [2007.06.13 04.23.07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.03.27 01.29.52 | 000,192,512 | ---- | M] (AltrixSoft (http://www.altrixsoft.com/)) -- C:\WINDOWS\system32\HDDSvc.exe
PRC - [2006.11.03 18.20.12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006.11.03 18.19.58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2003.08.28 13.01.22 | 000,061,440 | ---- | M] () -- C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe


========== Modules (SafeList) ==========

MOD - [2011.01.13 15.20.29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user1\desktop\OTL.exe
MOD - [2010.08.23 10.12.02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010.07.09 13.04.44 | 000,970,640 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\xfire_toucan_43094.dll
MOD - [2009.10.12 23.16.02 | 000,102,112 | ---- | M] (AnVir Software) -- C:\Program Files\AnVir Task Manager\AnvirHook61.dll
MOD - [2009.07.12 00.12.06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2008.07.26 07.25.24 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\Temp\logishrd\LVPrcInj01.dll
MOD - [2008.05.02 01.42.50 | 000,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2008.05.02 01.38.54 | 000,064,016 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\GameHook.dll
MOD - [2004.08.12 07.34.47 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (napagent)
SRV - File not found [On_Demand | Stopped] -- -- (hkmsvc)
SRV - File not found [On_Demand | Stopped] -- -- (EapHost)
SRV - File not found [On_Demand | Stopped] -- -- (Dot3svc)
SRV - [2010.09.07 10.11.59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 10.11.59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 10.11.59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.08.13 11.58.56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.07.13 13.26.10 | 006,076,272 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2010.07.13 13.26.10 | 000,616,816 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV - [2010.07.04 21.18.44 | 000,039,936 | ---- | M] (C-Dilla Ltd) [On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2010.07.04 17.39.49 | 001,352,832 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009.12.15 14.07.16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- G:\Programs\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2008.08.06 10.34.02 | 000,216,032 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService)
SRV - [2008.07.26 07.25.36 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008.07.26 07.23.42 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2008.07.21 16.53.04 | 000,193,888 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service)
SRV - [2008.05.02 01.42.06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2007.03.27 01.29.52 | 000,192,512 | ---- | M] (AltrixSoft (http://www.altrixsoft.com/)) [Auto | Running] -- C:\WINDOWS\system32\HDDSvc.exe -- (HDDSvc)
SRV - [2007.03.19 19.19.14 | 000,263,168 | ---- | M] (Ares Development Group) [On_Demand | Stopped] -- C:\Program Files\Ares\chatServer.exe -- (AresChatServer)
SRV - [2006.11.03 18.19.58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005.04.04 18.58.28 | 000,163,840 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe -- (Adobe Version Cue CS2)
SRV - [2004.11.02 15.59.50 | 000,316,544 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC)
SRV - [2003.08.28 13.01.22 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe -- (spkrmon)


========== Driver Services (SafeList) ==========

DRV - [2010.11.26 14.07.10 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)) WsAudio_DeviceS(5)
DRV - [2010.11.26 14.07.10 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)) WsAudio_DeviceS(4)
DRV - [2010.11.26 14.07.10 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)) WsAudio_DeviceS(3)
DRV - [2010.11.26 14.07.10 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)) WsAudio_DeviceS(2)
DRV - [2010.11.26 14.07.10 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV - [2010.09.07 09.52.25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 09.52.03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 09.47.46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 09.47.19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.09.07 09.47.07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.07 09.46.51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.07.04 21.18.40 | 000,008,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA)
DRV - [2010.06.04 14.10.37 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010.06.01 14.21.21 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.06.01 14.21.21 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010.06.01 14.21.21 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010.05.19 13.52.36 | 000,016,240 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2009.09.21 15.29.22 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2009.02.25 16.58.57 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.01.11 19.56.58 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.12.26 22.28.14 | 000,095,592 | ---- | M] (Rocket Division Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\StarPortLite.sys -- (StarPortLite) StarPort Storage Controller (Lite)
DRV - [2008.12.13 13.47.38 | 000,129,896 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2008.12.13 13.47.38 | 000,040,496 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hotcore3.sys -- (hotcore3)
DRV - [2008.12.13 13.47.38 | 000,032,056 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\UimBus.sys -- (UimBus)
DRV - [2008.07.26 07.25.02 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008.05.20 08.32.40 | 000,015,328 | ---- | M] (Macrium Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pssnap.sys -- (pssnap)
DRV - [2008.02.29 02.13.46 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008.02.29 02.13.24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008.02.29 02.13.16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008.02.11 17.59.01 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2008.02.11 17.59.01 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2007.10.05 09.19.26 | 000,035,200 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SaiBus.sys -- (SaiNtBus)
DRV - [2007.10.05 09.19.26 | 000,014,080 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SaiMini.sys -- (SaiMini)
DRV - [2007.05.11 17.31.22 | 000,041,888 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007.05.11 17.30.04 | 001,921,184 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2007.05.11 16.31.36 | 003,580,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam Fusion(UVC)
DRV - [2007.05.03 13.37.08 | 000,022,152 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2007.05.01 14.51.10 | 000,132,232 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SaiH040C.sys -- (SaiH040C)
DRV - [2007.05.01 14.51.10 | 000,028,416 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SaiU040C.sys -- (SaiU040C)
DRV - [2007.04.25 18.55.12 | 000,040,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2007.02.16 10.12.36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007.01.26 20.09.40 | 000,068,954 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\jl2005c.sys -- (JL2005C)
DRV - [2006.10.04 20.42.42 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006.10.04 20.42.42 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2006.09.24 07.28.46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006.07.03 21.59.24 | 000,223,128 | ---- | M] (Alcohol Soft Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\vaxscsi.sys -- (vaxscsi)
DRV - [2006.03.26 06.22.14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006.03.13 03.38.23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.08.10 08.06.28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004.08.23 13.49.30 | 000,121,472 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004.08.12 07.24.55 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2004.08.09 05.33.26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.08.09 05.29.28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.07.19 08.49.54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2004.04.13 16.03.46 | 000,016,509 | ---- | M] (Palm, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2003.12.01 09.20.52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.11.07 03.50.00 | 000,070,798 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003.11.07 03.50.00 | 000,037,884 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsb.sys -- (LHidUsb)
DRV - [2003.11.07 03.50.00 | 000,025,502 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys -- (LHidFlt2)
DRV - [2003.06.24 23.18.48 | 000,146,560 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys -- (DVDVRRdr_xp)
DRV - [2003.05.07 01.54.38 | 000,008,960 | R--- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbbc2.sys -- (PLUsbbc2)
DRV - [2003.05.01 13.26.34 | 000,005,220 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2003.04.19 00.32.04 | 000,004,736 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tandpl.sys -- (tandpl)
DRV - [2003.03.02 17.44.26 | 000,007,552 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\enodpl.sys -- (enodpl)
DRV - [2002.08.14 14.03.36 | 000,017,005 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [1996.04.03 13.33.26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0B D4 00 C1 00 B2 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.openintab: true
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: [email protected]:4.0.21.0
FF - prefs.js..extensions.enabledItems: [email protected]:2.7.4
FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.0.2.1
FF - prefs.js..extensions.enabledItems: {2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}:2.1.062
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.07076007
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.1
FF - prefs.js..extensions.enabledItems: {5C3A97C1-1D8C-4577-8D2B-F1C45E72000A}:1.0
FF - prefs.js..extensions.enabledItems: {7ef7f4d6-947d-11dc-8314-0800200c9a66}:3.0.1
FF - prefs.js..extensions.enabledItems: {7694c49c-9fbd-11dc-8314-0800200c9a66}:3.0.2
FF - prefs.js..extensions.enabledItems: {04CA07AB-7FC3-4110-A83F-EF1E6B75D5B0}:4.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:3.8
FF - prefs.js..extensions.enabledItems: [email protected]:1.45
FF - prefs.js..extensions.enabledItems: {c1dffba0-628e-11d9-9669-0800200c9a66}:3.5.0
FF - prefs.js..extensions.enabledItems: [email protected]:2.95


FF - HKLM\software\mozilla\Firefox\extensions\\{5C3A97C1-1D8C-4577-8D2B-F1C45E72000A}: C:\Documents and Settings\user1\Local Settings\Application Data\{5C3A97C1-1D8C-4577-8D2B-F1C45E72000A} [2009.04.12 18.57.03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.01 13.35.23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.11.17 22.15.05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.16\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.12.01 13.35.29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.16\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.10.23 14.33.08 | 000,000,000 | ---D | M]

[2009.11.16 18.27.31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user1\Application Data\Mozilla\Extensions
[2009.11.16 18.27.31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user1\Application Data\Mozilla\Extensions\[email protected]
[2010.12.23 15.43.40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions
[2006.05.19 23.36.38 | 000,000,000 | ---D | M] ("Azerty II") -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{044FA143-992A-435f-95A5-39E25470F8F0}(2)
[2009.08.03 23.37.13 | 000,000,000 | ---D | M] (Azerty III) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{04CA07AB-7FC3-4110-A83F-EF1E6B75D5B0}
[2006.05.19 23.36.38 | 000,000,000 | ---D | M] (Silver Skin) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{2A10B180-05EF-11D9-8C50-444553540001}(2)
[2009.08.05 13.45.53 | 000,000,000 | ---D | M] ("Delicious Bookmarks") -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2009.05.15 23.28.58 | 000,000,000 | ---D | M] ("Delicious Bookmarks") -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}(2)
[2009.07.30 00.28.15 | 000,000,000 | ---D | M] (FoxyTunes) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2009.09.14 15.33.32 | 000,000,000 | ---D | M] (ScrapBook) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}
[2006.01.20 05.12.58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2006.05.19 23.36.37 | 000,000,000 | ---D | M] (Aquatint) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{69087485-8EDE-4a6c-91BE-6B882EB268A5}(2)
[2009.07.09 20.11.03 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2009.05.09 22.43.41 | 000,000,000 | ---D | M] (Aquatint Black Gloss) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2008.12.17 18.16.10 | 000,000,000 | ---D | M] (Abstract Zune) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{7ef7f4d6-947d-11dc-8314-0800200c9a66}
[2006.05.19 23.36.36 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}(2)
[2009.07.27 02.24.00 | 000,000,000 | ---D | M] (PitchDark) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
[2009.08.20 13.25.51 | 000,000,000 | ---D | M] (CreativesAre Toolbar) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{c42afa2e-1ffa-47f1-aaed-9dfed53a38ca}
[2008.12.17 20.08.15 | 000,000,000 | ---D | M] (Google Redesigned) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{cc85cd4e-5a5b-4eda-a25c-bdaffa93b406}
[2009.08.16 20.28.28 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009.08.03 23.37.21 | 000,000,000 | ---D | M] ("Tab Mix Plus") -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2009.02.19 00.29.24 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009.05.09 07.10.13 | 000,000,000 | ---D | M] (Autofill Forms) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2009.07.11 19.10.49 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2009.04.21 16.55.58 | 000,000,000 | ---D | M] ("Better Gmail 2") -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2009.04.21 16.55.58 | 000,000,000 | ---D | M] ("Better GReader") -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2009.07.27 02.24.26 | 000,000,000 | ---D | M] (bit.ly preview) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2009.05.29 21.47.33 | 000,000,000 | ---D | M] (ChromEdit Plus) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2009.09.14 14.26.26 | 000,000,000 | ---D | M] (Dark Revisited) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2008.03.10 15.15.08 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2008.09.11 09.25.27 | 000,000,000 | ---D | M] (Google Notebook) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2009.07.09 20.10.56 | 000,000,000 | ---D | M] ("heaven.cube") -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2008.12.30 03.05.20 | 000,000,000 | ---D | M] (RedShift V3) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2006.01.28 05.06.16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\temp
[2009.04.10 16.47.26 | 000,000,000 | ---D | M] (TiseMe Bar) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2009.10.01 00.55.18 | 000,001,243 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\a9.xml
[2009.03.20 12.19.10 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\amazondotcom.xml
[2009.03.19 10.27.53 | 000,000,853 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\del.icio.us.xml
[2009.03.16 20.38.41 | 000,002,306 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\duck-duck-go.xml
[2009.03.20 12.19.10 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\ebay.xml
[2009.10.01 00.55.18 | 000,002,125 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\flickr-tags.xml
[2008.04.10 03.24.36 | 000,001,192 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\fulltorrent.xml
[2008.06.21 15.33.53 | 000,000,908 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\imdb.xml
[2010.12.23 15.43.44 | 000,005,216 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\linkedin.xml
[2009.10.01 00.55.18 | 000,002,191 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\ljseek.xml
[2008.06.21 15.33.52 | 000,001,108 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\wikipedia.xml
[2010.12.23 15.43.42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.04.12 18.57.03 | 000,000,000 | ---D | M] (XUL Cache) -- C:\DOCUMENTS AND SETTINGS\USER1\LOCAL SETTINGS\APPLICATION DATA\{5C3A97C1-1D8C-4577-8D2B-F1C45E72000A}
[2009.08.17 19.19.17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2005.09.15 17.26.00 | 000,044,153 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\inspector.dll
[2004.11.12 21.36.20 | 000,005,120 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Mozilla Firefox\plugins\NPAdbESD.dll
[2007.12.10 22.56.33 | 000,024,576 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npgcplug.dll
[2005.04.27 14.10.49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npracplug.dll

O1 HOSTS File: ([2008.12.24 01.20.40 | 000,291,071 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 10025 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Download Guard for Internet Explorer) - {20C1A7F0-528E-444F-BAC5-5804A61CCA7F} - C:\Program Files\Lavasoft\Download Guard for Internet Explorer\DownloadGuardBHO.dll (Lavasoft AB )
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [mxomssmenu] C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corporation)
O4 - HKLM..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe (Saitek)
O4 - HKLM..\Run: [RoxioEngineUtility] C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe (Roxio)
O4 - HKLM..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe (Saitek)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AnVir Task Manager] C:\Program Files\AnVir Task Manager\AnVir.exe (AnVir Software)
O4 - HKCU..\Run: [Mmm] C:\Program Files\HACE\Mmm\Mmm.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\user1\Start Menu\Programs\Startup\AutoHotkey.lnk = C:\Program Files\AutoHotkey\AutoHotkey.exe ()
O4 - Startup: C:\Documents and Settings\user1\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\user1\Application Data\Dropbox\bin\Dropbox.exe ()
O4 - Startup: C:\Documents and Settings\user1\Start Menu\Programs\Startup\Launchy.lnk = C:\Program Files\Launchy\Launchy.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Copy to Semagic - C:\Program Files\Semagic\copy.htm ()
O8 - Extra context menu item: Semagic - C:\Program Files\Semagic\link.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YPager.exe ()
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YPager.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {3234504D-0000-0010-8000-00AA00389B71} http://codecs.micros...386/mpeg4ax.CAB (Reg Error: Key error.)
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.sy...eqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.co.../DellSystem.CAB (DellSystem.Scanner)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\MCPClient: DllName - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\user1\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user1\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\taskmgr.exe: Debugger - "C:\Program Files\AnVir Task Manager\AnVir.exe" (AnVir Software)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.06.30 13.45.42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.09.21 22.23.20 | 000,000,055 | ---- | M] () - G:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{6a6c893c-e5e1-11de-9a55-001143a5fab6}\Shell - "" = AutoRun
O33 - MountPoints2\{6a6c893c-e5e1-11de-9a55-001143a5fab6}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6a6c893c-e5e1-11de-9a55-001143a5fab6}\Shell\AutoRun\command - "" = H:\Photo_Viewer.exe
O33 - MountPoints2\{afcb8830-f7d0-11d9-95c5-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{afcb8830-f7d0-11d9-95c5-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{afcb8830-f7d0-11d9-95c5-806d6172696f}\Shell\AutoRun\command - "" = D:\autorun.exe
O33 - MountPoints2\{e2845c3e-ffa7-11dc-b3ef-001143a5fab6}\Shell\AutoRun\command - "" = G:\ -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.01.13 15.20.28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user1\Desktop\OTL.exe
[2011.01.13 00.01.37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011.01.05 13.07.19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011.01.05 13.07.18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011.01.03 19.38.26 | 000,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2011.01.03 19.36.35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011.01.03 18.42.08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Borders Desktop
[2011.01.03 18.41.38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Borders Desktop
[2011.01.03 18.39.42 | 000,000,000 | ---D | C] -- C:\Program Files\Borders Desktop
[2011.01.03 16.50.20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Desktop\ceremony
[2011.01.03 14.28.48 | 017,208,130 | ---- | C] (GOG.com ) -- C:\Documents and Settings\user1\Desktop\freespace_expansion_part0.gogDownload
[2011.01.02 23.08.17 | 000,000,000 | ---D | C] -- C:\Program Files\PDFZilla
[2010.12.27 21.35.16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Desktop\kinship
[2010.12.27 20.33.56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Desktop\100NIKON
[2010.12.23 20.59.04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\My Documents\The Lord of the Rings Online
[2010.12.23 20.59.04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\The Lord of the Rings Online
[2010.12.23 20.32.49 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010.12.23 20.32.49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
[2010.12.23 20.32.00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\WinRAR
[2010.12.23 20.31.50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Start Menu\Programs\WinRAR
[2010.12.23 20.31.50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2010.12.20 22.45.01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\.minecraft
[2010.12.18 23.23.31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2010.12.17 21.53.20 | 014,715,008 | ---- | C] (Dropbox, Inc.) -- C:\Documents and Settings\user1\Desktop\Dropbox 1.0.10.exe
[2010.12.14 23.14.05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RVLGames
[2007.12.10 22.56.44 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.01.13 15.29.55 | 000,000,392 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7DD405FA-CD81-431D-BD0A-0F6B00BA5F78}.job
[2011.01.13 15.29.04 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1343024091-682003330-1003UA.job
[2011.01.13 15.27.39 | 000,000,073 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\beep.sys - beep.sys Removal Instructions.url
[2011.01.13 15.20.29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user1\Desktop\OTL.exe
[2011.01.13 14.56.02 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011.01.13 14.50.58 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011.01.13 14.50.00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.13 14.48.36 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.13 14.48.20 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2011.01.13 14.48.14 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.13 14.47.51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.13 14.47.32 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011.01.13 14.29.16 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2011.01.13 05.29.00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1343024091-682003330-1003Core.job
[2011.01.13 00.00.37 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.01.12 23.33.00 | 000,000,548 | ---- | M] () -- C:\WINDOWS\tasks\Rescue Reminder for 2HAA7K8A.job
[2011.01.12 17.26.01 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.01.12 02.40.04 | 176,795,648 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2011.01.09 23.08.18 | 000,010,062 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\More Questions.rtf
[2011.01.07 22.23.33 | 000,002,155 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2011.01.03 19.38.20 | 000,000,873 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2011.01.03 14.28.48 | 017,208,130 | ---- | M] (GOG.com ) -- C:\Documents and Settings\user1\Desktop\freespace_expansion_part0.gogDownload
[2011.01.03 14.26.09 | 000,000,924 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Jagged Alliance - Deadly Games.lnk
[2011.01.03 14.09.36 | 000,000,392 | ---- | M] () -- C:\WINDOWS\tasks\GlaryOneClickOptimizer.job
[2011.01.03 03.55.01 | 000,000,071 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\City of Austin - netLibrary.URL
[2011.01.02 23.12.19 | 000,000,131 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\LOTRO wallpapers.url
[2011.01.02 16.18.39 | 051,557,551 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Drawspace Guide to Getting Started with Drawing.pdf
[2011.01.02 16.18.03 | 012,063,477 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Illustrated Dictionary of Art-related Terms.pdf
[2011.01.02 16.11.57 | 000,000,074 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Welcome to Select Portfolio Servicing, Inc..url
[2011.01.02 15.47.40 | 000,000,046 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Be the curator of your favorite topic! - Scoop.it.url
[2010.12.31 12.28.02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.12.30 19.15.18 | 000,000,064 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Participation link-.url
[2010.12.30 19.15.12 | 000,000,084 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Administration link-.url
[2010.12.28 00.01.24 | 002,932,718 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\122710.mp3
[2010.12.27 22.55.54 | 000,002,463 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Logitech QuickCam.lnk
[2010.12.21 23.14.07 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\The Lord of the Rings Online.lnk
[2010.12.17 21.53.45 | 014,715,008 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\user1\Desktop\Dropbox 1.0.10.exe
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.01.13 15.27.39 | 000,000,073 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\beep.sys - beep.sys Removal Instructions.url
[2011.01.09 23.08.18 | 000,010,062 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\More Questions.rtf
[2011.01.03 19.43.20 | 000,000,392 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7DD405FA-CD81-431D-BD0A-0F6B00BA5F78}.job
[2011.01.03 19.38.20 | 000,000,873 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2011.01.03 14.26.09 | 000,000,924 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Jagged Alliance - Deadly Games.lnk
[2011.01.03 03.55.01 | 000,000,071 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\City of Austin - netLibrary.URL
[2011.01.02 23.12.02 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\LOTRO wallpapers.url
[2011.01.02 16.17.47 | 012,063,477 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Illustrated Dictionary of Art-related Terms.pdf
[2011.01.02 16.17.42 | 051,557,551 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Drawspace Guide to Getting Started with Drawing.pdf
[2011.01.02 16.11.57 | 000,000,074 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Welcome to Select Portfolio Servicing, Inc..url
[2011.01.02 15.47.40 | 000,000,046 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Be the curator of your favorite topic! - Scoop.it.url
[2010.12.30 19.15.18 | 000,000,064 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Participation link-.url
[2010.12.30 19.15.12 | 000,000,084 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Administration link-.url
[2010.12.28 00.01.20 | 002,932,718 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\122710.mp3
[2010.12.21 23.14.07 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\The Lord of the Rings Online.lnk
[2010.12.01 01.49.01 | 000,153,600 | ---- | C] () -- C:\WINDOWS\System32\WS_ATLMovie.dll
[2010.10.11 14.58.21 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini
[2010.10.11 14.37.53 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010.07.09 13.04.40 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010.07.04 21.18.42 | 000,008,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\CDAC15BA.SYS
[2010.04.02 16.17.34 | 000,179,091 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2010.02.17 19.09.57 | 000,003,480 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\mindhabits.dat
[2009.12.29 17.32.39 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\setup_ldm.iss
[2009.10.18 20.58.04 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.10.18 20.58.04 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.04.29 22.57.52 | 000,000,211 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\FontAgent Pro.ini
[2009.04.12 17.41.20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\imorefozuzifowa.dll
[2009.03.03 22.12.18 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\09wutili.sys
[2008.10.09 20.24.21 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\EZTW32.DLL
[2008.10.07 09.13.30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 09.13.22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09.13.20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 09.13.20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 09.13.20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09.13.20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 09.13.20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 09.13.20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 09.13.20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 09.13.20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.07.26 07.25.02 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008.04.02 17.08.43 | 000,138,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008.04.02 17.08.43 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\PnkBstrK.sys
[2008.03.10 14.09.12 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2008.02.29 16.16.45 | 000,151,040 | -HS- | C] () -- C:\WINDOWS\System32\VistaUltm.dll
[2008.02.29 16.16.45 | 000,027,648 | -HS- | C] () -- C:\WINDOWS\System32\Smab0.dll
[2008.02.11 17.59.01 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008.02.11 17.59.01 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008.01.31 03.03.01 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2008.01.09 23.24.17 | 000,000,026 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\tcw_config.cfg
[2008.01.08 03.06.50 | 000,000,276 | ---- | C] () -- C:\WINDOWS\game.ini
[2007.10.16 02.19.30 | 001,060,864 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2007.10.16 02.19.30 | 000,909,312 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2007.10.16 02.19.30 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2007.10.16 02.19.30 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2007.10.15 21.41.53 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2007.10.15 21.41.53 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2007.10.15 21.41.53 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2007.10.09 23.18.03 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007.08.04 14.01.51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007.07.05 13.08.17 | 000,077,312 | ---- | C] () -- C:\WINDOWS\ua2.dll
[2007.06.05 01.32.54 | 000,010,085 | ---- | C] () -- C:\WINDOWS\msvrc20.dll
[2007.05.24 16.16.07 | 000,399,360 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2007.05.24 16.16.07 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2007.05.14 14.30.46 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2007.05.11 15.12.54 | 000,057,126 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007.05.01 14.51.10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\SaiC040C_11.dll
[2007.04.22 18.15.29 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007.01.03 11.48.24 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\dec_jl6.dll
[2006.12.29 21.53.03 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.12.02 18.59.01 | 000,139,280 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2006.10.15 20.06.50 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2006.07.03 21.55.14 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2006.04.22 23.42.08 | 000,005,265 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\GdiplusUpgrade_MSIApproach_Wrapper.log
[2006.04.22 22.41.11 | 000,011,489 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006.04.05 03.29.05 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2006.03.24 22.36.37 | 002,502,656 | ---- | C] () -- C:\WINDOWS\System32\SaiC040C.Dll
[2006.03.24 22.36.37 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\SaiC040C_0C.dll
[2006.03.24 22.36.37 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\SaiC040C_10.dll
[2006.03.24 22.36.37 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\SaiC040C_0A.dll
[2006.03.24 22.36.37 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\SaiC040C_07.dll
[2006.03.24 22.36.37 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\SaiC040C_09.dll
[2006.03.06 05.24.51 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\enodpl.sys
[2006.03.06 05.24.50 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\tandpl.sys
[2005.12.03 16.36.22 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005.11.03 10.11.44 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\SaiC040C_0402.dll
[2005.09.24 22.39.42 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\user1\Local Settings\Application Data\fusioncache.dat
[2005.09.09 20.54.34 | 000,001,300 | ---- | C] () -- C:\WINDOWS\System32\cool.dll
[2005.08.29 12.11.25 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005.08.26 11.41.40 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2005.08.26 11.41.39 | 000,000,129 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2005.08.25 13.28.50 | 000,364,544 | ---- | C] () -- C:\WINDOWS\System32\psCamDat.dll
[2005.08.21 16.21.24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2005.08.20 01.25.12 | 000,082,432 | ---- | C] () -- C:\Documents and Settings\user1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005.08.09 16.13.31 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005.08.09 16.13.31 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005.06.30 14.39.59 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.06.30 08.23.04 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004.01.27 06.13.54 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2004.01.27 06.13.14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\libfaac.dll
[1996.04.03 13.33.26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2008.12.21 17.19.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy
[2010.06.07 11.48.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2006.05.27 12.54.27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7
[2008.06.20 19.47.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Awem
[2009.11.08 23.35.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2010.10.07 13.21.44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Extensis
[2007.10.21 17.57.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Extreme Picture Finder
[2008.06.24 22.22.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flood Light Games
[2007.07.12 21.39.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gameeel
[2007.08.03 23.09.44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Games
[2009.04.21 01.16.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gold Casual Games
[2008.01.07 02.00.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2007.09.23 01.26.45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2008.06.16 20.10.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrium
[2008.11.23 14.55.17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor
[2008.02.09 01.00.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Meridian93
[2007.12.10 23.02.37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2008.01.18 22.38.37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2008.06.28 20.43.16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NeoEdge Networks
[2009.09.14 14.21.29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2009.03.11 14.26.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2010.12.18 23.23.31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2010.12.15 13.32.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010.10.10 21.51.55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2010.12.14 23.14.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RVLGames
[2008.04.13 21.17.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Saitek
[2009.08.10 17.39.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2007.09.05 20.14.16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SongbirdVLC
[2009.09.16 11.11.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008.01.01 00.31.49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TERMINAL Studio
[2008.11.22 01.19.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2009.12.24 10.39.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wavelet Labs
[2007.04.13 22.49.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2007.07.12 16.07.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009.03.23 23.16.10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010.10.23 14.40.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.07.27 02.23.16 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2010.06.01 14.05.02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2009.12.31 20.44.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.05.26 15.33.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010.06.01 14.05.16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{CCE9E666-4D7C-4946-A98B-CFDE0A0C1706}
[2005.09.14 06.56.50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\.bittorrent
[2007.11.08 02.17.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\.gaim
[2010.12.20 22.45.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\.minecraft
[2009.05.27 21.39.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\.purple
[2010.08.02 00.59.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Absolute Audio Converter
[2007.12.26 19.16.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Age of Japan II
[2008.01.08 00.00.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Alawar
[2005.11.21 05.29.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Allume Systems
[2009.06.04 21.00.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Amazon
[2007.10.26 15.27.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\AptEdit
[2009.03.01 23.05.31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Archibald's Adventures
[2008.06.12 21.49.40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\ArcticLine
[2009.02.16 23.40.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Bioshock
[2008.06.07 22.05.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Bloom
[2009.06.07 00.02.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Braid
[2009.04.18 20.21.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Bump Technologies, Inc
[2009.03.25 20.50.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\com.adobe.kuler.Desktop.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009.04.21 16.22.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\com.gog.downloader.87F90EC6C28C7E479115BE2E026DB87A08BC420D.1
[2009.06.08 18.29.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\com.levitation.ColorBrowser.E8C85B0D1658562C6BF4EE77663EB3C86B87123C.1
[2009.08.21 20.37.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\com.raptr.Raptr.848BBC53270CAC248E8FA0F339176201CDEB525F.1
[2009.01.10 23.35.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Crayon Physics Deluxe
[2009.03.24 14.13.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\de.makesoft.twhirl.0EA062BC275E7ED1E6EC3762EFFD73C7158ADF33.1
[2010.01.03 16.23.44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\DeepVoyage
[2008.09.04 18.13.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\DoubleSafety
[2011.01.13 14.52.39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Dropbox
[2008.10.11 21.54.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\EleFun Games
[2007.07.17 14.51.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Eltima Software
[2009.04.30 00.00.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Extensis
[2006.07.01 22.06.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\FlashFXP
[2006.08.13 20.12.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Flickr
[2008.06.24 22.22.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Flood Light Games
[2009.03.08 12.08.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Gamelab
[2008.06.29 23.27.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Genimo
[2008.07.13 00.34.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\GetRightToGo
[2007.10.13 20.06.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\GlarySoft
[2009.10.24 21.31.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Gold Casual Games
[2007.11.21 17.34.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\gtk-2.0
[2008.06.28 17.50.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Home Sweet Home
[2007.09.12 23.03.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\IcoFX
[2010.07.03 15.19.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\IdeaBoxGame
[2007.05.04 21.25.17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\IMBT
[2005.06.30 14.04.37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Infineon
[2008.11.14 20.18.39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\JAM Software
[2008.04.12 20.51.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Jane s Hotel
[2009.03.30 00.36.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Jane s Hotel Family Hero
[2009.04.16 02.04.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Jetbricks
[2009.04.10 13.28.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\JustResizeIt.742E03C4887133AEE1D0C646BCFAA94B0D0E9874.1
[2009.03.31 20.42.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Klok.AF6B2973D903BFAE0589C27890FE0146C233490A.1
[2010.11.18 22.52.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Launchy
[2005.11.20 02.21.20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Leadertech
[2008.01.07 22.38.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Legends of pirates
[2008.11.21 23.52.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\LimeWire
[2008.01.19 20.57.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Meridian93
[2007.11.15 00.28.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Miranda
[2009.06.04 01.03.31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Mp3 Music Editor
[2005.11.26 21.55.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\My Games
[2008.08.30 23.37.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Mythic Adventure
[2008.01.18 22.19.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\NCH Swift Sound
[2009.04.15 18.18.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\NetStat Agent
[2009.03.30 00.33.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Notepad++
[2010.06.14 11.53.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Obsidium
[2010.07.17 20.07.47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\OnLive
[2008.11.22 22.30.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\OpenOffice.org
[2007.01.10 17.54.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Opera
[2009.03.11 14.26.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\PlayFirst
[2010.11.11 23.15.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Playrix Entertainment
[2008.02.26 22.59.42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\PPTminimizer
[2007.09.29 23.18.03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Publish Providers
[2010.06.07 00.50.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\RainbowGames
[2010.12.06 03.50.42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Raptr
[2009.08.02 15.52.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\RenPy
[2009.12.30 16.58.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\runic games
[2010.08.02 01.03.29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\RunningPillow
[2009.12.07 17.11.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\SecondLife
[2008.01.19 20.57.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Softplicity
[2009.09.10 23.39.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Software Informer
[2007.09.05 20.12.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Songbird
[2007.09.29 23.17.35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Sony
[2008.07.19 00.42.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\SPORE Creature Creator
[2009.09.24 18.15.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Systweak
[2005.08.17 22.03.03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Thunderbird
[2010.08.01 23.52.10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Trio
[2007.03.14 17.23.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Turbine
[2009.03.24 14.00.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1
[2010.07.18 21.59.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2007.03.14 23.23.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\URSE Games
[2010.10.03 20.49.29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\uTorrent
[2009.11.16 18.27.29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Yoono
[2011.01.13 14.56.02 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011.01.13 14.48.20 | 000,000,312 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job
[2011.01.03 14.09.36 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryOneClickOptimizer.job
[2011.01.13 14.50.58 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011.01.12 23.33.00 | 000,000,548 | ---- | M] () -- C:\WINDOWS\Tasks\Rescue Reminder for 2HAA7K8A.job
[2011.01.13 15.29.55 | 000,000,392 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{7DD405FA-CD81-431D-BD0A-0F6B00BA5F78}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 184 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DCD39382
@Alternate Data Stream - 167 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CF39FA77
@Alternate Data Stream - 166 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4F0FFA06
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E1D6C864

< End of report >
  • 0

Advertisements

#2
RKinner
Posted 18 January 2011 - 08:10 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Submit these 3 files to http://virustotal.com and let me know what they say.

C:\WINDOWS\imorefozuzifowa.dll
C:\WINDOWS\System32\09wutili.sys
C:\Documents and Settings\user1\Application Data\Dropbox\bin\Dropbox.exe

Uninstall:

AnVir Task Manager (One anti-virus is enough)

Spybot S&D
Ad Aware
Superantispyware
(they might interfere with our fixes)

Delete the folder:
C:\Documents and Settings\All Users\Application Data\Avg7
(We will run combofix and it is allergic to AVG)
If it exists also delete
C:\Program Files\AVG7

  • 1 - Flash Drive Disinfector
    Download Flash_Disinfector.exe by sUBs from here and save it to your desktop.
    [list]
  • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
  • The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.
  • Wait until it has finished scanning and then exit the program.
  • Reboot your computer when done.

    Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you run it. Don't delete this folder...it will help protect your drives from future infection.

Download and install Autorrun Eater 2.5
http://www.softpedia...run-Eater.shtml

This is a small program that will stay resident and prevent infected USB devices from infecting your PC again.

Turn off or Pause your Antivirus.

Download Combofix from any of the links below but rename it to george.exe before saving it to your desktop.

Link 1
Link 2
Link 3


==================================


Double click on george.exe & follow the prompts. Allow it to install the Recovery Console. It may need to reboot.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt so we can continue cleaning the system.

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Download TDSSKiller and save it to your Desktop.

  • Extract the file and run it.
  • Once completed it will create a log in the root directory (usually C:\).
  • Please post the contents of that log in your next reply.

Please download MBRCheck.exe to your Desktop. Run the application.

If no infection is found, it will produce a report on the desktop. Post that report in your next reply.

If an infection is found, you will be presented with the following dialog:

Enter 'Y' and hit ENTER for more options, or 'N' to exit:


Type N and press Enter. A report will be produced on the desktop. Post that report in your next reply.



Run OTL again.

In the Extra Registry group, Select the Use SafeList option. In the File Scans areas set the File Age to 90 Days.
Press the Run Scan button.

You will receive two logs. Please post (copy and paste do not attach) them both.

Ron
  • 0

#3
Anamacha
Posted 18 January 2011 - 09:23 PM

Anamacha

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 129 posts
okay, thanks for your help :D I started doing these things today, and I'll likely finish tomorrow.

I tried uploading the C:\WINDOWS\imorefozuzifowa.dll file and found out that it's a 0 byte file.
the next file is clean:

File name: 09wutili.sys
Submission date: 2011-01-19 03:06:02 (UTC)
Current status: finished
Result: 0/ 43 (0.0%)


as for Dropbox.exe, the file is too big to upload to VirusTotal. However, I trust the application as it's vouched for by the entire Lifehacker community, of which I am a part.

Regarding AnVir -- despite the name, it's not a virus checker. It's actually a Task Manager replacement similar to ProcessLasso. AnVBir was actually the tool I was using when I saw the beep.sys and the other thing I saw.

I deleted the AVG stuff; I don't use it any more. I currently use avast! for virus coverage.

I'll tackle the other stuff tomorrow when I have more time.

Again, thanks for your help.

Edited by Anamacha, 18 January 2011 - 09:25 PM.

  • 0

#4
Anamacha
Posted 28 January 2011 - 04:47 PM

Anamacha

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 129 posts
okay, I ran Flash Disinfector and it just said "Done!!"

I ran it a few days ago and it asked for a flash drive; I have several of them so I skipped over that.

Installed and ran Autorun Eater without any problems.

Uninstalled Superantispyware, Spybot SD and AdAware. Forgot to reboot so I got an Adaware popup when Combofix was running, but I allowed it. Combofix didn't report any errors.

I did download Combofix about a week ago. I saved it as george.exe like you suggested. When I ran the program it found an update, which I them allowed.

Combofix deleted all my color profiles; I am a graphic designer so I need those.

I attached the ComboFix log to this post. Attached File  ComboFix.txt   82.7KB   174 downloads

I should also note that beep.sys was running again after combofix finished. This time I was able to disable its startup in the Anvir program and I killed the process. If I deleted the file from C:\WINDOWS\system32\drivers\Beep.sys it would probably just come back, huh?



I perused the log it presented me, and I noticed that it had a section for "files created in the last month." I should note that I've been having this problem for about 6 months.

I will proceed with the MalwareBytes thing next.

Edited by Anamacha, 28 January 2011 - 04:47 PM.

  • 0

#5
RKinner
Posted 28 January 2011 - 05:28 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Please copy and paste your logs. Don't attach them they are too hard to work with that way. Please repost the Combofix log.

Please post (copy and paste) the file:
C:\Qoobox\ComboFix-quarantined-files.txt
and we will make combofix put back your color files.

I've got to run. When we get back we will check out your regedit and beep files and see if we can figure out why sig check is so unhappy.


Ron
  • 0

#6
Anamacha
Posted 28 January 2011 - 05:42 PM

Anamacha

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 129 posts
mbam didn't find anything:


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5632

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11.01.28 5.12.14 PM
mbam-log-2011-01-28 (17-12-14).txt

Scan type: Quick scan
Objects scanned: 163006
Time elapsed: 6 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



TDSSKiller found something called SPTD.sys that it labelled suspicious -- it is part of a program I no longer use. I found this link regarding that program; it appears to be legitimate. The Log: Attached File  TDSSKiller.2.4.15.0_28.01.2011_17.31.44_log.txt   48.09KB   155 downloads


MBRCheck found that I had a nonstandard boot sector. I hit N like you said, and declined to act on the situation. Here's the log: Attached File  MBRCheck_01.28.11_17.38.39.txt   15.37KB   189 downloads
  • 0

#7
Anamacha
Posted 28 January 2011 - 05:46 PM

Anamacha

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 129 posts
Oh, sorry about the attachment of logs; I didn't know it was more difficult for you. I'll paste in the combofix log to this post. I'll do the same for the other logs I attached.


ComboFix 11-01-28.01 - user1 11.01.28 15.59.46.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1250 [GMT -6:00]
Running from: c:\documents and settings\user1\Desktop\george.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\user1\Local Settings\Application Data\{5C3A97C1-1D8C-4577-8D2B-F1C45E72000A}
c:\documents and settings\user1\Local Settings\Application Data\{5C3A97C1-1D8C-4577-8D2B-F1C45E72000A}\chrome.manifest
c:\documents and settings\user1\Local Settings\Application Data\{5C3A97C1-1D8C-4577-8D2B-F1C45E72000A}\chrome\content\_cfg.js
c:\documents and settings\user1\Local Settings\Application Data\{5C3A97C1-1D8C-4577-8D2B-F1C45E72000A}\chrome\content\c.js
c:\documents and settings\user1\Local Settings\Application Data\{5C3A97C1-1D8C-4577-8D2B-F1C45E72000A}\chrome\content\overlay.xul
c:\documents and settings\user1\Local Settings\Application Data\{5C3A97C1-1D8C-4577-8D2B-F1C45E72000A}\install.rdf
c:\windows\msvrc20.dll
c:\windows\system\Color
c:\windows\system\Color\AF900_55.icm
c:\windows\system\Color\AF900_65.icm
c:\windows\system\Color\AF900_93.icm
c:\windows\system\Color\AG900_10.icm
c:\windows\system\Color\AG900_50.icm
c:\windows\system\Color\AG900_60.icm
c:\windows\system\Color\AG900_65.icm
c:\windows\system\Color\AG900_70.icm
c:\windows\system\Color\AG900_80.icm
c:\windows\system\Color\AG900_93.icm
c:\windows\system\Color\AP520_55.icm
c:\windows\system\Color\AP520_65.icm
c:\windows\system\Color\AP520_93.icm
c:\windows\system\Color\AP520_df.icm
c:\windows\system\Color\AP800_72.icm
c:\windows\system\Color\AR36HT_93.icm
c:\windows\system\Color\AX700_55.icm
c:\windows\system\Color\AX700_65.icm
c:\windows\system\Color\AX700_93.icm
c:\windows\system\Color\AX740_50.icm
c:\windows\system\Color\AX740_65.icm
c:\windows\system\Color\AX740_93.icm
c:\windows\system\Color\AX750_55.icm
c:\windows\system\Color\AX750_65.icm
c:\windows\system\Color\AX750_93.icm
c:\windows\system\Color\C2001_55.icm
c:\windows\system\Color\C2001_65.icm
c:\windows\system\Color\C2001_93.icm
c:\windows\system\Color\DPP550.icm
c:\windows\system\Color\DPP800.icm
c:\windows\system\Color\E2000_50.icm
c:\windows\system\Color\E2000_55.icm
c:\windows\system\Color\E2000_65.icm
c:\windows\system\Color\E2000_75.icm
c:\windows\system\Color\E2000_93.icm
c:\windows\system\Color\E2010_55.icm
c:\windows\system\Color\E2010_65.icm
c:\windows\system\Color\E2010_93.icm
c:\windows\system\Color\E500n_55.icm
c:\windows\system\Color\E500n_65.icm
c:\windows\system\Color\E500n_93.icm
c:\windows\system\Color\E710-1b5.icm
c:\windows\system\Color\E710-1b6.icm
c:\windows\system\Color\E710-1b9.icm
c:\windows\system\Color\E900-2_5.icm
c:\windows\system\Color\E900-2_6.icm
c:\windows\system\Color\E900-2_9.icm
c:\windows\system\Color\EO400_93.icm
c:\windows\system\Color\EO500_55.icm
c:\windows\system\Color\EO500_65.icm
c:\windows\system\Color\EO500_93.icm
c:\windows\system\Color\EO505_50.icm
c:\windows\system\Color\EO505_65.icm
c:\windows\system\Color\EO505_93.icm
c:\windows\system\Color\EO700_55.icm
c:\windows\system\Color\EO700_65.icm
c:\windows\system\Color\EO700_93.icm
c:\windows\system\Color\EO705_65.icm
c:\windows\system\Color\EO705_93.icm
c:\windows\system\Color\EO710_55.icm
c:\windows\system\Color\EO710_65.icm
c:\windows\system\Color\EO710_93.icm
c:\windows\system\Color\EO720_55.icm
c:\windows\system\Color\EO720_65.icm
c:\windows\system\Color\EO720_93.icm
c:\windows\system\Color\EO750_55.icm
c:\windows\system\Color\EO750_65.icm
c:\windows\system\Color\EO750_93.icm
c:\windows\system\Color\EO900_55.icm
c:\windows\system\Color\EO900_65.icm
c:\windows\system\Color\EO900_93.icm
c:\windows\system\Color\EO930_55.icm
c:\windows\system\Color\EO930_65.icm
c:\windows\system\Color\EO930_93.icm
c:\windows\system\Color\EO935_55.icm
c:\windows\system\Color\EO935_65.icm
c:\windows\system\Color\EO935_93.icm
c:\windows\system\Color\Ul100_55.icm
c:\windows\system\Color\Ul100_65.icm
c:\windows\system\Color\Ul100_93.icm
c:\windows\system\Color\UL42_93.icm
c:\windows\system\Color\UL50e_65.icm
c:\windows\system\Color\UL50e_93.icm
c:\windows\system\Color\Ul52_65.icm
c:\windows\system\Color\Ul52_93.icm
c:\windows\system\Color\UL72e_65.icm
c:\windows\system\Color\UL72e_93.icm
c:\windows\system\Color\UL74_55.icm
c:\windows\system\Color\UL74_65.icm
c:\windows\system\Color\UL74_93.icm
c:\windows\system\Color\Ul75_65.icm
c:\windows\system\Color\Ul75_93.icm
c:\windows\system\Color\UL77_65.icm
c:\windows\system\Color\UL77_93.icm
c:\windows\system\Color\UL77e_65.icm
c:\windows\system\Color\UL77e_93.icm
c:\windows\system\Color\Ul90_55h.icm
c:\windows\system\Color\Ul90_65h.icm
c:\windows\system\Color\Ul90_93h.icm
c:\windows\system\Color\Ul90_93s.icm
c:\windows\system\Color\UL90e_50.icm
c:\windows\system\Color\UL90e_65.icm
c:\windows\system\Color\UL90e_93.icm
c:\windows\system\Color\UL92_72.icm
c:\windows\system\Color\UL92_93.icm
c:\windows\system\Color\UL95_55.icm
c:\windows\system\Color\UL95_65.icm
c:\windows\system\Color\UL95_93.icm
c:\windows\system\Color\UL95e_65.icm
c:\windows\system\Color\UL95e_93.icm
c:\windows\TEMP\logishrd\LVPrcInj01.dll
G:\Autorun.inf
G:\install.exe

c:\windows\regedit.exe . . . is infected!!

.
((((((((((((((((((((((((( Files Created from 2010-12-28 to 2011-01-28 )))))))))))))))))))))))))))))))
.

2011-01-25 22:43 . 2011-01-25 22:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Autorun Eater
2011-01-25 22:42 . 2011-01-25 22:42 -------- d-----w- c:\program files\Autorun Eater
2011-01-24 21:00 . 2011-01-13 09:41 5890896 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{39300753-ED39-4881-8E00-0C0AB96A4BBF}\mpengine.dll
2011-01-16 08:49 . 2011-01-16 08:49 -------- d-----w- c:\documents and settings\user1\Application Data\Awem
2011-01-14 04:32 . 2011-01-14 04:32 -------- d-----w- c:\documents and settings\All Users\Application Data\ProcessLasso
2011-01-14 04:32 . 2011-01-14 04:33 -------- d-----w- c:\program files\Process Lasso
2011-01-14 04:32 . 2011-01-14 04:33 -------- d-----w- c:\documents and settings\user1\Application Data\ProcessLasso
2011-01-13 05:53 . 2011-01-13 05:53 -------- d-----w- c:\windows\system32\wbem\Repository
2011-01-05 19:07 . 2011-01-05 19:07 -------- d-----w- c:\program files\Common Files\Skype
2011-01-04 01:38 . 2011-01-04 01:38 -------- d--h--w- c:\windows\msdownld.tmp
2011-01-04 01:36 . 2011-01-04 01:38 -------- dc-h--w- c:\windows\ie8
2011-01-04 00:42 . 2011-01-04 00:42 -------- d-----w- c:\documents and settings\user1\Local Settings\Application Data\Borders Desktop
2011-01-04 00:39 . 2011-01-04 00:41 -------- d-----w- c:\program files\Borders Desktop
2011-01-03 05:08 . 2011-01-03 05:08 -------- d-----w- c:\program files\PDFZilla

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-26 20:07 . 2010-12-01 07:49 153600 ----a-w- c:\windows\system32\WS_ATLMovie.dll
2010-11-26 20:07 . 2010-01-10 06:52 25704 ----a-w- c:\windows\system32\drivers\WsAudio_DeviceS(5).sys
2010-11-26 20:07 . 2010-01-10 06:51 25704 ----a-w- c:\windows\system32\drivers\WsAudio_DeviceS(4).sys
2010-11-26 20:07 . 2010-01-10 06:51 25704 ----a-w- c:\windows\system32\drivers\WsAudio_DeviceS(3).sys
2010-11-26 20:07 . 2010-01-10 06:50 25704 ----a-w- c:\windows\system32\drivers\WsAudio_DeviceS(2).sys
2010-11-26 20:07 . 2010-01-10 06:49 25704 ----a-w- c:\windows\system32\drivers\WsAudio_DeviceS(1).sys
2010-11-12 18:46 . 2010-11-12 18:46 4280320 ----a-w- c:\windows\system32\GPhotos.scr
2010-11-10 04:33 . 2006-04-27 23:40 6273872 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2010-11-03 18:09 . 2010-11-03 18:09 37376 ----a-w- c:\windows\system32\libusb0.dll
2010-11-03 18:09 . 2010-11-03 18:09 21504 ----a-w- c:\windows\system32\drivers\libusb0.sys
2007-12-11 04:56 . 2007-12-11 04:56 774144 ----a-w- c:\program files\RngInterstitial.dll
2005-09-15 23:26 . 2005-08-18 03:55 44153 ----a-w- c:\program files\mozilla firefox\components\inspector.dll
2006-05-03 10:06 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 31232 --sh--r- c:\windows\system32\msfDX.dll
2007-12-17 13:43 27648 --sh--w- c:\windows\system32\Smab0.dll
2008-02-04 19:26 151040 --sh--w- c:\windows\system32\VistaUltm.dll
.

------- Sigcheck -------

[-] 2004-08-12 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\atapi.sys

[-] 2004-08-12 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys
[-] 2004-08-12 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\asyncmac.sys
[-] 2004-08-12 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys

[-] 2004-08-12 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2004-08-12 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

[-] 2004-08-12 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0015\DriverFiles\i386\kbdclass.sys
[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys
[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\kbdclass.sys
[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys

[-] 2004-08-12 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys
[-] 2004-08-12 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ndis.sys
[-] 2004-08-12 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ndis.sys

[-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\system32\drivers\ntfs.sys

[-] 2004-08-12 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2004-08-12 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys

[-] 2004-08-12 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll
[-] 2004-08-12 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll
[-] 2004-08-12 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\browser.dll

[-] 2004-08-12 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe
[-] 2004-08-12 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe
[-] 2004-08-12 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\lsass.exe

[-] 2005-08-22 . 36739B39267914BA69AD0610A0299732 . 197632 . . [5.1.2600.2743] . . c:\windows\$NtServicePackUninstall$\netman.dll
[-] 2005-08-22 . 36739B39267914BA69AD0610A0299732 . 197632 . . [5.1.2600.2743] . . c:\windows\system32\netman.dll
[-] 2005-08-22 . 36739B39267914BA69AD0610A0299732 . 197632 . . [5.1.2600.2743] . . c:\windows\system32\dllcache\netman.dll
[-] 2005-08-22 . 3516D8A18B36784B1005B950B84232E1 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll

[-] 2004-08-12 13:18 . 6728270CB7DBB776ED086F5AC4C82310 . 792064 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll
[-] 2004-08-12 13:18 . 6728270CB7DBB776ED086F5AC4C82310 . 792064 . . [2001.12.4414.258] . . c:\windows\system32\comres.dll
[-] 2004-08-12 13:18 . 6728270CB7DBB776ED086F5AC4C82310 . 792064 . . [2001.12.4414.258] . . c:\windows\system32\dllcache\comres.dll

[-] 2004-08-12 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
[-] 2004-08-12 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll
[-] 2004-08-12 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\system32\dllcache\qmgr.dll

[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2005-07-26 . CE94A2BD25E3E9F4D46A7373FF455C6D . 397824 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2005-07-26 . CE94A2BD25E3E9F4D46A7373FF455C6D . 397824 . . [5.1.2600.2726] . . c:\windows\system32\rpcss.dll
[-] 2005-07-26 . CE94A2BD25E3E9F4D46A7373FF455C6D . 397824 . . [5.1.2600.2726] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2005-07-26 . C369DF215D352B6F3A0B8C3469AA34F8 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2005-04-28 . DA383FB39A6F1C445F3AFC94B3EB1248 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
[-] 2005-01-14 . 94456045BEB4545B5EBE1DCC85951AFA . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll

[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2004-08-12 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe
[-] 2004-08-12 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\system32\services.exe
[-] 2004-08-12 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\services.exe

[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\system32\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\system32\dllcache\spoolsv.exe

[-] 2004-08-12 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
[-] 2004-08-12 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
[-] 2004-08-12 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\winlogon.exe

[-] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[-] 2004-08-12 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2004-08-12 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

[-] 2004-08-12 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
[-] 2004-08-12 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll
[-] 2004-08-12 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\cryptsvc.dll

[-] 2008-07-07 20:32 . 60D1A6342238378BFB7545C81EE3606C . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll
[-] 2008-07-07 20:32 . 60D1A6342238378BFB7545C81EE3606C . 253952 . . [2001.12.4414.320] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:32 . 60D1A6342238378BFB7545C81EE3606C . 253952 . . [2001.12.4414.320] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:06 . A4AB3DCA4A383F0DF4988ABDEB84F9A4 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2005-07-26 04:20 . 95F5FEA4C6DE2C3F28784D0DCC8F0DD3 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll

[-] 2004-08-12 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll
[-] 2004-08-12 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll
[-] 2004-08-12 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\imm32.dll

[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2007-04-16 . 09F7CB3687F86EDAA4CA081F7AB66C03 . 986112 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[-] 2007-04-16 . A01F9CA902A88F7CED06884174D6419D . 984576 . . [5.1.2600.3119] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2007-04-16 . A01F9CA902A88F7CED06884174D6419D . 984576 . . [5.1.2600.3119] . . c:\windows\system32\kernel32.dll
[-] 2007-04-16 . A01F9CA902A88F7CED06884174D6419D . 984576 . . [5.1.2600.3119] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2006-07-05 . 0FDD84928A5DDE2510761B7EC76CCEC9 . 985088 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll

[-] 2005-09-01 . 648BF0B4DDE4F7A1156DAE7174D36EFA . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\system32\linkinfo.dll
[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\system32\dllcache\linkinfo.dll

[-] 2004-08-12 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll
[-] 2004-08-12 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll
[-] 2004-08-12 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\lpk.dll

[-] 2010-09-10 . 8A03CC037E6B7D1796192815231B0C3F . 5958656 . . [8.00.6001.23067] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll
[-] 2010-06-24 . 94DC7E938C57F3C3D1BC4A0F68FC5830 . 5954560 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll
[-] 2010-05-06 . 9BE28F749A7FE7F8F177C6AA2E9DA609 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[-] 2010-02-25 . 974772C74DA7C7A8E7C813A9908A845F . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
[-] 2009-12-21 . E6B64C6C729BBC38AB7CC92CE33F97A5 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[-] 2009-10-29 . C0F9AC6FAB2C788FFEE3E69585A0E93F . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[-] 2009-10-22 . A6CF28C6E0B6D10098AB601D85EE55E8 . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[-] 2009-08-29 . B68F6E6C66D17D9EDABF3D5DA71046DA . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[-] 2009-07-19 . F25D866DD486AD30E05E5596CB363C3E . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[-] 2009-05-13 . 1290E417BF806185CC7B2845E78A104E . 5936128 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\system32\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2009-02-21 . 1BB754AB47B327DE8DBF2FA18C36357C . 3596800 . . [7.00.6000.21015] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll
[-] 2009-02-20 . C7C3E41CC2F6EB4A629FE2184136C098 . 3595264 . . [7.00.6000.16825] . . c:\windows\ie8\mshtml.dll
[-] 2009-01-17 . 3B413267DA8AE71C20E5EF3E54F74728 . 3594752 . . [7.00.6000.16809] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll
[-] 2009-01-16 . CC9D001B7370B292C35B366CA05B12B4 . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
[-] 2008-12-13 . 121EC39A64D64205A88C2C45B034B455 . 3593216 . . [7.00.6000.16788] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll
[-] 2008-12-13 . C79FAD61CD4A26ED5AA8C16D991C6FBD . 3594752 . . [7.00.6000.20973] . . c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
[-] 2008-10-17 . EACAEDEF6FA2A969DE5B36190D45396F . 3593216 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB960714-IE7\mshtml.dll
[-] 2008-10-16 . B74F31A4BD83797D7A083F922169287D . 3595264 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
[-] 2008-08-27 . 1AD035E04A7068EC2820B055A3131ED8 . 3593216 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\mshtml.dll
[-] 2008-08-26 . 25CC085720EE3617FD1F8AB9E2F7CAB2 . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
[-] 2008-06-24 . EC936148284F557F19C333178768109B . 3592192 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\mshtml.dll
[-] 2008-06-23 . 28B8231CA8D55FC85E027A57C90F5C88 . 3594240 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
[-] 2008-04-24 . 8976CAB317105F7431B08EA32AB73C65 . 3591680 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\mshtml.dll
[-] 2008-04-23 . 4D612FF5D3B7EEF200595AE6F95D5E68 . 3593728 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
[-] 2008-03-01 . AB2C88167D78D71D93558ACECB24CC7A . 3591680 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\mshtml.dll
[-] 2008-03-01 . 4EE273E2B09317C1217EF0DB91F93534 . 3593216 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
[-] 2007-12-08 . A097C36412455F0C7E42377FAF8809B7 . 3592192 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\mshtml.dll
[-] 2007-12-07 . 976C46ED4A75FC66D9C596778898CE1E . 3593216 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
[-] 2007-10-30 . 54D8B404F17AA74C666F7F3AEF2AE459 . 3593216 . . [7.00.6000.20710] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll
[-] 2007-10-30 . 8AB7ECF59D6EBBE986277B65ED4A40A1 . 3590656 . . [7.00.6000.16587] . . c:\windows\ie7updates\KB944533-IE7\mshtml.dll
[-] 2007-08-20 . E267EE248CDA7667C19001C069DE867B . 3584512 . . [7.00.6000.16544] . . c:\windows\ie7updates\KB942615-IE7\mshtml.dll
[-] 2007-08-20 . AA8A4BD78D24FCDB96DDAEE3756AA372 . 3592192 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll
[-] 2007-07-19 . BD609A26B683332A0E0E1445C5724851 . 3583488 . . [7.00.6000.16525] . . c:\windows\ie7updates\KB939653-IE7\mshtml.dll
[-] 2007-07-18 . 7CE243CFD47AD0DC431586CB8C542A11 . 3584000 . . [7.00.6000.20641] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\mshtml.dll
[-] 2007-05-08 . 1D4E3B86C601A2497C99790CC4D7DF26 . 3584000 . . [7.00.6000.20591] . . c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\mshtml.dll
[-] 2007-05-08 . 5D90A7200F72DACE663EE78DE234FCC7 . 3583488 . . [7.00.6000.16481] . . c:\windows\ie7updates\KB937143-IE7\mshtml.dll
[-] 2007-03-07 . 190E1AE9B973049B12A67BAD478C770C . 3581952 . . [7.00.6000.16441] . . c:\windows\ie7updates\KB933566-IE7\mshtml.dll
[-] 2007-03-07 . DA297A862E5F093A07D37C05F608C686 . 3582976 . . [7.00.6000.20544] . . c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\mshtml.dll
[-] 2007-01-12 . 5D45318804A30CE9D6EA83066E84B4A7 . 3580416 . . [7.00.6000.16414] . . c:\windows\ie7updates\KB931768-IE7\mshtml.dll
[-] 2006-11-08 . CBF04597F9CF7739E572276A2698FDD3 . 3577856 . . [7.00.5730.11] . . c:\windows\ie7updates\KB928090-IE7\mshtml.dll
[-] 2006-09-14 . CEFEA1C301139A817931BE132F0359FE . 3058688 . . [6.00.2900.2995] . . c:\windows\ie7\mshtml.dll
[-] 2005-11-24 . D3F037F5DA702AE9DDD7663EC9D78BA7 . 3018240 . . [6.00.2900.2802] . . c:\windows\$hf_mig$\KB905915\SP2QFE\mshtml.dll
[-] 2005-10-05 . 3394299FBF1CD0B24089FC762611360B . 3017728 . . [6.00.2900.2769] . . c:\windows\$hf_mig$\KB896688\SP2QFE\mshtml.dll
[-] 2005-07-20 . A14A7A206AE22DE4FE563E44CFC7DDF5 . 3016192 . . [6.00.2900.2722] . . c:\windows\$hf_mig$\KB896727\SP2QFE\mshtml.dll
[-] 2005-05-02 . DCC5C79B99F02EEF8C826B074DBFC222 . 3014144 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\mshtml.dll

[-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2004-08-12 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2004-08-12 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll
[-] 2004-08-12 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\system32\dllcache\msvcrt.dll
[-] 2004-08-12 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2004-08-12 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll

[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 097722F235A1FB698BF9234E01B52637 . 245248 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
[-] 2008-06-20 . 097722F235A1FB698BF9234E01B52637 . 245248 . . [5.1.2600.3394] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 097722F235A1FB698BF9234E01B52637 . 245248 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . 1DFCA7713EA5A70D5D93B436AEA0317A . 245248 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll

[-] 2004-08-12 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll
[-] 2004-08-12 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\system32\netlogon.dll
[-] 2004-08-12 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\netlogon.dll

[-] 2004-08-12 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll
[-] 2004-08-12 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll
[-] 2004-08-12 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\powrprof.dll

[-] 2004-08-12 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll
[-] 2004-08-12 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll
[-] 2004-08-12 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\scecli.dll

[-] 2004-08-12 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll
[-] 2004-08-12 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll
[-] 2004-08-12 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\sfc.dll

[-] 2004-08-12 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe
[-] 2004-08-12 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe
[-] 2004-08-12 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\svchost.exe

[-] 2005-07-08 . 1418A3A6E76E5A2E3F5E43866E793A8B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:\windows\system32\tapisrv.dll
[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:\windows\system32\dllcache\tapisrv.dll

[-] 2007-03-08 . 7AA4F6C00405DFC4B70ED4214E7D687B . 578048 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . B409909F6E2E8A7067076ED748ABF1E7 . 577536 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2007-03-08 . B409909F6E2E8A7067076ED748ABF1E7 . 577536 . . [5.1.2600.3099] . . c:\windows\system32\user32.dll
[-] 2007-03-08 . B409909F6E2E8A7067076ED748ABF1E7 . 577536 . . [5.1.2600.3099] . . c:\windows\system32\dllcache\user32.dll
[-] 2005-03-02 . 1800F293BCCC8EDE8A70E12B88D80036 . 577024 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll

[-] 2004-08-12 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
[-] 2004-08-12 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe
[-] 2004-08-12 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\userinit.exe

[-] 2010-09-10 . 0555E190DCD06B8998E6DDCA42DAEB82 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . 60237E50D575FBA9BEC9BC043F157149 . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll
[-] 2010-05-06 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[-] 2010-02-25 . 4458D59F2B0369F4D3B137541D284041 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[-] 2009-12-21 . 5E1F666B8955FD77E65D65C4C4D882A3 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . 6AF52998B90F72FF2325D84D90EDA1CC . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[-] 2009-08-29 . 972B226BDAD71C55F3CC9A72BBF8F1C1 . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[-] 2009-07-03 . 38114DAB42FB2EB84D1726C42B8D80C5 . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[-] 2009-05-13 . C0EB6850C8A02A154281749DC61FAF22 . 915456 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\system32\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\wininet.dll
[-] 2009-03-03 . 28775945CCD53DEE280EF58DEA1A94C4 . 826368 . . [7.00.6000.16827] . . c:\windows\ie8\wininet.dll
[-] 2009-03-03 . C8667854873938CA13C986F16B0CD183 . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[-] 2008-12-20 . 044E0A4E9FE97C0FB9AFE9C89E2A82E6 . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[-] 2008-12-20 . A82935D32D0672E8FF4E91AE398E901C . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll
[-] 2008-10-16 . 6741EAF7B7F110E803A6E38F6E5FA6B0 . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll
[-] 2008-10-16 . 0D5B75171FF51775B630A431B6C667E8 . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[-] 2008-08-26 . 77C192FE56A70D7FA0247BA0A6201C32 . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[-] 2008-08-26 . EF8EBA98145BFA44E80D17A3B3453300 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll
[-] 2008-06-23 . 8C13D4A7479FA0A026EDA8ABCE82C0ED . 826368 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll
[-] 2008-06-23 . C66402A06B83B036C195242C0C8CF83C . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[-] 2008-04-23 . F6589BE784647CFDBC22EA51CCB1A57A . 826368 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll
[-] 2008-04-23 . 41546B396A526918DA7995A02EA04E51 . 827392 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
[-] 2008-03-01 . AD21461AEF8244EDEC2EF18E55E1DCF3 . 826368 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\wininet.dll
[-] 2008-03-01 . 6316C2F0C61271C8ABDFF7429174879E . 827392 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
[-] 2007-12-07 . 806D274C9A6C3AAEA5EAE8E4AF841E04 . 824832 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\wininet.dll
[-] 2007-12-07 . B5B411BB229AE6EAD7652A32ED47BFB9 . 825344 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
[-] 2007-10-10 . 30C1E0F34AD2972C72A01DB5C74AB065 . 824832 . . [7.00.6000.16574] . . c:\windows\ie7updates\KB944533-IE7\wininet.dll
[-] 2007-10-10 . 0E5D918F87EFA7D2424D66B499C7EB04 . 825344 . . [7.00.6000.20696] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
[-] 2007-08-20 . 774435E499D8E9643EC961A6103C361F . 824832 . . [7.00.6000.16544] . . c:\windows\ie7updates\KB942615-IE7\wininet.dll
[-] 2007-08-20 . 357D54BF94FE9D6D8505A96B5C2A3BCA . 825344 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
[-] 2007-06-27 . D6ED5E042C5207553E7F5E842918137F . 824320 . . [7.00.6000.20627] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll
[-] 2007-06-27 . 8068CBB58FE60CC95AEB2CFF70178208 . 823808 . . [7.00.6000.16512] . . c:\windows\ie7updates\KB939653-IE7\wininet.dll
[-] 2007-04-25 . 431DEFBB4A3D7B0DC062C1B064623A2F . 823808 . . [7.00.6000.20583] . . c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\wininet.dll
[-] 2007-04-25 . 0586A7F0B2FDB94D624F399D4728E7C8 . 822784 . . [7.00.6000.16473] . . c:\windows\ie7updates\KB937143-IE7\wininet.dll
[-] 2007-03-07 . 5B35DAE6E4886F64D1DA58C4E3E01EB9 . 822784 . . [7.00.6000.16441] . . c:\windows\ie7updates\KB933566-IE7\wininet.dll
[-] 2007-03-07 . B8F4DB39CA7353752F245379D285C80E . 823296 . . [7.00.6000.20544] . . c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\wininet.dll
[-] 2007-01-12 . BE43D00D802C92F01C8CC952C6F483F8 . 822784 . . [7.00.6000.16414] . . c:\windows\ie7updates\KB931768-IE7\wininet.dll
[-] 2006-11-08 . 92995334F993E6E49C25C6D02EC04401 . 818688 . . [7.00.5730.11] . . c:\windows\ie7updates\KB928090-IE7\wininet.dll
[-] 2006-09-14 . D207370287CF769AEBEBF03837784963 . 664576 . . [6.00.2900.2995] . . c:\windows\ie7\wininet.dll
[-] 2005-10-21 . AF785C4947676A7FC1673FDC5C8D0B5B . 661504 . . [6.00.2900.2781] . . c:\windows\$hf_mig$\KB905915\SP2QFE\wininet.dll
[-] 2005-09-02 . 97A6FD7CAFD688CF2C78939EBAF0CD0C . 660480 . . [6.00.2900.2753] . . c:\windows\$hf_mig$\KB896688\SP2QFE\wininet.dll
[-] 2005-07-03 . 6E533D155B259EB2363D3E04B5BE309F . 659456 . . [6.00.2900.2713] . . c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll
[-] 2005-05-02 . E1E18136F9DD3DF1AD9C82193A5898A6 . 658944 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\wininet.dll

[-] 2004-08-12 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
[-] 2004-08-12 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll
[-] 2004-08-12 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ws2_32.dll

[-] 2004-08-12 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll
[-] 2004-08-12 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\ws2help.dll
[-] 2004-08-12 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ws2help.dll

[-] 2007-06-13 . 7712DF0CDDE3A5AC89843E61CD5B3658 . 1033216 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2007-06-13 . 97BD6515465659FF8F3B7BE375B2EA87 . 1033216 . . [6.00.2900.3156] . . c:\windows\explorer.exe
[-] 2007-06-13 . 97BD6515465659FF8F3B7BE375B2EA87 . 1033216 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . 97BD6515465659FF8F3B7BE375B2EA87 . 1033216 . . [6.00.2900.3156] . . c:\windows\system32\dllcache\explorer.exe

[-] 2010-07-16 . 8D51FB47062F2A1A9EFECCEF338A4C46 . 1289216 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll
[-] 2005-07-26 . AB8231D13692AC5088EB9C226B0C0576 . 1285120 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\ole32.dll
[-] 2005-07-26 . AB8231D13692AC5088EB9C226B0C0576 . 1285120 . . [5.1.2600.2726] . . c:\windows\system32\ole32.dll
[-] 2005-07-26 . AB8231D13692AC5088EB9C226B0C0576 . 1285120 . . [5.1.2600.2726] . . c:\windows\system32\dllcache\ole32.dll
[-] 2005-07-26 . A2F755E237FA2CDD748A80BFBE6657F3 . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll
[-] 2005-04-28 . 7440D29F257B7E44329343F944F2142C . 1286144 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll
[-] 2005-01-14 . 2E752611C9A9AE1B6BFD0DA03CF7F17E . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll

[-] 2010-04-16 . F8894BCC961D461674002B4BAE7AECC1 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[-] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll
[-] 2004-08-12 . 2EB58F9DCD6AB320B46744A4EA48B2D2 . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll
[-] 2004-08-12 . 2EB58F9DCD6AB320B46744A4EA48B2D2 . 406528 . . [1.0420.2600.2180] . . c:\windows\system32\usp10.dll
[-] 2004-08-12 . 2EB58F9DCD6AB320B46744A4EA48B2D2 . 406528 . . [1.0420.2600.2180] . . c:\windows\system32\dllcache\usp10.dll

[-] 2004-08-12 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
[-] 2004-08-12 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll
[-] 2004-08-12 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\srsvc.dll

[-] 2004-08-12 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe
[-] 2004-08-12 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe
[-] 2004-08-12 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\wscntfy.exe

[-] 2004-08-12 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll
[-] 2004-08-12 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll
[-] 2004-08-12 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\xmlprov.dll

[-] 2004-08-12 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll
[-] 2004-08-12 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll
[-] 2004-08-12 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\eventlog.dll

[-] 2004-08-12 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
[-] 2004-08-12 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[-] 2004-08-12 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\sfcfiles.dll

[-] 2004-08-12 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
[-] 2004-08-12 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe
[-] 2004-08-12 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ctfmon.exe

[-] 2006-12-19 . 6815DEF9B810AEFAC107EEAF72DA6F82 . 134656 . . [6.00.2900.3051] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
[-] 2006-12-19 . 6815DEF9B810AEFAC107EEAF72DA6F82 . 134656 . . [6.00.2900.3051] . . c:\windows\system32\shsvcs.dll
[-] 2006-12-19 . 6815DEF9B810AEFAC107EEAF72DA6F82 . 134656 . . [6.00.2900.3051] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2006-12-19 . 53D9184A21C5CBF600D918E51EF3A7E5 . 135168 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll

[-] 2004-08-12 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll
[-] 2004-08-12 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll
[-] 2004-08-12 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\regsvc.dll

[-] 2004-08-12 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll
[-] 2004-08-12 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll
[-] 2004-08-12 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\schedsvc.dll

[-] 2004-08-12 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
[-] 2004-08-12 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll
[-] 2004-08-12 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ssdpsrv.dll

[-] 2004-08-12 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll
[-] 2004-08-12 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\system32\termsrv.dll
[-] 2004-08-12 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\termsrv.dll

[-] 2004-08-12 . 765B30C776A1780B46B479FE614F707C . 344064 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll
[-] 2004-08-12 . 765B30C776A1780B46B479FE614F707C . 344064 . . [5.1.2600.2180] . . c:\windows\system32\hnetcfg.dll
[-] 2004-08-12 . 765B30C776A1780B46B479FE614F707C . 344064 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\hnetcfg.dll

[-] 2004-08-12 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll
[-] 2004-08-12 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll
[-] 2004-08-12 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\appmgmts.dll

[-] 2004-08-12 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\dllcache\acpiec.sys
[-] 2004-08-12 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$NtServicePackUninstall$\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\Driver Cache\i386\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\system32\dllcache\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\system32\drivers\aec.sys

[-] 2004-08-12 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys
[-] 2004-08-12 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2004-08-12 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys

[-] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll
[-] 2006-11-01 19:17 . 925F8B61ED301A317BA850EBEECBDAA0 . 927504 . . [4.1.0.61] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll
[-] 2006-11-01 19:17 . 925F8B61ED301A317BA850EBEECBDAA0 . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll
[-] 2006-11-01 19:17 . 925F8B61ED301A317BA850EBEECBDAA0 . 927504 . . [4.1.0.61] . . c:\windows\system32\dllcache\mfc40u.dll

[-] 2004-08-12 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
[-] 2004-08-12 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll
[-] 2004-08-12 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\msgsvc.dll

[-] 2006-10-19 03:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-19 03:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2004-09-22 23:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2004-09-22 23:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2004-08-12 13:23 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll

[-] 2010-04-28 . 756362706DE8BC92F11E197C98A73844 . 2066944 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[-] 2010-02-16 . E8B8801DE921912EBDEEFC76662F7EAD . 2024448 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[-] 2010-02-16 . DED8B5A89B085284634502E9D75AC78C . 2066944 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-12-09 . FFDCE1EEA79C678C40237D4E031E5B51 . 2066176 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\638d2a273cb5d34a9f7e327666b9e38c\SP3QFE\ntkrnlpa.exe
[-] 2009-12-08 . A6683E23468776F75EB2D8C6A02AAD3B . 2066048 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\638d2a273cb5d34a9f7e327666b9e38c\SP3GDR\ntkrnlpa.exe
[-] 2009-12-08 . 384B15FBDCE2A54089A922886DED4EA0 . 2057728 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\638d2a273cb5d34a9f7e327666b9e38c\SP2GDR\ntkrnlpa.exe
[-] 2009-12-08 . BC123D9238A0C9BB3D853E407EE77254 . 2063104 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\638d2a273cb5d34a9f7e327666b9e38c\SP2QFE\ntkrnlpa.exe
[-] 2009-08-04 . 363B2BBEE0AEDC9E5433616D0AD0236A . 2066176 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . A25E9B86EFFB2AF33BF51E676B68BFB0 . 2066048 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . 4AC58F03EB94A72809949D757FC39D80 . 2066048 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
[-] 2008-08-14 . DC097A896A03B8277457D228FD12D4E6 . 2015744 . . [5.1.2600.3427] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2008-08-14 . DC097A896A03B8277457D228FD12D4E6 . 2015744 . . [5.1.2600.3427] . . c:\windows\system32\ntkrnlpa.exe
[-] 2008-08-14 . BA002228743B6824D87F0551DBC86D45 . 2057728 . . [5.1.2600.3427] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2008-08-14 . BA002228743B6824D87F0551DBC86D45 . 2057728 . . [5.1.2600.3427] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2008-08-14 . 63EC865DFF6CCFC7BEF94B5C50297CAD . 2062976 . . [5.1.2600.3427] . . c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe
[-] 2007-02-28 . 4D3DBDCCBF97F5BA1E74F322B155C3BA . 2059392 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
[-] 2006-12-19 . BA4B97C00A437C1CC3DA365D93EE1E9D . 2059392 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe
[-] 2005-03-02 . D8ABA3EAB509627E707A3B14F00FBB6B . 2056832 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2005-03-02 . 81013F36B21C7F72CF784CC6731E0002 . 2056832 . . [5.1.2600.2622] . . c:\windows\Driver_Cache\i386\ntkrnlpa.exe

[-] 2004-08-12 13:25 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll
[-] 2004-08-12 13:25 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll
[-] 2004-08-12 13:25 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\system32\dllcache\ntmssvc.dll

[-] 2007-02-05 . 36ACA6CDC19C95FF468A1426EB7F32F0 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll
[-] 2007-02-05 . ACA5D98663D879C6BAAFCEA7E2F1B710 . 185344 . . [5.1.2600.3077] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
[-] 2007-02-05 . ACA5D98663D879C6BAAFCEA7E2F1B710 . 185344 . . [5.1.2600.3077] . . c:\windows\system32\upnphost.dll
[-] 2007-02-05 . ACA5D98663D879C6BAAFCEA7E2F1B710 . 185344 . . [5.1.2600.3077] . . c:\windows\system32\dllcache\upnphost.dll

[-] 2004-08-12 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
[-] 2004-08-12 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dsound.dll
[-] 2004-08-12 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dllcache\dsound.dll

[-] 2004-08-12 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll
[-] 2004-08-12 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\d3d9.dll
[-] 2004-08-12 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\dllcache\d3d9.dll

[-] 2004-08-12 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
[-] 2004-08-12 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\system32\ddraw.dll
[-] 2004-08-12 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\system32\dllcache\ddraw.dll

[-] 2004-08-12 13:25 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll
[-] 2004-08-12 13:25 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\olepro32.dll
[-] 2004-08-12 13:25 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\olepro32.dll

[-] 2004-08-12 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll
[-] 2004-08-12 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\system32\perfctrs.dll
[-] 2004-08-12 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\perfctrs.dll

[-] 2004-08-12 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll
[-] 2004-08-12 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\system32\version.dll
[-] 2004-08-12 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\version.dll

[-] 2010-04-27 . A2ABBEC40CDB57454645D06B7EBD22F5 . 2190080 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[-] 2010-02-16 . 048DB3459FAB4CA741DCC84E1F374D65 . 2146304 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[-] 2010-02-16 . E1F653A542449D54FA2D27463D99B6B6 . 2190080 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-12-09 . 05BE3D9A71972223AFF6A3C823BA51B1 . 2189312 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\638d2a273cb5d34a9f7e327666b9e38c\SP3QFE\ntoskrnl.exe
[-] 2009-12-08 . 78EC47F9B9A3A1D539262D8834C896CE . 2189184 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\638d2a273cb5d34a9f7e327666b9e38c\SP3GDR\ntoskrnl.exe
[-] 2009-12-08 . 5648297DBF1C631164F779863DF9D5BF . 2180352 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\638d2a273cb5d34a9f7e327666b9e38c\SP2GDR\ntoskrnl.exe
[-] 2009-12-08 . 128D88B3176E70B2E3088ECEB842B673 . 2185984 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\638d2a273cb5d34a9f7e327666b9e38c\SP2QFE\ntoskrnl.exe
[-] 2009-08-04 . FDE779EA1A564EBFE16F4E0F82B61BAD . 2189312 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-02-08 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2008-08-14 . 31914172342BFF330063F343AC6958FE . 2189184 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[-] 2008-08-14 . EEAF32F8E15A24F62BECB1BD403BB5C5 . 2189184 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
[-] 2008-08-14 . 21C91DA9CB53AA8A37041BA9684A8458 . 2180352 . . [5.1.2600.3427] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2008-08-14 . 21C91DA9CB53AA8A37041BA9684A8458 . 2180352 . . [5.1.2600.3427] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2008-08-14 . DD31AB4B91C2605601A3C108AF57A0C9 . 2136064 . . [5.1.2600.3427] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2008-08-14 . DD31AB4B91C2605601A3C108AF57A0C9 . 2136064 . . [5.1.2600.3427] . . c:\windows\system32\ntoskrnl.exe
[-] 2008-08-14 . CE69DBD54221F2D40E49FF6DB77C6507 . 2185984 . . [5.1.2600.3427] . . c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe
[-] 2007-02-28 . 5A5C8DB4AA962C714C8371FBDF189FC9 . 2182144 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
[-] 2006-12-19 . CEF243F6DEFD20BE4ADDE26C7ECACB54 . 2182016 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . 28187802B7C368C0D3AEF7D4C382AABB . 2179456 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . 4D4CF2C14550A4B7718E94A6E581856E . 2179328 . . [5.1.2600.2622] . . c:\windows\Driver_Cache\i386\ntoskrnl.exe

[-] 2004-08-12 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
[-] 2004-08-12 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll
[-] 2004-08-12 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\srsvc.dll

[-] 2004-08-12 . 2B281958F5D0CF99ED626E3EF39D5C8D . 174592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll
[-] 2004-08-12 . 2B281958F5D0CF99ED626E3EF39D5C8D . 174592 . . [5.1.2600.2180] . . c:\windows\system32\w32time.dll
[-] 2004-08-12 . 2B281958F5D0CF99ED626E3EF39D5C8D . 174592 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\w32time.dll

[-] 2006-12-19 . D9F097AA3B97034D3358A01B43E635B2 . 333824 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB927802\SP2QFE\wiaservc.dll
[-] 2006-12-19 . B6763F8534AC547CF1AF98AFDFF2EDC8 . 333824 . . [5.1.2600.3051] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
[-] 2006-12-19 . B6763F8534AC547CF1AF98AFDFF2EDC8 . 333824 . . [5.1.2600.3051] . . c:\windows\system32\wiaservc.dll
[-] 2006-12-19 . B6763F8534AC547CF1AF98AFDFF2EDC8 . 333824 . . [5.1.2600.3051] . . c:\windows\system32\dllcache\wiaservc.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\user1\Application Data\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\user1\Application Data\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\user1\Application Data\Dropbox\bin\DropboxExt.13.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mmm"="c:\program files\HACE\Mmm\Mmm.exe" [2009-04-25 877568]
"Google Update"="c:\documents and settings\user1\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-03 133104]
"AnVir Task Manager"="c:\program files\AnVir Task Manager\AnVir.exe" [2009-10-13 3102944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SaiMfd"="c:\program files\Saitek\SD6\Software\SaiMfd.exe" [2007-10-02 131072]
"RoxioEngineUtility"="c:\program files\Common Files\Roxio Shared\System\EngUtil.exe" [2003-05-01 65536]
"ProfilerU"="c:\program files\Saitek\SD6\Software\ProfilerU.exe" [2007-10-02 233472]
"mxomssmenu"="c:\program files\Maxtor\OneTouch Status\maxmenumgr.exe" [2008-07-21 169312]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-11-12 1505144]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]
"ProcessLassoManagementConsole"="c:\program files\Process Lasso\processlasso.exe" [2011-01-12 542224]
"ProcessGovernor"="c:\program files\Process Lasso\processgovernor.exe" [2011-01-12 293904]
"Autorun Eater"="c:\program files\Autorun Eater\oldmcdonald.exe" [2010-05-07 516216]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]

c:\documents and settings\user1\Start Menu\Programs\Startup\
AutoHotkey.lnk - c:\program files\AutoHotkey\AutoHotkey.exe [2009-5-3 244736]
Dropbox.lnk - c:\documents and settings\user1\Application Data\Dropbox\bin\Dropbox.exe [2010-2-25 21979992]
Launchy.lnk - c:\program files\Launchy\Launchy.exe [2010-11-18 380928]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-6-30 113664]
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-6-30 113664]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-4-15 805392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 07:42 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Logitech Utility"=Logi_MwX.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\BitTorrent\\btdownloadgui.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Adobe\\Adobe Version Cue CS2\\bin\\VersionCueCS2.exe"=
"c:\\Program Files\\Last.fm\\LastFM.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\Defcon\\defcon.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Games\\Mass Effect\\MassEffectLauncher.exe"=
"c:\\Games\\Mass Effect\\Binaries\\MassEffect.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Extensis\\Extensis Suitcase 11\\Bonjour\\mDNSResponder.exe"=
"g:\\Programs\\warcraft3\\Warcraft III\\Warcraft III.exe"=
"g:\\Programs\\DDO\\dndclient.exe"=
"g:\\Programs\\Dragon Age\\DAOriginsLauncher.exe"=
"g:\\Programs\\Dragon Age\\bin_ship\\daorigins.exe"=
"g:\\Programs\\CoD4\\iw3mp.exe"=
"c:\\Documents and Settings\\user1\\Local Settings\\Apps\\2.0\\K8PJBMLY.O87\\7EROBW6H.Y3P\\curs..tion_eee711038731a406_0004.0000_1332b9f434841748\\CurseClient.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"g:\\Programs\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=
"g:\\Programs\\Mass Effect 2\\Binaries\\MassEffect2.exe"=
"g:\\Programs\\Mass Effect 2\\MassEffect2Launcher.exe"=
"g:\\Programs\\SCDA\\SCDA-Offline\\System\\SplinterCell4.exe"=
"g:\\Programs\\bsp\\bsp.exe"=
"g:\\Programs\\mw4\\MW4.ICD"=
"c:\\Program Files\\Shiny\\Sacrifice\\Sacrifice.exe"=
"g:\\Programs\\mektek.net\\mtx.exe"=
"g:\\Programs\\AoW-DA\\ACTOFWAR.EXE"=
"g:\\Programs\\AoW-DA\\fpupdate.exe"=
"g:\\Programs\\F3\\Fallout3.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Documents and Settings\\user1\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Raptr\\raptr.exe"=
"c:\\Program Files\\Raptr\\raptr_im.exe"=
"g:\\Programs\\The Lord of the Rings Online\\lotroclient.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"56575:TCP"= 56575:TCP:Pando Media Booster
"56575:UDP"= 56575:UDP:Pando Media Booster
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"57413:TCP"= 57413:TCP:Pando Media Booster
"57413:UDP"= 57413:UDP:Pando Media Booster

R0 hotcore3;Hotcore helper;c:\windows\system32\drivers\hotcore3.sys [09.04.09 1.16.46 AM 40496]
R0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\drivers\pssnap.sys [08.05.20 8.32.40 AM 15328]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [06.07.03 9.55.14 PM 717296]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [10.06.07 11.49.06 AM 165584]
R1 StarPortLite;StarPort Storage Controller (Lite);c:\windows\system32\drivers\StarPortLite.sys [09.01.11 7.56.30 PM 95592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10.06.07 11.49.07 AM 17744]
R2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [10.07.30 1.56.18 PM 6076272]
R2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [10.07.30 1.58.53 PM 616816]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [06.11.03 6.19.58 PM 13592]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [10.01.10 12.49.57 AM 25704]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [10.01.10 12.50.51 AM 25704]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [10.01.10 12.51.25 AM 25704]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [10.01.10 12.51.53 AM 25704]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [10.01.10 12.52.22 AM 25704]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S1 rxp;rxp;\??\c:\windows\system32\drivers\rxp.sys --> c:\windows\system32\drivers\rxp.sys [?]
S1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys --> c:\program files\SUPERAntiSpyware\SASKUTIL.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [09.09.25 1.59.15 PM 133104]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;g:\programs\Dragon Age\bin_ship\daupdatersvc.service.exe [09.12.15 2.07.16 PM 25832]
S3 PLUsbbc2;High-Speed USB Bridge Cable Driver;c:\windows\system32\drivers\usbbc2.sys [05.08.17 6.47.39 PM 8960]
S3 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [08.08.06 10.34.02 AM 216032]
S3 SaiH040C;SaiH040C;c:\windows\system32\drivers\SaiH040C.sys [06.03.24 10.36.37 PM 132232]
S3 SaiU040C;SaiU040C;c:\windows\system32\drivers\SaiU040C.sys [06.03.24 10.36.39 PM 28416]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [06.07.03 9.59.24 PM 223128]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [10.07.30 1.56.25 PM 16240]
.
Contents of the 'Scheduled Tasks' folder

2011-01-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2011-01-28 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2009-01-12 23:02]

2011-01-24 c:\windows\Tasks\GlaryOneClickOptimizer.job
- c:\program files\Glary Utilities\oneclickoptimizer.exe [2007-10-13 23:02]

2011-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-25 19:59]

2011-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-25 19:59]

2011-01-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1343024091-682003330-1003Core.job
- c:\documents and settings\user1\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-03 02:13]

2011-01-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1343024091-682003330-1003UA.job
- c:\documents and settings\user1\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-03 02:13]

2011-01-28 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 00:20]

2011-01-13 c:\windows\Tasks\Rescue Reminder for 2HAA7K8A.job
- c:\program files\Maxtor\ManagerApp\MaxUtilities.exe [2008-07-21 22:52]

2011-01-28 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2005-06-30 17:24]

2011-01-28 c:\windows\Tasks\User_Feed_Synchronization-{7DD405FA-CD81-431D-BD0A-0F6B00BA5F78}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 10:31]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Google Search
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Backward Links
IE: Cached Snapshot of Page
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Copy to Semagic - c:\program files\Semagic\copy.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Semagic - c:\program files\Semagic\link.htm
IE: Similar Pages
IE: SWF Capture tool - c:\program files\Eltima Software\Flash Decompiler\iebt.html
DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} - hxxp://xserv.dell.com/DellDriverScanner/DellSystem.CAB
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
FF - ProfilePath - c:\documents and settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\
FF - Ext: Move Media Player: [email protected] - %profile%\extensions\[email protected]
FF - Ext: RedShift V3: [email protected] - %profile%\extensions\[email protected]
FF - Ext: Azerty III: {04CA07AB-7FC3-4110-A83F-EF1E6B75D5B0} - %profile%\extensions\{04CA07AB-7FC3-4110-A83F-EF1E6B75D5B0}
FF - Ext: FoxyTunes: {463F6CA5-EE3C-4be1-B7E6-7FEE11953374} - %profile%\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
FF - Ext: ColorZilla: {6AC85730-7D0F-4de0-B3FA-21142DD85326} - %profile%\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
FF - Ext: Abstract Zune: {7ef7f4d6-947d-11dc-8314-0800200c9a66} - %profile%\extensions\{7ef7f4d6-947d-11dc-8314-0800200c9a66}
FF - Ext: PitchDark: {c1dffba0-628e-11d9-9669-0800200c9a66} - %profile%\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
FF - Ext: Tab Mix Plus: {dc572301-7619-498c-a57d-39143191b318} - %profile%\extensions\{dc572301-7619-498c-a57d-39143191b318}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Aquatint Black Gloss: {7694c49c-9fbd-11dc-8314-0800200c9a66} - %profile%\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
FF - Ext: heaven.cube: [email protected] - %profile%\extensions\[email protected]
FF - Ext: Dark Revisited: [email protected] - %profile%\extensions\[email protected]
FF - Ext: Delicious Bookmarks: {2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9} - %profile%\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
FF - Ext: ChromEdit Plus: [email protected] - %profile%\extensions\[email protected]
FF - Ext: Battlefield Heroes Updater: [email protected] - %profile%\extensions\[email protected]
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
------- File Associations -------
.
.txt=UltraEdit.txt
.
- - - - ORPHANS REMOVED - - - -

Notify-MCPClient - c:\progra~1\COMMON~1\Stardock\mcpstub.dll
AddRemove-2kv4.8.442 - c:\windows\Radeon Omega Drivers v4.8.442



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-28 16:10
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\windows\TEMP\TMP000000149B6B0D8CDE427D35 524288 bytes

scan completed successfully
hidden files: 1

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600

CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
user != kernel MBR !!!

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-790525478-1343024091-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AE15A63E-4A56-066A-E1C9-18B80F17D782}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"eabafeomgg"=hex:61,62,6b,62,64,6c,6c,62,6e,6b,6d,6c,6d,68,65,62,66,70,6d,61,
69,68,69,6c,6f,6a,70,6a,70,6c,66,6f,6f,6f,00,00
"caoafb"=hex:64,62,6b,6f,6e,63,70,61,70,63,63,66,68,61,6e,61,6a,62,70,6c,66,62,
6d,61,67,68,68,64,6b,70,65,68,69,67,70,61,62,66,68,65,00,2f

[HKEY_USERS\S-1-5-21-790525478-1343024091-682003330-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:66,11,22,6b,5f,17,d6,42,24,b1,8b,13,6a,5a,b3,f0,41,60,4e,a4,30,08,18,
65,38,8b,42,d2,35,5a,0d,4f,49,e5,46,66,49,cb,70,fd,fa,2d,7a,9f,ed,be,9e,33,\
"??"=hex:25,65,bb,27,8b,92,55,34,10,3f,d9,49,2f,0e,31,37

[HKEY_USERS\S-1-5-21-790525478-1343024091-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:31,1d,e9,4f,b9,13,32,c4,03,dc,9b,17,1e,7e,0e,a7,74,ef,58,95,51,
5a,43,6c,57,d3,3d,e4,11,25,f8,8b,a2,f6,f7,75,2c,45,27,e3,0f,03,bd,5f,2b,7f,\
"rkeysecu"=hex:82,c3,15,4f,bb,1d,3b,7f,84,f5,53,93,76,d6,d1,ff

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C53C8AFE-780B-A095-1875A9D39C824CF2}\{151E6624-94D7-6041-A2A26FFA6BDDEF0C}\{8D08884B-CD31-5FF0-CA8CAC497363EFC4}*]
"AKNWOCNXOU3KGNJZJIHVXU2P2H1"=hex:01,00,01,00,00,00,00,00,64,78,88,76,df,05,3c,
db,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,79,00,73,00,\

[HKEY_LOCAL_MACHINE\software\Microsoft\Environment*]
"Licence"="01F0B9B-A54A-7221-4154-B912"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(828)
c:\windows\system32\Ati2evxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll

- - - - - - - > 'explorer.exe'(9908)
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\program files\AnVir Task Manager\AnvirHook61.dll
c:\program files\Logitech\SetPoint\GameHook.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\documents and settings\user1\Application Data\Dropbox\bin\DropboxExt.13.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Tablet\Pen\Pen_TouchUser.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\HDDSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Maxtor\Sync\SyncServices.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Analog Devices\SoundMAX\spkrmon.exe
c:\windows\system32\MsPMSPSv.exe
c:\program files\Tablet\Pen\Pen_TabletUser.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Microsoft IntelliType Pro\dpupdchk.exe
c:\documents and settings\user1\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
c:\program files\Autorun Eater\billy.exe
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2011-01-28 16:27:32 - machine was rebooted
ComboFix-quarantined-files.txt 2011-01-28 22:27

Pre-Run: 20,745,297,920 bytes free
Post-Run: 20,601,683,968 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptOut
[spybotsd]
timeout.old=30

- - End Of File - - 0EC08E3342D8AE2A4FEE8E44A29436E9
  • 0

#8
Anamacha
Posted 28 January 2011 - 05:50 PM

Anamacha

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 129 posts

Please copy and paste your logs. Don't attach them they are too hard to work with that way. Please repost the Combofix log.

Please post (copy and paste) the file:
C:\Qoobox\ComboFix-quarantined-files.txt
and we will make combofix put back your color files.

I've got to run. When we get back we will check out your regedit and beep files and see if we can figure out why sig check is so unhappy.


Ron


okay, here's the contents of the Quarantined Files file:
2011-01-28 22:26:09 . 2011-01-28 22:26:09 1,656 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-2kv4.8.442.reg.dat
2011-01-28 22:25:32 . 2011-01-28 22:25:32 566 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Notify-MCPClient.reg.dat
2011-01-28 22:10:53 . 2011-01-28 22:10:53 53,955 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\Temp\logishrd\_LVPrcInj01_.dll.zip
2011-01-28 22:10:29 . 2007-11-07 14:03:18 562,688 ----a-w- C:\Qoobox\Quarantine\G\install.exe.vir
2011-01-28 22:10:29 . 2010-09-22 04:23:20 55 ----a-w- C:\Qoobox\Quarantine\G\autorun.inf.vir
2011-01-28 22:04:44 . 2011-01-28 22:04:44 9,428 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2011-01-28 21:48:50 . 2011-01-28 22:11:22 288 ----a-w- C:\Qoobox\Quarantine\catchme.log
2011-01-25 21:46:14 . 2008-07-26 13:25:24 109,080 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\Temp\logishrd\LVPrcInj01.dll.vir
2009-04-13 00:57:03 . 2009-04-13 00:57:03 9,229 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\user1\Local Settings\Application Data\{5C3A97C1-1D8C-4577-8D2B-F1C45E72000A}\chrome\content\overlay.xul.vir
2009-04-13 00:57:03 . 2009-04-13 00:57:03 3,323 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\user1\Local Settings\Application Data\{5C3A97C1-1D8C-4577-8D2B-F1C45E72000A}\chrome\content\c.js.vir
2009-04-13 00:57:03 . 2009-04-13 00:57:03 2,127 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\user1\Local Settings\Application Data\{5C3A97C1-1D8C-4577-8D2B-F1C45E72000A}\chrome\content\_cfg.js.vir
2009-04-13 00:57:03 . 2009-04-13 00:57:03 770 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\user1\Local Settings\Application Data\{5C3A97C1-1D8C-4577-8D2B-F1C45E72000A}\install.rdf.vir
2009-04-13 00:57:03 . 2009-04-13 00:57:03 120 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\user1\Local Settings\Application Data\{5C3A97C1-1D8C-4577-8D2B-F1C45E72000A}\chrome.manifest.vir
2007-06-05 07:32:54 . 2007-06-16 01:00:18 10,085 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\msvrc20.dll.vir
1999-09-30 03:02:26 . 1999-09-30 03:02:26 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E710-1b5.icm.vir
1999-09-30 02:57:46 . 1999-09-30 02:57:46 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E710-1b6.icm.vir
1999-09-30 02:55:16 . 1999-09-30 02:55:16 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E710-1b9.icm.vir
1999-09-30 00:09:44 . 1999-09-30 00:09:44 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E900-2_5.icm.vir
1999-09-30 00:06:16 . 1999-09-30 00:06:16 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E900-2_6.icm.vir
1999-09-30 00:02:38 . 1999-09-30 00:02:38 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E900-2_9.icm.vir
1999-09-29 23:49:08 . 1999-09-29 23:49:08 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO935_55.icm.vir
1999-09-29 23:44:58 . 1999-09-29 23:44:58 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO935_65.icm.vir
1999-09-29 23:38:24 . 1999-09-29 23:38:24 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO935_93.icm.vir
1999-09-18 00:27:48 . 1999-09-18 00:27:48 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\DPP800.icm.vir
1999-09-14 22:46:18 . 1999-09-14 22:46:18 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL77e_65.icm.vir
1999-09-14 22:31:18 . 1999-09-14 22:31:18 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL77e_93.icm.vir
1999-09-14 22:24:00 . 1999-09-14 22:24:00 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL92_72.icm.vir
1999-09-14 22:17:54 . 1999-09-14 22:17:54 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL92_93.icm.vir
1999-09-14 21:57:46 . 1999-09-14 21:57:46 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AF900_55.icm.vir
1999-09-14 21:54:48 . 1999-09-14 21:54:48 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AF900_65.icm.vir
1999-09-14 21:51:32 . 1999-09-14 21:51:32 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AF900_93.icm.vir
1999-09-14 21:45:08 . 1999-09-14 21:45:08 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL95e_65.icm.vir
1999-09-14 21:41:00 . 1999-09-14 21:41:00 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL95e_93.icm.vir
1999-09-08 20:11:00 . 1999-09-08 20:11:00 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AX740_93.icm.vir
1999-09-08 20:07:34 . 1999-09-08 20:07:34 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AX740_65.icm.vir
1999-09-08 20:02:46 . 1999-09-08 20:02:46 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AX740_50.icm.vir
1999-08-18 00:23:48 . 1999-08-18 00:23:48 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL90e_50.icm.vir
1999-08-18 00:19:58 . 1999-08-18 00:19:58 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL90e_65.icm.vir
1999-08-18 00:15:54 . 1999-08-18 00:15:54 800 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL90e_93.icm.vir
1999-08-18 00:04:56 . 1999-08-18 00:04:56 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL72e_65.icm.vir
1999-08-18 00:00:34 . 1999-08-18 00:00:34 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL72e_93.icm.vir
1999-08-17 23:50:10 . 1999-08-17 23:50:10 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AP520_55.icm.vir
1999-08-17 23:45:52 . 1999-08-17 23:45:52 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AP520_65.icm.vir
1999-08-17 23:42:36 . 1999-08-17 23:42:36 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AP520_93.icm.vir
1999-08-17 23:37:58 . 1999-08-17 23:37:58 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AP520_df.icm.vir
1999-08-17 21:46:48 . 1999-08-17 21:46:48 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AP800_72.icm.vir
1999-07-02 21:48:10 . 1999-07-02 21:48:10 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL50e_65.icm.vir
1999-07-02 21:42:42 . 1999-07-02 21:42:42 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL50e_93.icm.vir
1999-07-02 21:15:30 . 1999-07-02 21:15:30 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL42_93.icm.vir
1999-03-08 04:07:22 . 1999-03-08 04:07:22 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL77_65.icm.vir
1999-03-08 04:05:28 . 1999-03-08 04:05:28 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL77_93.icm.vir
1999-03-08 04:01:08 . 1999-03-08 04:01:08 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL95_55.icm.vir
1999-03-08 03:57:02 . 1999-03-08 03:57:02 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL95_65.icm.vir
1999-03-08 03:54:40 . 1999-03-08 03:54:40 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL95_93.icm.vir
1999-01-06 18:35:32 . 1999-01-06 18:35:32 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AX750_55.icm.vir
1999-01-06 18:31:46 . 1999-01-06 18:31:46 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AX750_65.icm.vir
1999-01-06 18:27:24 . 1999-01-06 18:27:24 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AX750_93.icm.vir
1999-01-06 18:12:52 . 1999-01-06 18:12:52 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AX700_93.icm.vir
1999-01-06 18:01:34 . 1999-01-06 18:01:34 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AX700_55.icm.vir
1999-01-06 17:57:32 . 1999-01-06 17:57:32 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AX700_65.icm.vir
1999-01-06 17:43:34 . 1999-01-06 17:43:34 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E500n_93.icm.vir
1999-01-06 17:34:08 . 1999-01-06 17:34:08 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E500n_55.icm.vir
1999-01-06 17:29:16 . 1999-01-06 17:29:16 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E500n_65.icm.vir
1999-01-06 15:32:56 . 1999-01-06 15:32:56 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E2000_55.icm.vir
1999-01-06 15:31:02 . 1999-01-06 15:31:02 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E2000_65.icm.vir
1999-01-06 15:29:00 . 1999-01-06 15:29:00 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E2000_93.icm.vir
1999-01-06 15:18:40 . 1999-01-06 15:18:40 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL74_55.icm.vir
1999-01-06 15:15:36 . 1999-01-06 15:15:36 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL74_65.icm.vir
1999-01-06 15:13:44 . 1999-01-06 15:13:44 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL74_93.icm.vir
1998-12-04 02:20:14 . 1998-12-04 02:20:14 102,776 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\DPP550.icm.vir
1998-11-03 01:13:42 . 1998-11-03 01:13:42 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO930_55.icm.vir
1998-11-03 01:11:02 . 1998-11-03 01:11:02 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO930_65.icm.vir
1998-11-03 01:08:08 . 1998-11-03 01:08:08 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO930_93.icm.vir
1998-09-11 23:58:10 . 1998-09-11 23:58:10 783 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AR36HT_93.icm.vir
1998-09-11 23:44:38 . 1998-09-11 23:44:38 783 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul75_65.icm.vir
1998-09-11 23:36:04 . 1998-09-11 23:36:04 783 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul75_93.icm.vir
1998-09-11 20:17:20 . 1998-09-11 20:17:20 783 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul52_65.icm.vir
1998-09-11 20:12:58 . 1998-09-11 20:12:58 783 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul52_93.icm.vir
1998-09-03 21:05:12 . 1998-09-03 21:05:12 789 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul90_93s.icm.vir
1998-09-03 21:00:36 . 1998-09-03 21:00:36 789 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul100_93.icm.vir
1998-09-03 20:58:16 . 1998-09-03 20:58:16 789 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul100_65.icm.vir
1998-09-03 20:56:08 . 1998-09-03 20:56:08 789 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul100_55.icm.vir
1998-09-03 20:33:18 . 1998-09-03 20:33:18 789 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E2010_55.icm.vir
1998-09-03 20:30:42 . 1998-09-03 20:30:42 789 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E2010_65.icm.vir
1998-09-03 20:28:52 . 1998-09-03 20:28:52 789 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E2010_93.icm.vir
1998-08-08 00:40:46 . 1998-08-08 00:40:46 789 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul90_65h.icm.vir
1998-08-08 00:38:12 . 1998-08-08 00:38:12 789 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul90_93h.icm.vir
1998-08-08 00:36:22 . 1998-08-08 00:36:22 789 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul90_55h.icm.vir
1998-08-07 23:56:38 . 1998-08-07 23:56:38 789 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E2000_50.icm.vir
1998-08-07 23:53:12 . 1998-08-07 23:53:12 789 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E2000_75.icm.vir
1998-08-07 17:42:50 . 1998-08-07 17:42:50 789 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AG900_10.icm.vir
1998-08-07 17:36:46 . 1998-08-07 17:36:46 789 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AG900_50.icm.vir
1998-08-07 17:34:48 . 1998-08-07 17:34:48 789 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AG900_60.icm.vir
1998-08-07 17:28:12 . 1998-08-07 17:28:12 789 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AG900_65.icm.vir
1998-08-07 17:25:48 . 1998-08-07 17:25:48 789 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AG900_70.icm.vir
1998-08-07 17:15:26 . 1998-08-07 17:15:26 789 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AG900_80.icm.vir
1998-08-07 17:13:06 . 1998-08-07 17:13:06 789 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AG900_93.icm.vir
1998-05-13 17:04:44 . 1998-05-13 17:04:44 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO900_55.icm.vir
1998-05-13 17:01:24 . 1998-05-13 17:01:24 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO900_65.icm.vir
1998-05-13 16:56:20 . 1998-05-13 16:56:20 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO900_93.icm.vir
1998-05-13 16:46:32 . 1998-05-13 16:46:32 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO505_50.icm.vir
1998-05-13 16:44:14 . 1998-05-13 16:44:14 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO505_65.icm.vir
1998-05-13 16:41:04 . 1998-05-13 16:41:04 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO505_93.icm.vir
1998-05-13 16:33:30 . 1998-05-13 16:33:30 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\C2001_55.icm.vir
1998-05-13 16:29:36 . 1998-05-13 16:29:36 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\C2001_65.icm.vir
1998-05-13 16:27:02 . 1998-05-13 16:27:02 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\C2001_93.icm.vir
1998-05-13 16:21:40 . 1998-05-13 16:21:40 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO705_65.icm.vir
1998-05-13 16:18:46 . 1998-05-13 16:18:46 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO705_93.icm.vir
1998-05-13 15:52:24 . 1998-05-13 15:52:24 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO750_55.icm.vir
1998-05-13 15:50:30 . 1998-05-13 15:50:30 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO750_65.icm.vir
1998-05-13 15:47:26 . 1998-05-13 15:47:26 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO750_93.icm.vir
1998-02-10 21:38:48 . 1998-02-10 21:38:48 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO500_55.icm.vir
1998-02-10 21:36:18 . 1998-02-10 21:36:18 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO500_65.icm.vir
1998-02-10 21:33:50 . 1998-02-10 21:33:50 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO500_93.icm.vir
1998-02-10 20:43:36 . 1998-02-10 20:43:36 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO400_93.icm.vir
1998-02-10 19:54:28 . 1998-02-10 19:54:28 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO710_55.icm.vir
1998-02-10 19:52:04 . 1998-02-10 19:52:04 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO710_65.icm.vir
1998-02-10 19:49:12 . 1998-02-10 19:49:12 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO710_93.icm.vir
1998-02-10 17:07:20 . 1998-02-10 17:07:20 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO720_55.icm.vir
1998-02-10 17:04:14 . 1998-02-10 17:04:14 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO720_65.icm.vir
1998-02-10 17:00:12 . 1998-02-10 17:00:12 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO720_93.icm.vir
1998-02-10 00:14:32 . 1998-02-10 00:14:32 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO700_55.icm.vir
1998-02-10 00:12:26 . 1998-02-10 00:12:26 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO700_65.icm.vir
1998-02-10 00:05:36 . 1998-02-10 00:05:36 799 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO700_93.icm.vir

Edited by Anamacha, 28 January 2011 - 05:51 PM.

  • 0

#9
Anamacha
Posted 28 January 2011 - 05:58 PM

Anamacha

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 129 posts
Here's the TDSSKiller log:

2011/01/28 17:31:44.0234 TDSS rootkit removing tool 2.4.15.0 Jan 22 2011 19:37:53
2011/01/28 17:31:44.0234 ================================================================================
2011/01/28 17:31:44.0234 SystemInfo:
2011/01/28 17:31:44.0234
2011/01/28 17:31:44.0234 OS Version: 5.1.2600 ServicePack: 3.0
2011/01/28 17:31:44.0234 Product type: Workstation
2011/01/28 17:31:44.0234 ComputerName: GARGANTUBRAIN
2011/01/28 17:31:44.0234 UserName: user1
2011/01/28 17:31:44.0234 Windows directory: C:\WINDOWS
2011/01/28 17:31:44.0234 System windows directory: C:\WINDOWS
2011/01/28 17:31:44.0234 Processor architecture: Intel x86
2011/01/28 17:31:44.0234 Number of processors: 1
2011/01/28 17:31:44.0234 Page size: 0x1000
2011/01/28 17:31:44.0234 Boot type: Normal boot
2011/01/28 17:31:44.0234 ================================================================================
2011/01/28 17:31:45.0468 Initialize success
2011/01/28 17:31:51.0093 ================================================================================
2011/01/28 17:31:51.0093 Scan started
2011/01/28 17:31:51.0093 Mode: Manual;
2011/01/28 17:31:51.0093 ================================================================================
2011/01/28 17:31:54.0062 Aavmker4 (8d488938e2f7048906f1fbd3af394887) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/01/28 17:31:54.0265 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/01/28 17:31:54.0390 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/01/28 17:31:54.0562 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
2011/01/28 17:31:54.0671 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
2011/01/28 17:31:54.0765 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
2011/01/28 17:31:55.0093 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/01/28 17:31:55.0328 Aspi32 (ed8cee58c1e4c5893f5b2fd686a272bf) C:\WINDOWS\system32\drivers\Aspi32.sys
2011/01/28 17:31:55.0421 aswFsBlk (a0d86b8ac93ef95620420c7a24ac5344) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/01/28 17:31:55.0515 aswMon2 (7d880c76a285a41284d862e2d798ec0d) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/01/28 17:31:55.0640 aswRdr (69823954bbd461a73d69774928c9737e) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/01/28 17:31:55.0734 aswSP (7ecc2776638b04553f9a85bd684c3abf) C:\WINDOWS\system32\drivers\aswSP.sys
2011/01/28 17:31:55.0859 aswTdi (095ed820a926aa8189180b305e1bcfc9) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/01/28 17:31:55.0984 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/01/28 17:31:56.0093 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/01/28 17:31:56.0453 ati2mtag (8763ede3e0cd40f5c3450571ac57f205) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/01/28 17:31:56.0609 atksgt (3c4b9850a2631c2263507400d029057b) C:\WINDOWS\system32\DRIVERS\atksgt.sys
2011/01/28 17:31:56.0703 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/01/28 17:31:56.0812 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/01/28 17:31:56.0921 b57w2k (2acf06176b9d011567d7f25b83ddd066) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
2011/01/28 17:31:57.0015 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/01/28 17:31:57.0328 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/01/28 17:31:57.0437 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/01/28 17:31:57.0578 CdaC15BA (c4dfe77bd5977335d54aedd21cd9e6a9) C:\WINDOWS\system32\drivers\CDAC15BA.SYS
2011/01/28 17:31:57.0703 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/01/28 17:31:57.0796 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/01/28 17:31:57.0906 Cdr4_xp (bf79e659c506674c0497cc9c61f1a165) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
2011/01/28 17:31:58.0078 Cdralw2k (2c41cd49d82d5fd85c72d57b6ca25471) C:\WINDOWS\system32\drivers\Cdralw2k.sys
2011/01/28 17:31:58.0218 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/01/28 17:31:58.0484 CVirtA (cb7d7c0e74adcb7da96d08ec8db86062) C:\WINDOWS\system32\DRIVERS\CVirtA.sys
2011/01/28 17:31:58.0703 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/01/28 17:31:59.0031 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
2011/01/28 17:31:59.0156 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
2011/01/28 17:31:59.0250 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/01/28 17:31:59.0328 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/01/28 17:31:59.0500 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/01/28 17:31:59.0640 DVDVRRdr_xp (a2abb2a771a522b9dd57ce57d9960661) C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys
2011/01/28 17:31:59.0718 enodpl (b4556f3d468c8dcb0b259d9d866cd4c4) C:\WINDOWS\system32\drivers\enodpl.sys
2011/01/28 17:31:59.0812 ENTECH (bdd170fecb0e496a914318009d85b819) C:\WINDOWS\system32\DRIVERS\ENTECH.SYS
2011/01/28 17:31:59.0921 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/01/28 17:32:00.0093 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/01/28 17:32:00.0187 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
2011/01/28 17:32:00.0265 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/01/28 17:32:00.0375 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/01/28 17:32:00.0453 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/01/28 17:32:00.0546 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/01/28 17:32:00.0656 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/01/28 17:32:00.0734 giveio (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys
2011/01/28 17:32:00.0859 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/01/28 17:32:00.0984 hidusb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/01/28 17:32:01.0093 hotcore3 (9e05f872290e5595afd4871cdee550a3) C:\WINDOWS\system32\DRIVERS\hotcore3.sys
2011/01/28 17:32:01.0234 HTTP (cb77bb47e67e84deb17ba29632501730) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/01/28 17:32:01.0453 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/01/28 17:32:01.0625 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/01/28 17:32:01.0718 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/01/28 17:32:01.0812 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/01/28 17:32:01.0921 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/01/28 17:32:02.0062 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/01/28 17:32:02.0171 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/01/28 17:32:02.0265 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/01/28 17:32:02.0343 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/01/28 17:32:02.0453 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/01/28 17:32:02.0546 JL2005C (637898b8ee8c0cc3342c61a49e3ff088) C:\WINDOWS\system32\Drivers\jl2005c.sys
2011/01/28 17:32:02.0656 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/01/28 17:32:02.0750 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/01/28 17:32:02.0843 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
2011/01/28 17:32:02.0968 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/01/28 17:32:03.0171 LHidFilt (24e0ddb99aeccf86bb37702611761459) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
2011/01/28 17:32:03.0250 LHidFlt2 (b97d05e656818572b6b04ba682d3aa8f) C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys
2011/01/28 17:32:03.0375 LHidUsb (826aacb98a2ca5c51e982c748a60d645) C:\WINDOWS\system32\Drivers\LHidUsb.Sys
2011/01/28 17:32:03.0484 lirsgt (4127e8b6ddb4090e815c1f8852c277d3) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
2011/01/28 17:32:03.0562 LMouFilt (d58b330d318361a66a9fe60d7c9b4951) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
2011/01/28 17:32:03.0656 LMouFlt2 (b666f835c18974f392a387c6e863072f) C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys
2011/01/28 17:32:03.0750 LUsbFilt (144011d14bd35f4e36136ae057b1aadd) C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
2011/01/28 17:32:03.0906 lvpopflt (b0456b8a332135c1216ff2374b584161) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
2011/01/28 17:32:04.0125 LVPr2Mon (a6919138f29ae45e90e99fa94737e04c) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
2011/01/28 17:32:04.0250 LVUSBSta (f7e15f2fe7790733df86e95a76556389) C:\WINDOWS\system32\drivers\LVUSBSta.sys
2011/01/28 17:32:04.0500 LVUVC (92d03dc19eae9d0a86735705e374fdad) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
2011/01/28 17:32:04.0625 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/01/28 17:32:04.0718 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
2011/01/28 17:32:04.0828 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/01/28 17:32:04.0906 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/01/28 17:32:05.0000 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/01/28 17:32:05.0140 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/01/28 17:32:05.0265 MRxSmb (6f2d483b97b395544e59749c47963c6a) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/01/28 17:32:05.0406 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/01/28 17:32:05.0531 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/01/28 17:32:05.0625 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/01/28 17:32:05.0734 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/01/28 17:32:05.0859 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/01/28 17:32:06.0000 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/01/28 17:32:06.0109 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2011/01/28 17:32:06.0187 MXOPSWD (216ac775320f64de28cfeb7c179c4ff9) C:\WINDOWS\system32\DRIVERS\mxopswd.sys
2011/01/28 17:32:06.0281 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/01/28 17:32:06.0421 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/01/28 17:32:06.0500 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/01/28 17:32:06.0593 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/01/28 17:32:06.0671 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/01/28 17:32:06.0765 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/01/28 17:32:06.0859 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/01/28 17:32:06.0937 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/01/28 17:32:07.0031 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/01/28 17:32:07.0140 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/01/28 17:32:07.0265 nm (60cf8c7192b3614f240838ddbaa4a245) C:\WINDOWS\system32\DRIVERS\NMnt.sys
2011/01/28 17:32:07.0390 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/01/28 17:32:07.0531 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/01/28 17:32:07.0671 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/01/28 17:32:07.0781 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/01/28 17:32:07.0875 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/01/28 17:32:08.0046 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/01/28 17:32:08.0140 PalmUSBD (803cf09c795290825607505d37819135) C:\WINDOWS\system32\drivers\PalmUSBD.sys
2011/01/28 17:32:08.0250 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/01/28 17:32:08.0343 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/01/28 17:32:08.0437 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/01/28 17:32:08.0546 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/01/28 17:32:08.0671 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/01/28 17:32:08.0796 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/01/28 17:32:09.0234 PLUsbbc2 (deb5a23f8625d7d84daff899478a4893) C:\WINDOWS\system32\Drivers\usbbc2.sys
2011/01/28 17:32:09.0359 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/01/28 17:32:09.0453 prodrv06 (18d9789a4664bf417eea944d2776091a) C:\WINDOWS\System32\drivers\prodrv06.sys
2011/01/28 17:32:09.0562 prohlp02 (8cc9671a7ed2902e747ee0892e1c8575) C:\WINDOWS\system32\drivers\prohlp02.sys
2011/01/28 17:32:09.0656 prosync1 (960bce3ed38761b446aabac06c76badf) C:\WINDOWS\system32\drivers\prosync1.sys
2011/01/28 17:32:09.0796 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/01/28 17:32:09.0921 pssnap (599dac0114eaf8edaf88b44d0c6183f6) C:\WINDOWS\system32\DRIVERS\pssnap.sys
2011/01/28 17:32:10.0093 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/01/28 17:32:10.0203 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
2011/01/28 17:32:10.0625 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/01/28 17:32:10.0734 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/01/28 17:32:10.0859 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/01/28 17:32:10.0937 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/01/28 17:32:11.0046 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/01/28 17:32:11.0125 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/01/28 17:32:11.0234 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/01/28 17:32:11.0343 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/01/28 17:32:11.0468 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/01/28 17:32:11.0656 SaiH040C (de7a2fc379671998865122a08fd9db52) C:\WINDOWS\system32\DRIVERS\SaiH040C.sys
2011/01/28 17:32:11.0765 SaiMini (191b8f3b3dfa1e199d398dbc0c09544e) C:\WINDOWS\system32\DRIVERS\SaiMini.sys
2011/01/28 17:32:11.0859 SaiNtBus (534161d0a07014a7d81c6721a7ae6c08) C:\WINDOWS\system32\drivers\SaiBus.sys
2011/01/28 17:32:12.0000 SaiU040C (1890bd6b225d8e612b81c9c7171bca83) C:\WINDOWS\system32\DRIVERS\SaiU040C.sys
2011/01/28 17:32:12.0218 sbp2port (3e2c3b180872be4120f246d85560b734) C:\WINDOWS\system32\DRIVERS\sbp2port.sys
2011/01/28 17:32:12.0375 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/01/28 17:32:12.0515 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/01/28 17:32:12.0640 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/01/28 17:32:12.0812 sfdrv01 (9e7dee11fd5a4355941a45f13c0ed59a) C:\WINDOWS\system32\drivers\sfdrv01.sys
2011/01/28 17:32:12.0921 sfhlp01 (462aee0ea0481ea8bd45cac876a4ccc4) C:\WINDOWS\system32\drivers\sfhlp01.sys
2011/01/28 17:32:13.0015 sfhlp02 (ecefb59d2206d281e6d317af0ea0d8bd) C:\WINDOWS\system32\drivers\sfhlp02.sys
2011/01/28 17:32:13.0125 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/01/28 17:32:13.0218 sfsync02 (efebbc1d13fdb77a6af4eddfc7232edf) C:\WINDOWS\system32\drivers\sfsync02.sys
2011/01/28 17:32:13.0406 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/01/28 17:32:13.0546 smwdm (4aa922332433cdeb8b82c072c212e32e) C:\WINDOWS\system32\drivers\smwdm.sys
2011/01/28 17:32:13.0703 speedfan (5d6401db90ec81b71f8e2c5c8f0fef23) C:\WINDOWS\system32\speedfan.sys
2011/01/28 17:32:13.0828 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
2011/01/28 17:32:14.0046 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys
2011/01/28 17:32:14.0046 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
2011/01/28 17:32:14.0062 sptd - detected Locked file (1)
2011/01/28 17:32:14.0171 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/01/28 17:32:14.0312 Srv (ab9c79ed12d65e800aaad3d72a04792f) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/01/28 17:32:14.0421 StarPortLite (15bdef17b0afa0b1955903db576bd7d0) C:\WINDOWS\system32\DRIVERS\StarPortLite.sys
2011/01/28 17:32:14.0500 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/01/28 17:32:14.0625 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/01/28 17:32:14.0703 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/01/28 17:32:15.0000 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/01/28 17:32:15.0093 tandpl (126d7b3b4c7b724491c604060e1f4e14) C:\WINDOWS\system32\drivers\tandpl.sys
2011/01/28 17:32:15.0203 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/01/28 17:32:15.0296 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/01/28 17:32:15.0390 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/01/28 17:32:15.0625 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/01/28 17:32:15.0921 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2011/01/28 17:32:16.0171 UimBus (d0c236d113fbfe0b1b89b63afe472349) C:\WINDOWS\system32\DRIVERS\UimBus.sys
2011/01/28 17:32:16.0281 Uim_IM (8200dab350cfca0617db28440294e5b4) C:\WINDOWS\system32\Drivers\Uim_IM.sys
2011/01/28 17:32:16.0468 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
2011/01/28 17:32:16.0609 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/01/28 17:32:16.0718 usbaudio (3c27ba5753522ba04d56d02cb3760066) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/01/28 17:32:16.0843 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/01/28 17:32:16.0968 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/01/28 17:32:17.0093 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/01/28 17:32:17.0171 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/01/28 17:32:17.0296 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/01/28 17:32:17.0406 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/01/28 17:32:17.0500 vaxscsi (92cebc2bc7be2c8d49391b365569f306) C:\WINDOWS\System32\Drivers\vaxscsi.sys
2011/01/28 17:32:17.0593 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/01/28 17:32:17.0718 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/01/28 17:32:17.0828 wacmoumonitor (026d58e9d7701f6b26b0b499f1705334) C:\WINDOWS\system32\DRIVERS\wacmoumonitor.sys
2011/01/28 17:32:17.0906 wacommousefilter (427a8bc96f16c40df81c2d2f4edd32dd) C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys
2011/01/28 17:32:18.0062 wacomvhid (846b58ea44bf8c92e4b59f4e2252c4c0) C:\WINDOWS\system32\DRIVERS\wacomvhid.sys
2011/01/28 17:32:18.0187 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/01/28 17:32:18.0328 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2011/01/28 17:32:18.0515 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/01/28 17:32:18.0750 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/01/28 17:32:18.0875 WsAudio_DeviceS(1) (4160cbe59d9b5be22e4c3897e8db9d56) C:\WINDOWS\system32\drivers\WsAudio_DeviceS(1).sys
2011/01/28 17:32:18.0984 WsAudio_DeviceS(2) (4160cbe59d9b5be22e4c3897e8db9d56) C:\WINDOWS\system32\drivers\WsAudio_DeviceS(2).sys
2011/01/28 17:32:19.0109 WsAudio_DeviceS(3) (4160cbe59d9b5be22e4c3897e8db9d56) C:\WINDOWS\system32\drivers\WsAudio_DeviceS(3).sys
2011/01/28 17:32:19.0250 WsAudio_DeviceS(4) (4160cbe59d9b5be22e4c3897e8db9d56) C:\WINDOWS\system32\drivers\WsAudio_DeviceS(4).sys
2011/01/28 17:32:19.0359 WsAudio_DeviceS(5) (4160cbe59d9b5be22e4c3897e8db9d56) C:\WINDOWS\system32\drivers\WsAudio_DeviceS(5).sys
2011/01/28 17:32:19.0484 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/01/28 17:32:19.0593 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/01/28 17:32:19.0687 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/01/28 17:32:21.0281 ================================================================================
2011/01/28 17:32:21.0281 Scan finished
2011/01/28 17:32:21.0281 ================================================================================
2011/01/28 17:32:21.0312 Detected object count: 1
2011/01/28 17:35:15.0468 Locked file(sptd) - User select action: Skip
2011/01/28 17:35:21.0953 Deinitialize success
  • 0

#10
Anamacha
Posted 28 January 2011 - 05:59 PM

Anamacha

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 129 posts
Here's the MBRCheck log:
MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000007d

Kernel Drivers (total 180):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E2000 \WINDOWS\system32\hal.dll
0xF7987000 \WINDOWS\system32\KDCOM.DLL
0xF7897000 \WINDOWS\system32\BOOTVID.dll
0xF7286000 spfr.sys
0xF7989000 \WINDOWS\System32\Drivers\WMILIB.SYS
0xF726E000 \WINDOWS\System32\Drivers\SCSIPORT.SYS
0xF7240000 ACPI.sys
0xF722F000 pci.sys
0xF7487000 isapnp.sys
0xF7A4F000 pciide.sys
0xF7707000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF798B000 intelide.sys
0xF7497000 MountMgr.sys
0xF7210000 ftdisk.sys
0xF798D000 dmload.sys
0xF71EA000 dmio.sys
0xF770F000 PartMgr.sys
0xF74A7000 sfsync02.sys
0xF74B7000 VolSnap.sys
0xF71D2000 atapi.sys
0xF74C7000 disk.sys
0xF74D7000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF71B2000 fltmgr.sys
0xF71A0000 sr.sys
0xF74E7000 PxHelp20.sys
0xF7189000 KSecDD.sys
0xF7176000 WudfPf.sys
0xF70E9000 Ntfs.sys
0xF70BC000 NDIS.sys
0xF798F000 speedfan.sys
0xF7717000 sfhlp02.sys
0xF7991000 sfhlp01.sys
0xF70AA000 sfdrv01.sys
0xF74F7000 sbp2port.sys
0xF771F000 pssnap.sys
0xF7993000 prosync1.sys
0xF708E000 prohlp02.sys
0xF7507000 ohci1394.sys
0xF7517000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xF7073000 Mup.sys
0xF7727000 hotcore3.sys
0xF7A50000 giveio.sys
0xF7537000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xF76E7000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF6029000 \SystemRoot\system32\DRIVERS\ati2mtag.sys
0xF6015000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF5FF7000 \SystemRoot\system32\DRIVERS\b57xp32.sys
0xF77EF000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF5FD4000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF77F7000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF5F3E000 \SystemRoot\system32\drivers\smwdm.sys
0xF5F1A000 \SystemRoot\system32\drivers\portcls.sys
0xF67EB000 \SystemRoot\system32\drivers\drmk.sys
0xF5EF7000 \SystemRoot\system32\drivers\ks.sys
0xF79BF000 \SystemRoot\system32\drivers\aeaudio.sys
0xF77FF000 \SystemRoot\system32\DRIVERS\fdc.sys
0xF5EE3000 \SystemRoot\system32\DRIVERS\parport.sys
0xF67DB000 \SystemRoot\system32\DRIVERS\serial.sys
0xF7036000 \SystemRoot\system32\DRIVERS\serenum.sys
0xF67CB000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF67BB000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF7807000 \SystemRoot\SYSTEM32\DRIVERS\GEARAspiWDM.sys
0xF67AB000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF5E99000 \SystemRoot\System32\Drivers\av6zy2z0.SYS
0xF700A000 \SystemRoot\system32\DRIVERS\wacomvhid.sys
0xF679B000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF7857000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF677B000 \SystemRoot\system32\drivers\WsAudio_DeviceS(1).sys
0xF7547000 \SystemRoot\system32\drivers\WsAudio_DeviceS(2).sys
0xF7567000 \SystemRoot\system32\drivers\WsAudio_DeviceS(3).sys
0xF7587000 \SystemRoot\system32\drivers\WsAudio_DeviceS(4).sys
0xF75A7000 \SystemRoot\system32\drivers\WsAudio_DeviceS(5).sys
0xF7BA2000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF7607000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7006000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF5E82000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF7617000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF7627000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF785F000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF5E71000 \SystemRoot\system32\DRIVERS\psched.sys
0xF7637000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF7867000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF786F000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF5E40000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF7647000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7877000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF787F000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF7657000 \SystemRoot\system32\drivers\SaiBus.sys
0xF5E2A000 \SystemRoot\system32\DRIVERS\StarPortLite.sys
0xF79ED000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF5DD1000 \SystemRoot\system32\DRIVERS\update.sys
0xF793F000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF7887000 \SystemRoot\system32\DRIVERS\UimBus.sys
0xF5DB3000 \SystemRoot\System32\Drivers\Uim_IM.sys
0xF5D82000 \SystemRoot\System32\Drivers\UimFIO.SYS
0xF7953000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xF772F000 \SystemRoot\system32\DRIVERS\wacommousefilter.sys
0xF7667000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF63F7000 \SystemRoot\system32\DRIVERS\SaiMini.sys
0xF63F3000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xF76A7000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF79F3000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF7737000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xF7A7E000 \SystemRoot\System32\Drivers\Cdr4_xp.SYS
0xF7A83000 \SystemRoot\System32\Drivers\Cdralw2k.SYS
0xF79F5000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7A84000 \SystemRoot\System32\Drivers\Null.SYS
0xF7757000 \SystemRoot\System32\drivers\vga.sys
0xF79F9000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF79FB000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xAE7BC000 \SystemRoot\System32\Drivers\DVDVRRdr_xp.SYS
0xF775F000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF7767000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF796B000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xAE76F000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xAE717000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xF76C7000 \SystemRoot\System32\Drivers\aswTdi.SYS
0xAE6EF000 \SystemRoot\system32\DRIVERS\netbt.sys
0xAE6CD000 \SystemRoot\System32\drivers\afd.sys
0xF76D7000 \SystemRoot\system32\DRIVERS\netbios.sys
0xAE6A2000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xF76F7000 \SystemRoot\System32\drivers\prodrv06.sys
0xAE633000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF676B000 \SystemRoot\System32\Drivers\Fips.SYS
0xAE612000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xAE5EB000 \SystemRoot\System32\Drivers\aswSP.SYS
0xF777F000 \SystemRoot\System32\Drivers\Aavmker4.SYS
0xF675B000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF7557000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xF7787000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xF778F000 \SystemRoot\System32\Drivers\LUsbFilt.Sys
0xF7577000 \SystemRoot\System32\Drivers\WDFLDR.SYS
0xAE4A8000 \SystemRoot\system32\DRIVERS\Wdf01000.sys
0xF7012000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xF7797000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xF779F000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0xF77A7000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0xF7597000 \SystemRoot\system32\DRIVERS\mxopswd.sys
0xF75B7000 \SystemRoot\system32\drivers\LVUSBSta.sys
0xAE13F000 \SystemRoot\system32\DRIVERS\lvuvc.sys
0xADF6B000 \SystemRoot\system32\DRIVERS\lvpopflt.sys
0xF75C7000 \SystemRoot\system32\drivers\usbaudio.sys
0xF75D7000 \SystemRoot\system32\drivers\STREAM.SYS
0xF75E7000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xADF53000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF7A09000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF5CD6000 \SystemRoot\System32\drivers\Dxapi.sys
0xF77B7000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7AFD000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\ati2dvag.dll
0xBF065000 \SystemRoot\System32\ati2cqag.dll
0xBF0FE000 \SystemRoot\System32\atikvmag.dll
0xBF182000 \SystemRoot\System32\atiok3x2.dll
0xBF1CD000 \SystemRoot\System32\ati3duag.dll
0xBF572000 \SystemRoot\System32\ativvaxx.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xABC3F000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xAB97C000 \SystemRoot\System32\Drivers\aswMon2.SYS
0xF7995000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xAB82C000 \SystemRoot\System32\Drivers\Aspi32.SYS
0xAB6E1000 \SystemRoot\system32\DRIVERS\atksgt.sys
0xAB6CC000 \SystemRoot\system32\drivers\wdmaud.sys
0xAB84C000 \SystemRoot\system32\drivers\sysaudio.sys
0xF79DD000 \SystemRoot\System32\drivers\enodpl.sys
0xADF43000 \SystemRoot\system32\DRIVERS\lirsgt.sys
0xAB37C000 \SystemRoot\system32\DRIVERS\srv.sys
0xAB86C000 \SystemRoot\system32\DRIVERS\secdrv.sys
0xF7A29000 \SystemRoot\System32\drivers\tandpl.sys
0xF784F000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
0xF776F000 \SystemRoot\System32\Drivers\aswRdr.SYS
0xADF03000 \SystemRoot\System32\Drivers\TDTCP.SYS
0xAAC79000 \SystemRoot\System32\Drivers\RDPWD.SYS
0xF7817000 \??\C:\DOCUME~1\user1\LOCALS~1\Temp\catchme.sys
0xAAB98000 \SystemRoot\System32\Drivers\HTTP.sys
0xF7A37000 \??\C:\WINDOWS\system32\Drivers\PROCEXP113.SYS
0xAA0F2000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 86):
0 System Idle Process
4 System
516 C:\WINDOWS\system32\smss.exe
788 csrss.exe
828 C:\WINDOWS\system32\winlogon.exe
872 C:\WINDOWS\system32\services.exe
892 C:\WINDOWS\system32\lsass.exe
1060 C:\WINDOWS\system32\svchost.exe
1128 svchost.exe
1224 C:\Program Files\Windows Defender\MsMpEng.exe
1264 C:\WINDOWS\system32\svchost.exe
1304 C:\Program Files\Tablet\Pen\Pen_TouchService.exe
1336 C:\WINDOWS\system32\svchost.exe
1636 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1952 C:\WINDOWS\system32\spoolsv.exe
272 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
576 C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
664 C:\Program Files\Bonjour\mDNSResponder.exe
744 C:\WINDOWS\system32\HDDSvc.exe
792 C:\Program Files\Java\jre6\bin\jqs.exe
1464 C:\Program Files\Common Files\Logishrd\LVCOMSER\LVComSer.exe
1532 C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
1720 C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
288 C:\Program Files\Maxtor\Sync\SyncServices.exe
548 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
944 C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
1112 C:\WINDOWS\system32\svchost.exe
1196 C:\Program Files\Tablet\Pen\Pen_Tablet.exe
1560 C:\WINDOWS\system32\MsPMSPSv.exe
2264 C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
2324 C:\Program Files\Tablet\Pen\Pen_Tablet.exe
3304 C:\Program Files\Common Files\Logishrd\LVCOMSER\LVComSer.exe
3416 alg.exe
3380 C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
3748 svchost.exe
1156 C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
3288 C:\Program Files\Maxtor\OneTouch Status\MaxMenuMgr.exe
4048 C:\Program Files\Microsoft IntelliType Pro\itype.exe
1100 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
2036 C:\WINDOWS\system32\svchost.exe
2052 C:\Program Files\iTunes\iTunesHelper.exe
252 C:\Program Files\Process Lasso\ProcessLasso.exe
2756 C:\Program Files\Process Lasso\ProcessGovernor.exe
3248 C:\Program Files\Autorun Eater\oldmcdonald.exe
560 C:\Program Files\HACE\Mmm\Mmm.exe
4160 C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
4180 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
4432 C:\Program Files\AnVir Task Manager\AnVir.exe
4444 C:\Program Files\Autorun Eater\billy.exe
4580 C:\Program Files\Logitech\SetPoint\SetPoint.exe
4604 C:\Program Files\AutoHotkey\AutoHotkey.exe
4736 C:\Documents and Settings\user1\Application Data\Dropbox\bin\Dropbox.exe
4820 C:\Program Files\Launchy\Launchy.exe
5108 C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
5160 C:\Program Files\iPod\bin\iPodService.exe
9908 C:\WINDOWS\explorer.exe
7092 C:\Program Files\Xfire\Xfire.exe
9004 C:\Program Files\Last.fm\LastFM.exe
2364 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
9236 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
7796 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
7884 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
8712 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
4412 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
5848 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
8588 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
8224 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
6204 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
10212 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
9056 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
7900 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
9164 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
6296 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
8196 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
8720 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
6100 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
704 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
6540 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
7568 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
7692 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
9544 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
9488 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
5772 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
8092 C:\WINDOWS\system32\wuauclt.exe
4996 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
5488 C:\Documents and Settings\user1\desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\G: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: ST3120022AS, Rev: 8.05
PhysicalDrive1 Model Number: MaxtorOneTouch, Rev: 0121

Size Device Name MBR Status
--------------------------------------------
111 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
465 GB \\.\PhysicalDrive1 RE: Unknown MBR code
SHA1: CEECB0630DEB98A912C967BD5561D0F2BFE7D8C6


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!
  • 0

Advertisements

#11
Anamacha
Posted 28 January 2011 - 06:18 PM

Anamacha

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 129 posts
I will post the 2d OTL log shortly. Please remember that I've used AnVir to kill the beep.sys process in active memory, and I've changed its startup type to DISABLED.

2d OTL log:


OTL logfile created on: 11.01.28 6.06.02 PM - Run 2
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Documents and Settings\user1\My Documents\scripts\tools\utilities
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: yy.MM.dd

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 34.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 60.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.79 Gb Total Space | 19.17 Gb Free Space | 17.15% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive G: | 465.76 Gb Total Space | 116.40 Gb Free Space | 24.99% Space Free | Partition Type: NTFS

Computer Name: GARGANTUBRAIN | User Name: user1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.01.24 23.50.01 | 000,995,896 | ---- | M] (Google Inc.) -- C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011.01.13 15.20.29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user1\My Documents\scripts\tools\utilities\OTL.exe
PRC - [2011.01.12 06.16.34 | 000,542,224 | ---- | M] (Bitsum Technologies) -- C:\Program Files\Process Lasso\ProcessLasso.exe
PRC - [2011.01.12 06.16.34 | 000,293,904 | ---- | M] (Bitsum Technologies) -- C:\Program Files\Process Lasso\ProcessGovernor.exe
PRC - [2010.11.10 19.38.40 | 000,380,928 | ---- | M] () -- C:\Program Files\Launchy\Launchy.exe
PRC - [2010.10.27 20.21.54 | 001,155,072 | ---- | M] (Last.fm) -- C:\Program Files\Last.fm\LastFM.exe
PRC - [2010.10.18 14.45.05 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010.10.18 04.24.19 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\user1\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010.09.07 10.12.02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 10.11.59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.08.13 11.58.56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.07.13 13.26.12 | 004,302,704 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
PRC - [2010.07.13 13.26.10 | 006,076,272 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe
PRC - [2010.07.13 13.26.10 | 002,533,232 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
PRC - [2010.07.13 13.26.10 | 000,616,816 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe
PRC - [2010.07.09 13.04.34 | 003,493,776 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\Xfire.exe
PRC - [2010.05.06 19.09.06 | 000,415,638 | ---- | M] (Old McDonald's Farm) -- C:\Program Files\Autorun Eater\billy.exe
PRC - [2010.05.06 18.59.36 | 000,516,216 | ---- | M] (Old McDonald's Farm) -- C:\Program Files\Autorun Eater\oldmcdonald.exe
PRC - [2010.02.25 23.10.20 | 021,979,992 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2009.10.12 23.16.18 | 003,102,944 | ---- | M] (AnVir Software) -- C:\Program Files\AnVir Task Manager\AnVir.exe
PRC - [2009.05.03 12.28.20 | 000,244,736 | ---- | M] () -- C:\Program Files\AutoHotkey\AutoHotkey.exe
PRC - [2009.04.25 00.00.10 | 000,877,568 | ---- | M] () -- C:\Program Files\HACE\Mmm\Mmm.exe
PRC - [2008.07.26 07.25.36 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2008.07.26 07.23.42 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LVCOMSER\LVComSer.exe
PRC - [2008.07.21 16.54.34 | 000,169,312 | ---- | M] (Maxtor Corporation) -- C:\Program Files\Maxtor\OneTouch Status\MaxMenuMgr.exe
PRC - [2008.07.21 16.53.04 | 000,193,888 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Maxtor\Sync\SyncServices.exe
PRC - [2008.05.02 01.44.08 | 000,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2008.05.02 01.40.56 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2007.10.02 09.10.46 | 000,131,072 | ---- | M] (Saitek) -- C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
PRC - [2007.10.02 09.10.14 | 000,233,472 | ---- | M] (Saitek) -- C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
PRC - [2007.06.13 04.23.07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.03.27 01.29.52 | 000,192,512 | ---- | M] (AltrixSoft (http://www.altrixsoft.com/)) -- C:\WINDOWS\system32\HDDSvc.exe
PRC - [2006.11.03 18.19.58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2003.08.28 13.01.22 | 000,061,440 | ---- | M] () -- C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe


========== Modules (SafeList) ==========

MOD - [2011.01.28 16.11.22 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\Temp\logishrd\LVPrcInj01.dll
MOD - [2011.01.13 15.20.29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user1\My Documents\scripts\tools\utilities\OTL.exe
MOD - [2010.08.23 10.12.02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010.07.09 13.04.44 | 000,970,640 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\xfire_toucan_43094.dll
MOD - [2009.10.12 23.16.02 | 000,102,112 | ---- | M] (AnVir Software) -- C:\Program Files\AnVir Task Manager\AnvirHook61.dll
MOD - [2009.07.12 00.12.06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2008.05.02 01.42.50 | 000,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2008.05.02 01.38.54 | 000,064,016 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\GameHook.dll
MOD - [2004.08.12 07.34.47 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (napagent)
SRV - File not found [On_Demand | Stopped] -- -- (hkmsvc)
SRV - File not found [On_Demand | Stopped] -- -- (EapHost)
SRV - File not found [On_Demand | Stopped] -- -- (Dot3svc)
SRV - [2010.09.07 10.11.59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 10.11.59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 10.11.59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.08.13 11.58.56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.07.13 13.26.10 | 006,076,272 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2010.07.13 13.26.10 | 000,616,816 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV - [2010.07.04 21.18.44 | 000,039,936 | ---- | M] (C-Dilla Ltd) [On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2009.12.15 14.07.16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- G:\Programs\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2008.08.06 10.34.02 | 000,216,032 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService)
SRV - [2008.07.26 07.25.36 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008.07.26 07.23.42 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2008.07.21 16.53.04 | 000,193,888 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service)
SRV - [2008.05.02 01.42.06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2007.03.27 01.29.52 | 000,192,512 | ---- | M] (AltrixSoft (http://www.altrixsoft.com/)) [Auto | Running] -- C:\WINDOWS\system32\HDDSvc.exe -- (HDDSvc)
SRV - [2007.03.19 19.19.14 | 000,263,168 | ---- | M] (Ares Development Group) [On_Demand | Stopped] -- C:\Program Files\Ares\chatServer.exe -- (AresChatServer)
SRV - [2006.11.03 18.19.58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005.04.04 18.58.28 | 000,163,840 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe -- (Adobe Version Cue CS2)
SRV - [2004.11.02 15.59.50 | 000,316,544 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC)
SRV - [2003.08.28 13.01.22 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe -- (spkrmon)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2010.11.26 14.07.10 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)) WsAudio_DeviceS(5)
DRV - [2010.11.26 14.07.10 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)) WsAudio_DeviceS(4)
DRV - [2010.11.26 14.07.10 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)) WsAudio_DeviceS(3)
DRV - [2010.11.26 14.07.10 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)) WsAudio_DeviceS(2)
DRV - [2010.11.26 14.07.10 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV - [2010.09.07 09.52.25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 09.52.03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 09.47.46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 09.47.19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.09.07 09.47.07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.07 09.46.51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.07.04 21.18.40 | 000,008,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA)
DRV - [2010.05.19 13.52.36 | 000,016,240 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2009.09.21 15.29.22 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2009.02.25 16.58.57 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.01.11 19.56.58 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.12.26 22.28.14 | 000,095,592 | ---- | M] (Rocket Division Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\StarPortLite.sys -- (StarPortLite) StarPort Storage Controller (Lite)
DRV - [2008.12.13 13.47.38 | 000,129,896 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2008.12.13 13.47.38 | 000,040,496 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hotcore3.sys -- (hotcore3)
DRV - [2008.12.13 13.47.38 | 000,032,056 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\UimBus.sys -- (UimBus)
DRV - [2008.07.26 07.25.02 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008.05.20 08.32.40 | 000,015,328 | ---- | M] (Macrium Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pssnap.sys -- (pssnap)
DRV - [2008.02.29 02.13.46 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008.02.29 02.13.24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008.02.29 02.13.16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008.02.11 17.59.01 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2008.02.11 17.59.01 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2007.10.05 09.19.26 | 000,035,200 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SaiBus.sys -- (SaiNtBus)
DRV - [2007.10.05 09.19.26 | 000,014,080 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SaiMini.sys -- (SaiMini)
DRV - [2007.05.11 17.31.22 | 000,041,888 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007.05.11 17.30.04 | 001,921,184 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2007.05.11 16.31.36 | 003,580,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam Fusion(UVC)
DRV - [2007.05.03 13.37.08 | 000,022,152 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2007.05.01 14.51.10 | 000,132,232 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SaiH040C.sys -- (SaiH040C)
DRV - [2007.05.01 14.51.10 | 000,028,416 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SaiU040C.sys -- (SaiU040C)
DRV - [2007.04.25 18.55.12 | 000,040,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2007.02.16 10.12.36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007.01.26 20.09.40 | 000,068,954 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\jl2005c.sys -- (JL2005C)
DRV - [2006.10.04 20.42.42 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006.10.04 20.42.42 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2006.09.24 07.28.46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006.07.03 21.59.24 | 000,223,128 | ---- | M] (Alcohol Soft Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\vaxscsi.sys -- (vaxscsi)
DRV - [2006.03.26 06.22.14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006.03.13 03.38.23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.08.10 08.06.28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004.08.23 13.49.30 | 000,121,472 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004.08.12 07.24.55 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2004.08.09 05.33.26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.08.09 05.29.28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.07.19 08.49.54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2004.04.13 16.03.46 | 000,016,509 | ---- | M] (Palm, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2003.12.01 09.20.52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.11.07 03.50.00 | 000,070,798 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003.11.07 03.50.00 | 000,037,884 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsb.sys -- (LHidUsb)
DRV - [2003.11.07 03.50.00 | 000,025,502 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys -- (LHidFlt2)
DRV - [2003.06.24 23.18.48 | 000,146,560 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys -- (DVDVRRdr_xp)
DRV - [2003.05.07 01.54.38 | 000,008,960 | R--- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbbc2.sys -- (PLUsbbc2)
DRV - [2003.05.01 13.26.34 | 000,005,220 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2003.04.19 00.32.04 | 000,004,736 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tandpl.sys -- (tandpl)
DRV - [2003.03.02 17.44.26 | 000,007,552 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\enodpl.sys -- (enodpl)
DRV - [2002.08.14 14.03.36 | 000,017,005 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [1996.04.03 13.33.26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 ED DE 3C 84 B7 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.openintab: true
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: [email protected]:4.0.21.0
FF - prefs.js..extensions.enabledItems: [email protected]:2.7.4
FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.0.2.1
FF - prefs.js..extensions.enabledItems: {2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}:2.1.062
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.07076007
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.1
FF - prefs.js..extensions.enabledItems: {5C3A97C1-1D8C-4577-8D2B-F1C45E72000A}:1.0
FF - prefs.js..extensions.enabledItems: {7ef7f4d6-947d-11dc-8314-0800200c9a66}:3.0.1
FF - prefs.js..extensions.enabledItems: {7694c49c-9fbd-11dc-8314-0800200c9a66}:3.0.2
FF - prefs.js..extensions.enabledItems: {04CA07AB-7FC3-4110-A83F-EF1E6B75D5B0}:4.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:3.8
FF - prefs.js..extensions.enabledItems: [email protected]:1.45
FF - prefs.js..extensions.enabledItems: {c1dffba0-628e-11d9-9669-0800200c9a66}:3.5.0
FF - prefs.js..extensions.enabledItems: [email protected]:2.95


FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.01 13.35.23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.11.17 22.15.05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.16\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.12.01 13.35.29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.16\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.10.23 14.33.08 | 000,000,000 | ---D | M]

[2009.11.16 18.27.31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user1\Application Data\Mozilla\Extensions
[2009.11.16 18.27.31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user1\Application Data\Mozilla\Extensions\[email protected]
[2010.12.23 15.43.40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions
[2006.05.19 23.36.38 | 000,000,000 | ---D | M] ("Azerty II") -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{044FA143-992A-435f-95A5-39E25470F8F0}(2)
[2009.08.03 23.37.13 | 000,000,000 | ---D | M] (Azerty III) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{04CA07AB-7FC3-4110-A83F-EF1E6B75D5B0}
[2006.05.19 23.36.38 | 000,000,000 | ---D | M] (Silver Skin) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{2A10B180-05EF-11D9-8C50-444553540001}(2)
[2009.08.05 13.45.53 | 000,000,000 | ---D | M] ("Delicious Bookmarks") -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2009.05.15 23.28.58 | 000,000,000 | ---D | M] ("Delicious Bookmarks") -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}(2)
[2009.07.30 00.28.15 | 000,000,000 | ---D | M] (FoxyTunes) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2009.09.14 15.33.32 | 000,000,000 | ---D | M] (ScrapBook) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}
[2006.01.20 05.12.58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2006.05.19 23.36.37 | 000,000,000 | ---D | M] (Aquatint) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{69087485-8EDE-4a6c-91BE-6B882EB268A5}(2)
[2009.07.09 20.11.03 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2009.05.09 22.43.41 | 000,000,000 | ---D | M] (Aquatint Black Gloss) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2008.12.17 18.16.10 | 000,000,000 | ---D | M] (Abstract Zune) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{7ef7f4d6-947d-11dc-8314-0800200c9a66}
[2006.05.19 23.36.36 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}(2)
[2009.07.27 02.24.00 | 000,000,000 | ---D | M] (PitchDark) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
[2009.08.20 13.25.51 | 000,000,000 | ---D | M] (CreativesAre Toolbar) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{c42afa2e-1ffa-47f1-aaed-9dfed53a38ca}
[2008.12.17 20.08.15 | 000,000,000 | ---D | M] (Google Redesigned) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{cc85cd4e-5a5b-4eda-a25c-bdaffa93b406}
[2009.08.16 20.28.28 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009.08.03 23.37.21 | 000,000,000 | ---D | M] ("Tab Mix Plus") -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2009.02.19 00.29.24 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009.05.09 07.10.13 | 000,000,000 | ---D | M] (Autofill Forms) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2009.07.11 19.10.49 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2009.04.21 16.55.58 | 000,000,000 | ---D | M] ("Better Gmail 2") -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2009.04.21 16.55.58 | 000,000,000 | ---D | M] ("Better GReader") -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2009.07.27 02.24.26 | 000,000,000 | ---D | M] (bit.ly preview) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2009.05.29 21.47.33 | 000,000,000 | ---D | M] (ChromEdit Plus) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2009.09.14 14.26.26 | 000,000,000 | ---D | M] (Dark Revisited) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2008.03.10 15.15.08 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2008.09.11 09.25.27 | 000,000,000 | ---D | M] (Google Notebook) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2009.07.09 20.10.56 | 000,000,000 | ---D | M] ("heaven.cube") -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2008.12.30 03.05.20 | 000,000,000 | ---D | M] (RedShift V3) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2006.01.28 05.06.16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\temp
[2009.04.10 16.47.26 | 000,000,000 | ---D | M] (TiseMe Bar) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\extensions\[email protected]
[2009.10.01 00.55.18 | 000,001,243 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\a9.xml
[2009.03.20 12.19.10 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\amazondotcom.xml
[2009.03.19 10.27.53 | 000,000,853 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\del.icio.us.xml
[2009.03.16 20.38.41 | 000,002,306 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\duck-duck-go.xml
[2009.03.20 12.19.10 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\ebay.xml
[2009.10.01 00.55.18 | 000,002,125 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\flickr-tags.xml
[2008.04.10 03.24.36 | 000,001,192 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\fulltorrent.xml
[2008.06.21 15.33.53 | 000,000,908 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\imdb.xml
[2010.12.23 15.43.44 | 000,005,216 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\linkedin.xml
[2009.10.01 00.55.18 | 000,002,191 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\ljseek.xml
[2008.06.21 15.33.52 | 000,001,108 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\xsnide43.default\searchplugins\wikipedia.xml
[2010.12.23 15.43.42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\USER1\LOCAL SETTINGS\APPLICATION DATA\{5C3A97C1-1D8C-4577-8D2B-F1C45E72000A}
[2009.08.17 19.19.17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2005.09.15 17.26.00 | 000,044,153 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\inspector.dll
[2004.11.12 21.36.20 | 000,005,120 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Mozilla Firefox\plugins\NPAdbESD.dll
[2007.12.10 22.56.33 | 000,024,576 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npgcplug.dll
[2005.04.27 14.10.49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npracplug.dll

O1 HOSTS File: ([2011.01.28 16.09.48 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Autorun Eater] C:\Program Files\Autorun Eater\oldmcdonald.exe (Old McDonald's Farm)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [mxomssmenu] C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corporation)
O4 - HKLM..\Run: [ProcessGovernor] C:\Program Files\Process Lasso\processgovernor.exe (Bitsum Technologies)
O4 - HKLM..\Run: [ProcessLassoManagementConsole] C:\Program Files\Process Lasso\processlasso.exe (Bitsum Technologies)
O4 - HKLM..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe (Saitek)
O4 - HKLM..\Run: [RoxioEngineUtility] C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe (Roxio)
O4 - HKLM..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe (Saitek)
O4 - HKCU..\Run: [AnVir Task Manager] C:\Program Files\AnVir Task Manager\AnVir.exe (AnVir Software)
O4 - HKCU..\Run: [Mmm] C:\Program Files\HACE\Mmm\Mmm.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\user1\Start Menu\Programs\Startup\AutoHotkey.lnk = C:\Program Files\AutoHotkey\AutoHotkey.exe ()
O4 - Startup: C:\Documents and Settings\user1\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\user1\Application Data\Dropbox\bin\Dropbox.exe ()
O4 - Startup: C:\Documents and Settings\user1\Start Menu\Programs\Startup\Launchy.lnk = C:\Program Files\Launchy\Launchy.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Copy to Semagic - C:\Program Files\Semagic\copy.htm ()
O8 - Extra context menu item: Semagic - C:\Program Files\Semagic\link.htm ()
O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YPager.exe ()
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YPager.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {3234504D-0000-0010-8000-00AA00389B71} http://codecs.micros...386/mpeg4ax.CAB (Reg Error: Key error.)
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.sy...eqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.co.../DellSystem.CAB (DellSystem.Scanner)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\user1\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user1\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\taskmgr.exe: Debugger - "C:\Program Files\AnVir Task Manager\AnVir.exe" (AnVir Software)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.06.30 13.45.42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011.01.19 16.04.30 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.01.28 17.31.35 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.01.28 17.03.54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Malwarebytes
[2011.01.28 17.00.07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.01.28 17.00.06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011.01.28 16.59.54 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.01.28 16.59.54 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.01.28 15.54.44 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.01.28 15.50.19 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.01.28 15.50.19 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.01.28 15.50.19 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.01.28 15.50.19 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.01.28 15.47.20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.01.25 16.43.01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Autorun Eater
[2011.01.25 16.42.53 | 000,000,000 | ---D | C] -- C:\Program Files\Autorun Eater
[2011.01.19 16.04.30 | 000,000,000 | R--D | C] -- C:\autorun.inf
[2011.01.16 18.11.47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Desktop\fenderbender 110104
[2011.01.16 02.49.25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Awem
[2011.01.16 02.38.44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Start Menu\Programs\Aquitania
[2011.01.13 22.32.35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ProcessLasso
[2011.01.13 22.32.20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Process Lasso
[2011.01.13 22.32.12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\ProcessLasso
[2011.01.13 22.32.12 | 000,000,000 | ---D | C] -- C:\Program Files\Process Lasso
[2011.01.13 00.01.37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011.01.05 13.07.19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011.01.05 13.07.18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011.01.03 19.38.26 | 000,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2011.01.03 19.36.35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011.01.03 18.42.08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Borders Desktop
[2011.01.03 18.41.38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Borders Desktop
[2011.01.03 18.39.42 | 000,000,000 | ---D | C] -- C:\Program Files\Borders Desktop
[2011.01.02 23.08.17 | 000,000,000 | ---D | C] -- C:\Program Files\PDFZilla
[2007.12.10 22.56.44 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.01.28 18.15.27 | 000,000,392 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7DD405FA-CD81-431D-BD0A-0F6B00BA5F78}.job
[2011.01.28 17.50.00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.28 17.29.00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1343024091-682003330-1003UA.job
[2011.01.28 16.12.05 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011.01.28 16.10.13 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.28 16.09.48 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.01.28 16.09.24 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2011.01.28 16.09.18 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.28 16.08.56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.28 16.08.38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011.01.28 15.54.50 | 000,000,356 | RHS- | M] () -- C:\boot.ini
[2011.01.28 15.49.20 | 004,261,554 | R--- | M] () -- C:\Documents and Settings\user1\Desktop\george.exe
[2011.01.28 15.41.43 | 003,627,502 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\APittanceofTime.wmv
[2011.01.28 14.43.20 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2011.01.28 14.40.48 | 000,004,134 | ---- | M] () -- C:\Documents and Settings\user1\My Documents\AutoHotkey.ahk
[2011.01.28 12.28.08 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.01.28 05.29.00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1343024091-682003330-1003Core.job
[2011.01.24 19.54.56 | 000,000,172 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\official release notes.url
[2011.01.24 16.17.53 | 000,000,130 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Warden 101.url
[2011.01.24 14.27.01 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\via the conference website.url
[2011.01.24 13.50.36 | 000,000,392 | ---- | M] () -- C:\WINDOWS\tasks\GlaryOneClickOptimizer.job
[2011.01.23 17.25.23 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.01.22 20.11.53 | 000,000,117 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Follow us on Twitter.url
[2011.01.22 20.11.49 | 000,000,165 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\LOTRO Lotteries.url
[2011.01.22 16.07.15 | 000,000,062 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Council of Light Forums.url
[2011.01.19 18.35.53 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\New Player Guide.url
[2011.01.19 18.35.42 | 000,000,137 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\check out.url
[2011.01.17 21.35.26 | 004,685,663 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Water_Slide_WMV_V9_001.wmv
[2011.01.16 18.43.38 | 000,000,186 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\avoid these five mistakes.url
[2011.01.16 18.15.54 | 000,032,493 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\0113112148.jpg
[2011.01.16 02.41.00 | 195,207,168 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2011.01.16 02.38.57 | 000,000,573 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Aquitania.lnk
[2011.01.13 00.00.37 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.01.12 23.33.00 | 000,000,548 | ---- | M] () -- C:\WINDOWS\tasks\Rescue Reminder for 2HAA7K8A.job
[2011.01.09 23.08.18 | 000,010,062 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\More Questions.rtf
[2011.01.07 22.23.33 | 000,002,155 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2011.01.03 19.38.20 | 000,000,873 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.01.28 15.54.50 | 000,000,240 | ---- | C] () -- C:\Boot.bak
[2011.01.28 15.54.47 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011.01.28 15.50.19 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.01.28 15.50.19 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.01.28 15.50.19 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.01.28 15.50.19 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.01.28 15.50.19 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.01.28 15.41.40 | 003,627,502 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\APittanceofTime.wmv
[2011.01.24 19.54.56 | 000,000,172 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\official release notes.url
[2011.01.24 16.17.53 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Warden 101.url
[2011.01.24 14.27.01 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\via the conference website.url
[2011.01.22 20.11.53 | 000,000,117 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Follow us on Twitter.url
[2011.01.22 20.11.49 | 000,000,165 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\LOTRO Lotteries.url
[2011.01.22 16.07.15 | 000,000,062 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Council of Light Forums.url
[2011.01.20 23.54.05 | 004,261,554 | R--- | C] () -- C:\Documents and Settings\user1\Desktop\george.exe
[2011.01.19 18.35.53 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\New Player Guide.url
[2011.01.19 18.35.42 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\check out.url
[2011.01.17 21.35.22 | 004,685,663 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Water_Slide_WMV_V9_001.wmv
[2011.01.16 18.43.38 | 000,000,186 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\avoid these five mistakes.url
[2011.01.16 18.15.54 | 000,032,493 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\0113112148.jpg
[2011.01.16 02.38.57 | 000,000,573 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Aquitania.lnk
[2011.01.09 23.08.18 | 000,010,062 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\More Questions.rtf
[2011.01.03 19.43.20 | 000,000,392 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7DD405FA-CD81-431D-BD0A-0F6B00BA5F78}.job
[2011.01.03 19.38.20 | 000,000,873 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2010.12.01 01.49.01 | 000,153,600 | ---- | C] () -- C:\WINDOWS\System32\WS_ATLMovie.dll
[2010.10.11 14.58.21 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini
[2010.10.11 14.37.53 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010.07.09 13.04.40 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010.07.04 21.18.42 | 000,008,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\CDAC15BA.SYS
[2010.04.02 16.17.34 | 000,179,091 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2010.02.17 19.09.57 | 000,003,480 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\mindhabits.dat
[2009.12.29 17.32.39 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\setup_ldm.iss
[2009.10.18 20.58.04 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.10.18 20.58.04 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.04.29 22.57.52 | 000,000,211 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\FontAgent Pro.ini
[2009.04.12 17.41.20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\imorefozuzifowa.dll
[2009.03.03 22.12.18 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\09wutili.sys
[2008.10.09 20.24.21 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\EZTW32.DLL
[2008.10.07 09.13.30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 09.13.22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09.13.20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 09.13.20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 09.13.20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09.13.20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 09.13.20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 09.13.20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 09.13.20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 09.13.20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.07.26 07.25.02 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008.04.02 17.08.43 | 000,138,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008.04.02 17.08.43 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\PnkBstrK.sys
[2008.03.10 14.09.12 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2008.02.29 16.16.45 | 000,151,040 | -HS- | C] () -- C:\WINDOWS\System32\VistaUltm.dll
[2008.02.29 16.16.45 | 000,027,648 | -HS- | C] () -- C:\WINDOWS\System32\Smab0.dll
[2008.02.11 17.59.01 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008.02.11 17.59.01 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008.01.31 03.03.01 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2008.01.09 23.24.17 | 000,000,026 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\tcw_config.cfg
[2008.01.08 03.06.50 | 000,000,276 | ---- | C] () -- C:\WINDOWS\game.ini
[2007.10.16 02.19.30 | 001,060,864 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2007.10.16 02.19.30 | 000,909,312 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2007.10.16 02.19.30 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2007.10.16 02.19.30 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2007.10.15 21.41.53 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2007.10.15 21.41.53 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2007.10.15 21.41.53 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2007.10.09 23.18.03 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007.08.04 14.01.51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007.07.05 13.08.17 | 000,077,312 | ---- | C] () -- C:\WINDOWS\ua2.dll
[2007.05.24 16.16.07 | 000,399,360 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2007.05.24 16.16.07 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2007.05.14 14.30.46 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2007.05.11 15.12.54 | 000,057,126 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007.05.01 14.51.10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\SaiC040C_11.dll
[2007.04.22 18.15.29 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007.01.03 11.48.24 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\dec_jl6.dll
[2006.12.29 21.53.03 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.12.02 18.59.01 | 000,139,280 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2006.10.15 20.06.50 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2006.07.03 21.55.14 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2006.04.22 23.42.08 | 000,005,265 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\GdiplusUpgrade_MSIApproach_Wrapper.log
[2006.04.22 22.41.11 | 000,011,489 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006.04.05 03.29.05 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2006.03.24 22.36.37 | 002,502,656 | ---- | C] () -- C:\WINDOWS\System32\SaiC040C.Dll
[2006.03.24 22.36.37 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\SaiC040C_0C.dll
[2006.03.24 22.36.37 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\SaiC040C_10.dll
[2006.03.24 22.36.37 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\SaiC040C_0A.dll
[2006.03.24 22.36.37 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\SaiC040C_07.dll
[2006.03.24 22.36.37 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\SaiC040C_09.dll
[2006.03.06 05.24.51 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\enodpl.sys
[2006.03.06 05.24.50 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\tandpl.sys
[2005.12.03 16.36.22 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005.11.03 10.11.44 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\SaiC040C_0402.dll
[2005.09.24 22.39.42 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\user1\Local Settings\Application Data\fusioncache.dat
[2005.09.09 20.54.34 | 000,001,300 | ---- | C] () -- C:\WINDOWS\System32\cool.dll
[2005.08.29 12.11.25 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005.08.26 11.41.40 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2005.08.26 11.41.39 | 000,000,129 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2005.08.25 13.28.50 | 000,364,544 | ---- | C] () -- C:\WINDOWS\System32\psCamDat.dll
[2005.08.21 16.21.24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2005.08.20 01.25.12 | 000,082,432 | ---- | C] () -- C:\Documents and Settings\user1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005.08.09 16.13.31 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005.08.09 16.13.31 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005.06.30 14.39.59 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.06.30 08.23.04 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004.01.27 06.13.54 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2004.01.27 06.13.14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\libfaac.dll
[1996.04.03 13.33.26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2008.12.21 17.19.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy
[2010.06.07 11.48.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011.01.25 16.43.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autorun Eater
[2008.06.20 19.47.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Awem
[2009.11.08 23.35.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2010.10.07 13.21.44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Extensis
[2007.10.21 17.57.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Extreme Picture Finder
[2008.06.24 22.22.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flood Light Games
[2007.07.12 21.39.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gameeel
[2007.08.03 23.09.44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Games
[2009.04.21 01.16.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gold Casual Games
[2008.01.07 02.00.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2007.09.23 01.26.45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2008.06.16 20.10.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrium
[2008.11.23 14.55.17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor
[2008.02.09 01.00.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Meridian93
[2007.12.10 23.02.37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2008.01.18 22.38.37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2008.06.28 20.43.16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NeoEdge Networks
[2009.09.14 14.21.29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2009.03.11 14.26.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2010.12.18 23.23.31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2010.12.15 13.32.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010.10.10 21.51.55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2011.01.13 22.32.35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ProcessLasso
[2010.12.14 23.14.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RVLGames
[2008.04.13 21.17.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Saitek
[2009.08.10 17.39.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2007.09.05 20.14.16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SongbirdVLC
[2009.09.16 11.11.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008.01.01 00.31.49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TERMINAL Studio
[2008.11.22 01.19.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2009.12.24 10.39.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wavelet Labs
[2007.04.13 22.49.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2007.07.12 16.07.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009.03.23 23.16.10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010.10.23 14.40.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.07.27 02.23.16 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2009.12.31 20.44.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.05.26 15.33.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2005.09.14 06.56.50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\.bittorrent
[2007.11.08 02.17.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\.gaim
[2010.12.20 22.45.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\.minecraft
[2009.05.27 21.39.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\.purple
[2010.08.02 00.59.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Absolute Audio Converter
[2007.12.26 19.16.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Age of Japan II
[2008.01.08 00.00.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Alawar
[2005.11.21 05.29.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Allume Systems
[2009.06.04 21.00.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Amazon
[2007.10.26 15.27.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\AptEdit
[2009.03.01 23.05.31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Archibald's Adventures
[2008.06.12 21.49.40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\ArcticLine
[2011.01.16 02.49.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Awem
[2009.02.16 23.40.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Bioshock
[2008.06.07 22.05.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Bloom
[2009.06.07 00.02.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Braid
[2009.04.18 20.21.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Bump Technologies, Inc
[2009.03.25 20.50.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\com.adobe.kuler.Desktop.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009.04.21 16.22.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\com.gog.downloader.87F90EC6C28C7E479115BE2E026DB87A08BC420D.1
[2009.06.08 18.29.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\com.levitation.ColorBrowser.E8C85B0D1658562C6BF4EE77663EB3C86B87123C.1
[2009.08.21 20.37.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\com.raptr.Raptr.848BBC53270CAC248E8FA0F339176201CDEB525F.1
[2009.01.10 23.35.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Crayon Physics Deluxe
[2009.03.24 14.13.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\de.makesoft.twhirl.0EA062BC275E7ED1E6EC3762EFFD73C7158ADF33.1
[2010.01.03 16.23.44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\DeepVoyage
[2008.09.04 18.13.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\DoubleSafety
[2011.01.28 16.14.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Dropbox
[2008.10.11 21.54.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\EleFun Games
[2007.07.17 14.51.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Eltima Software
[2009.04.30 00.00.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Extensis
[2006.07.01 22.06.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\FlashFXP
[2006.08.13 20.12.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Flickr
[2008.06.24 22.22.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Flood Light Games
[2009.03.08 12.08.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Gamelab
[2008.06.29 23.27.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Genimo
[2008.07.13 00.34.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\GetRightToGo
[2007.10.13 20.06.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\GlarySoft
[2009.10.24 21.31.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Gold Casual Games
[2007.11.21 17.34.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\gtk-2.0
[2008.06.28 17.50.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Home Sweet Home
[2007.09.12 23.03.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\IcoFX
[2010.07.03 15.19.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\IdeaBoxGame
[2007.05.04 21.25.17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\IMBT
[2005.06.30 14.04.37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Infineon
[2008.11.14 20.18.39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\JAM Software
[2008.04.12 20.51.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Jane s Hotel
[2009.03.30 00.36.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Jane s Hotel Family Hero
[2009.04.16 02.04.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Jetbricks
[2009.04.10 13.28.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\JustResizeIt.742E03C4887133AEE1D0C646BCFAA94B0D0E9874.1
[2009.03.31 20.42.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Klok.AF6B2973D903BFAE0589C27890FE0146C233490A.1
[2010.11.18 22.52.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Launchy
[2005.11.20 02.21.20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Leadertech
[2008.01.07 22.38.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Legends of pirates
[2008.11.21 23.52.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\LimeWire
[2008.01.19 20.57.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Meridian93
[2007.11.15 00.28.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Miranda
[2009.06.04 01.03.31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Mp3 Music Editor
[2005.11.26 21.55.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\My Games
[2008.08.30 23.37.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Mythic Adventure
[2008.01.18 22.19.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\NCH Swift Sound
[2009.04.15 18.18.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\NetStat Agent
[2009.03.30 00.33.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Notepad++
[2010.06.14 11.53.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Obsidium
[2010.07.17 20.07.47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\OnLive
[2008.11.22 22.30.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\OpenOffice.org
[2007.01.10 17.54.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Opera
[2009.03.11 14.26.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\PlayFirst
[2010.11.11 23.15.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Playrix Entertainment
[2008.02.26 22.59.42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\PPTminimizer
[2011.01.13 22.33.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\ProcessLasso
[2007.09.29 23.18.03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Publish Providers
[2010.06.07 00.50.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\RainbowGames
[2010.12.06 03.50.42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Raptr
[2009.08.02 15.52.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\RenPy
[2009.12.30 16.58.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\runic games
[2010.08.02 01.03.29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\RunningPillow
[2009.12.07 17.11.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\SecondLife
[2008.01.19 20.57.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Softplicity
[2009.09.10 23.39.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Software Informer
[2007.09.05 20.12.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Songbird
[2007.09.29 23.17.35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Sony
[2008.07.19 00.42.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\SPORE Creature Creator
[2009.09.24 18.15.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Systweak
[2005.08.17 22.03.03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Thunderbird
[2010.08.01 23.52.10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Trio
[2007.03.14 17.23.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Turbine
[2009.03.24 14.00.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1
[2010.07.18 21.59.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2007.03.14 23.23.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\URSE Games
[2010.10.03 20.49.29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\uTorrent
[2009.11.16 18.27.29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Yoono
[2011.01.28 16.09.24 | 000,000,312 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job
[2011.01.24 13.50.36 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryOneClickOptimizer.job
[2011.01.28 16.12.05 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011.01.12 23.33.00 | 000,000,548 | ---- | M] () -- C:\WINDOWS\Tasks\Rescue Reminder for 2HAA7K8A.job
[2011.01.28 18.15.27 | 000,000,392 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{7DD405FA-CD81-431D-BD0A-0F6B00BA5F78}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 184 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DCD39382
@Alternate Data Stream - 167 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CF39FA77
@Alternate Data Stream - 166 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4F0FFA06
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E1D6C864

< End of report >
  • 0

#12
RKinner
Posted 28 January 2011 - 09:39 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Copy the text in the code box below by highlighting and then Ctrl + c :


/MD5START 
dimsntfy.dll
regedit.exe
beep.sys
explorer.exe
userinit.exe
atapi.sys
/MD5STOP

Run OTL and paste the above in the box where it says Custom Scans/Fixes. Verify that you got it all then where it says File Age (Under File Scans:) set it to the maximum then hit RUN SCAN. Copy and Paste the result.

Copy the text between the lines of stars by highlighting and Ctrl + c.

******************************************

Killall::

DirLook::
C:\Program Files\Common

File::
c:\windows\system32\DRIVERS\Lbd.sys
c:\windows\system32\drivers\rxp.sys
c:\program files\SUPERAntiSpyware\SASKUTIL.sys
c:\windows\Tasks\Symantec NetDetect.job
c:\windows\TEMP\TMP000000149B6B0D8CDE427D35

Driver::
Lbd
rxp
SASKUTIL

RootKit::
c:\windows\TEMP\TMP000000149B6B0D8CDE427D35



RegNull::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C53C8AFE-780B-A095-1875A9D39C824CF2}\{151E6624-94D7-6041-A2A26FFA6BDDEF0C}\{8D08884B-CD31-5FF0-CA8CAC497363EFC4}*]

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C53C8AFE-780B-A095-1875A9D39C824CF2}\{151E6624-94D7-6041-A2A26FFA6BDDEF0C}\{8D08884B-CD31-5FF0-CA8CAC497363EFC4}*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C53C8AFE-780B-A095-1875A9D39C824CF2}\{151E6624-94D7-6041-A2A26FFA6BDDEF0C}\{8D08884B-CD31-5FF0-CA8CAC497363EFC4}]

Registry::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C53C8AFE-780B-A095-1875A9D39C824CF2}\{151E6624-94D7-6041-A2A26FFA6BDDEF0C}\{8D08884B-CD31-5FF0-CA8CAC497363EFC4}*]
"AKNWOCNXOU3KGNJZJIHVXU2P2H1"=-
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C53C8AFE-780B-A095-1875A9D39C824CF2}\{151E6624-94D7-6041-A2A26FFA6BDDEF0C}\{8D08884B-CD31-5FF0-CA8CAC497363EFC4}]
"AKNWOCNXOU3KGNJZJIHVXU2P2H1"=-
[-HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C53C8AFE-780B-A095-1875A9D39C824CF2}\{151E6624-94D7-6041-A2A26FFA6BDDEF0C}\{8D08884B-CD31-5FF0-CA8CAC497363EFC4}*]
[-HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C53C8AFE-780B-A095-1875A9D39C824CF2}\{151E6624-94D7-6041-A2A26FFA6BDDEF0C}\{8D08884B-CD31-5FF0-CA8CAC497363EFC4}]


******************************************

Now open notepad (Start, Run, notepad, OK) and Ctrl + V to paste the text into Notepad. Make sure you got it all then File, SAVE AS, (to your Desktop), CFScript , OK. Close notepad. (Overwrite the old one if it's still there.) You should see a file CFScript.txt on your desktop.

Drag it over to george and let it start as before.

Post the new log.

We may need to use Combofix again so we won't restore the color files yet since it would just take them out again. But if you need to restore them right away:

Copy the text between the lines of stars:

****************

Killall:

DeQuarantine::

C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E710-1b5.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E710-1b6.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E710-1b9.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E900-2_5.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E900-2_6.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E900-2_9.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO935_55.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO935_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO935_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\DPP800.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL77e_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL77e_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL92_72.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL92_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AF900_55.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AF900_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AF900_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL95e_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL95e_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AX740_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AX740_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AX740_50.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL90e_50.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL90e_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL90e_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL72e_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL72e_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AP520_55.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AP520_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AP520_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AP520_df.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AP800_72.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL50e_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL50e_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL42_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL77_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL77_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL95_55.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL95_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL95_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AX750_55.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AX750_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AX750_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AX700_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AX700_55.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AX700_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E500n_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E500n_55.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E500n_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E2000_55.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E2000_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E2000_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL74_55.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL74_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\UL74_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\DPP550.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO930_55.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO930_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO930_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AR36HT_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul75_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul75_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul52_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul52_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul90_93s.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul100_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul100_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul100_55.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E2010_55.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E2010_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E2010_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul90_65h.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul90_93h.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\Ul90_55h.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E2000_50.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\E2000_75.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AG900_10.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AG900_50.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AG900_60.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AG900_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AG900_70.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AG900_80.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\AG900_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO900_55.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO900_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO900_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO505_50.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO505_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO505_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\C2001_55.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\C2001_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\C2001_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO705_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO705_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO750_55.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO750_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO750_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO500_55.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO500_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO500_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO400_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO710_55.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO710_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO710_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO720_55.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO720_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO720_93.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO700_55.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO700_65.icm.vir
C:\Qoobox\Quarantine\C\WINDOWS\system\Color\EO700_93.icm.vir

Quit::

***************************************************

Now open notepad (Start, Run, notepad, OK) and Ctrl + V to paste the text into Notepad. Make sure you got it all then File, SAVE AS, (to your Desktop), CFScript , OK. Close notepad. (Overwrite the old one if it's still there.) You should see a file CFScript.txt on your desktop.

Drag it over to george and let it start as before.

You see how it works so if there is something else that it removed that you know you need then add it to the list.


Ron
  • 1

#13
Anamacha
Posted 28 January 2011 - 10:09 PM

Anamacha

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 129 posts
the version of OTL I'm using is 3.2.20.2 ... is there a newer one? I ask because I did as you said, it scans for a while and then simply stops without providing a log. I've been doing other things while the program scans, and when I go back to OTL the window doesn't update properly. There's white space where the foremost window covered it.

I've fun it twice with the same result; I'll try it again and leave it in the foreground this time.

edit: nevermind, it was just taking a long time to scan one thing. Interesting.

Edited by Anamacha, 28 January 2011 - 10:11 PM.

  • 0

#14
Anamacha
Posted 29 January 2011 - 01:21 AM

Anamacha

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 129 posts
Okay, I was running the scans while I went to another room to watch TV. Maybe I shouldn't have done that because my machine rebooted after a the CF scan. I didn't tell it to. Anyway, I'll start from the beginning tomorrow.

Something important happened, though: I had one of those crashes when the fan went crazy loud. For the first time, I got an error report upon restarting, and I thought you might be able to divine a culprit from the log files.

The contents of the manifest.txt file:


Server=watson.microsoft.com
UI LCID=1033
Flags=1696082
Brand=WINDOWS
TitleName=Microsoft Windows
DigPidRegPath=HKLM\Software\Microsoft\Windows NT\CurrentVersion\DigitalProductId
ErrorText=A log of this error has been created.
HeaderText=The system has recovered from a serious error.
Stage2URL=
Stage2URL=/dw/bluetwo.asp?BCCode=1000008e&BCP1=C0000005&BCP2=BF83ACC5&BCP3=A85BABC0&BCP4=00000000&OSVer=5_1_2600&SP=3_0&Product=256_1
DataFiles=C:\DOCUME~1\user1\LOCALS~1\Temp\WER5d2a.dir00\Mini092210-01.dmp|C:\DOCUME~1\user1\LOCALS~1\Temp\WER5d2a.dir00\sysdata.xml
ErrorSubPath=blue
DirectoryDelete=C:\DOCUME~1\user1\LOCALS~1\Temp\WER5d2a.dir00



*************************************************************************************************

the contents of the Mini092210-01.dmp file:
< it's binary so I'll attach it if you're interested >

*************************************************************************************************

the contents of the sysdata.xml file:

<?xml version="1.0" encoding="Unicode" ?>
<SYSTEMINFO>
<SYSTEM>
<OSNAME>Microsoft Windows XP Professional</OSNAME>
<OSVER>5.1.2600 3.0</OSVER>
<OSLANGUAGE>1033</OSLANGUAGE>
</SYSTEM>
<DEVICES>
<DEVICE>
<DESCRIPTION>ACPI Fixed Feature Button</DESCRIPTION>
<HARDWAREID>ACPI\FixedButton</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>Intel Processor</DESCRIPTION>
<HARDWAREID>ACPI\GenuineIntel_-_x86_Family_15_Model_4</HARDWAREID>
<SERVICE>intelppm</SERVICE>
<DRIVER>intelppm.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Programmable interrupt controller</DESCRIPTION>
<HARDWAREID>ACPI\PNP0000</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>System timer</DESCRIPTION>
<HARDWAREID>ACPI\PNP0100</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>High Precision Event Timer</DESCRIPTION>
<HARDWAREID>ACPI\PNP0103</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>Direct memory access controller</DESCRIPTION>
<HARDWAREID>ACPI\PNP0200</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>ECP Printer Port</DESCRIPTION>
<HARDWAREID>ACPI\PNP0401</HARDWAREID>
<SERVICE>Parport</SERVICE>
<DRIVER>parport.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Communications Port</DESCRIPTION>
<HARDWAREID>ACPI\PNP0501</HARDWAREID>
<SERVICE>Serial</SERVICE>
<DRIVER>serial.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Standard floppy disk controller</DESCRIPTION>
<HARDWAREID>ACPI\PNP0700</HARDWAREID>
<SERVICE>fdc</SERVICE>
<DRIVER>fdc.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>System speaker</DESCRIPTION>
<HARDWAREID>ACPI\PNP0800</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>PCI bus</DESCRIPTION>
<HARDWAREID>ACPI\PNP0A03</HARDWAREID>
<SERVICE>pci</SERVICE>
<DRIVER>pci.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Extended IO Bus</DESCRIPTION>
<HARDWAREID>ACPI\PNP0A06</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>System CMOS/real time clock</DESCRIPTION>
<HARDWAREID>ACPI\PNP0B00</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>System board</DESCRIPTION>
<HARDWAREID>ACPI\PNP0C01</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>System board</DESCRIPTION>
<HARDWAREID>ACPI\PNP0C01</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>Motherboard resources</DESCRIPTION>
<HARDWAREID>ACPI\PNP0C02</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>Numeric data processor</DESCRIPTION>
<HARDWAREID>ACPI\PNP0C04</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>ACPI Power Button</DESCRIPTION>
<HARDWAREID>ACPI\PNP0C0C</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>SCSI/RAID Host Controller</DESCRIPTION>
<HARDWAREID>ACPI\PNPA000</HARDWAREID>
<SERVICE>azjlgol6</SERVICE>
</DEVICE>
<DEVICE>
<DESCRIPTION>Microsoft ACPI-Compliant System</DESCRIPTION>
<HARDWAREID>ACPI_HAL\PNP0C08</HARDWAREID>
<SERVICE>ACPI</SERVICE>
<DRIVER>ACPI.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Samsung SyncMaster 755DF(T)</DESCRIPTION>
<HARDWAREID>Monitor\SAM1156</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>Floppy disk drive</DESCRIPTION>
<HARDWAREID>FDC\GENERIC_FLOPPY_DRIVE</HARDWAREID>
<SERVICE>flpydisk</SERVICE>
<DRIVER>flpydisk.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>HID-compliant consumer control device</DESCRIPTION>
<HARDWAREID>HID\SaitekHotKeys</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>HID Keyboard Device</DESCRIPTION>
<HARDWAREID>HID\SaitekKeyboard</HARDWAREID>
<SERVICE>kbdhid</SERVICE>
<DRIVER>kbdhid.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>HID-compliant mouse</DESCRIPTION>
<HARDWAREID>HID\SaitekMouse</HARDWAREID>
<SERVICE>mouhid</SERVICE>
<DRIVER>mouhid.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Microsoft USB Natural Ergonomic Keyboard 4000 (IntelliType Pro)</DESCRIPTION>
<HARDWAREID>HID\Vid_045e&amp;Pid_00db&amp;Rev_0173&amp;MI_00</HARDWAREID>
<SERVICE>kbdhid</SERVICE>
<DRIVER>kbdhid.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>HID-compliant consumer control device</DESCRIPTION>
<HARDWAREID>HID\Vid_045e&amp;Pid_00db&amp;Rev_0173&amp;MI_01</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>Logitech HID-compliant Marble Mouse</DESCRIPTION>
<HARDWAREID>HID\Vid_046d&amp;Pid_c408&amp;Rev_1400</HARDWAREID>
<SERVICE>mouhid</SERVICE>
<DRIVER>mouhid.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Logitech HID-compliant Cordless Trackball</DESCRIPTION>
<HARDWAREID>HID\Vid_046d&amp;Pid_c508&amp;Rev_1500</HARDWAREID>
<SERVICE>mouhid</SERVICE>
<DRIVER>mouhid.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>HID-compliant device</DESCRIPTION>
<HARDWAREID>HID\WACOMVIRTUALHID&amp;Col01</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>HID-compliant device</DESCRIPTION>
<HARDWAREID>HID\WACOMVIRTUALHID&amp;Col02</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>Wacom Mouse</DESCRIPTION>
<HARDWAREID>HID\WACOMVIRTUALHID&amp;Col03</HARDWAREID>
<SERVICE>mouhid</SERVICE>
<DRIVER>mouhid.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>HID-compliant device</DESCRIPTION>
<HARDWAREID>HID\WACOMVIRTUALHID&amp;Col04</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>CD-ROM Drive</DESCRIPTION>
<HARDWAREID>IDE\CdRomSAMSUNG_DVD-ROM_SD-616T_________________F306____</HARDWAREID>
<SERVICE>cdrom</SERVICE>
<DRIVER>cdrom.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Disk drive</DESCRIPTION>
<HARDWAREID>IDE\DiskST3120022AS_____________________________8.05____</HARDWAREID>
<SERVICE>disk</SERVICE>
<DRIVER>disk.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>ISAPNP Read Data Port</DESCRIPTION>
<HARDWAREID>ISAPNP\ReadDataPort</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>Printer Port Logical Interface</DESCRIPTION>
<HARDWAREID>LPTENUM\MicrosoftRawPort958A</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>Radeon X1650 Series </DESCRIPTION>
<HARDWAREID>PCI\VEN_1002&amp;DEV_71C1&amp;SUBSYS_23521002&amp;REV_9E</HARDWAREID>
<SERVICE>ati2mtag</SERVICE>
<DRIVER>ati2mtag.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Radeon X1650 Series Secondary </DESCRIPTION>
<HARDWAREID>PCI\VEN_1002&amp;DEV_71E1&amp;SUBSYS_23531002&amp;REV_9E</HARDWAREID>
<SERVICE>ati2mtag</SERVICE>
<DRIVER>ati2mtag.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Texas Instruments OHCI Compliant IEEE 1394 Host Controller</DESCRIPTION>
<HARDWAREID>PCI\VEN_104C&amp;DEV_8020&amp;SUBSYS_04011545&amp;REV_00</HARDWAREID>
<SERVICE>ohci1394</SERVICE>
<DRIVER>ohci1394.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Broadcom NetXtreme 57xx Gigabit Controller</DESCRIPTION>
<HARDWAREID>PCI\VEN_14E4&amp;DEV_1677&amp;SUBSYS_01791028&amp;REV_01</HARDWAREID>
<SERVICE>b57w2k</SERVICE>
<DRIVER>b57xp32.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Intel® 82801 PCI Bridge - 244E</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&amp;DEV_244E&amp;SUBSYS_00000000&amp;REV_D3</HARDWAREID>
<SERVICE>pci</SERVICE>
<DRIVER>pci.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Intel® 915G/P/GV Processor to I/O Controller - 2580</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&amp;DEV_2580&amp;SUBSYS_00000000&amp;REV_04</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>Intel® 915G/P/GV PCI Express Root Port - 2581</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&amp;DEV_2581&amp;SUBSYS_00000000&amp;REV_04</HARDWAREID>
<SERVICE>pci</SERVICE>
<DRIVER>pci.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Intel® 82801FB LPC Interface Controller - 2640</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&amp;DEV_2640&amp;SUBSYS_00000000&amp;REV_03</HARDWAREID>
<SERVICE>isapnp</SERVICE>
<DRIVER>isapnp.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Intel® 82801FB Ultra ATA Storage Controllers - 2651</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&amp;DEV_2651&amp;SUBSYS_01791028&amp;REV_03</HARDWAREID>
<SERVICE>pciide</SERVICE>
<DRIVER>pciide.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Intel® 82801FB/FBM USB Universal Host Controller - 2658</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&amp;DEV_2658&amp;SUBSYS_01791028&amp;REV_03</HARDWAREID>
<SERVICE>usbuhci</SERVICE>
<DRIVER>usbuhci.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Intel® 82801FB/FBM USB Universal Host Controller - 2659</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&amp;DEV_2659&amp;SUBSYS_01791028&amp;REV_03</HARDWAREID>
<SERVICE>usbuhci</SERVICE>
<DRIVER>usbuhci.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Intel® 82801FB/FBM USB Universal Host Controller - 265A</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&amp;DEV_265A&amp;SUBSYS_01791028&amp;REV_03</HARDWAREID>
<SERVICE>usbuhci</SERVICE>
<DRIVER>usbuhci.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Intel® 82801FB/FBM USB Universal Host Controller - 265B</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&amp;DEV_265B&amp;SUBSYS_01791028&amp;REV_03</HARDWAREID>
<SERVICE>usbuhci</SERVICE>
<DRIVER>usbuhci.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Intel® 82801FB/FBM USB2 Enhanced Host Controller - 265C</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&amp;DEV_265C&amp;SUBSYS_01791028&amp;REV_03</HARDWAREID>
<SERVICE>usbehci</SERVICE>
<DRIVER>usbehci.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Intel® 82801FB/FBM PCI Express Root Port - 2660</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&amp;DEV_2660&amp;SUBSYS_00000000&amp;REV_03</HARDWAREID>
<SERVICE>pci</SERVICE>
<DRIVER>pci.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Intel® 82801FB/FBM PCI Express Root Port - 2662</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&amp;DEV_2662&amp;SUBSYS_00000000&amp;REV_03</HARDWAREID>
<SERVICE>pci</SERVICE>
<DRIVER>pci.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Intel® 82801FB/FBM SMBus Controller - 266A</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&amp;DEV_266A&amp;SUBSYS_01791028&amp;REV_03</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>SoundMAX Integrated Digital Audio</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&amp;DEV_266E&amp;SUBSYS_01791028&amp;REV_03</HARDWAREID>
<SERVICE>smwdm</SERVICE>
<DRIVER>smwdm.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Intel® 82801FB/FBM Ultra ATA Storage Controllers - 266F</DESCRIPTION>
<HARDWAREID>PCI\VEN_8086&amp;DEV_266F&amp;SUBSYS_01791028&amp;REV_03</HARDWAREID>
<SERVICE>pciide</SERVICE>
<DRIVER>pciide.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Primary IDE Channel</DESCRIPTION>
<HARDWAREID>Intel-2651</HARDWAREID>
<SERVICE>atapi</SERVICE>
<DRIVER>atapi.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Primary IDE Channel</DESCRIPTION>
<HARDWAREID>Intel-266f</HARDWAREID>
<SERVICE>atapi</SERVICE>
<DRIVER>atapi.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>ACPI Multiprocessor PC</DESCRIPTION>
<HARDWAREID>acpiapic_mp</HARDWAREID>
<SERVICE>\Driver\ACPI_HAL</SERVICE>
</DEVICE>
<DEVICE>
<DESCRIPTION>Logical Disk Manager</DESCRIPTION>
<HARDWAREID>ROOT\DMIO</HARDWAREID>
<SERVICE>dmio</SERVICE>
<DRIVER>dmio.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Volume Manager</DESCRIPTION>
<HARDWAREID>ROOT\FTDISK</HARDWAREID>
<SERVICE>ftdisk</SERVICE>
<DRIVER>ftdisk.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Wacom Virtual Hid Driver</DESCRIPTION>
<HARDWAREID>ROOT\WACOMVIRTUALHID</HARDWAREID>
<SERVICE>wacomvhid</SERVICE>
<DRIVER>wacomvhid.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>WsAudio_DeviceS(1)</DESCRIPTION>
<HARDWAREID>WsAudio_DeviceS(1)</HARDWAREID>
<SERVICE>WsAudio_DeviceS(1)</SERVICE>
<DRIVER>WsAudio_DeviceS(1).sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>WsAudio_DeviceS(2)</DESCRIPTION>
<HARDWAREID>WsAudio_DeviceS(2)</HARDWAREID>
<SERVICE>WsAudio_DeviceS(2)</SERVICE>
<DRIVER>WsAudio_DeviceS(2).sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>WsAudio_DeviceS(3)</DESCRIPTION>
<HARDWAREID>WsAudio_DeviceS(3)</HARDWAREID>
<SERVICE>WsAudio_DeviceS(3)</SERVICE>
<DRIVER>WsAudio_DeviceS(3).sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>WsAudio_DeviceS(4)</DESCRIPTION>
<HARDWAREID>WsAudio_DeviceS(4)</HARDWAREID>
<SERVICE>WsAudio_DeviceS(4)</SERVICE>
<DRIVER>WsAudio_DeviceS(4).sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>WsAudio_DeviceS(5)</DESCRIPTION>
<HARDWAREID>WsAudio_DeviceS(5)</HARDWAREID>
<SERVICE>WsAudio_DeviceS(5)</SERVICE>
<DRIVER>WsAudio_DeviceS(5).sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Audio Codecs</DESCRIPTION>
<HARDWAREID>MS_MMACM</HARDWAREID>
<SERVICE>audstub</SERVICE>
<DRIVER>audstub.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Legacy Audio Drivers</DESCRIPTION>
<HARDWAREID>MS_MMDRV</HARDWAREID>
<SERVICE>audstub</SERVICE>
<DRIVER>audstub.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Media Control Devices</DESCRIPTION>
<HARDWAREID>MS_MMMCI</HARDWAREID>
<SERVICE>audstub</SERVICE>
<DRIVER>audstub.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Legacy Video Capture Devices</DESCRIPTION>
<HARDWAREID>MS_MMVCD</HARDWAREID>
<SERVICE>audstub</SERVICE>
<DRIVER>audstub.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Video Codecs</DESCRIPTION>
<HARDWAREID>MS_MMVID</HARDWAREID>
<SERVICE>audstub</SERVICE>
<DRIVER>audstub.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>WAN Miniport (L2TP)</DESCRIPTION>
<HARDWAREID>ms_l2tpminiport</HARDWAREID>
<SERVICE>Rasl2tp</SERVICE>
<DRIVER>rasl2tp.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>WAN Miniport (Network Monitor)</DESCRIPTION>
<HARDWAREID>ms_ndiswanbh</HARDWAREID>
<SERVICE>NdisWan</SERVICE>
<DRIVER>ndiswan.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>WAN Miniport (IP)</DESCRIPTION>
<HARDWAREID>ms_ndiswanip</HARDWAREID>
<SERVICE>NdisWan</SERVICE>
<DRIVER>ndiswan.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>WAN Miniport (PPPOE)</DESCRIPTION>
<HARDWAREID>ms_pppoeminiport</HARDWAREID>
<SERVICE>RasPppoe</SERVICE>
<DRIVER>raspppoe.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>WAN Miniport (PPTP)</DESCRIPTION>
<HARDWAREID>ms_pptpminiport</HARDWAREID>
<SERVICE>PptpMiniport</SERVICE>
<DRIVER>raspptp.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Packet Scheduler Miniport</DESCRIPTION>
<HARDWAREID>ms_pschedmp</HARDWAREID>
<SERVICE>PSched</SERVICE>
<DRIVER>psched.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Packet Scheduler Miniport</DESCRIPTION>
<HARDWAREID>ms_pschedmp</HARDWAREID>
<SERVICE>PSched</SERVICE>
<DRIVER>psched.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Packet Scheduler Miniport</DESCRIPTION>
<HARDWAREID>ms_pschedmp</HARDWAREID>
<SERVICE>PSched</SERVICE>
<DRIVER>psched.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Direct Parallel</DESCRIPTION>
<HARDWAREID>ms_ptiminiport</HARDWAREID>
<SERVICE>Raspti</SERVICE>
<DRIVER>raspti.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Terminal Server Device Redirector</DESCRIPTION>
<HARDWAREID>ROOT\RDPDR</HARDWAREID>
<SERVICE>rdpdr</SERVICE>
<DRIVER>rdpdr.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Terminal Server Keyboard Driver</DESCRIPTION>
<HARDWAREID>ROOT\RDP_KBD</HARDWAREID>
<SERVICE>TermDD</SERVICE>
<DRIVER>termdd.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Terminal Server Mouse Driver</DESCRIPTION>
<HARDWAREID>ROOT\RDP_MOU</HARDWAREID>
<SERVICE>TermDD</SERVICE>
<DRIVER>termdd.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Saitek Magic Bus</DESCRIPTION>
<HARDWAREID>SaiClass</HARDWAREID>
<SERVICE>SaiNtBus</SERVICE>
<DRIVER>SaiBus.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>StarPort Storage Controller (Lite)</DESCRIPTION>
<HARDWAREID>ROOT\StarPortLite</HARDWAREID>
<SERVICE>StarPortLite</SERVICE>
<DRIVER>StarPortLite.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Plug and Play Software Device Enumerator</DESCRIPTION>
<HARDWAREID>root\swenum</HARDWAREID>
<SERVICE>swenum</SERVICE>
<DRIVER>swenum.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Microcode Update Device</DESCRIPTION>
<HARDWAREID>root\update</HARDWAREID>
<SERVICE>update</SERVICE>
<DRIVER>update.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Microsoft System Management BIOS Driver</DESCRIPTION>
<HARDWAREID>root\mssmbios</HARDWAREID>
<SERVICE>mssmbios</SERVICE>
<DRIVER>mssmbios.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Universal Image Mounter Controller</DESCRIPTION>
<HARDWAREID>Root\UIM_BUS</HARDWAREID>
<SERVICE>UimBus</SERVICE>
<DRIVER>UimBus.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>UIM Drive Backup Image Plugin</DESCRIPTION>
<HARDWAREID>UIM\PLUGIN_DB</HARDWAREID>
<SERVICE>Uim_IM</SERVICE>
<DRIVER>Uim_IM.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Saitek Magic Hotkey Device</DESCRIPTION>
<HARDWAREID>SaitekMagicBus\SaitekHotKeys</HARDWAREID>
<SERVICE>SaiMini</SERVICE>
<DRIVER>SaiMini.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Saitek Magic Keyboard</DESCRIPTION>
<HARDWAREID>SaitekMagicBus\SaitekKeyboard</HARDWAREID>
<SERVICE>SaiMini</SERVICE>
<DRIVER>SaiMini.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Saitek Magic Mouse</DESCRIPTION>
<HARDWAREID>SaitekMagicBus\SaitekMouse</HARDWAREID>
<SERVICE>SaiMini</SERVICE>
<DRIVER>SaiMini.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>CD-ROM Drive</DESCRIPTION>
<HARDWAREID>SCSI\CdRomGA1055W_KUN938Q_________1.0_</HARDWAREID>
<SERVICE>cdrom</SERVICE>
<DRIVER>cdrom.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Generic volume</DESCRIPTION>
<HARDWAREID>STORAGE\Volume</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>Generic volume</DESCRIPTION>
<HARDWAREID>STORAGE\Volume</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>Microsoft Kernel System Audio Device</DESCRIPTION>
<HARDWAREID>SW\{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}</HARDWAREID>
<SERVICE>sysaudio</SERVICE>
<DRIVER>sysaudio.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Microsoft WINMM WDM Audio Compatibility Driver</DESCRIPTION>
<HARDWAREID>SW\{cd171de3-69e5-11d2-b56d-0000f8754380}</HARDWAREID>
<SERVICE>wdmaud</SERVICE>
<DRIVER>wdmaud.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>USB Root Hub</DESCRIPTION>
<HARDWAREID>USB\ROOT_HUB&amp;VID8086&amp;PID265B&amp;REV0003</HARDWAREID>
<SERVICE>usbhub</SERVICE>
<DRIVER>usbhub.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>USB Root Hub</DESCRIPTION>
<HARDWAREID>USB\ROOT_HUB&amp;VID8086&amp;PID265A&amp;REV0003</HARDWAREID>
<SERVICE>usbhub</SERVICE>
<DRIVER>usbhub.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>USB Root Hub</DESCRIPTION>
<HARDWAREID>USB\ROOT_HUB&amp;VID8086&amp;PID2659&amp;REV0003</HARDWAREID>
<SERVICE>usbhub</SERVICE>
<DRIVER>usbhub.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>USB Root Hub</DESCRIPTION>
<HARDWAREID>USB\ROOT_HUB&amp;VID8086&amp;PID2658&amp;REV0003</HARDWAREID>
<SERVICE>usbhub</SERVICE>
<DRIVER>usbhub.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>USB Root Hub</DESCRIPTION>
<HARDWAREID>USB\ROOT_HUB20&amp;VID8086&amp;PID265C&amp;REV0003</HARDWAREID>
<SERVICE>usbhub</SERVICE>
<DRIVER>usbhub.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Generic USB Hub</DESCRIPTION>
<HARDWAREID>USB\Vid_0409&amp;Pid_0059&amp;Rev_0100</HARDWAREID>
<SERVICE>usbhub</SERVICE>
<DRIVER>usbhub.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>USB Composite Device</DESCRIPTION>
<HARDWAREID>USB\Vid_045e&amp;Pid_00db&amp;Rev_0173</HARDWAREID>
<SERVICE>usbccgp</SERVICE>
<DRIVER>usbccgp.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>USB Human Interface Device</DESCRIPTION>
<HARDWAREID>USB\Vid_045e&amp;Pid_00db&amp;Rev_0173&amp;MI_00</HARDWAREID>
<SERVICE>HidUsb</SERVICE>
<DRIVER>hidusb.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>USB Human Interface Device</DESCRIPTION>
<HARDWAREID>USB\Vid_045e&amp;Pid_00db&amp;Rev_0173&amp;MI_01</HARDWAREID>
<SERVICE>HidUsb</SERVICE>
<DRIVER>hidusb.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>USB Composite Device</DESCRIPTION>
<HARDWAREID>USB\Vid_046d&amp;Pid_08c1&amp;Rev_0005</HARDWAREID>
<SERVICE>usbccgp</SERVICE>
<DRIVER>usbccgp.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Logitech QuickCam Fusion</DESCRIPTION>
<HARDWAREID>USB\Vid_046d&amp;Pid_08c1&amp;Rev_0005&amp;MI_00</HARDWAREID>
<SERVICE>LVUVC</SERVICE>
<DRIVER>lvuvc.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Logitech Microphone (Fusion)</DESCRIPTION>
<HARDWAREID>USB\Vid_046d&amp;Pid_08c1&amp;Rev_0005&amp;MI_02</HARDWAREID>
<SERVICE>usbaudio</SERVICE>
<DRIVER>usbaudio.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>USB Human Interface Device</DESCRIPTION>
<HARDWAREID>USB\Vid_046d&amp;Pid_c408&amp;Rev_1400</HARDWAREID>
<SERVICE>HidUsb</SERVICE>
<DRIVER>hidusb.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Logitech Cordless USB Trackball</DESCRIPTION>
<HARDWAREID>USB\Vid_046d&amp;Pid_c508&amp;Rev_1500</HARDWAREID>
<SERVICE>HidUsb</SERVICE>
<DRIVER>hidusb.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>USB Mass Storage Device</DESCRIPTION>
<HARDWAREID>USB\Vid_0d49&amp;Pid_7300&amp;Rev_0121</HARDWAREID>
<SERVICE>USBSTOR</SERVICE>
<DRIVER>USBSTOR.SYS</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Maxtor OneTouch</DESCRIPTION>
<HARDWAREID>USBSTOR\DiskMaxtor__OneTouch________0121</HARDWAREID>
<SERVICE>MXOPSWD</SERVICE>
<DRIVER>mxopswd.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>1394 Net Adapter</DESCRIPTION>
<HARDWAREID>V1394\NIC1394</HARDWAREID>
<SERVICE>NIC1394</SERVICE>
<DRIVER>nic1394.sys</DRIVER>
</DEVICE>
<DEVICE>
<DESCRIPTION>Logitech Driver Interface</DESCRIPTION>
<HARDWAREID>LOGITECH_RAW_PDO</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>Logitech Driver Interface</DESCRIPTION>
<HARDWAREID>LOGITECH_RAW_PDO</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>Logitech Driver Interface</DESCRIPTION>
<HARDWAREID>LOGITECH_RAW_PDO</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>Logitech Driver Interface</DESCRIPTION>
<HARDWAREID>LOGITECH_RAW_PDO</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>Logitech Driver Interface</DESCRIPTION>
<HARDWAREID>LOGITECH_RAW_PDO</HARDWAREID>
</DEVICE>
<DEVICE>
<DESCRIPTION>Disk drive</DESCRIPTION>
<HARDWAREID>{E9C3AF91-1F3B-474f-B307-1ECE7FF4AF41}\GenDisk</HARDWAREID>
<SERVICE>disk</SERVICE>
<DRIVER>disk.sys</DRIVER>
</DEVICE>
</DEVICES>
<DRIVERS>
<DRIVER>
<FILENAME>1394bus.sys</FILENAME>
<FILESIZE>53248</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:10</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>aavmker4.sys</FILENAME>
<FILESIZE>28880</FILESIZE>
<CREATIONDATE>06-07-2010 17:49:01</CREATIONDATE>
<VERSION>5.0.677.0</VERSION>
<MANUFACTURER>AVAST Software</MANUFACTURER>
<PRODUCTNAME>
avast! Antivirus System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>acpi.sys</FILENAME>
<FILESIZE>187776</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:10</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>acpiec.sys</FILENAME>
<FILESIZE>11648</FILESIZE>
<CREATIONDATE>08-12-2004 13:17:17</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>aeaudio.sys</FILENAME>
<FILESIZE>4816</FILESIZE>
<CREATIONDATE>06-30-2005 19:53:26</CREATIONDATE>
<VERSION>1.0.0.0</VERSION>
<MANUFACTURER>Andrea Electronics Corporation</MANUFACTURER>
<PRODUCTNAME>
Andrea Audio Driver</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>aec.sys</FILENAME>
<FILESIZE>142464</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:10</CREATIONDATE>
<VERSION>5.1.2601.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>afd.sys</FILENAME>
<FILESIZE>138368</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:10</CREATIONDATE>
<VERSION>5.1.2600.3427</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>amdk6.sys</FILENAME>
<FILESIZE>36992</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:10</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>amdk7.sys</FILENAME>
<FILESIZE>37376</FILESIZE>
<CREATIONDATE>03-25-2009 22:34:27</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>arp1394.sys</FILENAME>
<FILESIZE>60800</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:09</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ASPI32.SYS</FILENAME>
<FILESIZE>17005</FILESIZE>
<CREATIONDATE>06-30-2005 21:34:42</CREATIONDATE>
<VERSION>4.71.1.0</VERSION>
<MANUFACTURER>Adaptec</MANUFACTURER>
<PRODUCTNAME>
Adaptec&apos;s ASPI Layer</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>aswFsBlk.sys</FILENAME>
<FILESIZE>17744</FILESIZE>
<CREATIONDATE>06-07-2010 17:49:07</CREATIONDATE>
<VERSION>5.0.677.0</VERSION>
<MANUFACTURER>AVAST Software</MANUFACTURER>
<PRODUCTNAME>
avast! Antivirus System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>aswmon.sys</FILENAME>
<FILESIZE>94544</FILESIZE>
<CREATIONDATE>06-07-2010 17:49:01</CREATIONDATE>
<VERSION>5.0.677.0</VERSION>
<MANUFACTURER>AVAST Software</MANUFACTURER>
<PRODUCTNAME>
avast! Antivirus System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>aswmon2.sys</FILENAME>
<FILESIZE>100176</FILESIZE>
<CREATIONDATE>06-07-2010 17:49:01</CREATIONDATE>
<VERSION>5.0.677.0</VERSION>
<MANUFACTURER>AVAST Software</MANUFACTURER>
<PRODUCTNAME>
avast! Antivirus System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>aswRdr.sys</FILENAME>
<FILESIZE>23376</FILESIZE>
<CREATIONDATE>06-07-2010 17:49:05</CREATIONDATE>
<VERSION>5.0.677.0</VERSION>
<MANUFACTURER>AVAST Software</MANUFACTURER>
<PRODUCTNAME>
avast! Antivirus System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>aswSP.sys</FILENAME>
<FILESIZE>165584</FILESIZE>
<CREATIONDATE>06-07-2010 17:49:06</CREATIONDATE>
<VERSION>5.0.677.0</VERSION>
<MANUFACTURER>AVAST Software</MANUFACTURER>
<PRODUCTNAME>
avast! Antivirus System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>aswTdi.sys</FILENAME>
<FILESIZE>46672</FILESIZE>
<CREATIONDATE>06-07-2010 17:49:03</CREATIONDATE>
<VERSION>5.0.677.0</VERSION>
<MANUFACTURER>AVAST Software</MANUFACTURER>
<PRODUCTNAME>
avast! Antivirus System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>asyncmac.sys</FILENAME>
<FILESIZE>14336</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:09</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>atapi.sys</FILENAME>
<FILESIZE>95360</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:09</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ati2erec.dll</FILENAME>
<FILESIZE>53248</FILESIZE>
<CREATIONDATE>10-11-2010 20:58:26</CREATIONDATE>
<VERSION>1.0.0.18</VERSION>
<MANUFACTURER>ATI Technologies Inc.</MANUFACTURER>
<PRODUCTNAME>
eRecord</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ati2mtag.sys</FILENAME>
<FILESIZE>3565568</FILESIZE>
<CREATIONDATE>05-13-2005 02:15:07</CREATIONDATE>
<VERSION>6.14.10.6925</VERSION>
<MANUFACTURER>ATI Technologies Inc.</MANUFACTURER>
<PRODUCTNAME>
ATI Radeon WindowsNT Miniport Driver</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ativcaxx.cpa</FILENAME>
<FILESIZE>1311202</FILESIZE>
<CREATIONDATE>01-10-2007 18:32:44</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ativcaxx.vp</FILENAME>
<FILESIZE>929</FILESIZE>
<CREATIONDATE>01-10-2007 18:32:44</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ativckxx.vp</FILENAME>
<FILESIZE>2096</FILESIZE>
<CREATIONDATE>08-23-2006 22:26:56</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ativdkxx.vp</FILENAME>
<FILESIZE>2096</FILESIZE>
<CREATIONDATE>08-23-2006 22:26:56</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ativvpxx.vp</FILENAME>
<FILESIZE>47360</FILESIZE>
<CREATIONDATE>03-02-2007 21:32:36</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>atksgt.sys</FILENAME>
<FILESIZE>278984</FILESIZE>
<CREATIONDATE>02-11-2008 23:59:01</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>atmarpc.sys</FILENAME>
<FILESIZE>59904</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:09</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>atmepvc.sys</FILENAME>
<FILESIZE>31360</FILESIZE>
<CREATIONDATE>08-12-2004 13:17:27</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>atmlane.sys</FILENAME>
<FILESIZE>55936</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:09</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>atmuni.sys</FILENAME>
<FILESIZE>352256</FILESIZE>
<CREATIONDATE>08-12-2004 13:17:28</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>audstub.sys</FILENAME>
<FILESIZE>3072</FILESIZE>
<CREATIONDATE>06-30-2005 14:25:51</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>b57xp32.sys</FILENAME>
<FILESIZE>121472</FILESIZE>
<CREATIONDATE>08-23-2004 19:49:30</CREATIONDATE>
<VERSION>7.86.0.0</VERSION>
<MANUFACTURER>Broadcom Corporation</MANUFACTURER>
<PRODUCTNAME>
Broadcom NetXtreme Gigabit Ethernet Driver</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>beep.sys</FILENAME>
<FILESIZE>4224</FILESIZE>
<CREATIONDATE>08-12-2004 13:17:31</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>bridge.sys</FILENAME>
<FILESIZE>71552</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:09</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>bthport.sys</FILENAME>
<FILESIZE>272128</FILESIZE>
<CREATIONDATE>03-25-2009 22:34:10</CREATIONDATE>
<VERSION>5.1.2600.3389</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>cbidf2k.sys</FILENAME>
<FILESIZE>13952</FILESIZE>
<CREATIONDATE>08-12-2004 13:17:37</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ccdecode.sys</FILENAME>
<FILESIZE>17024</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:09</CREATIONDATE>
<VERSION>5.3.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>CDAC11BA.EXE</FILENAME>
<FILESIZE>39936</FILESIZE>
<CREATIONDATE>07-05-2010 03:18:44</CREATIONDATE>
<VERSION>4.11.0.0</VERSION>
<MANUFACTURER>C-Dilla Ltd</MANUFACTURER>
<PRODUCTNAME>
SafeCast Windows NT</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>CDAC15BA.SYS</FILENAME>
<FILESIZE>8864</FILESIZE>
<CREATIONDATE>07-05-2010 03:18:42</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>cdaudio.sys</FILENAME>
<FILESIZE>18688</FILESIZE>
<CREATIONDATE>08-17-2001 13:52:30</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>cdfs.sys</FILENAME>
<FILESIZE>63744</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:09</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>cdr4_xp.sys</FILENAME>
<FILESIZE>2432</FILESIZE>
<CREATIONDATE>06-25-2003 05:18:48</CREATIONDATE>
<VERSION>8.0.0.212</VERSION>
<MANUFACTURER>Sonic Solutions</MANUFACTURER>
<PRODUCTNAME>
Drag-to-Disc</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>cdralw2k.sys</FILENAME>
<FILESIZE>2560</FILESIZE>
<CREATIONDATE>06-25-2003 05:18:48</CREATIONDATE>
<VERSION>8.0.0.212</VERSION>
<MANUFACTURER>Sonic Solutions</MANUFACTURER>
<PRODUCTNAME>
Drag-to-Disc</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>cdrom.sys</FILENAME>
<FILESIZE>49536</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:09</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>cinemst2.sys</FILENAME>
<FILESIZE>262528</FILESIZE>
<CREATIONDATE>08-17-2001 14:02:26</CREATIONDATE>
<VERSION>5.0.0.93</VERSION>
<MANUFACTURER>RAVISENT Technologies Inc.</MANUFACTURER>
<PRODUCTNAME>
CineMaster C 1.2 WDM</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>classpnp.sys</FILENAME>
<FILESIZE>49664</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:09</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>cpqdap01.sys</FILENAME>
<FILESIZE>11776</FILESIZE>
<CREATIONDATE>08-17-2001 13:24:38</CREATIONDATE>
<VERSION>1.0.0.4</VERSION>
<MANUFACTURER>Compaq Computer Corporation</MANUFACTURER>
<PRODUCTNAME>
Compaq PA-1 Personal Audio Player</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>crusoe.sys</FILENAME>
<FILESIZE>36480</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:09</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>CVirtA.sys</FILENAME>
<FILESIZE>5220</FILESIZE>
<CREATIONDATE>12-03-2006 00:59:04</CREATIONDATE>
<VERSION>4.0.0.106</VERSION>
<MANUFACTURER>Cisco Systems, Inc.</MANUFACTURER>
<PRODUCTNAME>
Cisco Systems VPN Client</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>disk.sys</FILENAME>
<FILESIZE>36352</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:09</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>diskdump.sys</FILENAME>
<FILESIZE>14208</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:09</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>dmboot.sys</FILENAME>
<FILESIZE>799744</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:09</CREATIONDATE>
<VERSION>2600.2180.503.0</VERSION>
<MANUFACTURER>Microsoft Corp., Veritas Software</MANUFACTURER>
<PRODUCTNAME>
VERITAS® NT Disk Manager</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>dmio.sys</FILENAME>
<FILESIZE>153344</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:09</CREATIONDATE>
<VERSION>2600.2180.503.0</VERSION>
<MANUFACTURER>Microsoft Corp., Veritas Software</MANUFACTURER>
<PRODUCTNAME>
VERITAS® NT Disk Manager</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>dmload.sys</FILENAME>
<FILESIZE>5888</FILESIZE>
<CREATIONDATE>08-12-2004 13:18:41</CREATIONDATE>
<VERSION>2600.0.503.0</VERSION>
<MANUFACTURER>Microsoft Corp., Veritas Software.</MANUFACTURER>
<PRODUCTNAME>
Logical Disk Manager for Windows NT</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>dmusic.sys</FILENAME>
<FILESIZE>52864</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:09</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>dne2000.sys</FILENAME>
<FILESIZE>139604</FILESIZE>
<CREATIONDATE>12-03-2006 00:59:18</CREATIONDATE>
<VERSION>2.21.7.233</VERSION>
<MANUFACTURER>Deterministic Networks, Inc.</MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>drmk.sys</FILENAME>
<FILESIZE>60288</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:09</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>drmkaud.sys</FILENAME>
<FILESIZE>2944</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:09</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>DVDVRRdr_xp.sys</FILENAME>
<FILESIZE>146560</FILESIZE>
<CREATIONDATE>06-25-2003 05:18:48</CREATIONDATE>
<VERSION>6.1.1.7</VERSION>
<MANUFACTURER>Roxio</MANUFACTURER>
<PRODUCTNAME>
Drag-to-Disc</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>dxapi.sys</FILENAME>
<FILESIZE>10496</FILESIZE>
<CREATIONDATE>08-12-2004 13:18:57</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>dxg.sys</FILENAME>
<FILESIZE>71040</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:09</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>dxgthk.sys</FILENAME>
<FILESIZE>3328</FILESIZE>
<CREATIONDATE>08-12-2004 13:18:58</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>enodpl.sys</FILENAME>
<FILESIZE>7552</FILESIZE>
<CREATIONDATE>03-06-2006 11:24:51</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>entech.sys</FILENAME>
<FILESIZE>20400</FILESIZE>
<CREATIONDATE>09-01-2007 23:00:21</CREATIONDATE>
<VERSION>5.0.1.1</VERSION>
<MANUFACTURER>EnTech Taiwan</MANUFACTURER>
<PRODUCTNAME>
PowerStrip</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>enum1394.sys</FILENAME>
<FILESIZE>6400</FILESIZE>
<CREATIONDATE>07-17-2005 17:52:05</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>fastfat.sys</FILENAME>
<FILESIZE>143360</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>fdc.sys</FILENAME>
<FILESIZE>27392</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>fips.sys</FILENAME>
<FILESIZE>34944</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>flpydisk.sys</FILENAME>
<FILESIZE>20480</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>fltmgr.sys</FILENAME>
<FILESIZE>128896</FILESIZE>
<CREATIONDATE>03-25-2009 22:34:11</CREATIONDATE>
<VERSION>5.1.2600.2978</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>fsvga.sys</FILENAME>
<FILESIZE>12160</FILESIZE>
<CREATIONDATE>08-17-2001 13:57:26</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>fs_rec.sys</FILENAME>
<FILESIZE>7936</FILESIZE>
<CREATIONDATE>08-12-2004 13:19:16</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ftdisk.sys</FILENAME>
<FILESIZE>125056</FILESIZE>
<CREATIONDATE>08-12-2004 13:19:16</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>GEARAspiWDM.sys</FILENAME>
<FILESIZE>26600</FILESIZE>
<CREATIONDATE>01-29-2008 17:01:28</CREATIONDATE>
<VERSION>2.2.0.1</VERSION>
<MANUFACTURER>GEAR Software Inc.</MANUFACTURER>
<PRODUCTNAME>
CD DVD Filter</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>gm.dls</FILENAME>
<FILESIZE>3440660</FILESIZE>
<CREATIONDATE>08-12-2004 13:19:24</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>gmreadme.txt</FILENAME>
<FILESIZE>646</FILESIZE>
<CREATIONDATE>08-12-2004 13:19:24</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>hidclass.sys</FILENAME>
<FILESIZE>36224</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>hidparse.sys</FILENAME>
<FILESIZE>24960</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>hidusb.sys</FILENAME>
<FILESIZE>9600</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>hotcore3.sys</FILENAME>
<FILESIZE>40496</FILESIZE>
<CREATIONDATE>04-09-2009 07:16:46</CREATIONDATE>
<VERSION>9.0.9.7525</VERSION>
<MANUFACTURER>Paragon Software Group</MANUFACTURER>
<PRODUCTNAME>
Paragon System Utilities</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>http.sys</FILENAME>
<FILESIZE>262784</FILESIZE>
<CREATIONDATE>03-25-2009 22:34:25</CREATIONDATE>
<VERSION>5.1.2600.2869</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>imapi.sys</FILENAME>
<FILESIZE>41856</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>intelide.sys</FILENAME>
<FILESIZE>5504</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>intelppm.sys</FILENAME>
<FILESIZE>36096</FILESIZE>
<CREATIONDATE>03-25-2009 22:34:27</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ip6fw.sys</FILENAME>
<FILESIZE>29056</FILESIZE>
<CREATIONDATE>03-25-2009 22:34:14</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ipfltdrv.sys</FILENAME>
<FILESIZE>32896</FILESIZE>
<CREATIONDATE>08-12-2004 13:20:09</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ipinip.sys</FILENAME>
<FILESIZE>20992</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ipnat.sys</FILENAME>
<FILESIZE>134912</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2524</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ipsec.sys</FILENAME>
<FILESIZE>74752</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>irenum.sys</FILENAME>
<FILESIZE>11264</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>isapnp.sys</FILENAME>
<FILESIZE>35840</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>jl2005c.sys</FILENAME>
<FILESIZE>68954</FILESIZE>
<CREATIONDATE>01-27-2007 02:09:40</CREATIONDATE>
<VERSION>5.0.2195.1</VERSION>
<MANUFACTURER>Windows ® 2000 DDK provider</MANUFACTURER>
<PRODUCTNAME>
Windows ® 2000 DDK driver</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>kbdclass.sys</FILENAME>
<FILESIZE>24576</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>kbdhid.sys</FILENAME>
<FILESIZE>14848</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>kmixer.sys</FILENAME>
<FILESIZE>172416</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2929</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ks.sys</FILENAME>
<FILESIZE>140928</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.3.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ksecdd.sys</FILENAME>
<FILESIZE>92032</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>L8042PR2.SYS</FILENAME>
<FILESIZE>51486</FILESIZE>
<CREATIONDATE>11-13-2005 05:22:25</CREATIONDATE>
<VERSION>9.79.16.0</VERSION>
<MANUFACTURER>Logitech, Inc.</MANUFACTURER>
<PRODUCTNAME>
Logitech MouseWare™</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>LCCFLTR.SYS</FILENAME>
<FILESIZE>14092</FILESIZE>
<CREATIONDATE>11-13-2005 05:22:25</CREATIONDATE>
<VERSION>9.79.200.0</VERSION>
<MANUFACTURER>Logitech, Inc.</MANUFACTURER>
<PRODUCTNAME>
Logitech iTouch™</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>LHidFilt.Sys</FILENAME>
<FILESIZE>35344</FILESIZE>
<CREATIONDATE>11-29-2007 07:17:48</CREATIONDATE>
<VERSION>4.60.42.0</VERSION>
<MANUFACTURER>Logitech, Inc.</MANUFACTURER>
<PRODUCTNAME>
Logitech SetPoint™</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>LHidFlt2.Sys</FILENAME>
<FILESIZE>25502</FILESIZE>
<CREATIONDATE>11-13-2005 05:22:25</CREATIONDATE>
<VERSION>9.79.16.0</VERSION>
<MANUFACTURER>Logitech, Inc.</MANUFACTURER>
<PRODUCTNAME>
Logitech MouseWare™</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>LHidUsb.sys</FILENAME>
<FILESIZE>37884</FILESIZE>
<CREATIONDATE>11-13-2005 05:22:25</CREATIONDATE>
<VERSION>9.79.200.0</VERSION>
<MANUFACTURER>Logitech, Inc.</MANUFACTURER>
<PRODUCTNAME>
Logitech iTouch™</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>libusb0.sys</FILENAME>
<FILESIZE>21504</FILESIZE>
<CREATIONDATE>11-03-2010 18:09:58</CREATIONDATE>
<VERSION>1.1.14.0</VERSION>
<MANUFACTURER>http://libusb-win32....</MANUFACTURER>
<PRODUCTNAME>
LibUSB-Win32 - Kernel Driver</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>lirsgt.sys</FILENAME>
<FILESIZE>25416</FILESIZE>
<CREATIONDATE>02-11-2008 23:59:01</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>LMouFilt.Sys</FILENAME>
<FILESIZE>36880</FILESIZE>
<CREATIONDATE>11-29-2007 07:17:56</CREATIONDATE>
<VERSION>4.60.42.0</VERSION>
<MANUFACTURER>Logitech, Inc.</MANUFACTURER>
<PRODUCTNAME>
Logitech SetPoint™</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>LMouFlt2.Sys</FILENAME>
<FILESIZE>70798</FILESIZE>
<CREATIONDATE>11-13-2005 05:22:26</CREATIONDATE>
<VERSION>9.79.16.0</VERSION>
<MANUFACTURER>Logitech, Inc.</MANUFACTURER>
<PRODUCTNAME>
Logitech MouseWare™</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>LUsbFilt.sys</FILENAME>
<FILESIZE>28944</FILESIZE>
<CREATIONDATE>11-29-2007 07:18:12</CREATIONDATE>
<VERSION>4.60.42.0</VERSION>
<MANUFACTURER>Logitech, Inc.</MANUFACTURER>
<PRODUCTNAME>
Logitech SetPoint™</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>LVFaL000.cfg</FILENAME>
<FILESIZE>69592</FILESIZE>
<CREATIONDATE>07-26-2008 12:44:30</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>LVFeL000.cfg</FILENAME>
<FILESIZE>227172</FILESIZE>
<CREATIONDATE>07-26-2008 12:44:30</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>LVFeL001.cfg</FILENAME>
<FILESIZE>146680</FILESIZE>
<CREATIONDATE>07-26-2008 12:44:30</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>LVFeL002.cfg</FILENAME>
<FILESIZE>85302</FILESIZE>
<CREATIONDATE>07-26-2008 12:44:30</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>lvpopflt.sys</FILENAME>
<FILESIZE>1921184</FILESIZE>
<CREATIONDATE>05-11-2007 23:30:04</CREATIONDATE>
<VERSION>11.0.0.1217</VERSION>
<MANUFACTURER>Logitech Inc.</MANUFACTURER>
<PRODUCTNAME>
Logitech QuickCam</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>LVPr2Mon.sys</FILENAME>
<FILESIZE>25624</FILESIZE>
<CREATIONDATE>07-26-2008 13:25:02</CREATIONDATE>
<VERSION>11.80.1048.0</VERSION>
<MANUFACTURER>Logitech Inc.</MANUFACTURER>
<PRODUCTNAME>
Logitech QuickCam</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>LVUSBSta.sys</FILENAME>
<FILESIZE>41888</FILESIZE>
<CREATIONDATE>05-11-2007 22:31:22</CREATIONDATE>
<VERSION>11.0.0.1217</VERSION>
<MANUFACTURER>Logitech Inc.</MANUFACTURER>
<PRODUCTNAME>
Logitech QuickCam</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>lvuvc.hs</FILENAME>
<FILESIZE>0</FILESIZE>
<CREATIONDATE>08-14-2009 03:58:57</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>lvuvc.sys</FILENAME>
<FILESIZE>3580832</FILESIZE>
<CREATIONDATE>05-11-2007 22:31:36</CREATIONDATE>
<VERSION>11.0.0.1217</VERSION>
<MANUFACTURER>Logitech Inc.</MANUFACTURER>
<PRODUCTNAME>
Logitech QuickCam</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>mbam.sys</FILENAME>
<FILESIZE>20952</FILESIZE>
<CREATIONDATE>01-28-2011 22:59:54</CREATIONDATE>
<VERSION>1.50.1.0</VERSION>
<MANUFACTURER>Malwarebytes Corporation</MANUFACTURER>
<PRODUCTNAME>
Malwarebytes&apos; Anti-Malware</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>mbamswissarmy.sys</FILENAME>
<FILESIZE>38224</FILESIZE>
<CREATIONDATE>01-28-2011 23:00:07</CREATIONDATE>
<VERSION>1.50.1.0</VERSION>
<MANUFACTURER>Malwarebytes Corporation</MANUFACTURER>
<PRODUCTNAME>
Malwarebytes&apos; Anti-Malware</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>mcd.sys</FILENAME>
<FILESIZE>7680</FILESIZE>
<CREATIONDATE>08-12-2004 13:21:24</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>mf.sys</FILENAME>
<FILESIZE>63744</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>mnmdd.sys</FILENAME>
<FILESIZE>4224</FILESIZE>
<CREATIONDATE>08-12-2004 13:22:11</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>modem.sys</FILENAME>
<FILESIZE>30080</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>mouclass.sys</FILENAME>
<FILESIZE>23040</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>mouhid.sys</FILENAME>
<FILESIZE>12160</FILESIZE>
<CREATIONDATE>08-17-2001 13:48:00</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>mountmgr.sys</FILENAME>
<FILESIZE>42240</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>mqac.sys</FILENAME>
<FILESIZE>72960</FILESIZE>
<CREATIONDATE>03-25-2009 22:34:06</CREATIONDATE>
<VERSION>5.1.0.1109</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft Message Queue</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>mrxdav.sys</FILENAME>
<FILESIZE>179584</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.3276</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>mrxsmb.sys</FILENAME>
<FILESIZE>453632</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.3467</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>msfs.sys</FILENAME>
<FILESIZE>19072</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf</FILENAME>
<FILESIZE>0</FILESIZE>
<CREATIONDATE>04-15-2008 23:08:13</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>Msft_Kernel_LMouFilt_01005.Wdf</FILENAME>
<FILESIZE>0</FILESIZE>
<CREATIONDATE>04-15-2008 23:08:59</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>Msft_Kernel_LUsbFilt_01005.Wdf</FILENAME>
<FILESIZE>0</FILESIZE>
<CREATIONDATE>04-15-2008 23:08:27</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>msgpc.sys</FILENAME>
<FILESIZE>35072</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>mskssrv.sys</FILENAME>
<FILESIZE>7552</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:08</CREATIONDATE>
<VERSION>5.3.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>mspclock.sys</FILENAME>
<FILESIZE>5376</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:07</CREATIONDATE>
<VERSION>5.3.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>mspqm.sys</FILENAME>
<FILESIZE>4992</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:07</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>mssmbios.sys</FILENAME>
<FILESIZE>15488</FILESIZE>
<CREATIONDATE>03-25-2009 22:34:27</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>mstee.sys</FILENAME>
<FILESIZE>5504</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:07</CREATIONDATE>
<VERSION>5.3.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>mup.sys</FILENAME>
<FILESIZE>107904</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:07</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>mxopswd.sys</FILENAME>
<FILESIZE>22152</FILESIZE>
<CREATIONDATE>05-03-2007 19:37:08</CREATIONDATE>
<VERSION>1.0.8.0</VERSION>
<MANUFACTURER>Maxtor Corp.</MANUFACTURER>
<PRODUCTNAME>
Maxtor Corp. 1394/USB Onetouch Storage</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>nabtsfec.sys</FILENAME>
<FILESIZE>85376</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:07</CREATIONDATE>
<VERSION>5.3.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ndis.sys</FILENAME>
<FILESIZE>182912</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:07</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ndisip.sys</FILENAME>
<FILESIZE>10880</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:06</CREATIONDATE>
<VERSION>5.3.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ndistapi.sys</FILENAME>
<FILESIZE>9600</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:06</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ndisuio.sys</FILENAME>
<FILESIZE>12928</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:06</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ndiswan.sys</FILENAME>
<FILESIZE>91776</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:06</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ndproxy.sys</FILENAME>
<FILESIZE>38016</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:06</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>netbios.sys</FILENAME>
<FILESIZE>34560</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:06</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>netbt.sys</FILENAME>
<FILESIZE>162816</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:06</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>nic1394.sys</FILENAME>
<FILESIZE>61824</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:06</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>nikedrv.sys</FILENAME>
<FILESIZE>12032</FILESIZE>
<CREATIONDATE>08-17-2001 13:24:44</CREATIONDATE>
<VERSION>1.1.0.0</VERSION>
<MANUFACTURER>S3/Diamond Multimedia Systems</MANUFACTURER>
<PRODUCTNAME>
NikeDrv</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>nmnt.sys</FILENAME>
<FILESIZE>40320</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:06</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>npfs.sys</FILENAME>
<FILESIZE>30848</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:05</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ntfs.sys</FILENAME>
<FILESIZE>574464</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:05</CREATIONDATE>
<VERSION>5.1.2600.3081</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>null.sys</FILENAME>
<FILESIZE>2944</FILESIZE>
<CREATIONDATE>08-12-2004 13:25:18</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>nwlnkflt.sys</FILENAME>
<FILESIZE>12416</FILESIZE>
<CREATIONDATE>08-12-2004 13:25:22</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>nwlnkfwd.sys</FILENAME>
<FILESIZE>32512</FILESIZE>
<CREATIONDATE>08-12-2004 13:25:23</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>nwlnkipx.sys</FILENAME>
<FILESIZE>88448</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:05</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>nwlnknb.sys</FILENAME>
<FILESIZE>63232</FILESIZE>
<CREATIONDATE>08-12-2004 13:25:23</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>nwlnkspx.sys</FILENAME>
<FILESIZE>55936</FILESIZE>
<CREATIONDATE>08-12-2004 13:25:23</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>nwrdr.sys</FILENAME>
<FILESIZE>163584</FILESIZE>
<CREATIONDATE>03-25-2009 22:34:05</CREATIONDATE>
<VERSION>5.1.2600.3015</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ohci1394.sys</FILENAME>
<FILESIZE>61056</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:05</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>oprghdlr.sys</FILENAME>
<FILESIZE>3456</FILESIZE>
<CREATIONDATE>08-12-2004 13:25:48</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>p3.sys</FILENAME>
<FILESIZE>42496</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:05</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>PalmUSBD.sys</FILENAME>
<FILESIZE>16509</FILESIZE>
<CREATIONDATE>04-13-2004 22:03:46</CREATIONDATE>
<VERSION>1.4.0.0</VERSION>
<MANUFACTURER>Palm, Inc.</MANUFACTURER>
<PRODUCTNAME>
HotSync® Manager</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>parport.sys</FILENAME>
<FILESIZE>80128</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:05</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>partmgr.sys</FILENAME>
<FILESIZE>18688</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:05</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>parvdm.sys</FILENAME>
<FILESIZE>6784</FILESIZE>
<CREATIONDATE>08-12-2004 13:25:57</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>pci.sys</FILENAME>
<FILESIZE>68224</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:05</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>pciide.sys</FILENAME>
<FILESIZE>3328</FILESIZE>
<CREATIONDATE>08-12-2004 13:26:00</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>pciidex.sys</FILENAME>
<FILESIZE>25088</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:05</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>pcmcia.sys</FILENAME>
<FILESIZE>119936</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:05</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>PnkBstrK.sys</FILENAME>
<FILESIZE>138576</FILESIZE>
<CREATIONDATE>04-02-2008 23:08:43</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>portcls.sys</FILENAME>
<FILESIZE>145792</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:04</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>processr.sys</FILENAME>
<FILESIZE>35328</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:04</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>prodrv06.sys</FILENAME>
<FILESIZE>53920</FILESIZE>
<CREATIONDATE>08-09-2004 11:29:28</CREATIONDATE>
<VERSION>6.49.0.0</VERSION>
<MANUFACTURER>Protection Technology</MANUFACTURER>
<PRODUCTNAME>
StarForce Protection System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>prohlp02.sys</FILENAME>
<FILESIZE>114016</FILESIZE>
<CREATIONDATE>08-09-2004 11:33:26</CREATIONDATE>
<VERSION>2.49.0.0</VERSION>
<MANUFACTURER>Protection Technology</MANUFACTURER>
<PRODUCTNAME>
StarForce Protection System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>prosync1.sys</FILENAME>
<FILESIZE>7040</FILESIZE>
<CREATIONDATE>07-19-2004 14:49:54</CREATIONDATE>
<VERSION>1.6.0.0</VERSION>
<MANUFACTURER>Protection Technology</MANUFACTURER>
<PRODUCTNAME>
StarForce Protection System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>psched.sys</FILENAME>
<FILESIZE>69120</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:04</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>psmounter.sys</FILENAME>
<FILESIZE>31712</FILESIZE>
<CREATIONDATE>07-08-2008 17:39:28</CREATIONDATE>
<VERSION>4.2.2010.1</VERSION>
<MANUFACTURER>Macrium Software</MANUFACTURER>
<PRODUCTNAME>
PSMounter</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>pssnap.sys</FILENAME>
<FILESIZE>15328</FILESIZE>
<CREATIONDATE>05-20-2008 14:32:40</CREATIONDATE>
<VERSION>4.2.2010.1</VERSION>
<MANUFACTURER>Macrium Software</MANUFACTURER>
<PRODUCTNAME>
pssnap Application</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ptilink.sys</FILENAME>
<FILESIZE>17792</FILESIZE>
<CREATIONDATE>08-12-2004 13:26:42</CREATIONDATE>
<VERSION>1.1.0.0</VERSION>
<MANUFACTURER>Parallel Technologies, Inc.</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>pxhelp20.sys</FILENAME>
<FILESIZE>44944</FILESIZE>
<CREATIONDATE>07-31-2008 22:17:04</CREATIONDATE>
<VERSION>3.0.83.0</VERSION>
<MANUFACTURER>Sonic Solutions</MANUFACTURER>
<PRODUCTNAME>
PxHelp20</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>rasacd.sys</FILENAME>
<FILESIZE>8832</FILESIZE>
<CREATIONDATE>08-12-2004 13:26:54</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>rasl2tp.sys</FILENAME>
<FILESIZE>51328</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:04</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>raspppoe.sys</FILENAME>
<FILESIZE>41472</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:03</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>raspptp.sys</FILENAME>
<FILESIZE>48384</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:03</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>raspti.sys</FILENAME>
<FILESIZE>16512</FILESIZE>
<CREATIONDATE>08-12-2004 13:26:59</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>rawwan.sys</FILENAME>
<FILESIZE>34432</FILESIZE>
<CREATIONDATE>08-12-2004 13:27:01</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>rdbss.sys</FILENAME>
<FILESIZE>174592</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:03</CREATIONDATE>
<VERSION>5.1.2600.2902</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>rdpcdd.sys</FILENAME>
<FILESIZE>4224</FILESIZE>
<CREATIONDATE>08-12-2004 13:27:03</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>rdpdr.sys</FILENAME>
<FILESIZE>196864</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:03</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>rdpwd.sys</FILENAME>
<FILESIZE>139528</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:03</CREATIONDATE>
<VERSION>5.1.2600.2695</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>redbook.sys</FILENAME>
<FILESIZE>57472</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:03</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>rio8drv.sys</FILENAME>
<FILESIZE>12032</FILESIZE>
<CREATIONDATE>08-17-2001 13:24:46</CREATIONDATE>
<VERSION>1.1.0.0</VERSION>
<MANUFACTURER>S3/Diamond Multimedia Systems</MANUFACTURER>
<PRODUCTNAME>
Rio8Drv</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>riodrv.sys</FILENAME>
<FILESIZE>12032</FILESIZE>
<CREATIONDATE>08-17-2001 13:24:46</CREATIONDATE>
<VERSION>1.1.0.0</VERSION>
<MANUFACTURER>S3/Diamond Multimedia Systems</MANUFACTURER>
<PRODUCTNAME>
RioDrv</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>rmcast.sys</FILENAME>
<FILESIZE>202752</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:02</CREATIONDATE>
<VERSION>5.1.2600.3369</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>rndismp.sys</FILENAME>
<FILESIZE>30080</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:02</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>rootmdm.sys</FILENAME>
<FILESIZE>5888</FILESIZE>
<CREATIONDATE>08-12-2004 13:27:22</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>SaiBus.sys</FILENAME>
<FILESIZE>35200</FILESIZE>
<CREATIONDATE>03-25-2006 04:45:39</CREATIONDATE>
<VERSION>6.0.10.7</VERSION>
<MANUFACTURER>Saitek</MANUFACTURER>
<PRODUCTNAME>
Configuration Software</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>SaiH040C.sys</FILENAME>
<FILESIZE>132232</FILESIZE>
<CREATIONDATE>03-25-2006 04:36:37</CREATIONDATE>
<VERSION>6.0.4.1</VERSION>
<MANUFACTURER>Saitek</MANUFACTURER>
<PRODUCTNAME>
Configuration Software</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>SaiMini.sys</FILENAME>
<FILESIZE>14080</FILESIZE>
<CREATIONDATE>03-25-2006 04:46:34</CREATIONDATE>
<VERSION>6.0.10.7</VERSION>
<MANUFACTURER>Saitek</MANUFACTURER>
<PRODUCTNAME>
Configuration Software</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>SaiU040C.sys</FILENAME>
<FILESIZE>28416</FILESIZE>
<CREATIONDATE>03-25-2006 04:36:39</CREATIONDATE>
<VERSION>6.0.4.1</VERSION>
<MANUFACTURER>Saitek</MANUFACTURER>
<PRODUCTNAME>
Configuration Software</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>sbp2port.sys</FILENAME>
<FILESIZE>43136</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:02</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>SBREDrv.sys</FILENAME>
<FILESIZE>95024</FILESIZE>
<CREATIONDATE>06-01-2010 20:10:41</CREATIONDATE>
<VERSION>3.1.2839.0</VERSION>
<MANUFACTURER>Sunbelt Software</MANUFACTURER>
<PRODUCTNAME>
CounterSpy</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>scsiport.sys</FILENAME>
<FILESIZE>96256</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:02</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>sdbus.sys</FILENAME>
<FILESIZE>67584</FILESIZE>
<CREATIONDATE>03-25-2009 22:34:27</CREATIONDATE>
<VERSION>6.0.4069.1</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>secdrv.sys</FILENAME>
<FILESIZE>20480</FILESIZE>
<CREATIONDATE>08-12-2004 13:27:58</CREATIONDATE>
<VERSION>4.3.86.0</VERSION>
<MANUFACTURER>Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.</MANUFACTURER>
<PRODUCTNAME>
Macrovision SECURITY Driver</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>serenum.sys</FILENAME>
<FILESIZE>15488</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:02</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>serial.sys</FILENAME>
<FILESIZE>64896</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:02</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>sfdrv01.sys</FILENAME>
<FILESIZE>51200</FILESIZE>
<CREATIONDATE>03-26-2006 12:22:14</CREATIONDATE>
<VERSION>1.43.0.0</VERSION>
<MANUFACTURER>Protection Technology (StarForce)</MANUFACTURER>
<PRODUCTNAME>
SF FrontLine</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>sffdisk.sys</FILENAME>
<FILESIZE>11136</FILESIZE>
<CREATIONDATE>03-25-2009 22:34:27</CREATIONDATE>
<VERSION>6.0.4069.1</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>sffp_sd.sys</FILENAME>
<FILESIZE>10240</FILESIZE>
<CREATIONDATE>03-25-2009 22:34:27</CREATIONDATE>
<VERSION>6.0.4069.1</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>sfhlp01.sys</FILENAME>
<FILESIZE>4832</FILESIZE>
<CREATIONDATE>12-01-2003 15:20:52</CREATIONDATE>
<VERSION>1.5.0.0</VERSION>
<MANUFACTURER>Protection Technology</MANUFACTURER>
<PRODUCTNAME>
StarForce Protection System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>sfhlp02.sys</FILENAME>
<FILESIZE>6656</FILESIZE>
<CREATIONDATE>03-13-2006 09:38:23</CREATIONDATE>
<VERSION>2.5.0.0</VERSION>
<MANUFACTURER>Protection Technology (StarForce)</MANUFACTURER>
<PRODUCTNAME>
SF FrontLine</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>sfloppy.sys</FILENAME>
<FILESIZE>11392</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:01</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>sfsync02.sys</FILENAME>
<FILESIZE>19968</FILESIZE>
<CREATIONDATE>08-10-2005 14:06:28</CREATIONDATE>
<VERSION>2.12.0.0</VERSION>
<MANUFACTURER>Protection Technology</MANUFACTURER>
<PRODUCTNAME>
StarForce Protection System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>SIODRV.SYS</FILENAME>
<FILESIZE>7424</FILESIZE>
<CREATIONDATE>07-31-2006 00:29:45</CREATIONDATE>
<VERSION>1.0.0.0</VERSION>
<MANUFACTURER>Intel Corporation</MANUFACTURER>
<PRODUCTNAME>
Intel® Active Monitor</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>slip.sys</FILENAME>
<FILESIZE>11136</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:01</CREATIONDATE>
<VERSION>5.3.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>smclib.sys</FILENAME>
<FILESIZE>14592</FILESIZE>
<CREATIONDATE>08-12-2004 13:28:54</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>smsens.sys</FILENAME>
<FILESIZE>3744</FILESIZE>
<CREATIONDATE>06-30-2005 19:53:26</CREATIONDATE>
<VERSION>5.12.1.0</VERSION>
<MANUFACTURER>Analog Devices, Inc.</MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>smwdm.sys</FILENAME>
<FILESIZE>612352</FILESIZE>
<CREATIONDATE>06-30-2005 19:53:26</CREATIONDATE>
<VERSION>5.12.1.4060</VERSION>
<MANUFACTURER>Analog Devices, Inc.</MANUFACTURER>
<PRODUCTNAME>
SoundMAX Digital Audio Driver</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>sonydcam.sys</FILENAME>
<FILESIZE>25472</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:01</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>splitter.sys</FILENAME>
<FILESIZE>6400</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:01</CREATIONDATE>
<VERSION>5.1.2600.2929</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>sptd.sys</FILENAME>
<FILESIZE>717296</FILESIZE>
<CREATIONDATE>07-04-2006 03:55:14</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>sr.sys</FILENAME>
<FILESIZE>73472</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:01</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>srv.sys</FILENAME>
<FILESIZE>333184</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:01</CREATIONDATE>
<VERSION>5.1.2600.3491</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>StarPortLite.sys</FILENAME>
<FILESIZE>95592</FILESIZE>
<CREATIONDATE>01-12-2009 01:56:30</CREATIONDATE>
<VERSION>3.6.8.1113</VERSION>
<MANUFACTURER>Rocket Division Software</MANUFACTURER>
<PRODUCTNAME>
StarPort Storage Controller</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>StMp3Rec.sys</FILENAME>
<FILESIZE>38229</FILESIZE>
<CREATIONDATE>11-21-2005 09:08:17</CREATIONDATE>
<VERSION>1.551.0.139</VERSION>
<MANUFACTURER>Generic</MANUFACTURER>
<PRODUCTNAME>
Generic MP3 Player</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>stream.sys</FILENAME>
<FILESIZE>48640</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:01</CREATIONDATE>
<VERSION>5.3.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>streamip.sys</FILENAME>
<FILESIZE>15360</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:00</CREATIONDATE>
<VERSION>5.3.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>swenum.sys</FILENAME>
<FILESIZE>4352</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:00</CREATIONDATE>
<VERSION>5.3.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>swmidi.sys</FILENAME>
<FILESIZE>54272</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:00</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>sysaudio.sys</FILENAME>
<FILESIZE>60800</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:00</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>tandpl.sys</FILENAME>
<FILESIZE>4736</FILESIZE>
<CREATIONDATE>03-06-2006 11:24:50</CREATIONDATE>
<VERSION>0.0.0.0</VERSION>
<MANUFACTURER></MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>tape.sys</FILENAME>
<FILESIZE>14976</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:00</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>tcpip.sys</FILENAME>
<FILESIZE>360320</FILESIZE>
<CREATIONDATE>03-25-2009 22:32:00</CREATIONDATE>
<VERSION>5.1.2600.3394</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>tcpip6.sys</FILENAME>
<FILESIZE>225920</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:59</CREATIONDATE>
<VERSION>5.1.2600.3394</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>tdi.sys</FILENAME>
<FILESIZE>18560</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:59</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>tdpipe.sys</FILENAME>
<FILESIZE>12040</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:59</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>tdtcp.sys</FILENAME>
<FILESIZE>21896</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:59</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>termdd.sys</FILENAME>
<FILESIZE>40840</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:59</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>tosdvd.sys</FILENAME>
<FILESIZE>51712</FILESIZE>
<CREATIONDATE>08-17-2001 14:01:34</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>tsbvcap.sys</FILENAME>
<FILESIZE>21376</FILESIZE>
<CREATIONDATE>08-17-2001 14:06:22</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Toshiba Corporation</MANUFACTURER>
<PRODUCTNAME>
WDM Toshiba Tecra Video Capture Driver</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>tunmp.sys</FILENAME>
<FILESIZE>12416</FILESIZE>
<CREATIONDATE>03-25-2009 22:34:27</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>udfs.sys</FILENAME>
<FILESIZE>66176</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:59</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>UimBus.sys</FILENAME>
<FILESIZE>32056</FILESIZE>
<CREATIONDATE>12-13-2008 19:47:38</CREATIONDATE>
<VERSION>5.0.2195.1624</VERSION>
<MANUFACTURER>Windows ® 2000 DDK provider</MANUFACTURER>
<PRODUCTNAME>
Paragon Image Mounter</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>UimFIO.sys</FILENAME>
<FILESIZE>216648</FILESIZE>
<CREATIONDATE>12-13-2008 19:47:38</CREATIONDATE>
<VERSION>1.0.0.1</VERSION>
<MANUFACTURER>Paragon</MANUFACTURER>
<PRODUCTNAME>
</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>Uim_IM.sys</FILENAME>
<FILESIZE>129896</FILESIZE>
<CREATIONDATE>12-13-2008 19:47:38</CREATIONDATE>
<VERSION>1.0.0.3</VERSION>
<MANUFACTURER>Paragon</MANUFACTURER>
<PRODUCTNAME>
Paragon Image Mounter</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>update.sys</FILENAME>
<FILESIZE>364160</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:58</CREATIONDATE>
<VERSION>5.1.2600.3124</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>usb8023.sys</FILENAME>
<FILESIZE>12672</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:58</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>usbaapl.sys</FILENAME>
<FILESIZE>41984</FILESIZE>
<CREATIONDATE>03-24-2009 05:08:26</CREATIONDATE>
<VERSION>1.49.0.0</VERSION>
<MANUFACTURER>Apple, Inc.</MANUFACTURER>
<PRODUCTNAME>
Apple Mobile Device USB Driver</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>USBAUDIO.sys</FILENAME>
<FILESIZE>40272</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:58</CREATIONDATE>
<VERSION>4.10.0.2222</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>usbbc2.sys</FILENAME>
<FILESIZE>8960</FILESIZE>
<CREATIONDATE>08-18-2005 00:47:39</CREATIONDATE>
<VERSION>2.0.0.20</VERSION>
<MANUFACTURER>Prolific Technology Inc.</MANUFACTURER>
<PRODUCTNAME>
High Speed USB-USB Bridge Cable Driver</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>usbcamd.sys</FILENAME>
<FILESIZE>23808</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:58</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>usbcamd2.sys</FILENAME>
<FILESIZE>23936</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:58</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>usbccgp.sys</FILENAME>
<FILESIZE>31616</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:58</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>usbd.sys</FILENAME>
<FILESIZE>4736</FILESIZE>
<CREATIONDATE>08-12-2004 13:31:49</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>usbehci.sys</FILENAME>
<FILESIZE>26624</FILESIZE>
<CREATIONDATE>03-25-2009 22:34:10</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>usbhub.sys</FILENAME>
<FILESIZE>57600</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:58</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>usbintel.sys</FILENAME>
<FILESIZE>16000</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:57</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>usbport.sys</FILENAME>
<FILESIZE>142976</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:57</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>usbscan.sys</FILENAME>
<FILESIZE>15104</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:57</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>usbstor.sys</FILENAME>
<FILESIZE>26496</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:57</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>usbuhci.sys</FILENAME>
<FILESIZE>20480</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:57</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>vaxscsi.sys</FILENAME>
<FILESIZE>223128</FILESIZE>
<CREATIONDATE>07-04-2006 03:59:24</CREATIONDATE>
<VERSION>4.3.0.0</VERSION>
<MANUFACTURER>Alcohol Soft Co., Ltd.</MANUFACTURER>
<PRODUCTNAME>
Alcohol</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>vdmindvd.sys</FILENAME>
<FILESIZE>58112</FILESIZE>
<CREATIONDATE>08-17-2001 14:02:14</CREATIONDATE>
<VERSION>5.0.0.74</VERSION>
<MANUFACTURER>RAVISENT Technologies Inc.</MANUFACTURER>
<PRODUCTNAME>
CineMaster C WDM</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>vga.sys</FILENAME>
<FILESIZE>20992</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:57</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>videoprt.sys</FILENAME>
<FILESIZE>79744</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:57</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>volsnap.sys</FILENAME>
<FILESIZE>52352</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:56</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>wacmoumonitor.sys</FILENAME>
<FILESIZE>16240</FILESIZE>
<CREATIONDATE>07-30-2010 19:56:25</CREATIONDATE>
<VERSION>2.1.0.4</VERSION>
<MANUFACTURER>Wacom Technology</MANUFACTURER>
<PRODUCTNAME>
Wacom Mouse Filter Driver</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>wacommousefilter.sys</FILENAME>
<FILESIZE>11312</FILESIZE>
<CREATIONDATE>07-30-2010 19:56:49</CREATIONDATE>
<VERSION>1.2.2.0</VERSION>
<MANUFACTURER>Wacom Technology</MANUFACTURER>
<PRODUCTNAME>
Wacom Mouse Filter Driver</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>wacomvhid.sys</FILENAME>
<FILESIZE>14120</FILESIZE>
<CREATIONDATE>07-30-2010 19:56:31</CREATIONDATE>
<VERSION>2.9.2.4</VERSION>
<MANUFACTURER>Wacom Technology</MANUFACTURER>
<PRODUCTNAME>
Wacom Virtual HID Driver</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>wanarp.sys</FILENAME>
<FILESIZE>34560</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:56</CREATIONDATE>
<VERSION>5.1.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>wdf01000.sys</FILENAME>
<FILESIZE>492000</FILESIZE>
<CREATIONDATE>11-02-2006 12:22:54</CREATIONDATE>
<VERSION>1.5.6000.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>wdfldr.sys</FILENAME>
<FILESIZE>32224</FILESIZE>
<CREATIONDATE>11-02-2006 12:22:52</CREATIONDATE>
<VERSION>1.5.6000.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>wdmaud.sys</FILENAME>
<FILESIZE>82944</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:56</CREATIONDATE>
<VERSION>5.1.2600.2929</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>wmilib.sys</FILENAME>
<FILESIZE>4352</FILESIZE>
<CREATIONDATE>08-12-2004 13:34:01</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>wpdusb.sys</FILENAME>
<FILESIZE>38528</FILESIZE>
<CREATIONDATE>09-22-2004 23:46:38</CREATIONDATE>
<VERSION>5.2.5721.5145</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>ws2ifsl.sys</FILENAME>
<FILESIZE>12032</FILESIZE>
<CREATIONDATE>08-12-2004 13:34:38</CREATIONDATE>
<VERSION>5.1.2600.0</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>WsAudio_DeviceS(1).sys</FILENAME>
<FILESIZE>25704</FILESIZE>
<CREATIONDATE>01-10-2010 06:49:57</CREATIONDATE>
<VERSION>1.0.0.1</VERSION>
<MANUFACTURER>Wondershare</MANUFACTURER>
<PRODUCTNAME>
Virtual Audio driver</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>WsAudio_DeviceS(2).sys</FILENAME>
<FILESIZE>25704</FILESIZE>
<CREATIONDATE>01-10-2010 06:50:51</CREATIONDATE>
<VERSION>1.0.0.1</VERSION>
<MANUFACTURER>Wondershare</MANUFACTURER>
<PRODUCTNAME>
Virtual Audio driver</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>WsAudio_DeviceS(3).sys</FILENAME>
<FILESIZE>25704</FILESIZE>
<CREATIONDATE>01-10-2010 06:51:25</CREATIONDATE>
<VERSION>1.0.0.1</VERSION>
<MANUFACTURER>Wondershare</MANUFACTURER>
<PRODUCTNAME>
Virtual Audio driver</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>WsAudio_DeviceS(4).sys</FILENAME>
<FILESIZE>25704</FILESIZE>
<CREATIONDATE>01-10-2010 06:51:53</CREATIONDATE>
<VERSION>1.0.0.1</VERSION>
<MANUFACTURER>Wondershare</MANUFACTURER>
<PRODUCTNAME>
Virtual Audio driver</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>WsAudio_DeviceS(5).sys</FILENAME>
<FILESIZE>25704</FILESIZE>
<CREATIONDATE>01-10-2010 06:52:22</CREATIONDATE>
<VERSION>1.0.0.1</VERSION>
<MANUFACTURER>Wondershare</MANUFACTURER>
<PRODUCTNAME>
Virtual Audio driver</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>wstcodec.sys</FILENAME>
<FILESIZE>19328</FILESIZE>
<CREATIONDATE>03-25-2009 22:31:56</CREATIONDATE>
<VERSION>5.3.2600.2180</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>WudfPf.sys</FILENAME>
<FILESIZE>77568</FILESIZE>
<CREATIONDATE>09-29-2006 00:55:50</CREATIONDATE>
<VERSION>6.0.5716.32</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
<DRIVER>
<FILENAME>WudfRd.sys</FILENAME>
<FILESIZE>82944</FILESIZE>
<CREATIONDATE>09-29-2006 01:00:34</CREATIONDATE>
<VERSION>6.0.5716.32</VERSION>
<MANUFACTURER>Microsoft Corporation</MANUFACTURER>
<PRODUCTNAME>
Microsoft® Windows® Operating System</PRODUCTNAME>
</DRIVER>
</DRIVERS>
</SYSTEMINFO>

Edited by Anamacha, 29 January 2011 - 01:22 AM.

  • 0

#15
RKinner
Posted 29 January 2011 - 06:13 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
BCCode=1000008e means something tried to write where it wasn't supposed to. Could be a bad driver, bad memory, bad hard drive, or a poorly written virus.

You can attach the dump and if I get time today I'll try to look at it.

Ron
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP