Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

AVG Rescue hanging

Started by CathyR , Feb 02 2011 03:59 PM

  • This topic is locked This topic is locked

#16
CathyR
Posted 02 February 2011 - 06:58 PM

CathyR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Okay here are the results from the completed scan:

OTL logfile created on: 2/2/2011 7:39:48 PM - Run
OTLPE by OldTimer - Version 3.1.44.2 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,015.00 Mb Total Physical Memory | 815.00 Mb Available Physical Memory | 80.00% Memory free
903.00 Mb Paging File | 842.00 Mb Available in Paging File | 93.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 102.56 Gb Free Space | 68.81% Space Free | Partition Type: NTFS
Drive D: | 1012.72 Mb Total Space | 1010.72 Mb Free Space | 99.80% Space Free | Partition Type: FAT
Drive X: | 284.08 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/06/29 15:44:38 | 000,221,266 | ---- | M] (IDT, Inc.) [Auto] -- C:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2009/06/02 21:05:58 | 000,457,200 | ---- | M] () [On_Demand] -- C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)
SRV - [2009/05/22 13:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand] -- C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/08/09 02:27:52 | 000,073,728 | ---- | M] (HP) [Auto] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (USBCCID)
DRV - File not found [Kernel | Disabled] -- -- (Simbad)
DRV - File not found [Kernel | On_Demand] -- -- (Rts516xIR)
DRV - File not found [Kernel | On_Demand] -- -- (RSUSBSTOR)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | Disabled] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled] -- -- (Abiosdsk)
DRV - [2011/01/24 09:00:32 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9733D8FA-608B-4DDE-A839-3E44A9F735F8}\MpKsl360e4bb5.sys -- (MpKsl360e4bb5)
DRV - [2011/01/24 05:55:36 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9733D8FA-608B-4DDE-A839-3E44A9F735F8}\MpKslddb92b5c.sys -- (MpKslddb92b5c)
DRV - [2011/01/24 05:50:24 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9733D8FA-608B-4DDE-A839-3E44A9F735F8}\MpKsl7c8d5e82.sys -- (MpKsl7c8d5e82)
DRV - [2011/01/23 22:01:38 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9733D8FA-608B-4DDE-A839-3E44A9F735F8}\MpKslc55e2953.sys -- (MpKslc55e2953)
DRV - [2011/01/23 13:27:33 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9733D8FA-608B-4DDE-A839-3E44A9F735F8}\MpKslce7136a3.sys -- (MpKslce7136a3)
DRV - [2010/11/28 01:58:35 | 000,037,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ISAPNP.SYS -- (isapnp)
DRV - [2010/11/02 10:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2010/08/26 08:39:50 | 000,357,248 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2010/04/29 14:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/03/25 20:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2010/02/24 08:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2009/12/26 16:32:01 | 001,746,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2009/10/20 11:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009/07/02 01:10:54 | 000,103,792 | ---- | M] (Sonic Solutions) [File_System | Boot] -- C:\WINDOWS\system32\drivers\syscow32x.sys -- (SysCow)
DRV - [2009/06/29 15:44:38 | 001,642,931 | ---- | M] (IDT, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2009/06/24 06:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009/06/04 21:43:16 | 000,330,264 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2009/06/02 03:00:00 | 000,025,584 | ---- | M] (Sonic Solutions) [Kernel | System] -- C:\WINDOWS\system32\drivers\SaibVd32.sys -- (SaibVd32)
DRV - [2009/06/02 03:00:00 | 000,021,488 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\SahdIa32.sys -- (SahdIa32)
DRV - [2009/06/02 03:00:00 | 000,015,856 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\SaibIa32.sys -- (SaibIa32)
DRV - [2009/05/20 05:00:00 | 000,045,200 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20)
DRV - [2009/04/21 12:13:34 | 000,113,664 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2009/03/31 15:11:44 | 000,039,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009/03/13 16:32:18 | 001,759,616 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009/01/15 21:41:00 | 000,206,512 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2008/08/14 05:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2008/06/20 06:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008/04/15 07:00:00 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/15 07:00:00 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/04/15 07:00:00 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008/04/15 07:00:00 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)
DRV - [2008/04/15 07:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/04/15 07:00:00 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/15 07:00:00 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008/04/15 07:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008/04/15 07:00:00 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/15 07:00:00 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008/04/15 07:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/04/15 07:00:00 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/15 07:00:00 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2008/04/15 07:00:00 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2008/04/15 07:00:00 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/15 07:00:00 | 000,105,344 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2008/04/15 07:00:00 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/04/15 07:00:00 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\parport.sys -- (Parport)
DRV - [2008/04/15 07:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008/04/15 07:00:00 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\system32\DRIVERS\sr.sys -- (sr)
DRV - [2008/04/15 07:00:00 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008/04/15 07:00:00 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/15 07:00:00 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\serial.sys -- (Serial)
DRV - [2008/04/15 07:00:00 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/15 07:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008/04/15 07:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/15 07:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008/04/15 07:00:00 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2008/04/15 07:00:00 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2008/04/15 07:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008/04/15 07:00:00 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/04/15 07:00:00 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008/04/15 07:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/15 07:00:00 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2008/04/15 07:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/04/15 07:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk)
DRV - [2008/04/15 07:00:00 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008/04/15 07:00:00 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/04/15 07:00:00 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/04/15 07:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2008/04/15 07:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2008/04/15 07:00:00 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/04/15 07:00:00 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/04/15 07:00:00 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fdc.sys -- (Fdc)
DRV - [2008/04/15 07:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/04/15 07:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/15 07:00:00 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008/04/15 07:00:00 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/15 07:00:00 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008/04/15 07:00:00 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008/04/15 07:00:00 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/04/15 07:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2008/04/15 07:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2008/04/15 07:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2008/04/15 07:00:00 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/15 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/15 07:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2008/04/15 07:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/15 07:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2008/04/15 07:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/15 07:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/04/15 07:00:00 | 000,010,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008/04/15 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2008/04/15 07:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2008/04/15 07:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2008/04/15 07:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2008/04/15 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2008/04/15 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2008/04/15 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2008/04/15 07:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2008/04/15 07:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\System32\winsock.dll -- (Winsock)
DRV - [2008/04/14 23:43:22 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008/04/14 18:11:24 | 000,018,560 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\i2omp.sys -- (i2omp)
DRV - [2008/04/14 18:11:24 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\i2omgmt.sys -- (i2omgmt)
DRV - [2008/04/14 18:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2008/04/14 18:10:32 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\viaide.sys -- (ViaIde)
DRV - [2008/04/14 18:10:30 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\intelide.sys -- (IntelIde)
DRV - [2008/04/14 18:09:54 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008/04/14 18:09:48 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/14 18:06:48 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/04/14 18:06:42 | 000,042,240 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\viaagp.sys -- (viaagp)
DRV - [2008/04/14 18:06:40 | 000,044,928 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\agpCPQ.sys -- (agpCPQ)
DRV - [2008/04/14 18:06:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/14 18:06:40 | 000,042,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\alim1541.sys -- (alim1541)
DRV - [2008/04/14 18:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\agp440.sys -- (agp440)
DRV - [2008/04/14 18:06:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/14 18:02:52 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/04/14 11:10:28 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008/04/14 11:06:40 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2008/04/14 11:06:38 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CmBatt.sys -- (CmBatt)
DRV - [2008/04/14 11:06:38 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\compbatt.sys -- (Compbatt)
DRV - [2008/04/14 09:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2008/04/14 03:15:28 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb)
DRV - [2008/04/14 02:48:02 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/04/14 02:47:20 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008/04/14 02:45:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008/04/14 02:16:26 | 000,085,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NABTSFEC.sys -- (NABTSFEC)
DRV - [2008/04/14 02:16:26 | 000,019,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS -- (WSTCODEC)
DRV - [2008/04/14 02:16:24 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CCDECODE.sys -- (CCDECODE)
DRV - [2008/04/14 02:16:24 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SLIP.sys -- (SLIP)
DRV - [2008/04/14 02:16:24 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NdisIP.sys -- (NdisIP)
DRV - [2008/04/14 02:16:22 | 000,121,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV - [2008/04/14 02:16:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\StreamIP.sys -- (streamip)
DRV - [2008/04/14 02:15:40 | 000,032,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/04/14 02:15:38 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/04/14 02:15:36 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/04/14 02:15:36 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008/04/14 02:15:14 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/04/14 02:15:10 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008/04/14 02:15:10 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008/04/14 02:15:08 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008/04/14 02:15:02 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic)
DRV - [2008/04/14 02:09:54 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSKSSRV.sys -- (MSKSSRV)
DRV - [2008/04/14 02:09:52 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSTEE.sys -- (MSTEE)
DRV - [2008/04/14 02:09:52 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys -- (MSPCLOCK)
DRV - [2008/04/14 02:09:52 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSPQM.sys -- (MSPQM)
DRV - [2008/04/14 02:09:48 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008/04/14 02:06:46 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)
DRV - [2008/04/14 00:17:38 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/04/14 00:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2008/04/14 00:15:36 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2008/04/14 00:09:50 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2008/04/14 00:09:24 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2008/03/27 18:27:46 | 000,503,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdf01000.sys -- (Wdf01000)
DRV - [2008/02/15 17:12:06 | 005,854,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2006/09/28 21:00:34 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WudfRd.sys -- (WudfRd)
DRV - [2006/09/28 20:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WudfPf.sys -- (WudfPf)
DRV - [2005/03/07 23:43:27 | 000,021,744 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2005/03/07 23:43:26 | 000,016,496 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2005/03/07 23:43:25 | 000,051,120 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2001/08/18 08:07:44 | 000,025,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\hpn.sys -- (hpn)
DRV - [2001/08/18 08:07:44 | 000,020,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\dpti2o.sys -- (dpti2o)
DRV - [2001/08/18 08:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/18 08:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/18 08:07:42 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\perc2hib.sys -- (perc2hib)
DRV - [2001/08/18 08:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/18 08:07:40 | 000,027,296 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\perc2.sys -- (perc2)
DRV - [2001/08/18 08:07:38 | 000,056,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aic78xx.sys -- (aic78xx)
DRV - [2001/08/18 08:07:36 | 000,055,168 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aic78u2.sys -- (aic78u2)
DRV - [2001/08/18 08:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/18 08:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/18 08:07:32 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\adpu160m.sys -- (adpu160m)
DRV - [2001/08/18 07:52:50 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)
DRV - [2001/08/18 07:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/18 07:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/18 07:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/18 07:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/18 07:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/18 07:52:16 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1240.sys -- (ql1240)
DRV - [2001/08/18 07:52:16 | 000,033,152 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql10wnt.sys -- (Ql10wnt)
DRV - [2001/08/18 07:52:16 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\dac960nt.sys -- (dac960nt)
DRV - [2001/08/18 07:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/18 07:52:08 | 000,016,000 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ini910u.sys -- (ini910u)
DRV - [2001/08/18 07:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2001/08/18 07:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cbidf2k.sys -- (cbidf)
DRV - [2001/08/18 07:52:06 | 000,014,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cpqarray.sys -- (Cpqarray)
DRV - [2001/08/18 07:52:06 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys -- (cd20xrnt)
DRV - [2001/08/18 07:52:04 | 000,022,400 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc3350p.sys -- (asc3350p)
DRV - [2001/08/18 07:52:04 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\amsint.sys -- (amsint)
DRV - [2001/08/18 07:52:02 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aha154x.sys -- (Aha154x)
DRV - [2001/08/18 07:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/18 07:52:00 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS -- (abp480n5)
DRV - [2001/08/18 07:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/18 07:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\aliide.sys -- (AliIde)
DRV - [2001/08/18 07:51:56 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\toside.sys -- (TosIde)
DRV - [2001/08/18 07:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/18 07:51:52 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde)
DRV - [2001/08/18 00:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [2001/08/17 16:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370

IE - HKU\CRyder_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKU\CRyder_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\CRyder_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKU\CRyder_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKU\CRyder_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\CRyder_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\CRyder_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370

IE - HKU\DRyder_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\DRyder_ON_C\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\DRyder_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKU\DRyder_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKU\DRyder_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\DRyder_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\DRyder_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\DRyder_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370


IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/12/27 12:02:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/12/26 16:14:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/24 06:32:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/18 14:59:53 | 000,000,000 | ---D | M]

[2010/10/18 14:59:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/18 14:59:54 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/09/14 17:59:59 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010/09/14 18:00:00 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2010/09/14 18:00:01 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2010/09/14 15:41:42 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2010/09/14 15:41:42 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2010/09/14 15:41:42 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2010/09/14 15:41:42 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2010/09/14 15:41:42 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010/09/14 15:41:42 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2010/09/14 15:41:42 | 000,001,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2010/10/18 15:03:56 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\CRyder_ON_C\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\DRyder_ON_C\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP BTW Detect Program] C:\Program Files\HP\HPBTWD.exe ()
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [snp2uvc] File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard)
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\CRyder_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\DRyder_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\CRyder_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\DRyder_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.226.1.93 24.226.10.193 24.226.10.194
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\CRyder_ON_C Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\DRyder_ON_C Winlogon: Shell - (C:\Documents and Settings\DRyder\Application Data\palladium.exe) - C:\Documents and Settings\DRyder\Application Data\palladium.exe ()
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/02 19:39:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\LocalService\Recent
[2011/02/02 19:39:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\LocalService\My Documents
[2011/01/24 06:34:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CRyder\My Documents\Downloads
[2011/01/24 06:32:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CRyder\Local Settings\Application Data\Mozilla
[2011/01/24 06:32:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CRyder\Application Data\Mozilla
[2009/12/26 16:30:58 | 000,196,608 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2009/12/26 16:30:54 | 000,225,280 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2005/05/11 23:36:48 | 000,012,288 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\Fonts\RandFont.dll
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2011/01/24 10:51:44 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2011/01/24 10:51:44 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2011/01/24 10:51:38 | 000,000,120 | ---- | M] () -- C:\Documents and Settings\DRyder\Application Data\asdfasfas.bat
[2011/01/24 10:51:37 | 000,478,208 | ---- | M] () -- C:\Documents and Settings\DRyder\Application Data\palladium.exe
[2011/01/24 10:51:36 | 000,000,007 | ---- | M] () -- C:\Documents and Settings\DRyder\Application Data\uid_pal
[2011/01/24 10:44:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2011/01/24 10:37:32 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\BackOnTrack Instant Restore Idle.job
[2011/01/24 09:44:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2011/01/24 09:06:58 | 000,719,873 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\eXplorer.exe
[2011/01/24 09:05:34 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/01/24 09:00:23 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2011/01/24 09:00:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/24 09:00:12 | 1064,620,032 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/24 08:59:30 | 000,719,873 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\rkill.com
[2011/01/24 08:58:46 | 000,000,228 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\shell.reg
[2011/01/24 05:54:24 | 000,441,252 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/01/24 05:54:24 | 000,071,404 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/01/23 13:31:41 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\DRyder\Application Data\completescan_pal
[2011/01/23 12:51:36 | 000,000,869 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\Palladium for Windows.lnk
[2011/01/23 12:51:36 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\DRyder\Application Data\install_pal
[2011/01/23 12:44:48 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2011/01/23 12:44:48 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2011/01/23 12:44:48 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2011/01/23 12:44:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2011/01/23 12:44:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2011/01/23 12:44:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2011/01/23 12:44:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2011/01/23 12:44:44 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2011/01/23 12:44:44 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2011/01/23 12:44:44 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2011/01/23 12:44:44 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2011/01/23 12:44:44 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2011/01/23 12:44:42 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2011/01/23 12:44:41 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2011/01/23 12:44:40 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2011/01/23 12:44:40 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2011/01/23 12:44:39 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2011/01/23 12:44:39 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2011/01/23 12:44:39 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2011/01/23 12:44:39 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2011/01/20 18:33:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/01/20 16:31:52 | 000,034,816 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\TRILLIUMRESUME.doc
[2011/01/20 13:52:29 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\PERTHASSEMBLYRESUME.doc
[2011/01/20 13:51:51 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\JANUARYRESUME.doc
[2011/01/14 17:53:38 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\CR3RESUME.doc
[2011/01/14 16:59:10 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\LOADINGDOCKRESUME.doc
[2011/01/14 16:09:31 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\TAMCORESUME.doc
[2011/01/14 15:39:57 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\ADVANTAGERESUME.doc
[2011/01/14 13:24:54 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\BUDGET 2010.xls
[2011/01/04 13:33:36 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\P&GRESUME.doc
[2011/01/04 11:37:13 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\PHACSTORERESUME.doc
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/24 10:51:46 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At46.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At45.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At44.job
[2011/01/24 10:51:45 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At43.job
[2011/01/24 10:51:45 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At42.job
[2011/01/24 10:51:45 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At41.job
[2011/01/24 10:51:45 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At40.job
[2011/01/24 10:51:45 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At39.job
[2011/01/24 10:51:45 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At38.job
[2011/01/24 10:51:45 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At37.job
[2011/01/24 10:51:45 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At36.job
[2011/01/24 10:51:45 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At35.job
[2011/01/24 10:51:44 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At34.job
[2011/01/24 10:51:44 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At33.job
[2011/01/24 10:51:44 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At32.job
[2011/01/24 10:51:44 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At31.job
[2011/01/24 10:51:44 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At30.job
[2011/01/24 10:51:44 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At29.job
[2011/01/24 10:51:43 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At28.job
[2011/01/24 10:51:43 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At27.job
[2011/01/24 10:51:43 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At26.job
[2011/01/24 10:51:43 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At25.job
[2011/01/24 10:51:42 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2011/01/24 09:08:03 | 000,719,873 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\eXplorer.exe
[2011/01/24 09:04:36 | 000,000,228 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\shell.reg
[2011/01/24 09:04:32 | 000,719,873 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\rkill.com
[2011/01/23 13:31:41 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\DRyder\Application Data\completescan_pal
[2011/01/23 12:51:36 | 000,000,875 | ---- | C] () -- C:\Documents and Settings\DRyder\Start Menu\Programs\Palladium for Windows.lnk
[2011/01/23 12:51:36 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\DRyder\Application Data\install_pal
[2011/01/23 12:51:35 | 000,000,869 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\Palladium for Windows.lnk
[2011/01/23 12:44:47 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2011/01/23 12:44:47 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2011/01/23 12:44:46 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2011/01/23 12:44:45 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2011/01/23 12:44:45 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2011/01/23 12:44:44 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2011/01/23 12:44:44 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2011/01/23 12:44:43 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2011/01/23 12:44:42 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2011/01/23 12:44:42 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2011/01/23 12:44:42 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2011/01/23 12:44:41 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2011/01/23 12:44:41 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2011/01/23 12:44:40 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2011/01/23 12:44:40 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2011/01/23 12:44:40 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2011/01/23 12:44:39 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2011/01/23 12:44:39 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2011/01/23 12:44:39 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2011/01/23 12:44:39 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2011/01/23 12:44:38 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2011/01/23 12:44:38 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2011/01/23 12:44:38 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2011/01/23 12:44:36 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\DRyder\Application Data\asdfasfas.bat
[2011/01/23 12:44:34 | 000,478,208 | ---- | C] () -- C:\Documents and Settings\DRyder\Application Data\palladium.exe
[2011/01/23 12:44:34 | 000,000,007 | ---- | C] () -- C:\Documents and Settings\DRyder\Application Data\uid_pal
[2011/01/20 13:52:22 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\PERTHASSEMBLYRESUME.doc
[2011/01/20 13:31:29 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\JANUARYRESUME.doc
[2011/01/14 17:53:37 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\CR3RESUME.doc
[2011/01/14 16:59:09 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\LOADINGDOCKRESUME.doc
[2011/01/14 16:06:32 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\TAMCORESUME.doc
[2011/01/14 15:51:51 | 000,034,816 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\TRILLIUMRESUME.doc
[2011/01/14 15:30:48 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\ADVANTAGERESUME.doc
[2011/01/04 13:30:39 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\P&GRESUME.doc
[2010/07/13 16:27:38 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\CRyder\Local Settings\Application Data\housecall.guid.cache
[2010/04/25 13:49:23 | 000,212,711 | ---- | C] () -- C:\Documents and Settings\DRyder\Application Data\Update_HP_RedboxHprblog_HPSU.log
[2010/04/25 13:49:23 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2010/04/25 13:26:38 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\DRyder\Local Settings\Application Data\fusioncache.dat
[2009/12/26 16:30:58 | 001,759,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2009/12/26 16:30:58 | 000,028,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2009/12/26 16:30:58 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2009/08/25 19:55:28 | 000,028,510 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/08/25 19:15:28 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/04/10 21:25:38 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/04/10 20:58:54 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2009/12/26 17:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DRyder\Application Data\Skinux
[2011/01/23 12:44:39 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2011/01/23 12:44:41 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2011/01/24 09:44:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2011/01/23 12:44:44 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2011/01/23 12:44:44 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2011/01/23 12:44:44 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2011/01/23 12:44:44 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2011/01/23 12:44:44 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2011/01/23 12:44:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2011/01/23 12:44:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2011/01/23 12:44:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2011/01/23 12:44:39 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2011/01/23 12:44:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2011/01/23 12:44:48 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2011/01/23 12:44:48 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2011/01/23 12:44:48 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2011/01/24 10:51:44 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job
[2011/01/24 10:51:44 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At25.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At26.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At27.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At28.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At29.job
[2011/01/23 12:44:39 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At30.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At31.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At32.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At33.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At34.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At35.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At36.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At37.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At38.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At39.job
[2011/01/23 12:44:39 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At40.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At41.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At42.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At43.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At44.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At45.job
[2011/01/24 10:51:46 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At46.job
[2011/01/24 09:00:23 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2011/01/23 12:44:40 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2011/01/23 12:44:40 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2011/01/23 12:44:42 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2011/01/24 10:44:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job
[2011/01/24 10:37:32 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\BackOnTrack Instant Restore Idle.job
[2011/01/24 09:05:34 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: AGP440.SYS >
[2008/04/14 23:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\I386\sp3.cab:AGP440.sys
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2008/04/15 07:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/04/14 18:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2008/04/14 18:06:40 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\drivers\agp440.sys

< MD5 for: AHCIX86.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: AHCIX86S.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: ATAPI.SYS >
[2008/04/14 23:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\I386\sp3.cab:atapi.sys
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2008/04/15 07:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 18:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/14 18:10:32 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: ENETHOOK.DLL >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: EVENTLOG.DLL >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2008/04/15 07:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2008/04/15 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2011/01/24 09:06:58 | 000,719,873 | ---- | M] () MD5=89949692B4F898A8FC27EC31CD83B107 -- C:\Documents and Settings\DRyder\Desktop\eXplorer.exe

< MD5 for: IASTOR.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2009/06/04 21:43:16 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\drivers\iaStor.sys
[2009/06/04 21:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\SwSetup\HDD\IaStor.sys
[2009/06/04 21:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\WINDOWS\system32\drivers\iaStor.sys

< MD5 for: IASTORV.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: IDECHNDR.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: KR10N.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: LOGEVENT.DLL >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: NETLOGON.DLL >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2008/04/15 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\netlogon.dll

< MD5 for: NTELOGON.DLL >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: NTOSKRNL.EXE >
[2008/04/14 23:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\I386\sp3.cab:ntoskrnl.exe
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2008/04/15 07:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:ntoskrnl.exe
[2010/02/16 09:08:49 | 002,146,304 | ---- | M] (Microsoft Corporation) MD5=048DB3459FAB4CA741DCC84E1F374D65 -- C:\WINDOWS\$NtUninstallKB981852$\ntoskrnl.exe
[2009/12/08 23:52:36 | 002,189,312 | ---- | M] (Microsoft Corporation) MD5=05BE3D9A71972223AFF6A3C823BA51B1 -- C:\WINDOWS\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[2008/04/14 02:54:38 | 002,145,280 | ---- | M] (Microsoft Corporation) MD5=40F8880122A030A7E9E1FEDEA833B33D -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Target\WINDOWS\system32\ntoskrnl.exe
[2008/04/14 02:54:38 | 002,145,280 | ---- | M] (Microsoft Corporation) MD5=40F8880122A030A7E9E1FEDEA833B33D -- C:\WINDOWS\$NtUninstallKB971486$\ntoskrnl.exe
[2010/04/27 08:59:13 | 002,146,304 | ---- | M] (Microsoft Corporation) MD5=466A3E1239F4A9428797730E81A7A865 -- C:\WINDOWS\system32\ntoskrnl.exe
[2010/04/27 21:25:02 | 002,189,952 | ---- | M] (Microsoft Corporation) MD5=472059774023F80EB7227EAF9A7ACDA1 -- C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
[2010/04/27 21:25:02 | 002,189,952 | ---- | M] (Microsoft Corporation) MD5=472059774023F80EB7227EAF9A7ACDA1 -- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
[2009/08/04 10:13:08 | 002,145,280 | ---- | M] (Microsoft Corporation) MD5=78FCC97CD878D4CF5B5D2158A5A7CF92 -- C:\WINDOWS\$NtUninstallKB977165$\ntoskrnl.exe
[2009/12/08 14:26:15 | 002,145,280 | ---- | M] (Microsoft Corporation) MD5=9696C553F994340CD6AA5C5A724C3A19 -- C:\WINDOWS\$NtUninstallKB979683$\ntoskrnl.exe
[2010/04/27 08:50:44 | 002,190,080 | ---- | M] (Microsoft Corporation) MD5=A2ABBEC40CDB57454645D06B7EBD22F5 -- C:\WINDOWS\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[2009/02/07 19:35:26 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\System Rollback Data\Restore\Archive\00000055\00000054\0\Attrib\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[2009/08/04 08:56:10 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\System Rollback Data\Restore\Archive\00000055\00000054\0\Attrib\WINDOWS\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[2009/12/08 23:52:36 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\System Rollback Data\Restore\Archive\00000055\00000054\0\Attrib\WINDOWS\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[2010/02/16 07:52:12 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\System Rollback Data\Restore\Archive\00000055\00000054\0\Attrib\WINDOWS\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[2010/04/27 08:50:44 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\System Rollback Data\Restore\Archive\00000055\00000054\0\Attrib\WINDOWS\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[2010/02/16 07:52:12 | 002,190,080 | ---- | M] (Microsoft Corporation) MD5=E1F653A542449D54FA2D27463D99B6B6 -- C:\WINDOWS\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[2009/02/07 19:35:26 | 002,189,184 | ---- | M] (Microsoft Corporation) MD5=EFE8EACE83EAAD5849A7A548FB75B584 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[2009/08/04 08:56:10 | 002,189,312 | ---- | M] (Microsoft Corporation) MD5=FDE779EA1A564EBFE16F4E0F82B61BAD -- C:\WINDOWS\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe

< MD5 for: NVATA.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: NVATABUS.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: NVGTS.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: NVRD32.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: NVSTOR.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: NVSTOR32.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: SCECLI.DLL >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2008/04/15 07:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\scecli.dll

< MD5 for: SCECLT.DLL >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: USERINIT.EXE >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2008/04/15 07:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\userinit.exe

< MD5 for: UXTHEME.DLL >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2008/04/15 07:00:00 | 000,218,624 | ---- | M] (Microsoft Corporation) MD5=7A2CC3719B255E6B5D74396183B7715B -- C:\WINDOWS\system32\uxtheme.dll
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\uxtheme.dll

< MD5 for: VAXSCSI.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: VIAMRAID.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: VIASRAID.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: VIPRT.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: WINLOGON.EXE >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\winlogon.exe
[2008/04/15 07:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %SYSTEMDRIVE%\*.* >
[2009/12/27 12:21:12 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2009/12/26 16:32:59 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2011/01/24 09:00:12 | 1064,620,032 | -HS- | M] () -- C:\hiberfil.sys
[2008/04/15 07:00:00 | 000,047,564 | -HS- | M] () -- C:\NTDETECT.COM
[2008/04/15 07:00:00 | 000,250,048 | -HS- | M] () -- C:\NTLDR
[2011/01/24 09:00:11 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2009/04/10 13:51:46 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/04/10 13:51:46 | 001,064,960 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/04/10 13:51:44 | 000,888,832 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< End of report >
  • 0

Advertisements

#17
CathyR
Posted 02 February 2011 - 07:03 PM

CathyR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
I have posted the log. I will have to revisit in the morning as I am heading out in about 1/2 hour. I so appreciate your help and hope that you will be on tomorrow to continue with helping me. I will be taking the mini with me to work so I will be able to connect and continue troubleshooting tomorrow. This is an amazing service, especially to beginners.

Cathy
  • 0

#18
JSntgRvr
Posted 02 February 2011 - 08:45 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
If we are able to boot the computer back to Normal, you may need to remove Roxio BackOnTrack. All file are corrupted.

Lets try this fix.
  • Copy the entire contents of the Quote Box below to Notepad.
  • Name the file as Fix.txt
  • Change the Save as Type to All Files
  • and Save it in the USB drive
  • Once in OTLPE, double click on the Custom Scan Window.
  • Browse to the USB drive and select the Fix.txt file. Click on Open. Its contents will appear on the window.
  • Click the red Run Fix button.
  • A report will be produced and saved in the C:\_OTL\MovedFiles folder in the form of Date_Time.log. Open that report and post its contents in a reply.


:OTL
O4 - HKLM..\Run: [snp2uvc] File not found
O20 - HKU\DRyder_ON_C Winlogon: Shell - (C:\Documents and Settings\DRyder\Application Data\palladium.exe) - C:\Documents and Settings\DRyder\Application Data\palladium.exe ()

:files
C:\WINDOWS\tasks\At46.job
C:\WINDOWS\tasks\At45.job
C:\WINDOWS\tasks\At44.job
C:\WINDOWS\tasks\At43.job
C:\WINDOWS\tasks\At42.job
C:\WINDOWS\tasks\At41.job
C:\WINDOWS\tasks\At40.job
C:\WINDOWS\tasks\At39.job
C:\WINDOWS\tasks\At38.job
C:\WINDOWS\tasks\At37.job
C:\WINDOWS\tasks\At36.job
C:\WINDOWS\tasks\At35.job
C:\WINDOWS\tasks\At34.job
C:\WINDOWS\tasks\At33.job
C:\WINDOWS\tasks\At32.job
C:\WINDOWS\tasks\At31.job
C:\WINDOWS\tasks\At30.job
C:\WINDOWS\tasks\At29.job
C:\WINDOWS\tasks\At28.job
C:\WINDOWS\tasks\At27.job
C:\WINDOWS\tasks\At26.job
C:\WINDOWS\tasks\At25.job
C:\WINDOWS\tasks\At24.job
C:\WINDOWS\tasks\At23.job
C:\WINDOWS\tasks\At22.job
C:\WINDOWS\tasks\At21.job
C:\WINDOWS\tasks\At20.job
C:\WINDOWS\tasks\At19.job
C:\WINDOWS\tasks\At18.job
C:\WINDOWS\tasks\At17.job
C:\WINDOWS\tasks\At16.job
C:\WINDOWS\tasks\At15.job
C:\WINDOWS\tasks\At14.job
C:\WINDOWS\tasks\At13.job
C:\WINDOWS\tasks\At12.job
C:\WINDOWS\tasks\At11.job
C:\WINDOWS\tasks\At9.job
C:\WINDOWS\tasks\At8.job
C:\WINDOWS\tasks\At10.job
C:\WINDOWS\tasks\At7.job
C:\WINDOWS\tasks\At6.job
C:\WINDOWS\tasks\At5.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At1.job
C:\Documents and Settings\DRyder\Application Data\completescan_pal
C:\Documents and Settings\DRyder\Start Menu\Programs\Palladium for Windows.lnk
C:\Documents and Settings\DRyder\Application Data\install_pal
C:\Documents and Settings\DRyder\Desktop\Palladium for Windows.lnk
C:\Documents and Settings\DRyder\Application Data\asdfasfas.bat
C:\Documents and Settings\DRyder\Application Data\palladium.exe
C:\Documents and Settings\DRyder\Application Data\uid_pal
C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\drivers\agp440.sys|C:\WINDOWS\system32\drivers\agp440.sys /replace
C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab
C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\drivers\atapi.sys
C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\eventlog.dll
C:\Documents and Settings\DRyder\Desktop\eXplorer.exe
C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\drivers\iaStor.sys
C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\netlogon.dll
C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\scecli.dll
C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\uxtheme.dll
C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\winlogon.exe


Attempt to boot in Normal Mode.

If able to do so, please run Combofix as follows:

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Please, never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    -----------------------------------------------------------

    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

      If AVG or CA Internet Security Suite is installed, you must remove these programs before using Combofix. If any of these applications will not uninstall, it is first recommended to uninstall it with AppRemover by Opswat. http://www.appremove...ed-applications. Do not use AppRemover on Norton

      -----------------------------------------------------------

    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

    -----------------------------------------------------------

  • Double click on combofix.exe & follow the prompts.
  • Install the Recovery Console if prompted.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" .
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.

Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.
  • 0

#19
CathyR
Posted 03 February 2011 - 04:53 AM

CathyR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
At the beginning of the instructions above where you state:

Lets try this fix.

* Copy the entire contents of the Quote Box below to Notepad.
* Name the file as Fix.txt
* Change the Save as Type to All Files
* and Save it in the USB drive
* Once in OTLPE, double click on the Custom Scan Window.
* Browse to the USB drive and select the Fix.txt file. Click on Open. Its contents will appear on the window.
* Click the red Run Fix button.
* A report will be produced and saved in the C:\_OTL\MovedFiles folder in the form of Date_Time.log. Open that report and post its contents in a reply.

Should the laptop see the usb or should I restart, point to the cd run OTLPE from the cd and then run custom scan and point to the usb?

Cathy
  • 0

#20
JSntgRvr
Posted 03 February 2011 - 10:55 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
I don't understand your post. The instructions are similar to the previous one.

  • Save the file in the USB drive.
  • Insert both, the USB drive and the OTLPE CD into the troubled computer
  • Boot to OTLPE and run the application as before.
  • Doubleclick on the Custom Scans window, select Yes, then browse to the USB drive.
  • Select the Fix.txt and click on Open, and lastly, click on the Red Run Fix button.

Get the report and post it.
  • 0

#21
CathyR
Posted 03 February 2011 - 06:22 PM

CathyR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
But when I go to point to the usb it does not show in the list:

RamDisk (B)
LocalDisk ©
Removable Disk (D)
ReatogoPE (X)

I do not see the usb where the fix.txt is? Now what should I do?

Cathy
  • 0

#22
CathyR
Posted 03 February 2011 - 06:35 PM

CathyR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Sorry I do see it - but the fix.txt does not show on the broken laptop. But when I put the usb in the working computer I can see the fix.txt in the usb directory. Why can I see it on one computer and not the other?

Cathy
  • 0

#23
CathyR
Posted 03 February 2011 - 06:58 PM

CathyR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Another thing I just noticed. On the broken computer I can double click on my computer and navigate to the usb which is D removable disk. I can see my fix.txt file. But when I run OTLPE and double click to run custom scan I cannot see the fix.txt in D removable disk. I can see the other files on the usb though?

Cathy
  • 0

#24
JSntgRvr
Posted 03 February 2011 - 07:16 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
See if you can do this.

Open the removable drive in my Computer. Open the Fix.txt file. Select All, then Copy and Paste its contents on the Custom Scan window in OTLPE. Then follow the rest of the instructions.
  • 0

#25
CathyR
Posted 03 February 2011 - 08:10 PM

CathyR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Okay that worked but under C:\_OTL\MovedFiles folder there is a folder 02032011_210401 and one text document 02032011_210401.log and this is a text file. Is this the file I should post?

Cathy
  • 0

Advertisements

#26
CathyR
Posted 03 February 2011 - 08:17 PM

CathyR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
I will check back in the morning as it is time to crash. Thank you again for all of your help.

Cathy
  • 0

#27
JSntgRvr
Posted 03 February 2011 - 09:50 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Post the 02032011_210401.log

Have you tried to boot in Normal Mode? Any error messages?
  • 0

#28
CathyR
Posted 04 February 2011 - 05:41 AM

CathyR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Yes I tried to boot into normal mode but it still boots to a flashing cursor in the upper left hand corner. I have attached the log file.

Cathy

Attached Files


  • 0

#29
JSntgRvr
Posted 04 February 2011 - 08:17 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Lets scan again.

Download the enclosed file and save it to your USB drive.

Restart the computer back to the OTLPE CD.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings
  • Change Drivers to All
  • Change Standard Registry to All
  • Doubleclick on the Custom Scans window and select Yes to load the file.
  • Browse to and select the Scan.txt in the USB drive.
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive.
  • Please post the contents of the C:\OTL.txt file in your reply.

  • 0

#30
CathyR
Posted 04 February 2011 - 05:09 PM

CathyR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Okay I ran the scan again and have attached the file. Wow, this is a process isn't it. But I am learning and because of your help I feel that all is not lost. CathyAttached File  OTL.Txt   160.08KB   393 downloads

OTL logfile created on: 2/4/2011 5:51:27 PM - Run
OTLPE by OldTimer - Version 3.1.44.2 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,015.00 Mb Total Physical Memory | 814.00 Mb Available Physical Memory | 80.00% Memory free
903.00 Mb Paging File | 841.00 Mb Available in Paging File | 93.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 102.56 Gb Free Space | 68.81% Space Free | Partition Type: NTFS
Drive D: | 1012.72 Mb Total Space | 1012.55 Mb Free Space | 99.98% Space Free | Partition Type: FAT
Drive X: | 284.08 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/06/29 15:44:38 | 000,221,266 | ---- | M] (IDT, Inc.) [Auto] -- C:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2009/06/02 21:05:58 | 000,457,200 | ---- | M] () [On_Demand] -- C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)
SRV - [2009/05/22 13:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand] -- C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/08/09 02:27:52 | 000,073,728 | ---- | M] (HP) [Auto] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (USBCCID)
DRV - File not found [Kernel | Disabled] -- -- (Simbad)
DRV - File not found [Kernel | On_Demand] -- -- (Rts516xIR)
DRV - File not found [Kernel | On_Demand] -- -- (RSUSBSTOR)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | Disabled] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled] -- -- (Abiosdsk)
DRV - [2011/01/24 09:00:32 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9733D8FA-608B-4DDE-A839-3E44A9F735F8}\MpKsl360e4bb5.sys -- (MpKsl360e4bb5)
DRV - [2011/01/24 05:55:36 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9733D8FA-608B-4DDE-A839-3E44A9F735F8}\MpKslddb92b5c.sys -- (MpKslddb92b5c)
DRV - [2011/01/24 05:50:24 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9733D8FA-608B-4DDE-A839-3E44A9F735F8}\MpKsl7c8d5e82.sys -- (MpKsl7c8d5e82)
DRV - [2011/01/23 22:01:38 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9733D8FA-608B-4DDE-A839-3E44A9F735F8}\MpKslc55e2953.sys -- (MpKslc55e2953)
DRV - [2011/01/23 13:27:33 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9733D8FA-608B-4DDE-A839-3E44A9F735F8}\MpKslce7136a3.sys -- (MpKslce7136a3)
DRV - [2010/11/28 01:58:35 | 000,037,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ISAPNP.SYS -- (isapnp)
DRV - [2010/11/02 10:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2010/08/26 08:39:50 | 000,357,248 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2010/04/29 14:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/03/25 20:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2010/02/24 08:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2009/12/26 16:32:01 | 001,746,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2009/10/20 11:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009/07/02 01:10:54 | 000,103,792 | ---- | M] (Sonic Solutions) [File_System | Boot] -- C:\WINDOWS\system32\drivers\syscow32x.sys -- (SysCow)
DRV - [2009/06/29 15:44:38 | 001,642,931 | ---- | M] (IDT, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2009/06/24 06:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009/06/04 21:43:16 | 000,330,264 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2009/06/02 03:00:00 | 000,025,584 | ---- | M] (Sonic Solutions) [Kernel | System] -- C:\WINDOWS\system32\drivers\SaibVd32.sys -- (SaibVd32)
DRV - [2009/06/02 03:00:00 | 000,021,488 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\SahdIa32.sys -- (SahdIa32)
DRV - [2009/06/02 03:00:00 | 000,015,856 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\SaibIa32.sys -- (SaibIa32)
DRV - [2009/05/20 05:00:00 | 000,045,200 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20)
DRV - [2009/04/21 12:13:34 | 000,113,664 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2009/03/31 15:11:44 | 000,039,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009/03/13 16:32:18 | 001,759,616 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009/01/15 21:41:00 | 000,206,512 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2008/08/14 05:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2008/06/20 06:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008/04/15 07:00:00 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/15 07:00:00 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/04/15 07:00:00 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008/04/15 07:00:00 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)
DRV - [2008/04/15 07:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/04/15 07:00:00 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/15 07:00:00 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008/04/15 07:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008/04/15 07:00:00 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/15 07:00:00 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008/04/15 07:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/04/15 07:00:00 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/15 07:00:00 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2008/04/15 07:00:00 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2008/04/15 07:00:00 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/15 07:00:00 | 000,105,344 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2008/04/15 07:00:00 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/04/15 07:00:00 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\parport.sys -- (Parport)
DRV - [2008/04/15 07:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008/04/15 07:00:00 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\system32\DRIVERS\sr.sys -- (sr)
DRV - [2008/04/15 07:00:00 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008/04/15 07:00:00 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/15 07:00:00 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\serial.sys -- (Serial)
DRV - [2008/04/15 07:00:00 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/15 07:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008/04/15 07:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/15 07:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008/04/15 07:00:00 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2008/04/15 07:00:00 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2008/04/15 07:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008/04/15 07:00:00 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/04/15 07:00:00 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008/04/15 07:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/15 07:00:00 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2008/04/15 07:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/04/15 07:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk)
DRV - [2008/04/15 07:00:00 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008/04/15 07:00:00 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/04/15 07:00:00 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/04/15 07:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2008/04/15 07:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2008/04/15 07:00:00 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/04/15 07:00:00 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/04/15 07:00:00 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fdc.sys -- (Fdc)
DRV - [2008/04/15 07:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/04/15 07:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/15 07:00:00 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008/04/15 07:00:00 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/15 07:00:00 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008/04/15 07:00:00 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008/04/15 07:00:00 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/04/15 07:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2008/04/15 07:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2008/04/15 07:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2008/04/15 07:00:00 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/15 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/15 07:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2008/04/15 07:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/15 07:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2008/04/15 07:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/15 07:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/04/15 07:00:00 | 000,010,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008/04/15 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2008/04/15 07:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2008/04/15 07:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2008/04/15 07:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2008/04/15 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2008/04/15 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2008/04/15 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2008/04/15 07:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2008/04/15 07:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\System32\winsock.dll -- (Winsock)
DRV - [2008/04/14 23:43:22 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008/04/14 18:11:24 | 000,018,560 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\i2omp.sys -- (i2omp)
DRV - [2008/04/14 18:11:24 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\i2omgmt.sys -- (i2omgmt)
DRV - [2008/04/14 18:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2008/04/14 18:10:32 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\viaide.sys -- (ViaIde)
DRV - [2008/04/14 18:10:30 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\intelide.sys -- (IntelIde)
DRV - [2008/04/14 18:09:54 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008/04/14 18:09:48 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/14 18:06:48 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/04/14 18:06:42 | 000,042,240 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\viaagp.sys -- (viaagp)
DRV - [2008/04/14 18:06:40 | 000,044,928 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\agpCPQ.sys -- (agpCPQ)
DRV - [2008/04/14 18:06:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/14 18:06:40 | 000,042,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\alim1541.sys -- (alim1541)
DRV - [2008/04/14 18:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\agp440.sys -- (agp440)
DRV - [2008/04/14 18:06:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/14 18:02:52 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/04/14 11:10:28 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008/04/14 11:06:40 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2008/04/14 11:06:38 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CmBatt.sys -- (CmBatt)
DRV - [2008/04/14 11:06:38 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\compbatt.sys -- (Compbatt)
DRV - [2008/04/14 09:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2008/04/14 03:15:28 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb)
DRV - [2008/04/14 02:48:02 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/04/14 02:47:20 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008/04/14 02:45:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008/04/14 02:16:26 | 000,085,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NABTSFEC.sys -- (NABTSFEC)
DRV - [2008/04/14 02:16:26 | 000,019,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS -- (WSTCODEC)
DRV - [2008/04/14 02:16:24 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CCDECODE.sys -- (CCDECODE)
DRV - [2008/04/14 02:16:24 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SLIP.sys -- (SLIP)
DRV - [2008/04/14 02:16:24 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NdisIP.sys -- (NdisIP)
DRV - [2008/04/14 02:16:22 | 000,121,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV - [2008/04/14 02:16:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\StreamIP.sys -- (streamip)
DRV - [2008/04/14 02:15:40 | 000,032,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/04/14 02:15:38 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/04/14 02:15:36 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/04/14 02:15:36 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008/04/14 02:15:14 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/04/14 02:15:10 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008/04/14 02:15:10 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008/04/14 02:15:08 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008/04/14 02:15:02 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic)
DRV - [2008/04/14 02:09:54 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSKSSRV.sys -- (MSKSSRV)
DRV - [2008/04/14 02:09:52 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSTEE.sys -- (MSTEE)
DRV - [2008/04/14 02:09:52 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys -- (MSPCLOCK)
DRV - [2008/04/14 02:09:52 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSPQM.sys -- (MSPQM)
DRV - [2008/04/14 02:09:48 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008/04/14 02:06:46 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)
DRV - [2008/04/14 00:17:38 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/04/14 00:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2008/04/14 00:15:36 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2008/04/14 00:09:50 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2008/04/14 00:09:24 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2008/03/27 18:27:46 | 000,503,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdf01000.sys -- (Wdf01000)
DRV - [2008/02/15 17:12:06 | 005,854,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2006/09/28 21:00:34 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WudfRd.sys -- (WudfRd)
DRV - [2006/09/28 20:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WudfPf.sys -- (WudfPf)
DRV - [2005/03/07 23:43:27 | 000,021,744 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2005/03/07 23:43:26 | 000,016,496 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2005/03/07 23:43:25 | 000,051,120 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2001/08/18 08:07:44 | 000,025,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\hpn.sys -- (hpn)
DRV - [2001/08/18 08:07:44 | 000,020,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\dpti2o.sys -- (dpti2o)
DRV - [2001/08/18 08:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/18 08:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/18 08:07:42 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\perc2hib.sys -- (perc2hib)
DRV - [2001/08/18 08:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/18 08:07:40 | 000,027,296 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\perc2.sys -- (perc2)
DRV - [2001/08/18 08:07:38 | 000,056,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aic78xx.sys -- (aic78xx)
DRV - [2001/08/18 08:07:36 | 000,055,168 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aic78u2.sys -- (aic78u2)
DRV - [2001/08/18 08:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/18 08:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/18 08:07:32 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\adpu160m.sys -- (adpu160m)
DRV - [2001/08/18 07:52:50 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)
DRV - [2001/08/18 07:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/18 07:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/18 07:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/18 07:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/18 07:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/18 07:52:16 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1240.sys -- (ql1240)
DRV - [2001/08/18 07:52:16 | 000,033,152 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql10wnt.sys -- (Ql10wnt)
DRV - [2001/08/18 07:52:16 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\dac960nt.sys -- (dac960nt)
DRV - [2001/08/18 07:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/18 07:52:08 | 000,016,000 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ini910u.sys -- (ini910u)
DRV - [2001/08/18 07:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2001/08/18 07:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cbidf2k.sys -- (cbidf)
DRV - [2001/08/18 07:52:06 | 000,014,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cpqarray.sys -- (Cpqarray)
DRV - [2001/08/18 07:52:06 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys -- (cd20xrnt)
DRV - [2001/08/18 07:52:04 | 000,022,400 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc3350p.sys -- (asc3350p)
DRV - [2001/08/18 07:52:04 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\amsint.sys -- (amsint)
DRV - [2001/08/18 07:52:02 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aha154x.sys -- (Aha154x)
DRV - [2001/08/18 07:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/18 07:52:00 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS -- (abp480n5)
DRV - [2001/08/18 07:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/18 07:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\aliide.sys -- (AliIde)
DRV - [2001/08/18 07:51:56 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\toside.sys -- (TosIde)
DRV - [2001/08/18 07:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/18 07:51:52 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde)
DRV - [2001/08/18 00:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [2001/08/17 16:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370

IE - HKU\CRyder_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKU\CRyder_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\CRyder_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKU\CRyder_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKU\CRyder_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\CRyder_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\CRyder_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370

IE - HKU\DRyder_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\DRyder_ON_C\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\DRyder_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKU\DRyder_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKU\DRyder_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\DRyder_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\DRyder_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\DRyder_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370


IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.10
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 50370
FF - prefs.js..network.proxy.type: 1

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/12/27 12:02:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/12/26 16:14:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/24 06:32:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/18 14:59:53 | 000,000,000 | ---D | M]

[2010/07/13 07:12:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DRyder\Application Data\Mozilla\Extensions
[2010/07/13 07:12:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DRyder\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/07/13 18:02:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DRyder\Application Data\Mozilla\Firefox\Profiles\agz1quun.default\extensions
[2010/07/13 18:02:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\DRyder\Application Data\Mozilla\Firefox\Profiles\agz1quun.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/18 14:59:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/18 14:59:54 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/12/26 16:14:06 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/09/14 17:59:59 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010/09/14 18:00:00 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2010/09/14 18:00:01 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2010/09/14 15:41:42 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2010/09/14 15:41:42 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2010/09/14 15:41:42 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2010/09/14 15:41:42 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2010/09/14 15:41:42 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010/09/14 15:41:42 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2010/09/14 15:41:42 | 000,001,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2010/10/18 15:03:56 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\CRyder_ON_C\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\DRyder_ON_C\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP BTW Detect Program] C:\Program Files\HP\HPBTWD.exe ()
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [snp2uvc] File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard)
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\CRyder_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\DRyder_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\CRyder_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\DRyder_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.226.1.93 24.226.10.193 24.226.10.194
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\CRyder_ON_C Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\DRyder_ON_C Winlogon: Shell - (C:\Documents and Settings\DRyder\Application Data\palladium.exe) - File not found
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Firestorm High.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Firestorm High.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/03 21:04:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/02/02 19:39:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\LocalService\Recent
[2011/02/02 19:39:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\LocalService\My Documents
[2011/01/24 06:34:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CRyder\My Documents\Downloads
[2011/01/24 06:32:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CRyder\Local Settings\Application Data\Mozilla
[2011/01/24 06:32:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CRyder\Application Data\Mozilla
[2009/12/26 16:30:58 | 000,196,608 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2009/12/26 16:30:54 | 000,225,280 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2005/05/11 23:36:48 | 000,012,288 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\Fonts\RandFont.dll
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/24 10:37:32 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\BackOnTrack Instant Restore Idle.job
[2011/01/24 09:05:34 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/01/24 09:00:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/24 09:00:12 | 1064,620,032 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/24 08:59:30 | 000,719,873 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\rkill.com
[2011/01/24 08:58:46 | 000,000,228 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\shell.reg
[2011/01/24 05:54:24 | 000,441,252 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/01/24 05:54:24 | 000,071,404 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/01/20 18:33:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/01/20 16:31:52 | 000,034,816 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\TRILLIUMRESUME.doc
[2011/01/20 13:52:29 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\PERTHASSEMBLYRESUME.doc
[2011/01/20 13:51:51 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\JANUARYRESUME.doc
[2011/01/14 17:53:38 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\CR3RESUME.doc
[2011/01/14 16:59:10 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\LOADINGDOCKRESUME.doc
[2011/01/14 16:09:31 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\TAMCORESUME.doc
[2011/01/14 15:39:57 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\ADVANTAGERESUME.doc
[2011/01/14 13:24:54 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\DRyder\Desktop\BUDGET 2010.xls
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/24 09:04:36 | 000,000,228 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\shell.reg
[2011/01/24 09:04:32 | 000,719,873 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\rkill.com
[2011/01/20 13:52:22 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\PERTHASSEMBLYRESUME.doc
[2011/01/20 13:31:29 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\JANUARYRESUME.doc
[2011/01/14 17:53:37 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\CR3RESUME.doc
[2011/01/14 16:59:09 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\LOADINGDOCKRESUME.doc
[2011/01/14 16:06:32 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\TAMCORESUME.doc
[2011/01/14 15:51:51 | 000,034,816 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\TRILLIUMRESUME.doc
[2011/01/14 15:30:48 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\DRyder\Desktop\ADVANTAGERESUME.doc
[2010/07/13 16:27:38 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\CRyder\Local Settings\Application Data\housecall.guid.cache
[2010/04/25 13:49:23 | 000,212,711 | ---- | C] () -- C:\Documents and Settings\DRyder\Application Data\Update_HP_RedboxHprblog_HPSU.log
[2010/04/25 13:49:23 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2010/04/25 13:26:38 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\DRyder\Local Settings\Application Data\fusioncache.dat
[2009/12/26 16:30:58 | 001,759,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2009/12/26 16:30:58 | 000,028,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2009/12/26 16:30:58 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2009/08/25 19:55:28 | 000,028,510 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/08/25 19:15:28 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/04/10 21:25:38 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/04/10 20:58:54 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2009/12/26 17:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DRyder\Application Data\Skinux
[2011/01/24 10:37:32 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\BackOnTrack Instant Restore Idle.job
[2011/01/24 09:05:34 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: AGP440.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2008/04/14 23:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\I386\sp3.cab:AGP440.sys
[2008/04/15 07:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/04/14 18:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\drivers\agp440.sys
[2008/04/14 18:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: AHCIX86.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: AHCIX86S.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: ATAPI.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2008/04/14 23:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\I386\sp3.cab:atapi.sys
[2008/04/15 07:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 18:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/14 18:10:32 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: ENETHOOK.DLL >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: EVENTLOG.DLL >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2008/04/15 07:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2008/04/15 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2011/01/24 09:06:58 | 000,719,873 | ---- | M] () MD5=89949692B4F898A8FC27EC31CD83B107 -- C:\_OTL\MovedFiles\02032011_210401\C_Documents and Settings\DRyder\Desktop\eXplorer.exe

< MD5 for: IASTOR.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2009/06/04 21:43:16 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\drivers\iaStor.sys
[2009/06/04 21:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\SwSetup\HDD\IaStor.sys
[2009/06/04 21:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\WINDOWS\system32\drivers\iaStor.sys

< MD5 for: IASTORV.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: IDECHNDR.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: KR10N.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: LOGEVENT.DLL >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: NETLOGON.DLL >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2008/04/15 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\netlogon.dll

< MD5 for: NTELOGON.DLL >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: NVATA.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: NVATABUS.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: NVGTS.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: NVRD32.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: NVSTOR.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: NVSTOR32.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: SCECLI.DLL >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2008/04/15 07:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\scecli.dll

< MD5 for: SCECLT.DLL >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: SCLWAPI.DLL >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: USERINIT.EXE >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2008/04/15 07:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\userinit.exe

< MD5 for: UXTHEME.DLL >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2008/04/15 07:00:00 | 000,218,624 | ---- | M] (Microsoft Corporation) MD5=7A2CC3719B255E6B5D74396183B7715B -- C:\WINDOWS\system32\uxtheme.dll
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\uxtheme.dll

< MD5 for: VAXSCSI.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: VIAMRAID.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: VIASRAID.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: VIPRT.SYS >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file

< MD5 for: WINLOGON.EXE >
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () .cab file -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\Driver Cache\i386\sp3.cab: Invalid or corrupt .cab file
[2008/04/15 07:00:00 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\_OTL\MovedFiles\02032011_210401\C_System Rollback Data\Restore\Archive\00000054\00000001\0\Attrib\WINDOWS\system32\winlogon.exe
[2008/04/15 07:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %SYSTEMDRIVE%\*.* >
[2009/12/27 12:21:12 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2009/12/26 16:32:59 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2011/01/24 09:00:12 | 1064,620,032 | -HS- | M] () -- C:\hiberfil.sys
[2008/04/15 07:00:00 | 000,047,564 | -HS- | M] () -- C:\NTDETECT.COM
[2008/04/15 07:00:00 | 000,250,048 | -HS- | M] () -- C:\NTLDR
[2011/02/02 19:50:35 | 000,183,886 | ---- | M] () -- C:\OTL.Txt
[2011/01/24 09:00:11 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\System32\config\*.sav >
[2009/04/10 13:51:46 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/04/10 13:51:46 | 001,064,960 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/04/10 13:51:44 | 000,888,832 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2006/10/18 23:47:08 | 000,276,992 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\audiodev.dll
[2008/04/15 07:00:00 | 001,025,024 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\browseui.dll
[2008/04/15 07:00:00 | 000,101,888 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\cscdll.dll
[2008/04/15 07:00:00 | 000,326,656 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\cscui.dll
[2008/04/15 07:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\davclnt.dll
[2008/06/20 12:46:57 | 000,147,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
[2008/04/15 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\drprov.dll
[2010/11/05 19:26:57 | 011,080,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
[2010/11/05 19:26:58 | 001,991,680 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll
[2008/04/15 07:00:00 | 000,274,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
[2008/04/15 07:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\netrap.dll
[2008/04/15 07:00:00 | 000,080,896 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\netui0.dll
[2008/04/15 07:00:00 | 000,245,760 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\netui1.dll
[2008/04/15 07:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
[2008/04/15 07:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntlanman.dll
[2006/10/18 23:47:18 | 000,284,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\PortableDeviceApi.dll
[2008/04/15 07:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\samlib.dll
[2008/04/15 07:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shdocvw.dll
[2010/07/27 01:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll
[2008/04/15 07:00:00 | 000,068,096 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shgina.dll
[2007/10/27 17:40:30 | 000,222,720 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\wmasf.dll
[2010/04/06 03:52:46 | 002,462,720 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\WMVCore.dll
[2006/10/18 23:47:22 | 002,603,008 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\WpdShext.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2011/01/20 18:33:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2011/01/24 10:37:32 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\BackOnTrack Instant Restore Idle.job
[2011/01/24 09:05:34 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
< End of report >

Attached Files

  • Attached File  OTL.Txt   160.08KB   257 downloads

  • 0
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP