Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

XP won't boot, Infected with "boot.tidserv"


  • This topic is locked This topic is locked

#31
Mikevel

Mikevel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
how do i know which hard drive is which. Not sure which is the c drive and which is the D drive (the d drive has the operating system on it correct). One drive is SATA and one is ide, correct, they have different type wire connector plug in's, so i can tell from the connectors which is which but i'm not sure which of the two holds the operating system
  • 0

Advertisements


#32
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
The IDE has the Wide Ribbon Connector. The Sata is not as wide. Try removing the IDE hard drive first, but do not disconnect the ribbon cable from the mother board. Just disconnect the power and ribbon cable from the drive. Check the jumpers on the IDE. Are they set to Master? Boot to Reatogo with only the Sata drive connected. The Drive with the OS must have a Windows folder in the root directory.

If the windows folder is not present, then it must be the IDE drive the one with the OS. In that case, shutdown the computer, disconnect the cables from the SATA and reconnect the IDE. Boot to Reatogo and confirm the Windows folder is present.
  • 0

#33
Mikevel

Mikevel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
IDE HDD was the one with the op sys on it. It was already set to master. I removed the SATA drive and tried loading xp. Got to the same message we've been getting windows did not start properly choose load windows, safe mode, etc. Tried to load all the selections and it just goes back to the same screen.

loaded from otlpe cd and ran custom scan here is what i got:

OTL logfile created on: 3/10/2011 4:05:01 PM - Run
OTLPE by OldTimer - Version 3.1.45.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 298.00 Mb Available Physical Memory | 58.00% Memory free
458.00 Mb Paging File | 328.00 Mb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 101.55 Gb Total Space | 63.36 Gb Free Space | 62.39% Space Free | Partition Type: FAT32
Drive D: | 10.22 Gb Total Space | 8.54 Gb Free Space | 83.49% Space Free | Partition Type: FAT32
Drive I: | 1.85 Gb Total Space | 1.78 Gb Free Space | 95.80% Space Free | Partition Type: FAT
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled] -- -- (HidServ)
SRV - [2009/09/16 18:22:08 | 000,020,480 | ---- | M] (Intuit) [Auto] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2007/05/24 07:08:44 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2007/01/04 16:38:10 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/09/13 11:49:42 | 001,192,050 | ---- | M] (Ahead Software AG) [Auto] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrvR) InCD Helper (read only)
SRV - [2004/09/13 11:49:42 | 001,192,050 | ---- | M] (Ahead Software AG) [Auto] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2004/04/06 17:14:10 | 000,254,224 | ---- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\eTrust Antivirus\InoTask.exe -- (InoTask)
SRV - [2004/04/06 17:13:56 | 000,241,936 | ---- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\eTrust Antivirus\InoRT.exe -- (InoRT)
SRV - [2004/04/06 17:13:54 | 000,139,536 | ---- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\eTrust Antivirus\InoRpc.exe -- (InoRPC)
SRV - [2003/08/11 10:28:42 | 000,045,056 | ---- | M] ( ) [Auto] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2002/09/20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | Disabled] -- -- (Simbad)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | Disabled] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled] -- -- (Abiosdsk)
DRV - [2010/08/26 09:39:50 | 000,357,248 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2010/02/24 09:11:08 | 000,455,680 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2009/10/20 11:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009/06/24 07:18:42 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2008/08/14 06:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008/04/13 20:13:22 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2008/04/13 20:13:22 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/04/13 20:13:20 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008/04/13 20:13:20 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/13 15:28:40 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008/04/13 15:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008/04/13 15:20:42 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/04/13 15:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/04/13 15:19:48 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2008/04/13 15:19:44 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2008/04/13 15:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008/04/13 15:18:00 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/04/13 15:17:18 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008/04/13 15:17:06 | 000,105,344 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2008/04/13 15:15:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008/04/13 15:15:54 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 15:15:46 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial)
DRV - [2008/04/13 15:14:30 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 15:14:22 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 15:00:20 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/04/13 14:57:32 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/13 14:57:30 | 000,040,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2008/04/13 14:57:28 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/13 14:57:28 | 000,010,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008/04/13 14:57:22 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/04/13 14:57:16 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008/04/13 14:57:08 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008/04/13 14:56:38 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008/04/13 14:56:32 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008/04/13 14:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/04/13 14:55:58 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/13 14:54:28 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/04/13 14:53:34 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2008/04/13 14:51:26 | 000,061,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nic1394.sys -- (NIC1394)
DRV - [2008/04/13 14:51:26 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\arp1394.sys -- (Arp1394)
DRV - [2008/04/13 14:51:26 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/13 14:47:38 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/04/13 14:46:18 | 000,061,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2008/04/13 14:45:38 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/04/13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - [2008/04/13 14:45:36 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/04/13 14:45:36 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008/04/13 14:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2008/04/13 14:45:28 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb)
DRV - [2008/04/13 14:45:14 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/04/13 14:45:10 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008/04/13 14:45:10 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008/04/13 14:45:08 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008/04/13 14:45:02 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic)
DRV - [2008/04/13 14:44:48 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 14:44:46 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/13 14:44:40 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/13 14:41:22 | 000,018,560 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\i2omp.sys -- (i2omp)
DRV - [2008/04/13 14:41:22 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\i2omgmt.sys -- (i2omgmt)
DRV - [2008/04/13 14:41:02 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008/04/13 14:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008/04/13 14:40:50 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008/04/13 14:40:48 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk)
DRV - [2008/04/13 14:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/13 14:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008/04/13 14:40:32 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\viaide.sys -- (ViaIde)
DRV - [2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2008/04/13 14:40:30 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\intelide.sys -- (IntelIde)
DRV - [2008/04/13 14:40:28 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008/04/13 14:40:26 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc)
DRV - [2008/04/13 14:40:26 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/13 14:40:12 | 000,015,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\serenum.sys -- (Serenum)
DRV - [2008/04/13 14:40:10 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2008/04/13 14:39:54 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008/04/13 14:39:52 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/04/13 14:39:52 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/04/13 14:39:50 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/04/13 14:39:48 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/13 14:39:48 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008/04/13 14:39:46 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008/04/13 14:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/04/13 14:36:52 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr)
DRV - [2008/04/13 14:36:46 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/04/13 14:36:44 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 14:36:44 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)
DRV - [2008/04/13 14:36:42 | 000,037,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/04/13 14:36:40 | 000,046,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\gagp30kx.sys -- (gagp30kx)
DRV - [2008/04/13 14:36:40 | 000,044,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\agpcpq.sys -- (agpCPQ)
DRV - [2008/04/13 14:36:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:40 | 000,042,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\viaagp.sys -- (viaagp)
DRV - [2008/04/13 14:36:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sisagp.sys -- (sisagp)
DRV - [2008/04/13 14:36:38 | 000,042,752 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\alim1541.sys -- (alim1541)
DRV - [2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\agp440.sys -- (agp440)
DRV - [2008/04/13 14:36:36 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)
DRV - [2008/04/13 14:33:28 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008/04/13 14:33:00 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2008/04/13 14:32:52 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/04/13 14:32:44 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/13 14:32:40 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/04/13 14:32:40 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/04/13 14:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/13 14:31:32 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/04/13 14:31:30 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\processr.sys -- (Processor)
DRV - [2008/04/13 12:39:24 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2007/11/13 05:25:54 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006/09/19 14:44:04 | 000,015,664 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2004/10/26 20:35:38 | 000,820,224 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/10/11 11:20:38 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb)
DRV - [2004/09/13 11:58:10 | 000,007,680 | ---- | M] (Ahead Software AG) [Recognizer | System] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2004/09/13 11:54:46 | 000,028,672 | ---- | M] (Ahead Software AG) [Kernel | System] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2004/09/13 11:54:06 | 000,093,440 | ---- | M] (Ahead Software AG) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2004/09/13 04:54:54 | 000,027,648 | ---- | M] (Ahead Software AG) [Kernel | System] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2004/08/04 05:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2004/08/04 05:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2004/08/04 05:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2004/08/04 05:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/04 05:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2004/08/04 05:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2004/08/04 05:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2004/08/04 05:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2004/08/04 05:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2004/08/04 05:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2004/08/04 05:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2004/08/04 05:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2004/08/04 05:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2004/08/04 05:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2004/08/04 05:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2004/08/04 05:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\System32\winsock.dll -- (Winsock)
DRV - [2004/08/03 22:31:20 | 000,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/06/22 07:32:34 | 000,154,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel®
DRV - [2004/05/18 13:55:26 | 000,074,112 | ---- | M] (VIA Technologies inc,.ltd) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\viamraid.sys -- (viamraid)
DRV - [2004/04/10 10:10:12 | 000,153,344 | ---- | M] (Computer Associates) [File_System | Auto] -- C:\WINDOWS\system32\drivers\ino_fltr.sys -- (INO_FLTR)
DRV - [2004/03/23 09:13:58 | 000,467,200 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2003/12/08 18:55:14 | 000,019,712 | R--- | M] (Computer Associates) [File_System | Boot] -- C:\WINDOWS\system32\drivers\ino_flpy.sys -- (INO_FLPY)
DRV - [2003/11/12 13:56:36 | 000,221,848 | ---- | M] ( ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2003/10/26 13:39:44 | 001,301,776 | ---- | M] ( ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2003/10/26 13:31:02 | 000,086,872 | ---- | M] ( ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2003/08/20 12:25:56 | 000,593,152 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2003/08/18 08:30:26 | 000,548,888 | ---- | M] ( ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2003/08/11 08:35:34 | 000,167,352 | ---- | M] ( ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2003/07/03 14:15:20 | 000,100,256 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2003/07/02 15:12:52 | 000,039,348 | ---- | M] (Vireo Software) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2003/05/08 21:00:56 | 000,033,248 | ---- | M] (Sonic Focus, Inc) [Kernel | System] -- C:\WINDOWS\system32\drivers\sf.sys -- (sf)
DRV - [2002/09/20 10:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)
DRV - [2002/09/03 07:50:24 | 000,076,976 | ---- | M] (Silicon Image, Inc) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pnp680r.sys -- (Pnp680r)
DRV - [2001/08/17 14:07:44 | 000,025,952 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\hpn.sys -- (hpn)
DRV - [2001/08/17 14:07:44 | 000,020,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dpti2o.sys -- (dpti2o)
DRV - [2001/08/17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 14:07:42 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\perc2hib.sys -- (perc2hib)
DRV - [2001/08/17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 14:07:40 | 000,027,296 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\perc2.sys -- (perc2)
DRV - [2001/08/17 14:07:38 | 000,056,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\aic78xx.sys -- (aic78xx)
DRV - [2001/08/17 14:07:36 | 000,055,168 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\aic78u2.sys -- (aic78u2)
DRV - [2001/08/17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\symc810.sys -- (symc810)
DRV - [2001/08/17 14:07:32 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2001/08/17 13:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [2001/08/17 13:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 13:52:50 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)
DRV - [2001/08/17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ultra.sys -- (ultra)
DRV - [2001/08/17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ql12160.sys -- (ql12160)
DRV - [2001/08/17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ql1080.sys -- (ql1080)
DRV - [2001/08/17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ql1280.sys -- (ql1280)
DRV - [2001/08/17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 13:52:16 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ql1240.sys -- (ql1240)
DRV - [2001/08/17 13:52:16 | 000,033,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ql10wnt.sys -- (Ql10wnt)
DRV - [2001/08/17 13:52:16 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dac960nt.sys -- (dac960nt)
DRV - [2001/08/17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 13:52:08 | 000,016,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ini910u.sys -- (ini910u)
DRV - [2001/08/17 13:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2001/08/17 13:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\cbidf2k.sys -- (cbidf)
DRV - [2001/08/17 13:52:06 | 000,014,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\cpqarray.sys -- (Cpqarray)
DRV - [2001/08/17 13:52:06 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\cd20xrnt.sys -- (cd20xrnt)
DRV - [2001/08/17 13:52:04 | 000,022,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\asc3350p.sys -- (asc3350p)
DRV - [2001/08/17 13:52:04 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\amsint.sys -- (amsint)
DRV - [2001/08/17 13:52:02 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\aha154x.sys -- (Aha154x)
DRV - [2001/08/17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\asc.sys -- (asc)
DRV - [2001/08/17 13:52:00 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ABP480N5.SYS -- (abp480n5)
DRV - [2001/08/17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\asc3550.sys -- (asc3550)
DRV - [2001/08/17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\aliide.sys -- (AliIde)
DRV - [2001/08/17 13:51:56 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\toside.sys -- (TosIde)
DRV - [2001/08/17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 13:51:52 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde)
DRV - [2001/08/17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...er=6&ar=msnhome
IE - HKU\Administrator_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Janine_Velardi_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Janine_Velardi_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKU\Janine_Velardi_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\Janine_Velardi_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\Janine_Velardi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Janine_Velardi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = www.direcwaysupport.com;192.168.0.*;<local>
IE - HKU\Janine_Velardi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=192.168.0.1:87


IE - HKU\Michael_Velardi_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Michael_Velardi_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKU\Michael_Velardi_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...er=6&ar=msnhome
IE - HKU\Michael_Velardi_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\Michael_Velardi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Michael_Velardi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = www.direcwaysupport.com;192.168.0.*;<local>
IE - HKU\Michael_Velardi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=192.168.0.1:87



IE - HKU\Virginia_Velardi_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Virginia_Velardi_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Virginia_Velardi_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\Virginia_Velardi_ON_C\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKU\Virginia_Velardi_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\Virginia_Velardi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Virginia_Velardi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = www.direcwaysupport.com;192.168.0.*;<local>;*.local
IE - HKU\Virginia_Velardi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=192.168.0.1:87

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/06 03:04:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{7CA51A89-0337-4FED-ADE2-A42310D091A2}: C:\Documents and Settings\Virginia Velardi\Local Settings\Application Data\{7CA51A89-0337-4FED-ADE2-A42310D091A2}\ [2010/11/29 19:08:20 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2004/08/04 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKU\Administrator_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Janine_Velardi_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Janine_Velardi_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Janine_Velardi_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\Janine_Velardi_ON_C\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKU\Michael_Velardi_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Michael_Velardi_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Michael_Velardi_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\Michael_Velardi_ON_C\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKU\Virginia_Velardi_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Virginia_Velardi_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Virginia_Velardi_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\Virginia_Velardi_ON_C\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Ahead Software AG)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [Realtime Monitor] C:\Program Files\CA\eTrust Antivirus\Realmon.exe (Computer Associates International, Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\Janine_Velardi_ON_C..\Run: [Aim6] File not found
O4 - HKU\Janine_Velardi_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\Janine_Velardi_ON_C..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\Janine_Velardi_ON_C..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKU\Michael_Velardi_ON_C..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe (Creative Technology Ltd)
O4 - HKU\Michael_Velardi_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\Michael_Velardi_ON_C..\Run: [PhotoShow Deluxe Media Manager] C:\Program Files\Ahead\Ahead\data\Xtras\mssysmgr.exe ()
O4 - HKU\Virginia_Velardi_ON_C..\Run: [Aim] C:\Program Files\AIM7\aim.exe (AOL Inc.)
O4 - HKU\Virginia_Velardi_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\Virginia_Velardi_ON_C..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Janine_Velardi_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Michael_Velardi_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Virginia_Velardi_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1120992338369 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1270757709703 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_06)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail....ol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\qbwc {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/27 15:51:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2009/12/31 20:30:06 | 000,000,109 | ---- | M] () - I:\AUTORUN.FCB -- [ FAT ]
O32 - AutoRun File - [2010/01/10 17:44:24 | 000,000,090 | ---- | M] () - I:\Autorun.inf -- [ FAT ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/03/09 12:22:33 | 000,123,904 | ---- | C] (Systemintegrasjon AS) -- C:\MbrFix.exe
[2011/03/09 12:04:32 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/03/07 13:16:08 | 000,000,000 | ---D | C] -- C:\NBRT
[2008/01/31 12:30:40 | 058,619,176 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesSetup.exe
[1980/01/01 00:00:00 | 001,301,776 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[1980/01/01 00:00:00 | 000,548,888 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys
[1980/01/01 00:00:00 | 000,221,848 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[1980/01/01 00:00:00 | 000,192,512 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[1980/01/01 00:00:00 | 000,167,352 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[1980/01/01 00:00:00 | 000,086,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys
[1980/01/01 00:00:00 | 000,045,056 | ---- | C] ( ) -- C:\WINDOWS\System32\slserv.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/29 19:08:21 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Ecazer.dat
[2010/11/29 19:08:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Jfumiq.bin
[2009/02/15 21:27:49 | 000,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2008/03/12 16:51:29 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Janine Velardi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/02/21 22:59:09 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS4B.DLL
[2006/02/18 17:05:13 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/08/11 20:25:02 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\Virginia Velardi\Local Settings\Application Data\fusioncache.dat
[2005/05/08 09:53:41 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005/03/28 00:06:48 | 000,000,069 | ---- | C] () -- C:\Documents and Settings\Michael Velardi\default.pls
[2005/03/20 11:40:32 | 000,000,080 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2005/03/11 20:46:33 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/02/12 15:49:03 | 000,111,104 | ---- | C] () -- C:\Documents and Settings\Michael Velardi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/02/11 12:29:24 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\Virginia Velardi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/02/02 12:36:49 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/27 17:24:22 | 000,000,799 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/27 15:54:53 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/27 15:49:55 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/27 15:46:04 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/27 15:45:28 | 000,298,848 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/27 15:40:06 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/27 15:40:05 | 000,441,744 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/27 15:40:05 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/27 15:40:05 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/27 15:40:05 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/27 15:40:04 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/27 15:40:03 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/27 15:40:03 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/27 15:40:01 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/27 15:39:59 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[1980/01/01 00:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.BIN
[1980/01/01 00:00:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll
[1980/01/01 00:00:00 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll
[1980/01/01 00:00:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll
[1980/01/01 00:00:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\slrundll.exe
[1980/01/01 00:00:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[1980/01/01 00:00:00 | 000,005,327 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.DAT
[1980/01/01 00:00:00 | 000,000,503 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

========== LOP Check ==========

[2005/10/06 17:34:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janine Velardi\Application Data\Opera
[2008/07/28 17:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janine Velardi\Application Data\Serif
[2009/03/03 07:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janine Velardi\Application Data\acccore
[2009/03/03 07:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janine Velardi\Application Data\QQ Games Plugin
[2005/02/10 14:57:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael Velardi\Application Data\Opera
[2005/03/27 23:09:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael Velardi\Application Data\Snapfish
[2005/05/08 09:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael Velardi\Application Data\Serif
[2010/07/23 20:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael Velardi\Application Data\ImgBurn
[2005/02/16 00:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia Velardi\Application Data\Opera
[2005/05/15 11:33:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia Velardi\Application Data\Serif
[2009/02/15 21:39:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia Velardi\Application Data\acccore
[2009/02/16 08:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia Velardi\Application Data\QQ Games Plugin
[2009/03/09 19:34:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia Velardi\Application Data\Viewpoint
[2010/11/29 18:54:04 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



========== Custom Scans ==========


< set /c >
ALLUSERSPROFILE=B:\Documents and Settings\All Users
APPDATA=B:\Documents and Settings\Default User\Application Data
ComputerName=Reatogo
ComSpec=X:\i386\system32\cmd.exe
DEVMGR_SHOW_DETAILS=1
DEVMGR_SHOW_NONPRESENT_DEVICES=1
OS=Windows_NT
Path=X:\i386;X:\i386\System32;X:\Bin;X:\i386\system32\com;X:\i386\system32\wbem;X:\i386\system32\wbem\snmp;X:\i386\PCHealth\HelpCtr\Binaries
PATHEXT=.COM;.EXE;.BAT;.CMD
ProfilesDir=B:\Documents and Settings
ProgramFiles=X:\Programs
PROMPT=$P$G
ramdrv=B:
RunScannerDir=X:\i386\System32
SystemDrive=X:
SystemRoot=X:\i386
TARGET_ROOT=C:\WINDOWS
temp=B:
tmp=B:
USBroot=Y:
USERPROFILE=B:\Documents and Settings\Default User
windir=X:\i386


< MD5 for: AGP440.SYS >
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010/04/08 16:22:26 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2010/04/08 16:22:26 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010/04/08 16:22:26 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2010/04/08 16:22:26 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 20:11:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 20:11:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 20:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 07:26:04 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:08 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/04 05:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: HAL.DLL >
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2010/04/08 16:22:26 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:hal.dll
[2010/04/08 16:22:26 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008/04/13 14:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008/04/13 14:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004/08/03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: IASTOR.SYS >
[2004/03/23 09:13:58 | 000,467,200 | ---- | M] (Intel Corporation) MD5=F26BFD48B1C314E0F23BF77ACFA75940 -- C:\Drivers\iaStor.sys
[2004/03/23 09:13:58 | 000,467,200 | ---- | M] (Intel Corporation) MD5=F26BFD48B1C314E0F23BF77ACFA75940 -- C:\WINDOWS\system32\drivers\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 14:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 14:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/04 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: REGEDIT.EXE >
[2008/04/13 20:12:32 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=058710B720282CA82B909912D3EF28DB -- C:\WINDOWS\regedit.exe
[2008/04/13 20:12:32 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=058710B720282CA82B909912D3EF28DB -- C:\WINDOWS\ServicePackFiles\i386\regedit.exe
[2004/08/04 05:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=783AFC80383C176B22DBF8333343992D -- C:\WINDOWS\$NtServicePackUninstall$\regedit.exe
[2004/08/04 05:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=783AFC80383C176B22DBF8333343992D -- C:\WINDOWS\I386\REGEDIT.EXE

< MD5 for: SCECLI.DLL >
[2004/08/04 05:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 20:12:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 20:12:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USERINIT.EXE >
[2004/08/04 05:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: UXTHEME.DLL >
[2004/08/04 05:00:00 | 000,218,624 | ---- | M] (Microsoft Corporation) MD5=2CDE496666A975A2CE8F969F3042C8DB -- C:\WINDOWS\$NtServicePackUninstall$\uxtheme.dll
[2008/04/13 20:12:08 | 000,218,624 | ---- | M] (Microsoft Corporation) MD5=7A2CC3719B255E6B5D74396183B7715B -- C:\WINDOWS\ServicePackFiles\i386\uxtheme.dll
[2008/04/13 20:12:08 | 000,218,624 | ---- | M] (Microsoft Corporation) MD5=7A2CC3719B255E6B5D74396183B7715B -- C:\WINDOWS\system32\uxtheme.dll

< MD5 for: VIAMRAID.SYS >
[2004/05/18 13:55:26 | 000,074,112 | ---- | M] (VIA Technologies inc,.ltd) MD5=F199939205DCCC7836AE5AB8B5DD5E83 -- C:\Drivers\viamraid.sys
[2004/05/18 13:55:26 | 000,074,112 | ---- | M] (VIA Technologies inc,.ltd) MD5=F199939205DCCC7836AE5AB8B5DD5E83 -- C:\WINDOWS\system32\drivers\viamraid.sys

< MD5 for: VIASRAID.SYS >
[2003/10/31 08:22:38 | 000,077,312 | ---- | M] (VIA Technologies inc,.ltd) MD5=EBE101C01D80A42868F57B327BE1B564 -- C:\Drivers\Winxp\viasraid.sys

< MD5 for: WINLOGON.EXE >
[2004/08/04 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 20:12:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 20:12:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/13 20:12:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %SYSTEMDRIVE%\*.* >
[2005/02/02 12:42:42 | 000,000,037 | ---- | M] () -- C:\DISEBKUP.FLG
[2009/09/27 19:55:40 | 000,003,587 | ---- | M] () -- C:\logfile
[2011/03/09 12:23:52 | 000,000,512 | ---- | M] () -- C:\MBRDUMP2.txt
[2010/04/08 16:30:36 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2004/08/04 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2005/02/08 16:38:26 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2004/08/27 15:51:48 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2004/08/27 15:51:48 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2004/08/27 15:51:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2004/08/27 15:51:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/03/10 12:20:36 | 000,020,306 | ---- | M] () -- C:\OTL.Txt
[2010/09/20 08:39:10 | 000,123,904 | ---- | M] (Systemintegrasjon AS) -- C:\MbrFix.exe
[2010/11/07 18:56:16 | 1072,480,256 | -HS- | M] () -- C:\hiberfil.sys
[2005/02/03 06:31:28 | 000,087,702 | ---- | M] () -- C:\SIGVERIF.TXT
[2005/02/03 06:31:28 | 000,000,172 | ---- | M] () -- C:\TOTALS.TXT
[2005/02/03 06:31:28 | 000,058,934 | ---- | M] () -- C:\SIGNED.TXT
[2005/02/03 06:31:28 | 000,000,002 | ---- | M] () -- C:\UNSIGNED.TXT
[2005/02/03 06:31:28 | 000,028,770 | ---- | M] () -- C:\UNSCANNED.TXT
[2005/11/18 12:21:20 | 000,000,856 | ---- | M] () -- C:\flashplayer.xpt
[2010/09/03 09:17:24 | 000,001,579 | -H-- | M] () -- C:\IPH.PH

< %systemroot%\System32\config\*.sav >
[2004/08/27 15:44:50 | 000,880,640 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
[2004/08/27 15:44:50 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/27 15:44:50 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010/07/27 02:30:36 | 008,462,336 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll
[2010/09/10 01:58:06 | 001,986,560 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll
[2010/09/10 01:58:06 | 011,080,192 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
[2008/04/13 20:12:00 | 000,274,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
[2008/06/20 13:46:58 | 000,147,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
[2008/04/13 20:12:02 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2010/11/27 16:29:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2010/11/29 18:54:04 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
< End of report >
  • 0

#34
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Lets write a standard MBR in Drive_0

Boot to Reatogo. Doubleclick on MBRFIX. You will be presented with a command prompt. At the prompt type the following and press Enter after each line:


C:
cd \
MbrFix /drive 0 fixmbr /yes



Leave a space among the following arguments:

MbrFix
/drive
0
fixmbr
/yes



The drive is Drive zero (Drive 0)

Attempt to boot in Normal Mode and let me know the outcome.
  • 0

#35
Mikevel

Mikevel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
same outcome as before windows did not shut down correctly, start windows, safe mode, with command prompt, with networking keeps going back to this screen no matter which i choose
  • 0

#36
Mikevel

Mikevel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

Lets write a standard MBR in Drive_0

Boot to Reatogo. Doubleclick on MBRFIX. You will be presented with a command prompt. At the prompt type the following and press Enter after each line:


C:
cd \
MbrFix /drive 0 fixmbr /yes



Leave a space among the following arguments:

MbrFix
/drive
0
fixmbr
/yes



The drive is Drive zero (Drive 0)

Attempt to boot in Normal Mode and let me know the outcome.

Is there a space between cd and \
  • 0

#37
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Yes. When you type C:, then cd \, you should end at the C:\> prompt. That is where MBRFix is.
  • 0

#38
Mikevel

Mikevel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

Yes. When you type C:, then cd \, you should end at the C:\> prompt. That is where MBRFix is.

once i hit enter after MbrFix /drive 0 fixmbr /yes should something happen that shows me it did what it was supposed to do, because all that happens is that it goes to the C:\> prompt again
  • 0

#39
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Lets check a few files. Save these instructions to the USB drive:

Restart the computer back to the OTLPE CD.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings
    • Change Drivers to All
    • Change Standard Registry to All
    • Under the Custom Scan box paste this in



      /md5start
      shell32.dll
      iertutil.dll
      ieframe.dll
      mstask.dll
      dnsapi.dll
      ntdsapi.dll
      /md5stop

  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive.
  • Please post the contents of the C:\OTL.txt file in your reply also.

  • 0

#40
Mikevel

Mikevel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
OTL logfile created on: 3/10/2011 7:40:47 PM - Run
OTLPE by OldTimer - Version 3.1.45.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 305.00 Mb Available Physical Memory | 60.00% Memory free
458.00 Mb Paging File | 330.00 Mb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 101.55 Gb Total Space | 63.36 Gb Free Space | 62.39% Space Free | Partition Type: FAT32
Drive D: | 10.22 Gb Total Space | 8.54 Gb Free Space | 83.49% Space Free | Partition Type: FAT32
Drive I: | 1.85 Gb Total Space | 1.78 Gb Free Space | 95.78% Space Free | Partition Type: FAT
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled] -- -- (HidServ)
SRV - [2009/09/16 18:22:08 | 000,020,480 | ---- | M] (Intuit) [Auto] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2007/05/24 07:08:44 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2007/01/04 16:38:10 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/09/13 11:49:42 | 001,192,050 | ---- | M] (Ahead Software AG) [Auto] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrvR) InCD Helper (read only)
SRV - [2004/09/13 11:49:42 | 001,192,050 | ---- | M] (Ahead Software AG) [Auto] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2004/04/06 17:14:10 | 000,254,224 | ---- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\eTrust Antivirus\InoTask.exe -- (InoTask)
SRV - [2004/04/06 17:13:56 | 000,241,936 | ---- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\eTrust Antivirus\InoRT.exe -- (InoRT)
SRV - [2004/04/06 17:13:54 | 000,139,536 | ---- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\eTrust Antivirus\InoRpc.exe -- (InoRPC)
SRV - [2003/08/11 10:28:42 | 000,045,056 | ---- | M] ( ) [Auto] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2002/09/20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | Disabled] -- -- (Simbad)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | Disabled] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled] -- -- (Abiosdsk)
DRV - [2010/08/26 09:39:50 | 000,357,248 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2010/02/24 09:11:08 | 000,455,680 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2009/10/20 11:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009/06/24 07:18:42 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2008/08/14 06:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008/04/13 20:13:22 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2008/04/13 20:13:22 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/04/13 20:13:20 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008/04/13 20:13:20 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/13 15:28:40 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008/04/13 15:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008/04/13 15:20:42 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/04/13 15:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/04/13 15:19:48 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2008/04/13 15:19:44 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2008/04/13 15:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008/04/13 15:18:00 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/04/13 15:17:18 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008/04/13 15:17:06 | 000,105,344 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2008/04/13 15:15:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008/04/13 15:15:54 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 15:15:46 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial)
DRV - [2008/04/13 15:14:30 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 15:14:22 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 15:00:20 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/04/13 14:57:32 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/13 14:57:30 | 000,040,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2008/04/13 14:57:28 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/13 14:57:28 | 000,010,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008/04/13 14:57:22 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/04/13 14:57:16 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008/04/13 14:57:08 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008/04/13 14:56:38 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008/04/13 14:56:32 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008/04/13 14:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/04/13 14:55:58 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/13 14:54:28 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/04/13 14:53:34 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2008/04/13 14:51:26 | 000,061,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nic1394.sys -- (NIC1394)
DRV - [2008/04/13 14:51:26 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\arp1394.sys -- (Arp1394)
DRV - [2008/04/13 14:51:26 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/13 14:47:38 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/04/13 14:46:18 | 000,061,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2008/04/13 14:45:38 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/04/13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - [2008/04/13 14:45:36 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/04/13 14:45:36 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008/04/13 14:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2008/04/13 14:45:28 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb)
DRV - [2008/04/13 14:45:14 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/04/13 14:45:10 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008/04/13 14:45:10 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008/04/13 14:45:08 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008/04/13 14:45:02 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic)
DRV - [2008/04/13 14:44:48 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 14:44:46 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/13 14:44:40 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/13 14:41:22 | 000,018,560 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\i2omp.sys -- (i2omp)
DRV - [2008/04/13 14:41:22 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\i2omgmt.sys -- (i2omgmt)
DRV - [2008/04/13 14:41:02 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008/04/13 14:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008/04/13 14:40:50 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008/04/13 14:40:48 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk)
DRV - [2008/04/13 14:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/13 14:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008/04/13 14:40:32 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\viaide.sys -- (ViaIde)
DRV - [2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2008/04/13 14:40:30 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\intelide.sys -- (IntelIde)
DRV - [2008/04/13 14:40:28 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008/04/13 14:40:26 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc)
DRV - [2008/04/13 14:40:26 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/13 14:40:12 | 000,015,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\serenum.sys -- (Serenum)
DRV - [2008/04/13 14:40:10 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2008/04/13 14:39:54 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008/04/13 14:39:52 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/04/13 14:39:52 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/04/13 14:39:50 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/04/13 14:39:48 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/13 14:39:48 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008/04/13 14:39:46 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008/04/13 14:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/04/13 14:36:52 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr)
DRV - [2008/04/13 14:36:46 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/04/13 14:36:44 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 14:36:44 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)
DRV - [2008/04/13 14:36:42 | 000,037,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/04/13 14:36:40 | 000,046,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\gagp30kx.sys -- (gagp30kx)
DRV - [2008/04/13 14:36:40 | 000,044,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\agpcpq.sys -- (agpCPQ)
DRV - [2008/04/13 14:36:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:40 | 000,042,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\viaagp.sys -- (viaagp)
DRV - [2008/04/13 14:36:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sisagp.sys -- (sisagp)
DRV - [2008/04/13 14:36:38 | 000,042,752 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\alim1541.sys -- (alim1541)
DRV - [2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\agp440.sys -- (agp440)
DRV - [2008/04/13 14:36:36 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)
DRV - [2008/04/13 14:33:28 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008/04/13 14:33:00 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2008/04/13 14:32:52 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/04/13 14:32:44 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/13 14:32:40 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/04/13 14:32:40 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/04/13 14:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/13 14:31:32 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/04/13 14:31:30 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\processr.sys -- (Processor)
DRV - [2008/04/13 12:39:24 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2007/11/13 05:25:54 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006/09/19 14:44:04 | 000,015,664 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2004/10/26 20:35:38 | 000,820,224 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/10/11 11:20:38 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb)
DRV - [2004/09/13 11:58:10 | 000,007,680 | ---- | M] (Ahead Software AG) [Recognizer | System] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2004/09/13 11:54:46 | 000,028,672 | ---- | M] (Ahead Software AG) [Kernel | System] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2004/09/13 11:54:06 | 000,093,440 | ---- | M] (Ahead Software AG) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2004/09/13 04:54:54 | 000,027,648 | ---- | M] (Ahead Software AG) [Kernel | System] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2004/08/04 05:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2004/08/04 05:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2004/08/04 05:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2004/08/04 05:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/04 05:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2004/08/04 05:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2004/08/04 05:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2004/08/04 05:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2004/08/04 05:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2004/08/04 05:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2004/08/04 05:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2004/08/04 05:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2004/08/04 05:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2004/08/04 05:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2004/08/04 05:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2004/08/04 05:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\System32\winsock.dll -- (Winsock)
DRV - [2004/08/03 22:31:20 | 000,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/06/22 07:32:34 | 000,154,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel®
DRV - [2004/05/18 13:55:26 | 000,074,112 | ---- | M] (VIA Technologies inc,.ltd) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\viamraid.sys -- (viamraid)
DRV - [2004/04/10 10:10:12 | 000,153,344 | ---- | M] (Computer Associates) [File_System | Auto] -- C:\WINDOWS\system32\drivers\ino_fltr.sys -- (INO_FLTR)
DRV - [2004/03/23 09:13:58 | 000,467,200 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2003/12/08 18:55:14 | 000,019,712 | R--- | M] (Computer Associates) [File_System | Boot] -- C:\WINDOWS\system32\drivers\ino_flpy.sys -- (INO_FLPY)
DRV - [2003/11/12 13:56:36 | 000,221,848 | ---- | M] ( ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2003/10/26 13:39:44 | 001,301,776 | ---- | M] ( ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2003/10/26 13:31:02 | 000,086,872 | ---- | M] ( ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2003/08/20 12:25:56 | 000,593,152 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2003/08/18 08:30:26 | 000,548,888 | ---- | M] ( ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2003/08/11 08:35:34 | 000,167,352 | ---- | M] ( ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2003/07/03 14:15:20 | 000,100,256 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2003/07/02 15:12:52 | 000,039,348 | ---- | M] (Vireo Software) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2003/05/08 21:00:56 | 000,033,248 | ---- | M] (Sonic Focus, Inc) [Kernel | System] -- C:\WINDOWS\system32\drivers\sf.sys -- (sf)
DRV - [2002/09/20 10:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)
DRV - [2002/09/03 07:50:24 | 000,076,976 | ---- | M] (Silicon Image, Inc) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pnp680r.sys -- (Pnp680r)
DRV - [2001/08/17 14:07:44 | 000,025,952 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\hpn.sys -- (hpn)
DRV - [2001/08/17 14:07:44 | 000,020,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dpti2o.sys -- (dpti2o)
DRV - [2001/08/17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 14:07:42 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\perc2hib.sys -- (perc2hib)
DRV - [2001/08/17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 14:07:40 | 000,027,296 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\perc2.sys -- (perc2)
DRV - [2001/08/17 14:07:38 | 000,056,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\aic78xx.sys -- (aic78xx)
DRV - [2001/08/17 14:07:36 | 000,055,168 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\aic78u2.sys -- (aic78u2)
DRV - [2001/08/17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\symc810.sys -- (symc810)
DRV - [2001/08/17 14:07:32 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2001/08/17 13:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [2001/08/17 13:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 13:52:50 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)
DRV - [2001/08/17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ultra.sys -- (ultra)
DRV - [2001/08/17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ql12160.sys -- (ql12160)
DRV - [2001/08/17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ql1080.sys -- (ql1080)
DRV - [2001/08/17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ql1280.sys -- (ql1280)
DRV - [2001/08/17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 13:52:16 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ql1240.sys -- (ql1240)
DRV - [2001/08/17 13:52:16 | 000,033,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ql10wnt.sys -- (Ql10wnt)
DRV - [2001/08/17 13:52:16 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dac960nt.sys -- (dac960nt)
DRV - [2001/08/17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 13:52:08 | 000,016,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ini910u.sys -- (ini910u)
DRV - [2001/08/17 13:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2001/08/17 13:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\cbidf2k.sys -- (cbidf)
DRV - [2001/08/17 13:52:06 | 000,014,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\cpqarray.sys -- (Cpqarray)
DRV - [2001/08/17 13:52:06 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\cd20xrnt.sys -- (cd20xrnt)
DRV - [2001/08/17 13:52:04 | 000,022,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\asc3350p.sys -- (asc3350p)
DRV - [2001/08/17 13:52:04 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\amsint.sys -- (amsint)
DRV - [2001/08/17 13:52:02 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\aha154x.sys -- (Aha154x)
DRV - [2001/08/17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\asc.sys -- (asc)
DRV - [2001/08/17 13:52:00 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ABP480N5.SYS -- (abp480n5)
DRV - [2001/08/17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\asc3550.sys -- (asc3550)
DRV - [2001/08/17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\aliide.sys -- (AliIde)
DRV - [2001/08/17 13:51:56 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\toside.sys -- (TosIde)
DRV - [2001/08/17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 13:51:52 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde)
DRV - [2001/08/17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...er=6&ar=msnhome
IE - HKU\Administrator_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Janine_Velardi_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Janine_Velardi_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKU\Janine_Velardi_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\Janine_Velardi_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\Janine_Velardi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Janine_Velardi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = www.direcwaysupport.com;192.168.0.*;<local>
IE - HKU\Janine_Velardi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=192.168.0.1:87


IE - HKU\Michael_Velardi_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Michael_Velardi_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKU\Michael_Velardi_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...er=6&ar=msnhome
IE - HKU\Michael_Velardi_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\Michael_Velardi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Michael_Velardi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = www.direcwaysupport.com;192.168.0.*;<local>
IE - HKU\Michael_Velardi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=192.168.0.1:87



IE - HKU\Virginia_Velardi_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Virginia_Velardi_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Virginia_Velardi_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\Virginia_Velardi_ON_C\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKU\Virginia_Velardi_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\Virginia_Velardi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Virginia_Velardi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = www.direcwaysupport.com;192.168.0.*;<local>;*.local
IE - HKU\Virginia_Velardi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=192.168.0.1:87

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/06 03:04:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{7CA51A89-0337-4FED-ADE2-A42310D091A2}: C:\Documents and Settings\Virginia Velardi\Local Settings\Application Data\{7CA51A89-0337-4FED-ADE2-A42310D091A2}\ [2010/11/29 19:08:20 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2004/08/04 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKU\Administrator_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Janine_Velardi_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Janine_Velardi_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Janine_Velardi_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\Janine_Velardi_ON_C\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKU\Michael_Velardi_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Michael_Velardi_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Michael_Velardi_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\Michael_Velardi_ON_C\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKU\Virginia_Velardi_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Virginia_Velardi_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Virginia_Velardi_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\Virginia_Velardi_ON_C\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Ahead Software AG)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [Realtime Monitor] C:\Program Files\CA\eTrust Antivirus\Realmon.exe (Computer Associates International, Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\Janine_Velardi_ON_C..\Run: [Aim6] File not found
O4 - HKU\Janine_Velardi_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\Janine_Velardi_ON_C..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\Janine_Velardi_ON_C..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKU\Michael_Velardi_ON_C..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe (Creative Technology Ltd)
O4 - HKU\Michael_Velardi_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\Michael_Velardi_ON_C..\Run: [PhotoShow Deluxe Media Manager] C:\Program Files\Ahead\Ahead\data\Xtras\mssysmgr.exe ()
O4 - HKU\Virginia_Velardi_ON_C..\Run: [Aim] C:\Program Files\AIM7\aim.exe (AOL Inc.)
O4 - HKU\Virginia_Velardi_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\Virginia_Velardi_ON_C..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Janine_Velardi_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Michael_Velardi_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Virginia_Velardi_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1120992338369 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1270757709703 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_06)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail....ol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\qbwc {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/27 15:51:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2009/12/31 20:30:06 | 000,000,109 | ---- | M] () - I:\AUTORUN.FCB -- [ FAT ]
O32 - AutoRun File - [2010/01/10 17:44:24 | 000,000,090 | ---- | M] () - I:\Autorun.inf -- [ FAT ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/03/09 12:22:33 | 000,123,904 | ---- | C] (Systemintegrasjon AS) -- C:\MbrFix.exe
[2011/03/09 12:04:32 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/03/07 13:16:08 | 000,000,000 | ---D | C] -- C:\NBRT
[2008/01/31 12:30:40 | 058,619,176 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesSetup.exe
[1980/01/01 00:00:00 | 001,301,776 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[1980/01/01 00:00:00 | 000,548,888 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys
[1980/01/01 00:00:00 | 000,221,848 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[1980/01/01 00:00:00 | 000,192,512 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[1980/01/01 00:00:00 | 000,167,352 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[1980/01/01 00:00:00 | 000,086,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys
[1980/01/01 00:00:00 | 000,045,056 | ---- | C] ( ) -- C:\WINDOWS\System32\slserv.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/29 19:08:21 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Ecazer.dat
[2010/11/29 19:08:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Jfumiq.bin
[2009/02/15 21:27:49 | 000,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2008/03/12 16:51:29 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Janine Velardi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/02/21 22:59:09 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS4B.DLL
[2006/02/18 17:05:13 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/08/11 20:25:02 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\Virginia Velardi\Local Settings\Application Data\fusioncache.dat
[2005/05/08 09:53:41 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005/03/28 00:06:48 | 000,000,069 | ---- | C] () -- C:\Documents and Settings\Michael Velardi\default.pls
[2005/03/20 11:40:32 | 000,000,080 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2005/03/11 20:46:33 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/02/12 15:49:03 | 000,111,104 | ---- | C] () -- C:\Documents and Settings\Michael Velardi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/02/11 12:29:24 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\Virginia Velardi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/02/02 12:36:49 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/27 17:24:22 | 000,000,799 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/27 15:54:53 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/27 15:49:55 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/27 15:46:04 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/27 15:45:28 | 000,298,848 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/27 15:40:06 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/27 15:40:05 | 000,441,744 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/27 15:40:05 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/27 15:40:05 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/27 15:40:05 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/27 15:40:04 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/27 15:40:03 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/27 15:40:03 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/27 15:40:01 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/27 15:39:59 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[1980/01/01 00:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.BIN
[1980/01/01 00:00:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll
[1980/01/01 00:00:00 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll
[1980/01/01 00:00:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll
[1980/01/01 00:00:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\slrundll.exe
[1980/01/01 00:00:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[1980/01/01 00:00:00 | 000,005,327 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.DAT
[1980/01/01 00:00:00 | 000,000,503 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

========== LOP Check ==========

[2005/10/06 17:34:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janine Velardi\Application Data\Opera
[2008/07/28 17:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janine Velardi\Application Data\Serif
[2009/03/03 07:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janine Velardi\Application Data\acccore
[2009/03/03 07:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janine Velardi\Application Data\QQ Games Plugin
[2005/02/10 14:57:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael Velardi\Application Data\Opera
[2005/03/27 23:09:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael Velardi\Application Data\Snapfish
[2005/05/08 09:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael Velardi\Application Data\Serif
[2010/07/23 20:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael Velardi\Application Data\ImgBurn
[2005/02/16 00:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia Velardi\Application Data\Opera
[2005/05/15 11:33:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia Velardi\Application Data\Serif
[2009/02/15 21:39:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia Velardi\Application Data\acccore
[2009/02/16 08:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia Velardi\Application Data\QQ Games Plugin
[2009/03/09 19:34:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia Velardi\Application Data\Viewpoint
[2010/11/29 18:54:04 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: DNSAPI.DLL >
[2006/06/26 13:45:20 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=08C13164B042516C4CF010A361ACE204 -- C:\WINDOWS\$hf_mig$\KB920683\SP2QFE\dnsapi.dll
[2008/04/13 20:11:52 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=0A3325D38DB90792BBBE01334F273974 -- C:\WINDOWS\$NtUninstallKB951748$\dnsapi.dll
[2008/04/13 20:11:52 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=0A3325D38DB90792BBBE01334F273974 -- C:\WINDOWS\ServicePackFiles\i386\dnsapi.dll
[2006/06/26 14:37:10 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=16E68F1DB0E37C13A5FB5F9611A38EDC -- C:\WINDOWS\$NtUninstallKB945553$\dnsapi.dll
[2008/06/20 13:41:10 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=176497D0E7AE618860552A4B5635B206 -- C:\WINDOWS\$NtServicePackUninstall$\dnsapi.dll
[2006/05/19 08:59:42 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=1870459BBF6BFD1D5FFB491E62EEB596 -- C:\WINDOWS\$NtUninstallKB920683$\dnsapi.dll
[2008/06/20 13:43:06 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=1C2A6C104E6184B05EEB0C114BE4F150 -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
[2008/02/20 01:32:44 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=4FF71085BABAE623F3FEE11E1F86D9CD -- C:\WINDOWS\$NtUninstallKB951748_0$\dnsapi.dll
[2008/06/20 13:46:58 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=5D3FDE8FB2801A2041D1B965372C4928 -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
[2008/06/20 13:46:58 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=5D3FDE8FB2801A2041D1B965372C4928 -- C:\WINDOWS\system32\dllcache\dnsapi.dll
[2006/05/19 09:46:40 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=620173FF44AD5FF41634E94EC04C1020 -- C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\dnsapi.dll
[2008/02/20 01:19:36 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=C717F090BD94680855F5A7223654581F -- C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsapi.dll
[2004/08/04 05:00:00 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=C76735BFB7214907B4590DD35AE64A79 -- C:\WINDOWS\$NtUninstallKB914388$\dnsapi.dll
[2008/06/20 13:36:12 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=D803BDB34C060035D4753DDA046D5C72 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
[2008/06/20 13:46:58 | 000,147,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll

< MD5 for: IEFRAME.DLL >
[2007/10/10 18:47:28 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=085800BC9DA7022F4DC86ACA2EBF54D6 -- C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieframe.dll
[2007/10/10 18:55:54 | 006,065,664 | ---- | M] (Microsoft Corporation) MD5=122C2B5BCFE01B899E5B4A41B5AFF55B -- C:\WINDOWS\ie7updates\KB944533-IE7\ieframe.dll
[2007/03/07 13:40:24 | 006,056,448 | ---- | M] (Microsoft Corporation) MD5=12C205B3498368750E65CF44FB8A014B -- C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\ieframe.dll
[2007/12/06 21:01:10 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=17FC07BCC0C811874869387E44138ECD -- C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieframe.dll
[2008/03/01 09:06:24 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=18E53441E472067344DA71FA3298D841 -- C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll
[2008/12/20 18:15:22 | 006,066,688 | ---- | M] (Microsoft Corporation) MD5=1C736F3980C7328077B65C3BB33E80A3 -- C:\WINDOWS\ie7updates\KB963027-IE7\ieframe.dll
[2009/04/29 00:55:58 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=1DC989811B9CD1884C06B05B767F6A4D -- C:\WINDOWS\ie7updates\KB972260-IE7\ieframe.dll
[2008/10/16 15:24:10 | 006,068,224 | ---- | M] (Microsoft Corporation) MD5=233F3168F83CCAEA70EDD0FC6C272A74 -- C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\ieframe.dll
[2008/10/16 15:38:38 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=23DD2287BA2630805E16571CB5E4E3EB -- C:\WINDOWS\ie7updates\KB961260-IE7\ieframe.dll
[2010/03/11 07:49:30 | 006,070,784 | ---- | M] (Microsoft Corporation) MD5=25891590F55C29A6561C53FD67452B0C -- C:\WINDOWS\$hf_mig$\KB980182-IE7\SP3QFE\ieframe.dll
[2007/04/25 05:08:34 | 006,059,008 | ---- | M] (Microsoft Corporation) MD5=335A982BDA98F1FDF06D54E69B226102 -- C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\ieframe.dll
[2006/11/07 21:03:36 | 006,049,280 | ---- | M] (Microsoft Corporation) MD5=39B6E852F8E82107E52809A7DD21FFE0 -- C:\WINDOWS\ie7updates\KB928090-IE7\ieframe.dll
[2010/09/10 01:58:06 | 011,080,192 | ---- | M] (Microsoft Corporation) MD5=3BE4ACC85ECBA994E2735E641AA58404 -- C:\WINDOWS\system32\dllcache\ieframe.dll
[2008/04/22 23:35:36 | 006,068,224 | ---- | M] (Microsoft Corporation) MD5=40E542A45A003715D9B99181865FB205 -- C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
[2009/08/29 03:31:12 | 006,070,784 | ---- | M] (Microsoft Corporation) MD5=4457FBAE53EB951FCFD4A92F4A62FCC4 -- C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\ieframe.dll
[2008/06/23 12:57:34 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=449A8C5F68B889DB4609353649DBC5D3 -- C:\WINDOWS\ie7updates\KB956390-IE7\ieframe.dll
[2007/04/25 04:41:12 | 006,058,496 | ---- | M] (Microsoft Corporation) MD5=453506737B5979F86E323686EB5A86D1 -- C:\WINDOWS\ie7updates\KB937143-IE7\ieframe.dll
[2008/03/01 09:03:02 | 006,067,712 | ---- | M] (Microsoft Corporation) MD5=46B8561E2DF443C030A4D2EB99D36446 -- C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieframe.dll
[2010/05/06 06:41:50 | 011,076,096 | ---- | M] (Microsoft Corporation) MD5=4939E99C1B61017E37A006EEC2E7632D -- C:\WINDOWS\ie8updates\KB2183461-IE8\ieframe.dll
[2010/05/06 06:41:50 | 011,076,096 | ---- | M] (Microsoft Corporation) MD5=4939E99C1B61017E37A006EEC2E7632D -- C:\WINDOWS\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3GDR\ieframe.dll
[2009/10/29 02:45:44 | 006,070,784 | ---- | M] (Microsoft Corporation) MD5=5530B5093740BCFEDDE85C54CE2476BB -- C:\WINDOWS\$hf_mig$\KB976325-IE7\SP3QFE\ieframe.dll
[2007/06/27 10:39:52 | 006,059,008 | ---- | M] (Microsoft Corporation) MD5=5FF4C38AD71DACF843315791837D6D96 -- C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\ieframe.dll
[2009/04/29 00:49:18 | 006,069,248 | ---- | M] (Microsoft Corporation) MD5=629932D1D34AC476AB8EBC78D719B33B -- C:\WINDOWS\$hf_mig$\KB969897-IE7\SP3QFE\ieframe.dll
[2007/08/20 06:04:38 | 006,058,496 | ---- | M] (Microsoft Corporation) MD5=6601D5A71F09F889652EF47AEE3C9081 -- C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
[2010/06/24 17:51:58 | 011,077,120 | ---- | M] (Microsoft Corporation) MD5=680F85FE668E0E571B1AF084AC6232C5 -- C:\WINDOWS\ie8updates\KB2360131-IE8\ieframe.dll
[2010/06/24 17:51:58 | 011,077,120 | ---- | M] (Microsoft Corporation) MD5=680F85FE668E0E571B1AF084AC6232C5 -- C:\WINDOWS\SoftwareDistribution\Download\009eaf510409174fd2f25593db4fddcd\SP3GDR\ieframe.dll
[2009/03/08 04:39:48 | 011,063,808 | ---- | M] (Microsoft Corporation) MD5=729DA5D23A9AD20A6AA353156A126420 -- C:\WINDOWS\ie8updates\KB982381-IE8\ieframe.dll
[2010/05/06 16:06:24 | 011,078,144 | ---- | M] (Microsoft Corporation) MD5=829BC36DEC43E7A9F53E826BAC991540 -- C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\ieframe.dll
[2010/05/06 16:06:24 | 011,078,144 | ---- | M] (Microsoft Corporation) MD5=829BC36DEC43E7A9F53E826BAC991540 -- C:\WINDOWS\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3QFE\ieframe.dll
[2010/05/04 13:20:36 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=8641B27F8DF694C39CA1DBA2F71373FB -- C:\WINDOWS\ie7updates\KB2183461-IE7\ieframe.dll
[2007/06/27 10:34:56 | 006,058,496 | ---- | M] (Microsoft Corporation) MD5=876EA9EBAB608543D9BE7DF1C2B7E63A -- C:\WINDOWS\ie7updates\KB939653-IE7\ieframe.dll
[2010/09/10 11:27:24 | 011,082,240 | ---- | M] (Microsoft Corporation) MD5=8C856AF5F0C1CA61A1EF66B891D785F4 -- C:\WINDOWS\$hf_mig$\KB2360131-IE8\SP3QFE\ieframe.dll
[2009/08/29 03:36:26 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=947523EC3DB3F0148A28848D15C840EF -- C:\WINDOWS\ie7updates\KB976325-IE7\ieframe.dll
[2010/01/05 04:57:28 | 006,071,296 | ---- | M] (Microsoft Corporation) MD5=976F8175CDCD27192196669E052F7C51 -- C:\WINDOWS\$hf_mig$\KB978207-IE7\SP3QFE\ieframe.dll
[2010/05/04 13:20:02 | 006,071,296 | ---- | M] (Microsoft Corporation) MD5=98AF5E356C2D9BF3C0CEDA7484A8297D -- C:\WINDOWS\$hf_mig$\KB982381-IE7\SP3QFE\ieframe.dll
[2008/10/03 13:41:16 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=9A647EB36A8D4C97A15F46CD560E98E2 -- C:\WINDOWS\ie7updates\KB958215-IE7\ieframe.dll
[2009/02/20 14:09:36 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=A280BC1D20C94DDEE22EF9DB507821E0 -- C:\WINDOWS\ie7updates\KB969897-IE7\ieframe.dll
[2009/10/29 02:46:54 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=A8AB8F27F7BBA9CB6C0B8D0534B3C4AE -- C:\WINDOWS\ie7updates\KB978207-IE7\ieframe.dll
[2010/03/11 08:38:52 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=A963827DF78D69BC9E9CACA7427C6EDB -- C:\WINDOWS\ie7updates\KB982381-IE7\ieframe.dll
[2010/01/05 06:00:24 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=BC88680EDB207514D8009BD98761B6BB -- C:\WINDOWS\ie7updates\KB980182-IE7\ieframe.dll
[2009/07/19 09:31:48 | 006,070,784 | ---- | M] (Microsoft Corporation) MD5=BCB67F7FC4EDDDD1D0F3FF9CD41D706C -- C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\ieframe.dll
[2010/06/24 08:15:28 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=BED7CDEFE6353F95B5AB2B2715E7FA81 -- C:\WINDOWS\ie8\ieframe.dll
[2008/10/03 13:26:50 | 006,068,224 | ---- | M] (Microsoft Corporation) MD5=C0F690706C8F4468B17A20530D7B32E2 -- C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieframe.dll
[2008/12/20 18:55:50 | 006,068,736 | ---- | M] (Microsoft Corporation) MD5=CBA0078473E65D8F4BE1A472099162D0 -- C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\ieframe.dll
[2010/06/24 08:16:22 | 006,071,296 | ---- | M] (Microsoft Corporation) MD5=D6D47DBCC1F85FD2B63BB5CD60FAEA72 -- C:\WINDOWS\$hf_mig$\KB2183461-IE7\SP3QFE\ieframe.dll
[2008/04/23 00:16:28 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=D9878DF3C8CFA8CF9E60E6B4777D127F -- C:\WINDOWS\ie7updates\KB953838-IE7\ieframe.dll
[2009/07/19 09:33:00 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=DAABB9EC6CDEE737044E76812D5E1EEB -- C:\WINDOWS\ie7updates\KB974455-IE7\ieframe.dll
[2007/08/20 06:02:10 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=DB25311D6611BAE576DC7E82099CEEB7 -- C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieframe.dll
[2009/02/20 14:09:52 | 006,068,736 | ---- | M] (Microsoft Corporation) MD5=DFAD02C430698F3C28C82380F87B262E -- C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\ieframe.dll
[2007/01/12 09:27:42 | 006,054,400 | ---- | M] (Microsoft Corporation) MD5=EF7C229E63632511742BD214E463F55B -- C:\WINDOWS\ie7updates\KB931768-IE7\ieframe.dll
[2008/06/23 12:01:44 | 006,068,736 | ---- | M] (Microsoft Corporation) MD5=F040C72A8FF607A8A2CA649B2C03AB0C -- C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ieframe.dll
[2007/12/06 22:21:46 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=F1391B0FB54790C469D60E4A1EAB62CC -- C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll
[2007/03/07 13:45:16 | 006,054,400 | ---- | M] (Microsoft Corporation) MD5=FB79E24CE60A07C4E1E6584C9DADB9AA -- C:\WINDOWS\ie7updates\KB933566-IE7\ieframe.dll
[2010/06/24 08:24:44 | 011,079,168 | ---- | M] (Microsoft Corporation) MD5=FBFC0E0CE96C8F3693DF4857EBB37949 -- C:\WINDOWS\$hf_mig$\KB2183461-IE8\SP3QFE\ieframe.dll
[2010/06/24 08:24:44 | 011,079,168 | ---- | M] (Microsoft Corporation) MD5=FBFC0E0CE96C8F3693DF4857EBB37949 -- C:\WINDOWS\SoftwareDistribution\Download\009eaf510409174fd2f25593db4fddcd\SP3QFE\ieframe.dll
[2010/09/10 01:58:06 | 011,080,192 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll

< MD5 for: IERTUTIL.DLL >
[2007/08/20 06:02:10 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=01743A57CA70A91C176A1B5BA72496AB -- C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iertutil.dll
[2009/08/29 03:31:12 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=02BDD5FE51CD53F58CDA085B29F183B9 -- C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\iertutil.dll
[2007/06/27 10:34:56 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=0728ACD0CDBEB6A9B69B3062C546BA57 -- C:\WINDOWS\ie7updates\KB939653-IE7\iertutil.dll
[2010/06/24 08:15:28 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=0C51DB6731F0E0F548582C95BA95992C -- C:\WINDOWS\ie8\iertutil.dll
[2009/02/20 14:09:38 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=0EB06AA08ADFE9BDF78AC6CD914721C2 -- C:\WINDOWS\ie7updates\KB969897-IE7\iertutil.dll
[2008/04/22 23:35:36 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=148139755CE00E3558AE248EEB913E6B -- C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
[2008/04/23 00:16:28 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=19216B68C7CA3750AA91DAB29354F23A -- C:\WINDOWS\ie7updates\KB953838-IE7\iertutil.dll
[2008/10/16 15:38:38 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=21E9A2407A947EF9D788812A2404D57D -- C:\WINDOWS\ie7updates\KB961260-IE7\iertutil.dll
[2010/05/04 13:20:36 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=28D1D65D22D76A07D4E168F64CE6A15A -- C:\WINDOWS\ie7updates\KB2183461-IE7\iertutil.dll
[2007/12/06 22:21:46 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=3844E460C6CAECEAD3B5C782E656BAFD -- C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll
[2009/10/29 02:46:54 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=3B41C69A0CCF62855F691748ADD26E26 -- C:\WINDOWS\ie7updates\KB978207-IE7\iertutil.dll
[2008/10/16 15:24:10 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=3E776F61E3CD7334BA4F04D25A382A3D -- C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\iertutil.dll
[2009/02/20 14:09:52 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=47F3AE3BF4C6E30124B4F456A3944F6A -- C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\iertutil.dll
[2008/03/01 09:06:26 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=4926DE4AB9C86E8B295E7E6797B97782 -- C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll
[2008/08/26 05:08:40 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=496911E0EEFFB07C5803FAEFF2A8F06D -- C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll
[2007/04/25 04:41:12 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=4A73428B9C9D6118FFFB5527FF0AFA1A -- C:\WINDOWS\ie7updates\KB937143-IE7\iertutil.dll
[2007/06/27 10:39:52 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=4D6B0612A862B4CDCD432FABA84EF08D -- C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\iertutil.dll
[2008/12/20 18:55:50 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=51DB5F2D1D5FEDEF5FA920F4EB5BC91E -- C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\iertutil.dll
[2010/03/11 07:49:32 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=52745C1BA2F4B2038BDC84A0D392833D -- C:\WINDOWS\$hf_mig$\KB980182-IE7\SP3QFE\iertutil.dll
[2010/09/10 01:57:24 | 001,987,072 | ---- | M] (Microsoft Corporation) MD5=54B043C9E856C87CE2DE5F2AAAF0BDDA -- C:\WINDOWS\$hf_mig$\KB2360131-IE8\SP3QFE\iertutil.dll
[2009/03/08 04:32:22 | 001,985,024 | ---- | M] (Microsoft Corporation) MD5=58BD4689E1DCD40A903721D7EF45F2EC -- C:\WINDOWS\ie8updates\KB982381-IE8\iertutil.dll
[2010/03/11 08:38:52 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=5C3715E234D70F38C52A689F95DC51F1 -- C:\WINDOWS\ie7updates\KB982381-IE7\iertutil.dll
[2007/03/07 13:40:24 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=634CE313F250DD2A5D5D794C4D1B734D -- C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\iertutil.dll
[2010/06/24 08:21:58 | 001,986,560 | ---- | M] (Microsoft Corporation) MD5=6580AE52C0566E4CDC3053F49176579E -- C:\WINDOWS\ie8updates\KB2360131-IE8\iertutil.dll
[2010/06/24 08:21:58 | 001,986,560 | ---- | M] (Microsoft Corporation) MD5=6580AE52C0566E4CDC3053F49176579E -- C:\WINDOWS\SoftwareDistribution\Download\009eaf510409174fd2f25593db4fddcd\SP3GDR\iertutil.dll
[2009/06/29 12:12:16 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=783E933FFAE1401A05DEB23553C07D3D -- C:\WINDOWS\ie7updates\KB974455-IE7\iertutil.dll
[2007/03/07 13:45:16 | 000,266,752 | ---- | M] (Microsoft Corporation) MD5=79CB5077BB11EE870CDED6B22233304D -- C:\WINDOWS\ie7updates\KB933566-IE7\iertutil.dll
[2007/04/25 05:08:34 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=7EB100F707C0B8322D3F53C8A791BD87 -- C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\iertutil.dll
[2010/05/06 06:41:50 | 001,985,536 | ---- | M] (Microsoft Corporation) MD5=7FBE659ECDC2E61BDA3AA930C1532516 -- C:\WINDOWS\ie8updates\KB2183461-IE8\iertutil.dll
[2010/05/06 06:41:50 | 001,985,536 | ---- | M] (Microsoft Corporation) MD5=7FBE659ECDC2E61BDA3AA930C1532516 -- C:\WINDOWS\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3GDR\iertutil.dll
[2008/03/01 09:03:02 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=8C02077165D143A1320F1B9A905B30F9 -- C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iertutil.dll
[2008/06/23 12:01:44 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=8CBF826E16ACBB5F23ADE30C274B914F -- C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\iertutil.dll
[2009/08/29 03:36:26 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=90E5E67E716E846725BAA05DC7FAE6D9 -- C:\WINDOWS\ie7updates\KB976325-IE7\iertutil.dll
[2008/06/23 12:57:34 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=93367924D08184C697AFF32D48A43887 -- C:\WINDOWS\ie7updates\KB956390-IE7\iertutil.dll
[2009/06/29 12:23:12 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=9B20BF14CC2A13A2BAB7ECAEB05206CE -- C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\iertutil.dll
[2008/08/26 03:24:30 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=A223769899F3D981DEFC81CD791D687F -- C:\WINDOWS\ie7updates\KB958215-IE7\iertutil.dll
[2009/04/29 00:55:58 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=A3E3A66468E4F26CBE9A1FEB0EBFC5E9 -- C:\WINDOWS\ie7updates\KB972260-IE7\iertutil.dll
[2009/10/29 02:45:44 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=A8EDBE192207E3AE7EFC58D857507E98 -- C:\WINDOWS\$hf_mig$\KB976325-IE7\SP3QFE\iertutil.dll
[2010/05/06 06:36:24 | 001,986,048 | ---- | M] (Microsoft Corporation) MD5=AA9B8D2F3BEB369DB82E48C689D7A8FC -- C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\iertutil.dll
[2010/05/06 06:36:24 | 001,986,048 | ---- | M] (Microsoft Corporation) MD5=AA9B8D2F3BEB369DB82E48C689D7A8FC -- C:\WINDOWS\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3QFE\iertutil.dll
[2007/08/20 06:04:38 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=AB7A8CAED7A2DF0072DF34D8DB70A3F4 -- C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
[2007/10/10 18:55:56 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=AF67AAB4ECC886EAAB6912A53FA717DB -- C:\WINDOWS\ie7updates\KB944533-IE7\iertutil.dll
[2007/12/06 21:01:12 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=BC5A4228A5EF48370CFE6DBDAD7D3A8C -- C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iertutil.dll
[2007/01/08 19:02:04 | 000,266,752 | ---- | M] (Microsoft Corporation) MD5=BD3AA3BD1766501431AA5E1B7889971C -- C:\WINDOWS\ie7updates\KB931768-IE7\iertutil.dll
[2010/01/05 06:00:24 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=BF7DFAD80E6991942D362F71BE1EAD1F -- C:\WINDOWS\ie7updates\KB980182-IE7\iertutil.dll
[2010/06/24 08:16:22 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=C0D77293644765C00FEBC52CC5DF3703 -- C:\WINDOWS\$hf_mig$\KB2183461-IE7\SP3QFE\iertutil.dll
[2006/10/17 11:57:20 | 000,266,752 | ---- | M] (Microsoft Corporation) MD5=C9F48C6A6963BAB7D1B5D025212D8F36 -- C:\WINDOWS\ie7updates\KB928090-IE7\iertutil.dll
[2010/06/24 08:24:46 | 001,987,072 | ---- | M] (Microsoft Corporation) MD5=CF78994BA59A6322B6A993C849EDDCF7 -- C:\WINDOWS\$hf_mig$\KB2183461-IE8\SP3QFE\iertutil.dll
[2010/06/24 08:24:46 | 001,987,072 | ---- | M] (Microsoft Corporation) MD5=CF78994BA59A6322B6A993C849EDDCF7 -- C:\WINDOWS\SoftwareDistribution\Download\009eaf510409174fd2f25593db4fddcd\SP3QFE\iertutil.dll
[2010/05/04 13:20:02 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=DD2AA1304C4293A1888AA1A3285A4D88 -- C:\WINDOWS\$hf_mig$\KB982381-IE7\SP3QFE\iertutil.dll
[2007/10/10 18:47:28 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=E744E301A548B4DCCA7F56C41903AE53 -- C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iertutil.dll
[2009/04/29 00:49:18 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=F0054228DF9E36667E10644986B19AAF -- C:\WINDOWS\$hf_mig$\KB969897-IE7\SP3QFE\iertutil.dll
[2010/01/05 04:57:28 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=F546A6E483BE82692D448A872E9E76A9 -- C:\WINDOWS\$hf_mig$\KB978207-IE7\SP3QFE\iertutil.dll
[2008/12/20 18:15:22 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=F9AD085EB1392DC9EFB7698B681C22A2 -- C:\WINDOWS\ie7updates\KB963027-IE7\iertutil.dll
[2010/09/10 01:58:06 | 001,986,560 | ---- | M] (Microsoft Corporation) MD5=FD4542DE00C684FF75590E257556B84C -- C:\WINDOWS\system32\dllcache\iertutil.dll
[2010/09/10 01:58:06 | 001,986,560 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll

< MD5 for: MSTASK.DLL >
[2008/04/13 20:12:00 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=4044E880593FE1AC9942190FCE414BE7 -- C:\WINDOWS\ServicePackFiles\i386\mstask.dll
[2004/08/04 05:00:00 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=DAD1CEF1B77539B4EF734A1041CF95ED -- C:\WINDOWS\$NtServicePackUninstall$\mstask.dll
[2008/04/13 20:12:00 | 000,274,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll

< MD5 for: NTDSAPI.DLL >
[2004/08/04 05:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6201BACF384292A5FE94CE73364AE53A -- C:\WINDOWS\$NtServicePackUninstall$\ntdsapi.dll
[2008/04/13 20:12:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=EC4C0D9BFD9F7E33F8B395AD54E13063 -- C:\WINDOWS\ServicePackFiles\i386\ntdsapi.dll
[2008/04/13 20:12:02 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll

< MD5 for: SHELL32.DLL >
[2008/07/03 08:03:30 | 008,460,800 | ---- | M] (Microsoft Corporation) MD5=06DA8C5383AAF17127FC4B1658BA3F4F -- C:\WINDOWS\$NtServicePackUninstall$\shell32.dll
[2008/06/17 14:02:20 | 008,461,312 | ---- | M] (Microsoft Corporation) MD5=08B99916C98E15F6C28D24D73E53B45A -- C:\WINDOWS\$hf_mig$\KB967715\SP3GDR\shell32.dll
[2008/06/17 14:02:20 | 008,461,312 | ---- | M] (Microsoft Corporation) MD5=08B99916C98E15F6C28D24D73E53B45A -- C:\WINDOWS\$NtUninstallKB2286198$\shell32.dll
[2008/04/13 20:12:06 | 008,461,312 | ---- | M] (Microsoft Corporation) MD5=0CF50B1F45DAB08430C1DBB79FE2CA5B -- C:\WINDOWS\$NtUninstallKB967715$\shell32.dll
[2008/04/13 20:12:06 | 008,461,312 | ---- | M] (Microsoft Corporation) MD5=0CF50B1F45DAB08430C1DBB79FE2CA5B -- C:\WINDOWS\ServicePackFiles\i386\shell32.dll
[2008/06/17 14:04:34 | 008,461,824 | ---- | M] (Microsoft Corporation) MD5=270CE1BFDF019A3D7527F1DA6FB1FA96 -- C:\WINDOWS\$hf_mig$\KB967715\SP3QFE\shell32.dll
[2005/09/22 23:18:20 | 008,452,608 | ---- | M] (Microsoft Corporation) MD5=2B7DD09E1DE64B094409E3D43E248716 -- C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shell32.dll
[2010/07/27 02:30:36 | 008,462,336 | ---- | M] (Microsoft Corporation) MD5=304CFF53C9C9BEB03607ABE94A8FC781 -- C:\WINDOWS\system32\dllcache\shell32.dll
[2007/10/25 22:34:02 | 008,460,288 | ---- | M] (Microsoft Corporation) MD5=3BE4C2E84D99889685FE2B68E5FA2A9D -- C:\WINDOWS\$NtUninstallKB967715_0$\shell32.dll
[2006/03/17 00:46:32 | 008,454,656 | ---- | M] (Microsoft Corporation) MD5=5371E3BAE6FA21C26730C19FA8819335 -- C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\shell32.dll
[2005/02/28 19:06:30 | 008,451,584 | ---- | M] (Microsoft Corporation) MD5=564A479E5FC3A1BC66E2F8082682DAC2 -- C:\WINDOWS\$hf_mig$\KB893086\SP2QFE\shell32.dll
[2004/12/21 15:49:36 | 008,450,048 | ---- | M] (Microsoft Corporation) MD5=5DB5F53F801B616F4B4B7CAE6EE7D1C6 -- C:\WINDOWS\$NtUninstallKB893086$\shell32.dll
[2006/03/17 00:03:54 | 008,452,096 | ---- | M] (Microsoft Corporation) MD5=6DDC1304FC3E6849D2BAD23D95E9573B -- C:\WINDOWS\$NtUninstallKB921398$\shell32.dll
[2004/12/21 15:50:56 | 008,451,072 | ---- | M] (Microsoft Corporation) MD5=88F8875E045AEC0C335E73B9A1FC176E -- C:\WINDOWS\$hf_mig$\KB890047\SP2QFE\shell32.dll
[2005/02/28 19:11:18 | 008,450,048 | ---- | M] (Microsoft Corporation) MD5=9833F278924D028414D7F89BFD4FC46B -- C:\WINDOWS\$NtUninstallKB900725$\shell32.dll
[2006/12/19 15:52:18 | 008,453,632 | ---- | M] (Microsoft Corporation) MD5=ABFCBDA41D2BD08BAA1B0B2DB558DF03 -- C:\WINDOWS\$NtUninstallKB943460$\shell32.dll
[2010/07/27 02:28:54 | 008,463,360 | ---- | M] (Microsoft Corporation) MD5=B65D8CE7C75835906CD21C974B875503 -- C:\WINDOWS\$hf_mig$\KB2286198\SP3QFE\shell32.dll
[2006/07/13 10:03:24 | 008,457,728 | ---- | M] (Microsoft Corporation) MD5=BCDA9264F73B21DF325A10D99C6FB44A -- C:\WINDOWS\$hf_mig$\KB921398\SP2QFE\shell32.dll
[2005/09/22 23:05:30 | 008,450,560 | ---- | M] (Microsoft Corporation) MD5=C1BCFEC67E712B6A00AD00ADFCBFD02E -- C:\WINDOWS\$NtUninstallKB908531$\shell32.dll
[2006/12/19 16:50:10 | 008,458,752 | ---- | M] (Microsoft Corporation) MD5=C21253CC2EA4001EB3D93CD98E9B35FE -- C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\shell32.dll
[2004/08/04 05:00:00 | 008,384,000 | ---- | M] (Microsoft Corporation) MD5=D5988A5048E4DC7175BCA9F29FC144AE -- C:\WINDOWS\$NtUninstallKB890047$\shell32.dll
[2006/07/13 09:33:28 | 008,453,632 | ---- | M] (Microsoft Corporation) MD5=F056B4771408966694DE5D9BF79B48F8 -- C:\WINDOWS\$NtUninstallKB928255$\shell32.dll
[2010/07/27 02:30:36 | 008,462,336 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll
< End of report >
  • 0

Advertisements


#41
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Save these instructions to the USB.
  • Boot to the OTLPE CD
  • Please double-click OTLPE.exe to run it as you did before.
  • Copy the lines in the quote below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    :files
    C:\WINDOWS\system32\dnsapi.dll|C:\WINDOWS\system32\dllcache\dnsapi.dll /replace
    C:\WINDOWS\system32\ieframe.dll|C:\WINDOWS\system32\dllcache\ieframe.dll /replace
    C:\WINDOWS\system32\iertutil.dll|C:\WINDOWS\system32\dllcache\iertutil.dll /replace
    C:\WINDOWS\system32\mstask.dll|C:\WINDOWS\ServicePackFiles\i386\mstask.dll /replace
    C:\WINDOWS\system32\ntdsapi.dll|C:\WINDOWS\ServicePackFiles\i386\ntdsapi.dll /replace
    C:\WINDOWS\system32\shell32.dll|C:\WINDOWS\system32\dllcache\shell32.dll /replace
    C:\WINDOWS\system32\hal.dll|C:\WINDOWS\ServicePackFiles\i386\hal.dll /replace

  • Return to OTLPE, right click in the "Custom Scans/Fixes" window and choose Paste.
  • Click the red Run Fix button.
  • A report will be produced and saved in the C:\_OTL\MovedFiles folder in the form of Date_Time.log. Open that report and post its contents in a reply.

Restart the computer back to the OTLPE CD.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change all settings to None to cut down on scanning time.
    • Under the Custom Scan box paste this in



      /md5start
      shell32.dll
      iertutil.dll
      ieframe.dll
      mstask.dll
      dnsapi.dll
      ntdsapi.dll
      hal.dll
      /md5stop

  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive.
  • Please post the contents of the C:\OTL.txt file in your reply also.

After this process, attempt to boot in Normal Mode. Let me know the outcome.
  • 0

#42
Mikevel

Mikevel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Success!!! Windows booted up reloaded drivers and rebooted back to XP again still OK

What's next:

We need to get the other HDD back into the system ( i had removed it earlier today)

What caused this problem to happen

what do i need to do to prevent it from happening again.

Thanks

Here are the logs:


========== FILES ==========
File C:\WINDOWS\system32\dnsapi.dll successfully replaced with C:\WINDOWS\system32\dllcache\dnsapi.dll
File C:\WINDOWS\system32\ieframe.dll successfully replaced with C:\WINDOWS\system32\dllcache\ieframe.dll
File C:\WINDOWS\system32\iertutil.dll successfully replaced with C:\WINDOWS\system32\dllcache\iertutil.dll
File C:\WINDOWS\system32\mstask.dll successfully replaced with C:\WINDOWS\ServicePackFiles\i386\mstask.dll
File C:\WINDOWS\system32\ntdsapi.dll successfully replaced with C:\WINDOWS\ServicePackFiles\i386\ntdsapi.dll
Unable to replace file: C:\WINDOWS\system32\shell32.dll with C:\WINDOWS\system32\dllcache\shell32.dll without a reboot.
File C:\WINDOWS\system32\hal.dll successfully replaced with C:\WINDOWS\ServicePackFiles\i386\hal.dll

OTLPE by OldTimer - Version 3.1.45.0 log created on 03102011_232332






OTL logfile created on: 3/10/2011 11:37:24 PM - Run
OTLPE by OldTimer - Version 3.1.45.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 298.00 Mb Available Physical Memory | 58.00% Memory free
458.00 Mb Paging File | 323.00 Mb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 101.55 Gb Total Space | 63.36 Gb Free Space | 62.39% Space Free | Partition Type: FAT32
Drive D: | 10.22 Gb Total Space | 8.54 Gb Free Space | 83.49% Space Free | Partition Type: FAT32
Drive I: | 1.85 Gb Total Space | 1.78 Gb Free Space | 95.77% Space Free | Partition Type: FAT
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Files/Folders - Created Within 30 Days ==========

[2011/03/10 23:23:33 | 002,232,832 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2011/03/09 12:22:33 | 000,123,904 | ---- | C] (Systemintegrasjon AS) -- C:\MbrFix.exe
[2011/03/09 12:04:32 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/03/07 13:16:08 | 000,000,000 | ---D | C] -- C:\NBRT
[2008/01/31 12:30:40 | 058,619,176 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesSetup.exe
[1980/01/01 00:00:00 | 001,301,776 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[1980/01/01 00:00:00 | 000,548,888 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys
[1980/01/01 00:00:00 | 000,221,848 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[1980/01/01 00:00:00 | 000,192,512 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[1980/01/01 00:00:00 | 000,167,352 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[1980/01/01 00:00:00 | 000,086,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys
[1980/01/01 00:00:00 | 000,045,056 | ---- | C] ( ) -- C:\WINDOWS\System32\slserv.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/28 13:30:42 | 002,232,832 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/29 19:08:21 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Ecazer.dat
[2010/11/29 19:08:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Jfumiq.bin
[2009/02/15 21:27:49 | 000,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2008/03/12 16:51:29 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Janine Velardi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/02/21 22:59:09 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS4B.DLL
[2006/02/18 17:05:13 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/08/11 20:25:02 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\Virginia Velardi\Local Settings\Application Data\fusioncache.dat
[2005/05/08 09:53:41 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005/03/28 00:06:48 | 000,000,069 | ---- | C] () -- C:\Documents and Settings\Michael Velardi\default.pls
[2005/03/20 11:40:32 | 000,000,080 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2005/03/11 20:46:33 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/02/12 15:49:03 | 000,111,104 | ---- | C] () -- C:\Documents and Settings\Michael Velardi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/02/11 12:29:24 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\Virginia Velardi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/02/02 12:36:49 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/27 17:24:22 | 000,000,799 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/27 15:54:53 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/27 15:49:55 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/27 15:46:04 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/27 15:45:28 | 000,298,848 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/27 15:40:06 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/27 15:40:05 | 000,441,744 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/27 15:40:05 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/27 15:40:05 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/27 15:40:05 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/27 15:40:04 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/27 15:40:03 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/27 15:40:03 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/27 15:40:01 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/27 15:39:59 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[1980/01/01 00:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.BIN
[1980/01/01 00:00:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll
[1980/01/01 00:00:00 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll
[1980/01/01 00:00:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll
[1980/01/01 00:00:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\slrundll.exe
[1980/01/01 00:00:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[1980/01/01 00:00:00 | 000,005,327 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.DAT
[1980/01/01 00:00:00 | 000,000,503 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

========== LOP Check ==========

[2005/10/06 17:34:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janine Velardi\Application Data\Opera
[2008/07/28 17:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janine Velardi\Application Data\Serif
[2009/03/03 07:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janine Velardi\Application Data\acccore
[2009/03/03 07:27:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janine Velardi\Application Data\QQ Games Plugin
[2005/02/10 14:57:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael Velardi\Application Data\Opera
[2005/03/27 23:09:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael Velardi\Application Data\Snapfish
[2005/05/08 09:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael Velardi\Application Data\Serif
[2010/07/23 20:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michael Velardi\Application Data\ImgBurn
[2005/02/16 00:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia Velardi\Application Data\Opera
[2005/05/15 11:33:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia Velardi\Application Data\Serif
[2009/02/15 21:39:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia Velardi\Application Data\acccore
[2009/02/16 08:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia Velardi\Application Data\QQ Games Plugin
[2009/03/09 19:34:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Virginia Velardi\Application Data\Viewpoint
[2010/11/29 18:54:04 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: DNSAPI.DLL >
[2006/06/26 13:45:20 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=08C13164B042516C4CF010A361ACE204 -- C:\WINDOWS\$hf_mig$\KB920683\SP2QFE\dnsapi.dll
[2008/04/13 20:11:52 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=0A3325D38DB90792BBBE01334F273974 -- C:\WINDOWS\$NtUninstallKB951748$\dnsapi.dll
[2008/04/13 20:11:52 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=0A3325D38DB90792BBBE01334F273974 -- C:\WINDOWS\ServicePackFiles\i386\dnsapi.dll
[2006/06/26 14:37:10 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=16E68F1DB0E37C13A5FB5F9611A38EDC -- C:\WINDOWS\$NtUninstallKB945553$\dnsapi.dll
[2008/06/20 13:41:10 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=176497D0E7AE618860552A4B5635B206 -- C:\WINDOWS\$NtServicePackUninstall$\dnsapi.dll
[2006/05/19 08:59:42 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=1870459BBF6BFD1D5FFB491E62EEB596 -- C:\WINDOWS\$NtUninstallKB920683$\dnsapi.dll
[2008/06/20 13:43:06 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=1C2A6C104E6184B05EEB0C114BE4F150 -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
[2008/02/20 01:32:44 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=4FF71085BABAE623F3FEE11E1F86D9CD -- C:\WINDOWS\$NtUninstallKB951748_0$\dnsapi.dll
[2008/06/20 13:46:58 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=5D3FDE8FB2801A2041D1B965372C4928 -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
[2008/06/20 13:46:58 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=5D3FDE8FB2801A2041D1B965372C4928 -- C:\WINDOWS\system32\dllcache\dnsapi.dll
[2006/05/19 09:46:40 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=620173FF44AD5FF41634E94EC04C1020 -- C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\dnsapi.dll
[2008/02/20 01:19:36 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=C717F090BD94680855F5A7223654581F -- C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsapi.dll
[2004/08/04 05:00:00 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=C76735BFB7214907B4590DD35AE64A79 -- C:\WINDOWS\$NtUninstallKB914388$\dnsapi.dll
[2008/06/20 13:36:12 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=D803BDB34C060035D4753DDA046D5C72 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
[2008/06/20 13:46:58 | 000,147,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll

< MD5 for: HAL.DLL >
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2010/04/08 16:22:26 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:hal.dll
[2010/04/08 16:22:26 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008/04/13 14:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008/04/13 14:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\system32\HAL.DLL
[2004/08/03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: IEFRAME.DLL >
[2007/10/10 18:47:28 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=085800BC9DA7022F4DC86ACA2EBF54D6 -- C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieframe.dll
[2007/10/10 18:55:54 | 006,065,664 | ---- | M] (Microsoft Corporation) MD5=122C2B5BCFE01B899E5B4A41B5AFF55B -- C:\WINDOWS\ie7updates\KB944533-IE7\ieframe.dll
[2007/03/07 13:40:24 | 006,056,448 | ---- | M] (Microsoft Corporation) MD5=12C205B3498368750E65CF44FB8A014B -- C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\ieframe.dll
[2007/12/06 21:01:10 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=17FC07BCC0C811874869387E44138ECD -- C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieframe.dll
[2008/03/01 09:06:24 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=18E53441E472067344DA71FA3298D841 -- C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll
[2008/12/20 18:15:22 | 006,066,688 | ---- | M] (Microsoft Corporation) MD5=1C736F3980C7328077B65C3BB33E80A3 -- C:\WINDOWS\ie7updates\KB963027-IE7\ieframe.dll
[2009/04/29 00:55:58 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=1DC989811B9CD1884C06B05B767F6A4D -- C:\WINDOWS\ie7updates\KB972260-IE7\ieframe.dll
[2008/10/16 15:24:10 | 006,068,224 | ---- | M] (Microsoft Corporation) MD5=233F3168F83CCAEA70EDD0FC6C272A74 -- C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\ieframe.dll
[2008/10/16 15:38:38 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=23DD2287BA2630805E16571CB5E4E3EB -- C:\WINDOWS\ie7updates\KB961260-IE7\ieframe.dll
[2010/03/11 07:49:30 | 006,070,784 | ---- | M] (Microsoft Corporation) MD5=25891590F55C29A6561C53FD67452B0C -- C:\WINDOWS\$hf_mig$\KB980182-IE7\SP3QFE\ieframe.dll
[2007/04/25 05:08:34 | 006,059,008 | ---- | M] (Microsoft Corporation) MD5=335A982BDA98F1FDF06D54E69B226102 -- C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\ieframe.dll
[2006/11/07 21:03:36 | 006,049,280 | ---- | M] (Microsoft Corporation) MD5=39B6E852F8E82107E52809A7DD21FFE0 -- C:\WINDOWS\ie7updates\KB928090-IE7\ieframe.dll
[2010/09/10 01:58:06 | 011,080,192 | ---- | M] (Microsoft Corporation) MD5=3BE4ACC85ECBA994E2735E641AA58404 -- C:\WINDOWS\system32\dllcache\ieframe.dll
[2008/04/22 23:35:36 | 006,068,224 | ---- | M] (Microsoft Corporation) MD5=40E542A45A003715D9B99181865FB205 -- C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
[2009/08/29 03:31:12 | 006,070,784 | ---- | M] (Microsoft Corporation) MD5=4457FBAE53EB951FCFD4A92F4A62FCC4 -- C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\ieframe.dll
[2008/06/23 12:57:34 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=449A8C5F68B889DB4609353649DBC5D3 -- C:\WINDOWS\ie7updates\KB956390-IE7\ieframe.dll
[2007/04/25 04:41:12 | 006,058,496 | ---- | M] (Microsoft Corporation) MD5=453506737B5979F86E323686EB5A86D1 -- C:\WINDOWS\ie7updates\KB937143-IE7\ieframe.dll
[2008/03/01 09:03:02 | 006,067,712 | ---- | M] (Microsoft Corporation) MD5=46B8561E2DF443C030A4D2EB99D36446 -- C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieframe.dll
[2010/05/06 06:41:50 | 011,076,096 | ---- | M] (Microsoft Corporation) MD5=4939E99C1B61017E37A006EEC2E7632D -- C:\WINDOWS\ie8updates\KB2183461-IE8\ieframe.dll
[2010/05/06 06:41:50 | 011,076,096 | ---- | M] (Microsoft Corporation) MD5=4939E99C1B61017E37A006EEC2E7632D -- C:\WINDOWS\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3GDR\ieframe.dll
[2009/10/29 02:45:44 | 006,070,784 | ---- | M] (Microsoft Corporation) MD5=5530B5093740BCFEDDE85C54CE2476BB -- C:\WINDOWS\$hf_mig$\KB976325-IE7\SP3QFE\ieframe.dll
[2007/06/27 10:39:52 | 006,059,008 | ---- | M] (Microsoft Corporation) MD5=5FF4C38AD71DACF843315791837D6D96 -- C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\ieframe.dll
[2009/04/29 00:49:18 | 006,069,248 | ---- | M] (Microsoft Corporation) MD5=629932D1D34AC476AB8EBC78D719B33B -- C:\WINDOWS\$hf_mig$\KB969897-IE7\SP3QFE\ieframe.dll
[2007/08/20 06:04:38 | 006,058,496 | ---- | M] (Microsoft Corporation) MD5=6601D5A71F09F889652EF47AEE3C9081 -- C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
[2010/06/24 17:51:58 | 011,077,120 | ---- | M] (Microsoft Corporation) MD5=680F85FE668E0E571B1AF084AC6232C5 -- C:\WINDOWS\ie8updates\KB2360131-IE8\ieframe.dll
[2010/06/24 17:51:58 | 011,077,120 | ---- | M] (Microsoft Corporation) MD5=680F85FE668E0E571B1AF084AC6232C5 -- C:\WINDOWS\SoftwareDistribution\Download\009eaf510409174fd2f25593db4fddcd\SP3GDR\ieframe.dll
[2009/03/08 04:39:48 | 011,063,808 | ---- | M] (Microsoft Corporation) MD5=729DA5D23A9AD20A6AA353156A126420 -- C:\WINDOWS\ie8updates\KB982381-IE8\ieframe.dll
[2010/05/06 16:06:24 | 011,078,144 | ---- | M] (Microsoft Corporation) MD5=829BC36DEC43E7A9F53E826BAC991540 -- C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\ieframe.dll
[2010/05/06 16:06:24 | 011,078,144 | ---- | M] (Microsoft Corporation) MD5=829BC36DEC43E7A9F53E826BAC991540 -- C:\WINDOWS\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3QFE\ieframe.dll
[2010/05/04 13:20:36 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=8641B27F8DF694C39CA1DBA2F71373FB -- C:\WINDOWS\ie7updates\KB2183461-IE7\ieframe.dll
[2007/06/27 10:34:56 | 006,058,496 | ---- | M] (Microsoft Corporation) MD5=876EA9EBAB608543D9BE7DF1C2B7E63A -- C:\WINDOWS\ie7updates\KB939653-IE7\ieframe.dll
[2010/09/10 11:27:24 | 011,082,240 | ---- | M] (Microsoft Corporation) MD5=8C856AF5F0C1CA61A1EF66B891D785F4 -- C:\WINDOWS\$hf_mig$\KB2360131-IE8\SP3QFE\ieframe.dll
[2009/08/29 03:36:26 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=947523EC3DB3F0148A28848D15C840EF -- C:\WINDOWS\ie7updates\KB976325-IE7\ieframe.dll
[2010/01/05 04:57:28 | 006,071,296 | ---- | M] (Microsoft Corporation) MD5=976F8175CDCD27192196669E052F7C51 -- C:\WINDOWS\$hf_mig$\KB978207-IE7\SP3QFE\ieframe.dll
[2010/05/04 13:20:02 | 006,071,296 | ---- | M] (Microsoft Corporation) MD5=98AF5E356C2D9BF3C0CEDA7484A8297D -- C:\WINDOWS\$hf_mig$\KB982381-IE7\SP3QFE\ieframe.dll
[2008/10/03 13:41:16 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=9A647EB36A8D4C97A15F46CD560E98E2 -- C:\WINDOWS\ie7updates\KB958215-IE7\ieframe.dll
[2009/02/20 14:09:36 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=A280BC1D20C94DDEE22EF9DB507821E0 -- C:\WINDOWS\ie7updates\KB969897-IE7\ieframe.dll
[2009/10/29 02:46:54 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=A8AB8F27F7BBA9CB6C0B8D0534B3C4AE -- C:\WINDOWS\ie7updates\KB978207-IE7\ieframe.dll
[2010/03/11 08:38:52 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=A963827DF78D69BC9E9CACA7427C6EDB -- C:\WINDOWS\ie7updates\KB982381-IE7\ieframe.dll
[2010/01/05 06:00:24 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=BC88680EDB207514D8009BD98761B6BB -- C:\WINDOWS\ie7updates\KB980182-IE7\ieframe.dll
[2009/07/19 09:31:48 | 006,070,784 | ---- | M] (Microsoft Corporation) MD5=BCB67F7FC4EDDDD1D0F3FF9CD41D706C -- C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\ieframe.dll
[2010/06/24 08:15:28 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=BED7CDEFE6353F95B5AB2B2715E7FA81 -- C:\WINDOWS\ie8\ieframe.dll
[2008/10/03 13:26:50 | 006,068,224 | ---- | M] (Microsoft Corporation) MD5=C0F690706C8F4468B17A20530D7B32E2 -- C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieframe.dll
[2008/12/20 18:55:50 | 006,068,736 | ---- | M] (Microsoft Corporation) MD5=CBA0078473E65D8F4BE1A472099162D0 -- C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\ieframe.dll
[2010/06/24 08:16:22 | 006,071,296 | ---- | M] (Microsoft Corporation) MD5=D6D47DBCC1F85FD2B63BB5CD60FAEA72 -- C:\WINDOWS\$hf_mig$\KB2183461-IE7\SP3QFE\ieframe.dll
[2008/04/23 00:16:28 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=D9878DF3C8CFA8CF9E60E6B4777D127F -- C:\WINDOWS\ie7updates\KB953838-IE7\ieframe.dll
[2009/07/19 09:33:00 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=DAABB9EC6CDEE737044E76812D5E1EEB -- C:\WINDOWS\ie7updates\KB974455-IE7\ieframe.dll
[2007/08/20 06:02:10 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=DB25311D6611BAE576DC7E82099CEEB7 -- C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieframe.dll
[2009/02/20 14:09:52 | 006,068,736 | ---- | M] (Microsoft Corporation) MD5=DFAD02C430698F3C28C82380F87B262E -- C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\ieframe.dll
[2007/01/12 09:27:42 | 006,054,400 | ---- | M] (Microsoft Corporation) MD5=EF7C229E63632511742BD214E463F55B -- C:\WINDOWS\ie7updates\KB931768-IE7\ieframe.dll
[2008/06/23 12:01:44 | 006,068,736 | ---- | M] (Microsoft Corporation) MD5=F040C72A8FF607A8A2CA649B2C03AB0C -- C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ieframe.dll
[2007/12/06 22:21:46 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=F1391B0FB54790C469D60E4A1EAB62CC -- C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll
[2007/03/07 13:45:16 | 006,054,400 | ---- | M] (Microsoft Corporation) MD5=FB79E24CE60A07C4E1E6584C9DADB9AA -- C:\WINDOWS\ie7updates\KB933566-IE7\ieframe.dll
[2010/06/24 08:24:44 | 011,079,168 | ---- | M] (Microsoft Corporation) MD5=FBFC0E0CE96C8F3693DF4857EBB37949 -- C:\WINDOWS\$hf_mig$\KB2183461-IE8\SP3QFE\ieframe.dll
[2010/06/24 08:24:44 | 011,079,168 | ---- | M] (Microsoft Corporation) MD5=FBFC0E0CE96C8F3693DF4857EBB37949 -- C:\WINDOWS\SoftwareDistribution\Download\009eaf510409174fd2f25593db4fddcd\SP3QFE\ieframe.dll
[2010/09/10 01:58:06 | 011,080,192 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll

< MD5 for: IERTUTIL.DLL >
[2007/08/20 06:02:10 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=01743A57CA70A91C176A1B5BA72496AB -- C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iertutil.dll
[2009/08/29 03:31:12 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=02BDD5FE51CD53F58CDA085B29F183B9 -- C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\iertutil.dll
[2007/06/27 10:34:56 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=0728ACD0CDBEB6A9B69B3062C546BA57 -- C:\WINDOWS\ie7updates\KB939653-IE7\iertutil.dll
[2010/06/24 08:15:28 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=0C51DB6731F0E0F548582C95BA95992C -- C:\WINDOWS\ie8\iertutil.dll
[2009/02/20 14:09:38 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=0EB06AA08ADFE9BDF78AC6CD914721C2 -- C:\WINDOWS\ie7updates\KB969897-IE7\iertutil.dll
[2008/04/22 23:35:36 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=148139755CE00E3558AE248EEB913E6B -- C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
[2008/04/23 00:16:28 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=19216B68C7CA3750AA91DAB29354F23A -- C:\WINDOWS\ie7updates\KB953838-IE7\iertutil.dll
[2008/10/16 15:38:38 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=21E9A2407A947EF9D788812A2404D57D -- C:\WINDOWS\ie7updates\KB961260-IE7\iertutil.dll
[2010/05/04 13:20:36 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=28D1D65D22D76A07D4E168F64CE6A15A -- C:\WINDOWS\ie7updates\KB2183461-IE7\iertutil.dll
[2007/12/06 22:21:46 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=3844E460C6CAECEAD3B5C782E656BAFD -- C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll
[2009/10/29 02:46:54 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=3B41C69A0CCF62855F691748ADD26E26 -- C:\WINDOWS\ie7updates\KB978207-IE7\iertutil.dll
[2008/10/16 15:24:10 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=3E776F61E3CD7334BA4F04D25A382A3D -- C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\iertutil.dll
[2009/02/20 14:09:52 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=47F3AE3BF4C6E30124B4F456A3944F6A -- C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\iertutil.dll
[2008/03/01 09:06:26 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=4926DE4AB9C86E8B295E7E6797B97782 -- C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll
[2008/08/26 05:08:40 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=496911E0EEFFB07C5803FAEFF2A8F06D -- C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll
[2007/04/25 04:41:12 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=4A73428B9C9D6118FFFB5527FF0AFA1A -- C:\WINDOWS\ie7updates\KB937143-IE7\iertutil.dll
[2007/06/27 10:39:52 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=4D6B0612A862B4CDCD432FABA84EF08D -- C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\iertutil.dll
[2008/12/20 18:55:50 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=51DB5F2D1D5FEDEF5FA920F4EB5BC91E -- C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\iertutil.dll
[2010/03/11 07:49:32 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=52745C1BA2F4B2038BDC84A0D392833D -- C:\WINDOWS\$hf_mig$\KB980182-IE7\SP3QFE\iertutil.dll
[2010/09/10 01:57:24 | 001,987,072 | ---- | M] (Microsoft Corporation) MD5=54B043C9E856C87CE2DE5F2AAAF0BDDA -- C:\WINDOWS\$hf_mig$\KB2360131-IE8\SP3QFE\iertutil.dll
[2009/03/08 04:32:22 | 001,985,024 | ---- | M] (Microsoft Corporation) MD5=58BD4689E1DCD40A903721D7EF45F2EC -- C:\WINDOWS\ie8updates\KB982381-IE8\iertutil.dll
[2010/03/11 08:38:52 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=5C3715E234D70F38C52A689F95DC51F1 -- C:\WINDOWS\ie7updates\KB982381-IE7\iertutil.dll
[2007/03/07 13:40:24 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=634CE313F250DD2A5D5D794C4D1B734D -- C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\iertutil.dll
[2010/06/24 08:21:58 | 001,986,560 | ---- | M] (Microsoft Corporation) MD5=6580AE52C0566E4CDC3053F49176579E -- C:\WINDOWS\ie8updates\KB2360131-IE8\iertutil.dll
[2010/06/24 08:21:58 | 001,986,560 | ---- | M] (Microsoft Corporation) MD5=6580AE52C0566E4CDC3053F49176579E -- C:\WINDOWS\SoftwareDistribution\Download\009eaf510409174fd2f25593db4fddcd\SP3GDR\iertutil.dll
[2009/06/29 12:12:16 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=783E933FFAE1401A05DEB23553C07D3D -- C:\WINDOWS\ie7updates\KB974455-IE7\iertutil.dll
[2007/03/07 13:45:16 | 000,266,752 | ---- | M] (Microsoft Corporation) MD5=79CB5077BB11EE870CDED6B22233304D -- C:\WINDOWS\ie7updates\KB933566-IE7\iertutil.dll
[2007/04/25 05:08:34 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=7EB100F707C0B8322D3F53C8A791BD87 -- C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\iertutil.dll
[2010/05/06 06:41:50 | 001,985,536 | ---- | M] (Microsoft Corporation) MD5=7FBE659ECDC2E61BDA3AA930C1532516 -- C:\WINDOWS\ie8updates\KB2183461-IE8\iertutil.dll
[2010/05/06 06:41:50 | 001,985,536 | ---- | M] (Microsoft Corporation) MD5=7FBE659ECDC2E61BDA3AA930C1532516 -- C:\WINDOWS\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3GDR\iertutil.dll
[2008/03/01 09:03:02 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=8C02077165D143A1320F1B9A905B30F9 -- C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iertutil.dll
[2008/06/23 12:01:44 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=8CBF826E16ACBB5F23ADE30C274B914F -- C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\iertutil.dll
[2009/08/29 03:36:26 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=90E5E67E716E846725BAA05DC7FAE6D9 -- C:\WINDOWS\ie7updates\KB976325-IE7\iertutil.dll
[2008/06/23 12:57:34 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=93367924D08184C697AFF32D48A43887 -- C:\WINDOWS\ie7updates\KB956390-IE7\iertutil.dll
[2009/06/29 12:23:12 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=9B20BF14CC2A13A2BAB7ECAEB05206CE -- C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\iertutil.dll
[2008/08/26 03:24:30 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=A223769899F3D981DEFC81CD791D687F -- C:\WINDOWS\ie7updates\KB958215-IE7\iertutil.dll
[2009/04/29 00:55:58 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=A3E3A66468E4F26CBE9A1FEB0EBFC5E9 -- C:\WINDOWS\ie7updates\KB972260-IE7\iertutil.dll
[2009/10/29 02:45:44 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=A8EDBE192207E3AE7EFC58D857507E98 -- C:\WINDOWS\$hf_mig$\KB976325-IE7\SP3QFE\iertutil.dll
[2010/05/06 06:36:24 | 001,986,048 | ---- | M] (Microsoft Corporation) MD5=AA9B8D2F3BEB369DB82E48C689D7A8FC -- C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\iertutil.dll
[2010/05/06 06:36:24 | 001,986,048 | ---- | M] (Microsoft Corporation) MD5=AA9B8D2F3BEB369DB82E48C689D7A8FC -- C:\WINDOWS\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3QFE\iertutil.dll
[2007/08/20 06:04:38 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=AB7A8CAED7A2DF0072DF34D8DB70A3F4 -- C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
[2007/10/10 18:55:56 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=AF67AAB4ECC886EAAB6912A53FA717DB -- C:\WINDOWS\ie7updates\KB944533-IE7\iertutil.dll
[2007/12/06 21:01:12 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=BC5A4228A5EF48370CFE6DBDAD7D3A8C -- C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iertutil.dll
[2007/01/08 19:02:04 | 000,266,752 | ---- | M] (Microsoft Corporation) MD5=BD3AA3BD1766501431AA5E1B7889971C -- C:\WINDOWS\ie7updates\KB931768-IE7\iertutil.dll
[2010/01/05 06:00:24 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=BF7DFAD80E6991942D362F71BE1EAD1F -- C:\WINDOWS\ie7updates\KB980182-IE7\iertutil.dll
[2010/06/24 08:16:22 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=C0D77293644765C00FEBC52CC5DF3703 -- C:\WINDOWS\$hf_mig$\KB2183461-IE7\SP3QFE\iertutil.dll
[2006/10/17 11:57:20 | 000,266,752 | ---- | M] (Microsoft Corporation) MD5=C9F48C6A6963BAB7D1B5D025212D8F36 -- C:\WINDOWS\ie7updates\KB928090-IE7\iertutil.dll
[2010/06/24 08:24:46 | 001,987,072 | ---- | M] (Microsoft Corporation) MD5=CF78994BA59A6322B6A993C849EDDCF7 -- C:\WINDOWS\$hf_mig$\KB2183461-IE8\SP3QFE\iertutil.dll
[2010/06/24 08:24:46 | 001,987,072 | ---- | M] (Microsoft Corporation) MD5=CF78994BA59A6322B6A993C849EDDCF7 -- C:\WINDOWS\SoftwareDistribution\Download\009eaf510409174fd2f25593db4fddcd\SP3QFE\iertutil.dll
[2010/05/04 13:20:02 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=DD2AA1304C4293A1888AA1A3285A4D88 -- C:\WINDOWS\$hf_mig$\KB982381-IE7\SP3QFE\iertutil.dll
[2007/10/10 18:47:28 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=E744E301A548B4DCCA7F56C41903AE53 -- C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iertutil.dll
[2009/04/29 00:49:18 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=F0054228DF9E36667E10644986B19AAF -- C:\WINDOWS\$hf_mig$\KB969897-IE7\SP3QFE\iertutil.dll
[2010/01/05 04:57:28 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=F546A6E483BE82692D448A872E9E76A9 -- C:\WINDOWS\$hf_mig$\KB978207-IE7\SP3QFE\iertutil.dll
[2008/12/20 18:15:22 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=F9AD085EB1392DC9EFB7698B681C22A2 -- C:\WINDOWS\ie7updates\KB963027-IE7\iertutil.dll
[2010/09/10 01:58:06 | 001,986,560 | ---- | M] (Microsoft Corporation) MD5=FD4542DE00C684FF75590E257556B84C -- C:\WINDOWS\system32\dllcache\iertutil.dll
[2010/09/10 01:58:06 | 001,986,560 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll

< MD5 for: MSTASK.DLL >
[2008/04/13 20:12:00 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=4044E880593FE1AC9942190FCE414BE7 -- C:\WINDOWS\ServicePackFiles\i386\mstask.dll
[2004/08/04 05:00:00 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=DAD1CEF1B77539B4EF734A1041CF95ED -- C:\WINDOWS\$NtServicePackUninstall$\mstask.dll
[2008/04/13 20:12:00 | 000,274,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll

< MD5 for: NTDSAPI.DLL >
[2004/08/04 05:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6201BACF384292A5FE94CE73364AE53A -- C:\WINDOWS\$NtServicePackUninstall$\ntdsapi.dll
[2008/04/13 20:12:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=EC4C0D9BFD9F7E33F8B395AD54E13063 -- C:\WINDOWS\ServicePackFiles\i386\ntdsapi.dll
[2008/04/13 20:12:02 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll

< MD5 for: SHELL32.DLL >
[2008/07/03 08:03:30 | 008,460,800 | ---- | M] (Microsoft Corporation) MD5=06DA8C5383AAF17127FC4B1658BA3F4F -- C:\WINDOWS\$NtServicePackUninstall$\shell32.dll
[2008/06/17 14:02:20 | 008,461,312 | ---- | M] (Microsoft Corporation) MD5=08B99916C98E15F6C28D24D73E53B45A -- C:\WINDOWS\$hf_mig$\KB967715\SP3GDR\shell32.dll
[2008/06/17 14:02:20 | 008,461,312 | ---- | M] (Microsoft Corporation) MD5=08B99916C98E15F6C28D24D73E53B45A -- C:\WINDOWS\$NtUninstallKB2286198$\shell32.dll
[2008/04/13 20:12:06 | 008,461,312 | ---- | M] (Microsoft Corporation) MD5=0CF50B1F45DAB08430C1DBB79FE2CA5B -- C:\WINDOWS\$NtUninstallKB967715$\shell32.dll
[2008/04/13 20:12:06 | 008,461,312 | ---- | M] (Microsoft Corporation) MD5=0CF50B1F45DAB08430C1DBB79FE2CA5B -- C:\WINDOWS\ServicePackFiles\i386\shell32.dll
[2008/06/17 14:04:34 | 008,461,824 | ---- | M] (Microsoft Corporation) MD5=270CE1BFDF019A3D7527F1DA6FB1FA96 -- C:\WINDOWS\$hf_mig$\KB967715\SP3QFE\shell32.dll
[2005/09/22 23:18:20 | 008,452,608 | ---- | M] (Microsoft Corporation) MD5=2B7DD09E1DE64B094409E3D43E248716 -- C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shell32.dll
[2010/07/27 02:30:36 | 008,462,336 | ---- | M] (Microsoft Corporation) MD5=304CFF53C9C9BEB03607ABE94A8FC781 -- C:\WINDOWS\system32\dllcache\shell32.dll
[2007/10/25 22:34:02 | 008,460,288 | ---- | M] (Microsoft Corporation) MD5=3BE4C2E84D99889685FE2B68E5FA2A9D -- C:\WINDOWS\$NtUninstallKB967715_0$\shell32.dll
[2006/03/17 00:46:32 | 008,454,656 | ---- | M] (Microsoft Corporation) MD5=5371E3BAE6FA21C26730C19FA8819335 -- C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\shell32.dll
[2005/02/28 19:06:30 | 008,451,584 | ---- | M] (Microsoft Corporation) MD5=564A479E5FC3A1BC66E2F8082682DAC2 -- C:\WINDOWS\$hf_mig$\KB893086\SP2QFE\shell32.dll
[2004/12/21 15:49:36 | 008,450,048 | ---- | M] (Microsoft Corporation) MD5=5DB5F53F801B616F4B4B7CAE6EE7D1C6 -- C:\WINDOWS\$NtUninstallKB893086$\shell32.dll
[2006/03/17 00:03:54 | 008,452,096 | ---- | M] (Microsoft Corporation) MD5=6DDC1304FC3E6849D2BAD23D95E9573B -- C:\WINDOWS\$NtUninstallKB921398$\shell32.dll
[2004/12/21 15:50:56 | 008,451,072 | ---- | M] (Microsoft Corporation) MD5=88F8875E045AEC0C335E73B9A1FC176E -- C:\WINDOWS\$hf_mig$\KB890047\SP2QFE\shell32.dll
[2005/02/28 19:11:18 | 008,450,048 | ---- | M] (Microsoft Corporation) MD5=9833F278924D028414D7F89BFD4FC46B -- C:\WINDOWS\$NtUninstallKB900725$\shell32.dll
[2006/12/19 15:52:18 | 008,453,632 | ---- | M] (Microsoft Corporation) MD5=ABFCBDA41D2BD08BAA1B0B2DB558DF03 -- C:\WINDOWS\$NtUninstallKB943460$\shell32.dll
[2010/07/27 02:28:54 | 008,463,360 | ---- | M] (Microsoft Corporation) MD5=B65D8CE7C75835906CD21C974B875503 -- C:\WINDOWS\$hf_mig$\KB2286198\SP3QFE\shell32.dll
[2006/07/13 10:03:24 | 008,457,728 | ---- | M] (Microsoft Corporation) MD5=BCDA9264F73B21DF325A10D99C6FB44A -- C:\WINDOWS\$hf_mig$\KB921398\SP2QFE\shell32.dll
[2005/09/22 23:05:30 | 008,450,560 | ---- | M] (Microsoft Corporation) MD5=C1BCFEC67E712B6A00AD00ADFCBFD02E -- C:\WINDOWS\$NtUninstallKB908531$\shell32.dll
[2006/12/19 16:50:10 | 008,458,752 | ---- | M] (Microsoft Corporation) MD5=C21253CC2EA4001EB3D93CD98E9B35FE -- C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\shell32.dll
[2004/08/04 05:00:00 | 008,384,000 | ---- | M] (Microsoft Corporation) MD5=D5988A5048E4DC7175BCA9F29FC144AE -- C:\WINDOWS\$NtUninstallKB890047$\shell32.dll
[2006/07/13 09:33:28 | 008,453,632 | ---- | M] (Microsoft Corporation) MD5=F056B4771408966694DE5D9BF79B48F8 -- C:\WINDOWS\$NtUninstallKB928255$\shell32.dll
[2010/07/27 02:30:36 | 008,462,336 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll
< End of report >
  • 0

#43
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Besides the Boot Sector corrupted, I believe hal.dll was also patched. Lets scan that drive before you install the other.

Posted Image Please download Malwarebytes' Anti-Malware from Here. Never download Malwarebytes' Anti-Malware from other sources.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Please, never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    -----------------------------------------------------------

    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

      If AVG or CA Internet Security Suite is installed, you must remove these programs before using Combofix. If any of these applications will not uninstall, it is first recommended to uninstall it with AppRemover by Opswat. http://www.appremove...ed-applications. Do not use AppRemover on Norton

      -----------------------------------------------------------

    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

    -----------------------------------------------------------

  • Double click on combofix.exe & follow the prompts.
  • Install the Recovery Console if prompted.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" .
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.

Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.
  • 0

#44
Mikevel

Mikevel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6018

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

3/11/2011 9:41:36 AM
mbam-log-2011-03-11 (09-41-36).txt

Scan type: Quick scan
Objects scanned: 232754
Time elapsed: 17 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\virginia velardi\application data\Adobe\plugs\kb1901520484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\virginia velardi\local settings\Temp\0.6543028866674638.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
  • 0

#45
Mikevel

Mikevel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
I have CA associates anti virus should I remove the program completely before running combo fix. I want to get rid of CA antivirus anyway and install another companies program (Kaparsky)

If yes, should i install the new Kaparsky before i run combofix or wait unitl after running it

Edited by Mikevel, 11 March 2011 - 09:37 AM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP