Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Blue screen after KenGenGuru

Started by FlFlipFlop , Mar 08 2011 05:46 PM

  • This topic is locked This topic is locked

#1
FlFlipFlop
Posted 08 March 2011 - 05:46 PM

FlFlipFlop

    New Member

  • Member
  • Pip
  • 6 posts
After downloading and executing a file from KenGenGuru, I have the BSOD on my Sony Vaio (Vista) - nearly identical to the problem in this previous post: Blue Screen of death!.
But I am unable to get the system to boot in safe mode or any other internal method and always returns to the BSOD with the error "Driver less than equal."

Following the instructions listed in this post, I was able to download and burn a REATOGO-X-PE disc and successfully boot the system. However, when booting with REATOGO, I am unable to move any files (such as CF, Spybot SD, etc) to my true desktop and I have no internet connection; so it is difficult to run any resolutions measures. Also the Sony has a One Touch Web option (Splashtop browser) that allows me to use the internet without booting. So I cannot copy any text files or even really get started with following advice here until I get the system booted properly. Thanks in advance for your help.
  • 0

Advertisements

#2
Dakeyras
Posted 10 March 2011 - 06:56 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post the appropriate logs in the Malware Removal forum and wait for help.

Hi and welcome to Geeks to Go. :D

I'm Dakeyras and I am going to try to assist you with your problem. Please take note of the below:

  • I will start working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine!
  • The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Refrain from running self fixes as this will hinder the malware removal process.
  • It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
Next:

Please except my sincere apology, the mistake was mine and I misunderstood your post.

Next:

I would like for your good self to download the below please:

Avira AntiVir Rescue System

Then burn it to either a blank DVD or CD-ROM./R

After that place it in the CD drive of your infected machine and see if will boot-up correctly. If it does post back please and we can proceed from there.
  • 0

#3
FlFlipFlop
Posted 10 March 2011 - 08:54 AM

FlFlipFlop

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Florida storms have knocked out the house internet again. May be several hours til it comes back online, but I'll get right on this when it does. Can the boot up be done using a thumb drive as well? Or does it have to be from disc?
  • 0

#4
Dakeyras
Posted 10 March 2011 - 10:53 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :D

Florida storms have knocked out the house internet again. May be several hours til it comes back online, but I'll get right on this when it does.

OK and I hope not too severe storm wise.

Can the boot up be done using a thumb drive as well? Or does it have to be from disc?

Actually the Avira AntiVir Rescue System can be ran from a USB Drive and or a SD Card:-

Booting the Avira AntiVir Rescue System from USB flash drives or SD(HC) memory cards

After that plug in your USB drive on the infected machine and see if will boot-up correctly from the aforementioned drive. If it does post back please and we can proceed from there.
  • 0

#5
FlFlipFlop
Posted 10 March 2011 - 09:50 PM

FlFlipFlop

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Downloaded and burned files to cd and attempted to boot with the disc. It seemed to make it a bit further (all the way to seeing the desktop) using the disc, but still went back to the blue screen.

On second attempt, the screen went black ( other than the responsive mouse) and the hard drive light flashes. The disc drive is not turning and it does not appear to have booted up, but it acts like it might be scanning files or something.

Without changing anything, I did a F2 BIOS check to view the boot sequence which was optical drive first, then internal hard drive second.

What might be next
  • 0

#6
Dakeyras
Posted 11 March 2011 - 07:30 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :D

Going back what you mentioned in your first post:

Following the instructions listed in this post, I was able to download and burn a REATOGO-X-PE disc and successfully boot the system.

Did you manage to actually get OTLPE to work and or try? If not please do so.

Also as it stands from what you mentioned with regard to the rescue disk(plus the bsod error you mentioned prior)...It maybe possible it is a actual hardware issue or driver related though off course I am not ruling out malware as the culprit just yet.
  • 0

#7
FlFlipFlop
Posted 11 March 2011 - 08:41 AM

FlFlipFlop

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
OTLPE seemed to be up and running when I used the REATOGO boot disc. But even when it dd boot up with REATOGO, there was still no internet connection. I only have the one laptop (infected) - the biggest problem is trying to copy/paste any text to or from the OTLPE, pasting them into a file or post here, or just saving instructions. Using this Spashtop browser (without booting the system), I can save prepared files to a USB, but not create text files, access the internet or hardly anything else. But I will keep trying - maybe I will come up with a way to post the results.
  • 0

#8
Dakeyras
Posted 11 March 2011 - 09:05 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
OK let myself know how you fair...Also there is another set of tools we can try which are similar to what we have so far, can be used with either a CD/DVD or USB drive(though the latter would be preferable and we may be just able to get your machine to boot). :D
  • 0

#9
FlFlipFlop
Posted 11 March 2011 - 03:52 PM

FlFlipFlop

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
I was able to save the entire webpage with instructions as a file, then after getting booted up with REATOGO, used the saved webpage file to copy/paste the custom scans info into OTLPE.
Here's what we've got. If it helps, the problems started about 3/07/11 or 3/08/11.


OTL logfile created on: 3/11/2011 10:05:30 AM - Run
OTLPE by OldTimer - Version 3.1.45.0 Folder = X:\Programs\OTLPE
64bit-Windows Vista ™ Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 288.26 Gb Total Space | 182.46 Gb Free Space | 63.30% Space Free | Partition Type: NTFS
Drive D: | 3.74 Gb Total Space | 3.04 Gb Free Space | 81.29% Space Free | Partition Type: FAT32
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/06/09 13:00:34 | 001,223,024 | ---- | M] (Sony Corporation) [On_Demand] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2009/05/21 16:11:20 | 001,462,544 | ---- | M] (Intel® Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV:64bit: - [2009/05/21 14:31:30 | 000,830,224 | ---- | M] (Intel® Corporation) [Auto] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV:64bit: - [2009/03/02 02:14:36 | 000,844,328 | ---- | M] (Broadcom Corporation.) [Auto] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/02/10 15:02:29 | 000,382,464 | ---- | M] (Marvell) [Auto] -- C:\Windows\System32\ykx64mpcoinst.dll -- (yksvc)
SRV:64bit: - [2009/01/19 18:43:04 | 000,394,536 | ---- | M] (Sony Corporation) [On_Demand] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2009/01/16 23:59:12 | 000,110,376 | ---- | M] (Sony Corporation) [On_Demand] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2009/01/05 21:13:13 | 000,141,344 | ---- | M] (Realtek Semiconductor) [Auto] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:64bit: - [2008/12/19 16:02:10 | 000,411,496 | ---- | M] (Sony Corporation) [Auto] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2008/09/29 15:06:32 | 000,167,424 | ---- | M] (Intel Corporation) [On_Demand] -- C:\Program Files\Sony\VAIO Care\collsvc.exe -- (SampleCollector) Intel®
SRV:64bit: - [2008/04/27 19:00:38 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto] -- C:\Windows\System32\drivers\XAudio64.exe -- (XAudioService)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/08/22 02:21:19 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto] -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2009/07/30 07:06:44 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/21 12:07:44 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009/01/21 12:07:42 | 000,313,264 | ---- | M] (Sony Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2009/01/21 12:07:42 | 000,192,512 | ---- | M] (Sony Corporation) [Auto] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009/01/20 13:56:06 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009/01/20 13:52:18 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009/01/20 13:51:48 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009/01/20 13:51:18 | 000,390,440 | ---- | M] (Sony Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009/01/20 13:50:48 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009/01/19 14:49:24 | 000,203,624 | ---- | M] (Sony Corporation) [Auto] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2009/01/14 15:38:40 | 005,184,872 | ---- | M] (Sony Corporation) [Auto] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009/01/08 02:10:32 | 000,114,688 | ---- | M] (Sony Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/09/18 12:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2008/04/04 12:10:26 | 000,030,152 | ---- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Service)
SRV - [2007/01/04 21:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (All) ==========

DRV:64bit: - [2011/01/20 11:46:10 | 000,900,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV:64bit: - [2010/12/20 12:11:28 | 000,174,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010/12/14 18:51:20 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/09/06 10:34:14 | 000,451,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\srv.sys -- (srv)
DRV:64bit: - [2010/09/06 10:33:51 | 000,175,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\srv2.sys -- (srv2)
DRV:64bit: - [2010/09/06 10:33:49 | 000,145,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet)
DRV:64bit: - [2010/06/16 12:11:35 | 001,426,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip6)
DRV:64bit: - [2010/06/16 12:11:35 | 001,426,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip)
DRV:64bit: - [2010/02/23 06:32:23 | 000,135,680 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV:64bit: - [2010/02/23 06:32:21 | 000,273,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV:64bit: - [2010/02/23 06:32:20 | 000,106,496 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV:64bit: - [2010/02/20 16:30:08 | 000,620,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\http.sys -- (HTTP)
DRV:64bit: - [2010/02/18 06:59:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel)
DRV:64bit: - [2010/02/02 02:32:32 | 000,583,296 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\System32\Drivers\NISx64\1008000.029\ccHPx64.sys -- (ccHP)
DRV:64bit: - [2009/12/08 12:55:32 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV:64bit: - [2009/08/22 02:21:19 | 000,476,720 | ---- | M] (Symantec Corporation) [File_System | On_Demand] -- C:\Windows\System32\Drivers\NISx64\1008000.029\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2009/08/22 02:21:19 | 000,402,992 | ---- | M] (Symantec Corporation) [File_System | Boot] -- C:\Windows\System32\drivers\NISx64\1008000.029\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2009/08/22 02:21:19 | 000,334,384 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\System32\Drivers\NISx64\1008000.029\BHDrvx64.sys -- (BHDrvx64)
DRV:64bit: - [2009/08/22 02:21:19 | 000,278,576 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\System32\Drivers\NISx64\1008000.029\SYMTDI.SYS -- (SYMTDI)
DRV:64bit: - [2009/08/22 02:21:19 | 000,120,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\NISx64\1008000.029\SYMFW.SYS -- (SYMFW)
DRV:64bit: - [2009/08/22 02:21:19 | 000,056,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\NISx64\1008000.029\SYMNDISV.SYS -- (SYMNDISV)
DRV:64bit: - [2009/08/22 02:21:19 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NISx64\1008000.029\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2009/08/22 02:21:19 | 000,031,280 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2009/06/16 01:00:45 | 000,515,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\ksecdd.sys -- (KSecDD)
DRV:64bit: - [2009/05/28 22:52:38 | 005,437,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v64.sys -- (NETw5v64) Intel®
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/13 15:16:44 | 000,204,848 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/04/13 15:16:01 | 000,126,464 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:64bit: - [2009/04/13 15:15:27 | 010,275,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/04/11 02:15:53 | 000,067,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr)
DRV:64bit: - [2009/04/11 02:15:53 | 000,062,440 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\termdd.sys -- (TermDD)
DRV:64bit: - [2009/04/11 02:15:52 | 000,408,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx)
DRV:64bit: - [2009/04/11 02:15:45 | 000,269,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\volsnap.sys -- (volsnap)
DRV:64bit: - [2009/04/11 02:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\ndis.sys -- (NDIS)
DRV:64bit: - [2009/04/11 02:15:33 | 000,361,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\clfs.sys -- (CLFS) Common Log (CLFS)
DRV:64bit: - [2009/04/11 02:15:32 | 000,325,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\acpi.sys -- (ACPI)
DRV:64bit: - [2009/04/11 02:15:32 | 000,275,432 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\Windows\System32\drivers\fltMgr.sys -- (FltMgr)
DRV:64bit: - [2009/04/11 02:15:31 | 000,215,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt)
DRV:64bit: - [2009/04/11 02:15:31 | 000,178,664 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\pci.sys -- (pci)
DRV:64bit: - [2009/04/11 02:15:30 | 000,155,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\ecache.sys -- (Ecache)
DRV:64bit: - [2009/04/11 02:15:25 | 000,073,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr)
DRV:64bit: - [2009/04/11 02:15:25 | 000,067,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\disk.sys -- (disk)
DRV:64bit: - [2009/04/11 02:15:24 | 000,059,880 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\Windows\System32\drivers\mup.sys -- (Mup)
DRV:64bit: - [2009/04/11 00:44:24 | 000,406,016 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\system32\drivers\afd.sys -- (AFD)
DRV:64bit: - [2009/04/11 00:43:46 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp)
DRV:64bit: - [2009/04/11 00:43:40 | 000,169,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ndiswan.sys -- (NdisWan)
DRV:64bit: - [2009/04/11 00:43:39 | 000,098,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\raspptp.sys -- (PptpMiniport)
DRV:64bit: - [2009/04/11 00:43:39 | 000,086,528 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV:64bit: - [2009/04/11 00:43:39 | 000,086,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarp)
DRV:64bit: - [2009/04/11 00:43:38 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV:64bit: - [2009/04/11 00:43:33 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV:64bit: - [2009/04/11 00:43:27 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV:64bit: - [2009/04/11 00:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/04/11 00:43:00 | 000,094,720 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\tdx.sys -- (tdx)
DRV:64bit: - [2009/04/11 00:42:56 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\pacer.sys -- (PSched)
DRV:64bit: - [2009/04/11 00:42:33 | 000,248,320 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\netbt.sys -- (netbt)
DRV:64bit: - [2009/04/11 00:42:19 | 000,088,064 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\smb.sys -- (Smb)
DRV:64bit: - [2009/04/11 00:40:20 | 000,187,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP)
DRV:64bit: - [2009/04/11 00:39:52 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbhub.sys -- (usbhub)
DRV:64bit: - [2009/04/11 00:39:49 | 000,072,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ohci1394.sys -- (ohci1394)
DRV:64bit: - [2009/04/11 00:39:41 | 000,948,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus)
DRV:64bit: - [2009/04/11 00:39:38 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV:64bit: - [2009/04/11 00:39:36 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbehci.sys -- (usbehci)
DRV:64bit: - [2009/04/11 00:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom)
DRV:64bit: - [2009/04/10 23:55:42 | 000,139,264 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV:64bit: - [2009/04/10 23:55:24 | 000,287,744 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\Windows\System32\drivers\rdbss.sys -- (rdbss)
DRV:64bit: - [2009/04/10 23:54:44 | 000,097,792 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC)
DRV:64bit: - [2009/04/10 23:54:21 | 000,299,008 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV:64bit: - [2009/04/10 15:03:29 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/04/10 15:03:27 | 000,134,184 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/04/10 15:03:27 | 000,096,296 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/04/10 15:02:52 | 000,036,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/03/13 15:01:56 | 005,171,200 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/03/02 13:12:18 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2009/03/02 13:12:14 | 000,053,816 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV:64bit: - [2009/02/23 15:07:49 | 000,190,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/02/10 15:02:29 | 000,403,968 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\Windows\System32\drivers\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2009/01/05 21:13:06 | 001,582,880 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RTKVHD64.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV:64bit: - [2008/11/18 19:08:46 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2008/10/22 19:02:17 | 000,085,504 | ---- | M] (REDC) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rimssn64.sys -- (rimsptsk)
DRV:64bit: - [2008/10/22 19:02:08 | 000,076,288 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\risdsn64.sys -- (risdptsk)
DRV:64bit: - [2008/10/20 19:04:26 | 001,168,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athrx.sys -- (athr)
DRV:64bit: - [2008/06/16 05:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\Windows\System32\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2008/05/28 05:23:40 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2008/05/20 17:33:36 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2008/04/29 19:03:13 | 000,388,120 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/04/27 19:00:38 | 000,009,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2008/04/27 19:00:35 | 001,511,936 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2008/04/27 19:00:35 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto] -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV:64bit: - [2008/04/27 19:00:33 | 000,731,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/04/27 19:00:33 | 000,300,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2008/04/24 16:06:42 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2008/04/16 21:36:57 | 000,694,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\bthport.sys -- (BTHPORT)
DRV:64bit: - [2008/04/16 21:36:51 | 000,178,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
DRV:64bit: - [2008/04/16 21:36:49 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\bthenum.sys -- (BthEnum)
DRV:64bit: - [2008/04/16 21:36:47 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\BTHUSB.SYS -- (BTHUSB)
DRV:64bit: - [2008/01/20 21:51:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tdtcp.sys -- (TDTCP)
DRV:64bit: - [2008/01/20 21:51:14 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV:64bit: - [2008/01/20 21:51:07 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV:64bit: - [2008/01/20 21:51:01 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV:64bit: - [2008/01/20 21:50:59 | 000,070,200 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo)
DRV:64bit: - [2008/01/20 21:50:45 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\bowser.sys -- (bowser)
DRV:64bit: - [2008/01/20 21:50:45 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\irenum.sys -- (IRENUM)
DRV:64bit: - [2008/01/20 21:50:39 | 000,881,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000)
DRV:64bit: - [2008/01/20 21:50:39 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs)
DRV:64bit: - [2008/01/20 21:50:25 | 000,070,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\mountmgr.sys -- (MountMgr)
DRV:64bit: - [2008/01/20 21:50:10 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV:64bit: - [2008/01/20 21:50:09 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WUDFRd.sys -- (WUDFRd)
DRV:64bit: - [2008/01/20 21:50:04 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\modem.sys -- (Modem)
DRV:64bit: - [2008/01/20 21:49:58 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV:64bit: - [2008/01/20 21:49:52 | 000,011,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV)
DRV:64bit: - [2008/01/20 21:49:52 | 000,007,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mstee.sys -- (MSTEE)
DRV:64bit: - [2008/01/20 21:49:51 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)
DRV:64bit: - [2008/01/20 21:49:48 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV:64bit: - [2008/01/20 21:49:42 | 000,081,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV:64bit: - [2008/01/20 21:49:42 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy)
DRV:64bit: - [2008/01/20 21:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:64bit: - [2008/01/20 21:49:16 | 000,109,568 | ---- | M] (Microsoft Corporation) [File_System | Auto] -- C:\Windows\system32\drivers\luafv.sys -- (luafv)
DRV:64bit: - [2008/01/20 21:49:15 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr)
DRV:64bit: - [2008/01/20 21:49:15 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio)
DRV:64bit: - [2008/01/20 21:49:00 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\ksthunk.sys -- (ksthunk)
DRV:64bit: - [2008/01/20 21:48:45 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ipnat.sys -- (IPNAT)
DRV:64bit: - [2008/01/20 21:48:45 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV:64bit: - [2008/01/20 21:48:45 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp)
DRV:64bit: - [2008/01/20 21:48:28 | 000,033,280 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace)
DRV:64bit: - [2008/01/20 21:48:27 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\Windows\System32\drivers\netbios.sys -- (NetBIOS)
DRV:64bit: - [2008/01/20 21:48:24 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\rasacd.sys -- (RasAcd)
DRV:64bit: - [2008/01/20 21:47:30 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV:64bit: - [2008/01/20 21:47:28 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ipmidrv.sys -- (IPMIDRV)
DRV:64bit: - [2008/01/20 21:47:28 | 000,035,896 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\i2omp.sys -- (i2omp)
DRV:64bit: - [2008/01/20 21:47:27 | 000,185,912 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV:64bit: - [2008/01/20 21:47:27 | 000,168,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV:64bit: - [2008/01/20 21:47:27 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)
DRV:64bit: - [2008/01/20 21:47:27 | 000,042,040 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\kbdclass.sys -- (kbdclass)
DRV:64bit: - [2008/01/20 21:47:27 | 000,024,120 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\wd.sys -- (Wd)
DRV:64bit: - [2008/01/20 21:47:27 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid)
DRV:64bit: - [2008/01/20 21:47:26 | 000,128,056 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mpio.sys -- (mpio)
DRV:64bit: - [2008/01/20 21:47:26 | 000,078,392 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV:64bit: - [2008/01/20 21:47:25 | 000,149,048 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV:64bit: - [2008/01/20 21:47:25 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbscan.sys -- (usbscan)
DRV:64bit: - [2008/01/20 21:47:25 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\System32\drivers\fdc.sys -- (fdc)
DRV:64bit: - [2008/01/20 21:47:25 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbuhci.sys -- (usbuhci)
DRV:64bit: - [2008/01/20 21:47:04 | 000,113,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\msdsm.sys -- (msdsm)
DRV:64bit: - [2008/01/20 21:47:04 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV:64bit: - [2008/01/20 21:47:03 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\circlass.sys -- (circlass)
DRV:64bit: - [2008/01/20 21:47:02 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network)
DRV:64bit: - [2008/01/20 21:47:01 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:64bit: - [2008/01/20 21:47:01 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbccgp.sys -- (usbccgp)
DRV:64bit: - [2008/01/20 21:47:01 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Dot4Prt.sys -- (Dot4Print)
DRV:64bit: - [2008/01/20 21:47:00 | 000,091,192 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV:64bit: - [2008/01/20 21:47:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\monitor.sys -- (monitor)
DRV:64bit: - [2008/01/20 21:47:00 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\vgapnp.sys -- (vga)
DRV:64bit: - [2008/01/20 21:47:00 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sffdisk.sys -- (sffdisk)
DRV:64bit: - [2008/01/20 21:47:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV:64bit: - [2008/01/20 21:47:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sffp_sd.sys -- (sffp_sd)
DRV:64bit: - [2008/01/20 21:46:59 | 000,397,368 | ---- | M] (Emulex) [Kernel | Disabled] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV:64bit: - [2008/01/20 21:46:59 | 000,290,872 | ---- | M] (Intel Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV:64bit: - [2008/01/20 21:46:59 | 000,068,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\gagp30kx.sys -- (gagp30kx)
DRV:64bit: - [2008/01/20 21:46:59 | 000,067,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\uagp35.sys -- (uagp35)
DRV:64bit: - [2008/01/20 21:46:59 | 000,047,672 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV:64bit: - [2008/01/20 21:46:59 | 000,039,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\mouclass.sys -- (mouclass)
DRV:64bit: - [2008/01/20 21:46:59 | 000,035,896 | ---- | M] (LSI Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV:64bit: - [2008/01/20 21:46:59 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sermouse.sys -- (sermouse)
DRV:64bit: - [2008/01/20 21:46:59 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbprint.sys -- (usbprint)
DRV:64bit: - [2008/01/20 21:46:59 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\System32\drivers\mouhid.sys -- (mouhid)
DRV:64bit: - [2008/01/20 21:46:57 | 000,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008/01/20 21:46:56 | 000,438,328 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV:64bit: - [2008/01/20 21:46:56 | 000,284,728 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV:64bit: - [2008/01/20 21:46:56 | 000,146,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\E1G6032E.sys -- (E1G60) Intel®
DRV:64bit: - [2008/01/20 21:46:56 | 000,105,016 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:64bit: - [2008/01/20 21:46:56 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV:64bit: - [2008/01/20 21:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2008/01/20 21:46:55 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\System32\drivers\flpydisk.sys -- (flpydisk)
DRV:64bit: - [2008/01/20 21:46:55 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\sfloppy.sys -- (sfloppy)
DRV:64bit: - [2008/01/20 21:46:54 | 000,342,584 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV:64bit: - [2008/01/20 21:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV:64bit: - [2008/01/20 21:46:54 | 000,126,520 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV:64bit: - [2008/01/20 21:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV:64bit: - [2008/01/20 21:46:54 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\umbus.sys -- (umbus)
DRV:64bit: - [2008/01/20 21:46:53 | 000,486,456 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV:64bit: - [2008/01/20 21:46:52 | 001,221,176 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV:64bit: - [2008/01/20 21:46:52 | 000,174,696 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV:64bit: - [2008/01/20 21:46:52 | 000,145,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Dot4.sys -- (dot4)
DRV:64bit: - [2008/01/20 21:46:52 | 000,090,680 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV:64bit: - [2008/01/20 21:46:52 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Dot4usb.sys -- (dot4usb)
DRV:64bit: - [2008/01/20 21:46:52 | 000,027,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk)
DRV:64bit: - [2008/01/20 21:46:51 | 000,314,368 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\rdpdr.sys -- (rdpdr)
DRV:64bit: - [2008/01/20 21:46:51 | 000,126,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\nv_agp.sys -- (nv_agp)
DRV:64bit: - [2008/01/20 21:46:51 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV:64bit: - [2008/01/20 21:46:51 | 000,068,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\uliagpkx.sys -- (uliagpkx)
DRV:64bit: - [2008/01/20 21:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\agp440.sys -- (agp440)
DRV:64bit: - [2008/01/20 21:46:51 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\amdk8.sys -- (AmdK8)
DRV:64bit: - [2008/01/20 21:46:51 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\intelppm.sys -- (intelppm)
DRV:64bit: - [2008/01/20 21:46:51 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\processr.sys -- (Processor)
DRV:64bit: - [2008/01/20 21:46:51 | 000,034,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mssmbios.sys -- (mssmbios)
DRV:64bit: - [2008/01/20 21:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\isapnp.sys -- (isapnp)
DRV:64bit: - [2008/01/20 21:46:51 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv)
DRV:64bit: - [2008/01/20 21:46:51 | 000,017,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2008/01/20 21:46:51 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\drmkaud.sys -- (drmkaud)
DRV:64bit: - [2008/01/20 21:46:50 | 000,031,288 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\msahci.sys -- (msahci)
DRV:64bit: - [2008/01/20 21:46:50 | 000,023,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\compbatt.sys -- (Compbatt)
DRV:64bit: - [2008/01/20 21:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\atapi.sys -- (atapi)
DRV:64bit: - [2008/01/20 21:46:50 | 000,019,512 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\intelide.sys -- (intelide)
DRV:64bit: - [2008/01/20 21:46:50 | 000,018,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV:64bit: - [2008/01/20 21:46:50 | 000,018,024 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV:64bit: - [2008/01/20 21:46:50 | 000,015,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\amdide.sys -- (amdide)
DRV:64bit: - [2008/01/20 21:46:50 | 000,015,976 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV:64bit: - [2008/01/20 21:46:50 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV:64bit: - [2008/01/20 21:46:50 | 000,013,416 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\pciide.sys -- (pciide)
DRV:64bit: - [2008/01/20 21:46:50 | 000,013,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\swenum.sys -- (swenum)
DRV:64bit: - [2008/01/20 21:46:50 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\errdev.sys -- (ErrDev)
DRV:64bit: - [2006/11/02 07:03:03 | 000,051,816 | ---- | M] (IBM Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV:64bit: - [2006/11/02 07:02:52 | 000,049,256 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV:64bit: - [2006/11/02 07:02:47 | 000,048,232 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV:64bit: - [2006/11/02 07:02:39 | 000,044,648 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV:64bit: - [2006/11/02 07:02:37 | 000,044,648 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV:64bit: - [2006/11/02 07:02:24 | 000,039,016 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV:64bit: - [2006/11/02 07:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV:64bit: - [2006/11/02 07:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV:64bit: - [2006/11/02 06:51:30 | 000,203,368 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\pcmcia.sys -- (pcmcia)
DRV:64bit: - [2006/11/02 06:50:54 | 000,148,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV:64bit: - [2006/11/02 06:50:27 | 000,124,008 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV:64bit: - [2006/11/02 06:50:06 | 000,090,216 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sbp2port.sys -- (sbp2port)
DRV:64bit: - [2006/11/02 06:50:06 | 000,088,168 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV:64bit: - [2006/11/02 04:44:02 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\bthmodem.sys -- (BTHMODEM)
DRV:64bit: - [2006/11/02 04:44:01 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\hidbth.sys -- (HidBth)
DRV:64bit: - [2006/11/02 04:43:46 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV:64bit: - [2006/11/02 04:43:40 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\usbohci.sys -- (usbohci)
DRV:64bit: - [2006/11/02 04:43:36 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\hidir.sys -- (HidIr)
DRV:64bit: - [2006/11/02 04:43:36 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\System32\drivers\hidusb.sys -- (HidUsb)
DRV:64bit: - [2006/11/02 04:40:24 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\wacompen.sys -- (WacomPen)
DRV:64bit: - [2006/11/02 04:38:02 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\serial.sys -- (Serial)
DRV:64bit: - [2006/11/02 04:37:58 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\serenum.sys -- (Serenum)
DRV:64bit: - [2006/11/02 04:37:57 | 000,096,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\parport.sys -- (Parport)
DRV:64bit: - [2006/11/02 04:37:30 | 000,007,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV:64bit: - [2006/11/02 04:37:30 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mspqm.sys -- (MSPQM)
DRV:64bit: - [2006/11/02 03:43:25 | 000,086,528 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV:64bit: - [2006/11/02 00:28:10 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2006/10/23 21:08:37 | 000,712,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH)
DRV:64bit: - [2006/09/19 06:42:33 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV:64bit: - [2006/09/18 16:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2006/09/18 16:30:18 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV:64bit: - [2006/09/18 16:30:18 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV:64bit: - [2006/09/18 16:30:15 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV:64bit: - [2006/09/18 16:30:15 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2010/11/08 19:50:27 | 000,476,792 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20110303.001\IDSviA64.sys -- (IDSVia64)
DRV - [2010/05/26 03:00:00 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/05/26 03:00:00 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/01/16 00:17:48 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot] -- C:\Windows\SysWow64\drivers\AFS.SYS -- (AFS)
DRV - [2008/11/25 01:41:52 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System] -- C:\Windows\SysWOW64\drivers\DMICall.sys -- (DMICall)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=SNNT&bmod=SNNT
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Cody_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\Cody_ON_C\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\Cody_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\Cody_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=SNNT&bmod=SNNT
IE - HKU\Cody_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\Cody_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Cody_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\LocalService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\NetworkService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)


========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.7.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.2


[2010/10/28 21:47:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cody\AppData\Roaming\Mozilla\Extensions
[2010/10/28 21:47:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cody\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/03/07 04:54:14 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES (X86)\TOMTOM HOME 2\XUL\EXTENSIONS\[email protected]

O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files (x86)\PicLensIE\cooliris.dll (Cooliris Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3:64bit: - HKU\Cody_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\Cody_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Cody_ON_C\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\Cody_ON_C\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RegistrationReminder] C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe (Sony Electronics, Inc.)
O4 - HKLM..\Run: [SmartWiHelper] C:\Program Files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME\TomTomHOME.exe (TomTom)
O4 - HKLM..\Run: [VAIORegistration] C:\Program Files\Sony\First Experience\WelcomeLauncher.exe (Sony Electronics, Inc.)
O4 - HKLM..\Run: [VAIOSurvey] C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe ()
O4 - HKU\Cody_ON_C..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKU\Cody_ON_C..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)
O4 - HKU\Cody_ON_C..\Run: [RIMDeviceManager] C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe (Research In Motion Limited)
O4 - HKU\Cody_ON_C..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\Cody_ON_C..\Run: [TomTomHOME.exe] File not found
O4 - HKU\Cody_ON_C..\Run: [WMPNSCFG] File not found
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4:64bit: - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\System32\WerFault.exe (Microsoft Corporation)
O4 - HKU\Cody_ON_C..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: Locate Spot on Map by GPS - C:\Program Files (x86)\Opanda\IExif 2.3\IExifMap.htm ()
O8:64bit: - Extra context menu item: View Exif/GPS/IPTC with IExif - C:\Program Files (x86)\Opanda\IExif 2.3\IExifCom.htm ()
O8 - Extra context menu item: Locate Spot on Map by GPS - C:\Program Files (x86)\Opanda\IExif 2.3\IExifMap.htm ()
O8 - Extra context menu item: View Exif/GPS/IPTC with IExif - C:\Program Files (x86)\Opanda\IExif 2.3\IExifCom.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files (x86)\PicLensIE\cooliris.dll (Cooliris Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - Cody_ON_C\..Trusted Domains: fnfismd.com ([carenet] https in Trusted sites)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB (VaioInfo.CMClass)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...etup1.0.1.2.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} http://mobileapps.bl...re/AxLoader.cab (RIM AxLoader)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EAC139A9-D22D-4C29-8D1C-252BE63750F9} http://www.cooliris....ed/plinstll.cab (Reg Error: Value error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\SysWow64\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\SysWow64\sysdm.cpl (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\SysWOW64\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img18.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img18.jpg
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{339e62ed-13cd-11e0-abc1-001dbaf2277b}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL http://www.garmin.com/agent
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Autorun\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/03/08 13:09:55 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2011/03/08 12:59:00 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\spybotsd162.exe
[2011/03/08 12:50:07 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/03/08 00:21:02 | 000,000,000 | ---D | C] -- C:\Users\Cody\Desktop\Adobe_Acrobat_Pro_9_2_crack
[2011/03/07 04:58:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyTomTom 3(12)
[2011/03/07 04:54:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TomTom HOME 2
[2011/03/07 04:19:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TomTom HOME
[2011/03/07 04:02:24 | 000,000,000 | ---D | C] -- C:\Users\Cody\Desktop\home_images
[2011/03/06 22:14:06 | 000,000,000 | ---D | C] -- C:\Users\Cody\Documents\From Berg's Old iPhone
[2011/02/27 15:29:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyTomTom 3
[2011/02/27 07:07:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell
[2011/02/27 07:07:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/02/27 07:03:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrsmgr.dll
[2011/02/27 07:03:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011/02/27 07:03:22 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011/02/27 07:03:22 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011/02/27 07:03:09 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmplpxy.dll
[2011/02/27 07:03:09 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrssrv.dll
[2011/02/27 07:02:50 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011/02/27 07:02:49 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pwrshplugin.dll
[2011/02/27 07:02:47 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/02/27 07:02:47 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/02/27 07:02:46 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/02/27 07:02:26 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmRes.dll
[2011/02/27 07:02:26 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011/02/27 07:02:25 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011/02/27 07:02:25 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/02/27 07:02:25 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011/02/27 07:02:25 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtfwd.dll
[2011/02/27 07:02:25 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecutil.exe
[2011/02/27 07:02:25 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecapi.dll
[2011/02/27 07:02:25 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrs.exe
[2011/02/27 07:02:25 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrshost.exe
[2011/02/27 07:02:25 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmprovhost.exe
[2011/02/27 07:01:48 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/02/27 07:01:48 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll
[2011/02/27 07:01:48 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/02/27 07:01:48 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAuto.dll
[2011/02/27 07:01:47 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011/02/27 07:01:47 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManMigrationPlugin.dll
[2011/02/27 07:01:47 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManHTTPConfig.exe
[2011/02/27 07:01:47 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrscmd.dll
[2011/02/27 07:01:46 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/02/27 07:01:46 | 000,348,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/02/25 16:39:11 | 000,101,520 | ---- | C] (Syntek Ltd.) -- C:\Windows\SysWow64\drivers\STK02NW2.sys
[2011/02/25 16:39:11 | 000,033,728 | ---- | C] (Syntek Ltd.) -- C:\Windows\SysWow64\drivers\STK02NW1.sys
[2011/02/25 16:39:10 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\STK02NP.ax
[2011/02/25 16:39:07 | 000,000,000 | ---D | C] -- C:\Windows\STK02N
[2011/02/25 16:38:05 | 000,000,000 | ---D | C] -- C:\Users\Cody\AppData\Roaming\InstallShield
[2011/02/23 20:06:25 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/02/23 20:06:24 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/02/23 20:06:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/02/23 19:58:44 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/02/23 19:58:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/02/23 19:53:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/02/21 23:19:10 | 000,000,000 | ---D | C] -- C:\Users\Cody\Desktop\Thanks 2010
[2011/02/12 23:08:22 | 000,000,000 | ---D | C] -- C:\Users\Cody\Documents\Reference
[2011/02/09 18:00:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/11 08:21:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/11 08:20:54 | 4126,167,040 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/11 08:20:38 | 509,150,247 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/03/11 08:18:39 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/11 08:18:34 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/11 08:15:46 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/11 05:57:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/08 13:09:42 | 000,603,516 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/03/08 13:09:42 | 000,103,586 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/03/08 03:23:10 | 004,282,533 | ---- | M] () -- C:\ComboFix.exe
[2011/03/08 03:00:40 | 001,261,440 | ---- | M] () -- C:\tdsskiller.zip
[2011/03/08 02:59:54 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\spybotsd162.exe
[2011/03/08 00:10:40 | 000,139,796 | ---- | M] () -- C:\Users\Cody\Desktop\Adobe_Acrobat_Pro_9_2_crack.zip
[2011/03/08 00:10:05 | 000,139,492 | ---- | M] () -- C:\Users\Cody\Desktop\Adobe_Acrobat_9_2_key_generator.zip
[2011/03/08 00:09:46 | 000,139,870 | ---- | M] () -- C:\Users\Cody\Desktop\Adobe_Acrobat_9_serial_maker.zip
[2011/03/08 00:07:38 | 000,140,501 | ---- | M] () -- C:\Users\Cody\Desktop\Adobe.Acrobat.Professional.9.0.serial.number.maker.zip
[2011/03/08 00:05:51 | 000,139,778 | ---- | M] () -- C:\Users\Cody\Desktop\Adobe_Acrobat_Professional_9_crack.zip
[2011/03/07 23:36:33 | 000,139,737 | ---- | M] () -- C:\Users\Cody\Desktop\Adobe_Acrobat_Pro_7_crack.zip
[2011/03/07 04:01:48 | 001,156,409 | ---- | M] () -- C:\Users\Cody\Desktop\home_images.zip
[2011/03/06 19:48:44 | 000,021,563 | ---- | M] () -- C:\Users\Cody\Desktop\NC offenderreport.pdf
[2011/03/03 06:27:31 | 000,002,611 | ---- | M] () -- C:\Users\Cody\Desktop\Microsoft Office Word 2007.lnk
[2011/03/02 00:23:23 | 000,116,224 | ---- | M] () -- C:\Users\Cody\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/24 03:14:48 | 000,001,866 | ---- | M] () -- C:\Users\Cody\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/02/23 19:55:46 | 000,000,629 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2011/02/13 07:34:24 | 000,302,000 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/02/13 07:32:03 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/10 20:26:49 | 4126,167,040 | -HS- | C] () -- C:\hiberfil.sys
[2011/03/08 12:58:43 | 001,261,440 | ---- | C] () -- C:\tdsskiller.zip
[2011/03/08 12:58:13 | 004,282,533 | ---- | C] () -- C:\ComboFix.exe
[2011/03/08 00:10:39 | 000,139,796 | ---- | C] () -- C:\Users\Cody\Desktop\Adobe_Acrobat_Pro_9_2_crack.zip
[2011/03/08 00:10:03 | 000,139,492 | ---- | C] () -- C:\Users\Cody\Desktop\Adobe_Acrobat_9_2_key_generator.zip
[2011/03/08 00:09:44 | 000,139,870 | ---- | C] () -- C:\Users\Cody\Desktop\Adobe_Acrobat_9_serial_maker.zip
[2011/03/08 00:07:36 | 000,140,501 | ---- | C] () -- C:\Users\Cody\Desktop\Adobe.Acrobat.Professional.9.0.serial.number.maker.zip
[2011/03/08 00:05:49 | 000,139,778 | ---- | C] () -- C:\Users\Cody\Desktop\Adobe_Acrobat_Professional_9_crack.zip
[2011/03/07 23:36:31 | 000,139,737 | ---- | C] () -- C:\Users\Cody\Desktop\Adobe_Acrobat_Pro_7_crack.zip
[2011/03/07 04:01:44 | 001,156,409 | ---- | C] () -- C:\Users\Cody\Desktop\home_images.zip
[2011/03/06 19:48:44 | 000,021,563 | ---- | C] () -- C:\Users\Cody\Desktop\NC offenderreport.pdf
[2011/02/27 07:01:55 | 000,201,184 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs
[2011/02/27 07:01:55 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/02/27 07:01:55 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml
[2011/02/27 07:01:55 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/02/27 07:01:55 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl
[2011/02/27 07:01:55 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/02/23 19:55:46 | 000,000,629 | ---- | C] () -- C:\Windows\System32\mapisvc.inf
[2011/02/09 18:00:50 | 000,765,952 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/02/09 18:00:50 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/02/09 18:00:50 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2010/01/15 23:56:54 | 000,016,618 | ---- | C] () -- C:\Windows\hpomdl01.dat
[2010/01/08 21:57:50 | 002,128,896 | ---- | C] () -- C:\Users\Cody\AppData\Local\cooliris-win-ie-release-1.11.7.31969.en-US.msi
[2009/12/15 19:50:01 | 002,130,944 | ---- | C] () -- C:\Users\Cody\AppData\Local\cooliris-win-ie-release-1.11.6.31225.en-US.msi
[2009/12/03 09:13:12 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/12/03 09:12:14 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/12/03 09:11:18 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/11/24 10:05:36 | 000,119,868 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2009/11/23 09:55:09 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\pool.bin
[2009/11/02 12:02:12 | 002,124,288 | ---- | C] () -- C:\Users\Cody\AppData\Local\cooliris-win-ie-release-1.11.5.29501.en-US.msi
[2009/07/26 22:47:16 | 000,116,224 | ---- | C] () -- C:\Users\Cody\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/26 15:37:55 | 000,068,824 | ---- | C] () --
[2009/05/09 21:49:07 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2009/04/23 16:18:55 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/04/23 16:10:23 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/04/23 14:31:07 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/04/23 14:31:06 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/04/23 14:31:06 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009/04/23 14:31:05 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/04/23 13:54:33 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 10:42:23 | 000,000,732 | ---- | C] () --
[2006/11/02 10:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 10:02:31 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll
[2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2003/04/05 22:24:44 | 000,020,460 | ---- | C] () -- C:\Windows\hpoins01.dat

========== LOP Check ==========

[2009/05/09 21:56:51 | 000,000,000 | ---D | M] --
[2009/08/22 11:52:02 | 000,000,000 | ---D | M] -- C:\Users\Cody\AppData\Roaming\Blackberry Desktop
[2009/07/29 21:14:59 | 000,000,000 | ---D | M] -- C:\Users\Cody\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/01/12 22:25:36 | 000,000,000 | ---D | M] -- C:\Users\Cody\AppData\Roaming\GARMIN
[2009/12/26 22:15:32 | 000,000,000 | ---D | M] -- C:\Users\Cody\AppData\Roaming\InterVideo
[2009/07/26 21:37:56 | 000,000,000 | ---D | M] -- C:\Users\Cody\AppData\Roaming\Research In Motion
[2009/10/25 11:58:23 | 000,000,000 | ---D | M] -- C:\Users\Cody\AppData\Roaming\Seagull Software
[2010/10/28 21:47:29 | 000,000,000 | ---D | M] -- C:\Users\Cody\AppData\Roaming\TomTom
[2009/07/30 09:32:26 | 000,000,000 | ---D | M] -- C:\Users\Cody\AppData\Roaming\Windows Live Writer
[2011/02/13 07:32:05 | 000,032,642 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: AGP440.SYS >
[2006/11/02 07:03:16 | 000,062,056 | ---- | M] (Microsoft Corporation) MD5=5CCDD13BC602AE33CD8B62D33C29AB72 --
[2008/01/20 21:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 --
[2008/01/20 21:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 --
[2008/01/20 21:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 --
[2008/01/20 21:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008/01/20 21:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/01/20 21:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC --
[2008/01/20 21:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC --
[2008/01/20 21:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2006/11/02 07:01:02 | 000,020,072 | ---- | M] (Microsoft Corporation) MD5=DF96CF8885724430024B7522E5C95722 --
[2009/04/11 02:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 --
[2009/04/11 02:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 06:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysWOW64\cngaudit.dll
[2006/11/02 06:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: EXPLORER.EXE >
[2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008/10/29 01:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009/04/11 02:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009/04/11 02:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008/10/27 21:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008/10/29 01:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008/10/30 00:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008/01/20 21:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008/01/20 21:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe

< MD5 for: IASTOR.SYS >
[2008/04/29 19:03:13 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 --
[2008/04/29 19:03:13 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 --
[2008/04/29 19:03:13 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 --
[2008/04/29 19:03:13 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Windows\Drivers\INF\SATA Driver (Intel) (Non-RAID)\IaStor.sys

< MD5 for: IASTORV.SYS >
[2008/01/20 21:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 --
[2008/01/20 21:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 --
[2008/01/20 21:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys
[2006/11/02 06:51:48 | 000,280,680 | ---- | M] (Intel Corporation) MD5=72C3EE7EA3CD75A772E62AE0E5DF8B8C --

< MD5 for: NETLOGON.DLL >
[2008/01/20 21:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009/04/11 01:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009/04/11 01:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009/04/11 02:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysWOW64\netlogon.dll
[2009/04/11 02:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008/01/20 21:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll

< MD5 for: NTOSKRNL.EXE >
[2009/08/05 09:12:46 | 004,682,824 | ---- | M] (Microsoft Corporation) MD5=0170600F2A613CE3E8CC2B66A6DC7885 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_c88b22db85d6de74\ntoskrnl.exe
[2009/08/05 09:56:15 | 004,691,016 | ---- | M] (Microsoft Corporation) MD5=043EB4B7C74C189E06584411B2C9EB8F -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_c85303fe6c7ce06f\ntoskrnl.exe
[2010/06/08 13:10:22 | 004,688,256 | ---- | M] (Microsoft Corporation) MD5=04C706018E9F0A2C835A427A8AB6EBA1 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_caa9776382d49f58\ntoskrnl.exe
[2009/08/05 09:09:23 | 004,693,576 | ---- | M] (Microsoft Corporation) MD5=0DD0FCFB9609403352FF75656826E82F -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_ca5ec287830c84d1\ntoskrnl.exe
[2009/04/11 02:15:36 | 004,699,608 | ---- | M] (Microsoft Corporation) MD5=1B60CCC70788044404EEFBBB389FC111 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_ca3a763069a24eea\ntoskrnl.exe
[2008/09/17 23:56:29 | 004,694,584 | ---- | M] (Microsoft Corporation) MD5=247A2AAF7E5189716192EE19EC6EC6FB -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_c828c0cc6c9c6f3c\ntoskrnl.exe
[2010/10/15 09:02:22 | 004,689,808 | ---- | M] (Microsoft Corporation) MD5=255A6D981139EFEF605A88E003D1B2A2 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_cac41a9382bfe350\ntoskrnl.exe
[2008/09/17 23:56:10 | 004,429,368 | ---- | M] (Microsoft Corporation) MD5=2A87B3D380E3800BF247D82E58F0FCBA -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_c636b1f06f7ee0e5\ntoskrnl.exe
[2010/06/08 12:18:30 | 004,675,976 | ---- | M] (Microsoft Corporation) MD5=31F137EEB5121654A9448904D89209A2 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_c8dfa7598597c3b3\ntoskrnl.exe
[2010/10/15 09:02:22 | 004,678,032 | ---- | M] (Microsoft Corporation) MD5=3A22B135BC4341025E19B9ADFB26C02A -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_c893f7e585d0874a\ntoskrnl.exe
[2010/10/15 09:02:22 | 004,699,024 | ---- | M] (Microsoft Corporation) MD5=4065E920FB6ED05B5F62A1FB6908C6C5 --
[2010/10/15 09:02:22 | 004,699,024 | ---- | M] (Microsoft Corporation) MD5=4065E920FB6ED05B5F62A1FB6908C6C5 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_ca26dc9e69b0b0ef\ntoskrnl.exe
[2010/02/18 10:01:52 | 004,690,832 | ---- | M] (Microsoft Corporation) MD5=413D579C2CDEF19CD842F4DF4A90C4ED -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_c84066ea6c8a617d\ntoskrnl.exe
[2009/12/08 16:05:14 | 004,412,504 | ---- | M] (Microsoft Corporation) MD5=46B167601033C2DB4E1A727569A8CA31 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21175_none_c6ab8b1b88abff78\ntoskrnl.exe
[2009/07/21 10:52:38 | 004,691,032 | ---- | M] (Microsoft Corporation) MD5=4F9F4E0AEDF19C4C3E3AF8D981663996 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18295_none_c7f2b3166cc4f818\ntoskrnl.exe
[2009/12/08 16:09:06 | 004,425,304 | ---- | M] (Microsoft Corporation) MD5=5183EBE8114DA62A532E275CFB3729CC -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16973_none_c620159a6f8ff9be\ntoskrnl.exe
[2008/09/18 00:56:05 | 004,694,584 | ---- | M] (Microsoft Corporation) MD5=5E31190EF331709EAB9FB66C3683540B -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_c8a0bee785c6ac44\ntoskrnl.exe
[2009/08/05 10:14:15 | 004,412,488 | ---- | M] (Microsoft Corporation) MD5=5E99FFD02816FF54247294C7C9C003B9 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_c6f339678876d685\ntoskrnl.exe
[2009/03/03 00:04:30 | 004,691,424 | ---- | M] (Microsoft Corporation) MD5=65252FED486E5BF1E384CA65C16148C7 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_c88b20f585d6e14d\ntoskrnl.exe
[2008/01/20 21:49:27 | 004,694,072 | ---- | M] (Microsoft Corporation) MD5=6760643D6400CA78640E9DD3824115B1 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_c84efd246c80839e\ntoskrnl.exe
[2009/12/08 16:13:24 | 004,678,232 | ---- | M] (Microsoft Corporation) MD5=6DC7FC9EB17EF1CB809AED351DE91DB9 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22577_none_c893f41985d08cfc\ntoskrnl.exe
[2008/04/26 03:53:54 | 004,694,584 | ---- | M] (Microsoft Corporation) MD5=6DEA6827709FC6F047580111651DFF02 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_c8111e7a6cae7749\ntoskrnl.exe
[2010/02/18 09:28:01 | 004,697,992 | ---- | M] (Microsoft Corporation) MD5=72FD908E7D1F176C00F1EF8F3D1445B0 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_ca3e7b24699eae94\ntoskrnl.exe
[2010/10/15 09:02:22 | 004,692,368 | ---- | M] (Microsoft Corporation) MD5=760A67A51D409EB396D1942D5555435C -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_c836992e6c9193ec\ntoskrnl.exe
[2010/06/08 13:00:36 | 004,697,992 | ---- | M] (Microsoft Corporation) MD5=825926D6AD714A529F4069D9EBBD1D3B -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_c9fb9b0869d1238c\ntoskrnl.exe
[2009/03/02 23:44:15 | 004,427,232 | ---- | M] (Microsoft Corporation) MD5=8B3095B00E832ABFC7047A04E681CCDE -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_c64852866f7240ce\ntoskrnl.exe
[2008/06/12 23:09:42 | 004,694,072 | ---- | M] (Microsoft Corporation) MD5=8D77A46791F64565B8B433DA20D8C26A -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22202_none_c8da9c69859c533d\ntoskrnl.exe
[2010/02/18 10:05:21 | 004,424,072 | ---- | M] (Microsoft Corporation) MD5=8E3658ABC4A2053DBEA37C84E416DEB5 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_c653fcc46f696e9d\ntoskrnl.exe
[2009/08/04 07:47:29 | 004,698,168 | ---- | M] (Microsoft Corporation) MD5=8E43DA6C8040C68446AA4B5D84C8127A -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_c9e0f5f269e5e26d\ntoskrnl.exe
[2009/12/08 15:22:09 | 004,698,184 | ---- | M] (Microsoft Corporation) MD5=9668520760E72E1B1B9EDFB7BFB6A691 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18160_none_c9f4971c69d77504\ntoskrnl.exe
[2008/04/26 03:43:52 | 004,694,584 | ---- | M] (Microsoft Corporation) MD5=A1DC0EFF401FE35688F1046F10BEE5BF -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_c89ebc6d85c87c6f\ntoskrnl.exe
[2009/07/22 14:55:02 | 004,698,696 | ---- | M] (Microsoft Corporation) MD5=AC1AE1A7F7771A64FD4ACDC5D08334A6 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18075_none_c9eec6bc69db1281\ntoskrnl.exe
[2010/02/18 09:22:01 | 004,690,304 | ---- | M] (Microsoft Corporation) MD5=AE0C10C55347383C0CD6CFF3F4794FD7 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_ca94d5ef82e3f36a\ntoskrnl.exe
[2010/02/18 10:10:08 | 004,411,272 | ---- | M] (Microsoft Corporation) MD5=AF706D838B59A6C30D8B46C5C2D9D2FD -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_c6e29ce788828a41\ntoskrnl.exe
[2010/02/18 10:04:01 | 004,678,032 | ---- | M] (Microsoft Corporation) MD5=C0EC74895F90E5E788061C7F305F57D1 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_c8be356585b10108\ntoskrnl.exe
[2009/08/05 10:07:10 | 004,425,288 | ---- | M] (Microsoft Corporation) MD5=C53B06CB817845873A3D32C1BAD33727 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_c669c47a6f590379\ntoskrnl.exe
[2009/12/08 15:05:33 | 004,691,528 | ---- | M] (Microsoft Corporation) MD5=CBA7366E93C4DCAA62005A177EEC2FCE -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22283_none_ca6b94ed830298b5\ntoskrnl.exe
[2009/03/02 23:38:29 | 004,413,936 | ---- | M] (Microsoft Corporation) MD5=CC172711FF2FCE0673321A951B02C379 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_c6df983d888543ee\ntoskrnl.exe
[2010/06/08 12:47:14 | 004,690,832 | ---- | M] (Microsoft Corporation) MD5=CCCD9EE56C92778385A3E715DC3D5ABF -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_c80087ac6cba227a\ntoskrnl.exe
[2009/07/23 14:54:41 | 004,693,560 | ---- | M] (Microsoft Corporation) MD5=D8BB403D63BA0A113E9A4F8E3BF81F8B -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22183_none_ca6b930783029b8e\ntoskrnl.exe
[2009/12/08 15:59:29 | 004,691,032 | ---- | M] (Microsoft Corporation) MD5=E50C900C7F479886F26FA60ADBEE5852 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18377_none_c80a55686cb2f00b\ntoskrnl.exe
[2009/03/03 00:02:29 | 004,692,448 | ---- | M] (Microsoft Corporation) MD5=ED97E8551F0B1844250ED1B07393B10D -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_c83f62d46c8b4dd8\ntoskrnl.exe
[2008/09/17 23:41:28 | 004,416,056 | ---- | M] (Microsoft Corporation) MD5=EFAAC7A874B65DF3F26B5092291D4859 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_c6ddbf878886ddfe\ntoskrnl.exe
[2009/07/23 14:48:10 | 004,682,840 | ---- | M] (Microsoft Corporation) MD5=FDA61279138FDC0CEF095F80EC3CB828 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22478_none_c894f27d85cfa92c\ntoskrnl.exe

< MD5 for: NVSTOR.SYS >
[2006/11/02 07:02:51 | 000,048,232 | ---- | M] (NVIDIA Corporation) MD5=94C5334040A5D500897F4C5FD12AEEDE --
[2008/01/20 21:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA --
[2008/01/20 21:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA --
[2008/01/20 21:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/20 21:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008/01/20 21:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009/04/11 01:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009/04/11 01:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009/04/11 02:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysWOW64\scecli.dll
[2009/04/11 02:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll

< MD5 for: USERINIT.EXE >
[2008/01/20 21:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008/01/20 21:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008/01/20 21:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysWOW64\userinit.exe
[2008/01/20 21:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe

< MD5 for: UXTHEME.DLL >
[2008/01/20 21:51:05 | 000,234,496 | ---- | M] (Microsoft Corporation) MD5=88B630F6AEB5A11F6AD064930B38C2C0 -- C:\Windows\SysWOW64\uxtheme.dll
[2008/01/20 21:51:05 | 000,234,496 | ---- | M] (Microsoft Corporation) MD5=88B630F6AEB5A11F6AD064930B38C2C0 -- C:\Windows\winsxs\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_6.0.6001.18000_none_0c57e0a9f34dce43\uxtheme.dll
[2008/01/20 21:50:25 | 000,317,440 | ---- | M] (Microsoft Corporation) MD5=88DBC757681093478BC80211C21695E5 -- C:\Windows\SysWOW64\uxtheme.dll
[2008/01/20 21:50:25 | 000,317,440 | ---- | M] (Microsoft Corporation) MD5=88DBC757681093478BC80211C21695E5 -- C:\Windows\winsxs\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_6.0.6001.18000_none_02033657beed0c48\uxtheme.dll

< MD5 for: WINLOGON.EXE >
[2009/04/11 02:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysWOW64\winlogon.exe
[2009/04/11 02:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008/01/20 21:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 21:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< %SYSTEMDRIVE%\*.* >
[2009/04/11 01:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2009/04/23 14:29:59 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2011/03/08 03:23:10 | 004,282,533 | ---- | M] () -- C:\ComboFix.exe
[2011/03/11 08:20:54 | 4126,167,040 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/09 21:31:10 | 000,000,187 | ---- | M] () -- C:\Installer_Setup.log
[2011/03/08 04:53:48 | 000,148,178 | ---- | M] () -- C:\OTL.Txt
[2011/03/11 08:20:42 | 144,818,175 | -HS- | M] () -- C:\pagefile.sys
[2009/04/23 16:15:07 | 000,002,531 | ---- | M] () -- C:\RHDSetup.log
[2009/07/29 09:46:08 | 000,559,616 | ---- | M] () -- C:\seatoolsforwindowssetup.msi
[2009/05/09 21:37:20 | 000,000,073 | -H-- | M] () -- C:\splash.idx
[2011/03/08 02:59:54 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\spybotsd162.exe
[2011/03/08 03:00:40 | 001,261,440 | ---- | M] () -- C:\tdsskiller.zip
[2009/05/09 21:52:10 | 000,389,652 | ---- | M] () -- C:\vcredist_x86.log
[2009/04/10 22:06:56 | 000,003,632 | -H-- | M] () -- C:\version

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2008/01/20 23:14:16 | 026,247,168 | ---- | M] () --
[2008/01/20 23:13:53 | 000,110,592 | ---- | M] () --
[2008/01/20 23:14:16 | 000,020,480 | ---- | M] () --
[2006/11/02 07:50:51 | 019,435,520 | ---- | M] () --
[2006/11/02 07:50:51 | 001,806,336 | ---- | M] () --
< End of report >
  • 0

#10
Dakeyras
Posted 11 March 2011 - 04:13 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :D

Try this for myself please, let myself know the outcome/good or bad and we will go from there OK.

Vista Startup Repair:

You will require your Vista DVD for the below.

  • Boot-up your computer from the Vista DVD .
  • If not sure how to, a very good tutorial can be read here
  • You will have to answer a few basic questions then select the option Repair your computer
  • At the the System Recovery Options screen click Windows Vista to highlight then Next>
  • You should now see the Searching for Problems...
  • Note: If given the option to Perform a System Restore, do not select and cancel the option.
  • If problems found let Startup Repair complete and follow the prompts.

  • 0

#11
FlFlipFlop
Posted 11 March 2011 - 09:03 PM

FlFlipFlop

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
I don't have an actual Vista DVD - nothing come with the laptop. I have only Recovery discs. I dont think these are the same.

But I have seen a 'Startup Repair' tool available if I click F8 during the boot attempt, which I think is the same Statup Repair tool (please advise if it is not or if it is necessary to create a Startup Repair disc).
When I just ran that tool, it searched and appeared to repair something (just like shown in tutorial you linked to). Then it restarted, gave the completed box and tried to start up normally - but ended up going back to the blue screen.

Just to be clear about what the system is doing - when attempting to boot up, the black screen displays the file list and stops at C:\Windows\System32\drivers\crcdisk.sys, then goes to the blue screen.
For the single attempt after trying to load Avira, the system actually made it to the desktop, then went to the blue screen.

I see in the OTL results that DRV:64bit: - [2008/01/20 21:46:51 | 000,314,368 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\rdpdr.sys -- (rdpdr)
is listed after the crcdisk.sys file. Do you know if it is normal to say disabled? Is it possible a necessary driver is not loading? Or a registry problem?

I am at your mercy. Thanks again for your continuing efforts.
  • 0

#12
Dakeyras
Posted 12 March 2011 - 06:21 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. ;)

I don't have an actual Vista DVD - nothing come with the laptop. I have only Recovery discs. I dont think these are the same.

Unfortunately no they are not, all they will do is perform what is known as a factory reset(pseudo reformat and reinstallation of the Windows Operating System) which will basically put your machine back to as was when purchased.

But I have seen a 'Startup Repair' tool available if I click F8 during the boot attempt, which I think is the same Statup Repair tool (please advise if it is not or if it is necessary to create a Startup Repair disc).
When I just ran that tool, it searched and appeared to repair something (just like shown in tutorial you linked to). Then it restarted, gave the completed box and tried to start up normally - but ended up going back to the blue screen.

Aye what you mentioned is similar and in the future we could attempt too actually create a independent SR disk but doing so successfully depends on what actual recovery setup in on your machine.

Just to be clear about what the system is doing - when attempting to boot up, the black screen displays the file list and stops at C:\Windows\System32\drivers\crcdisk.sys, then goes to the blue screen.
For the single attempt after trying to load Avira, the system actually made it to the desktop, then went to the blue screen.

Quite helpful this actually, as in explains for myself what is one of the problems with your machine. Basically this is what is known as the Disk Block Verification Filter Driver...As far as I can ascertain malware does not appear to be the culprit here(though still a distinct possibility), probably more of either a actual Hard-ware/Driver issue and or due to a corrupt Windows Update for example.

I see in the OTL results that DRV:64bit: - [2008/01/20 21:46:51 | 000,314,368 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\rdpdr.sys -- (rdpdr)
is listed after the crcdisk.sys file. Do you know if it is normal to say disabled? Is it possible a necessary driver is not loading? Or a registry problem?

This is what as known as the Terminal Server Device Redirector Driver...I had noticed it was disabled and my theory was try what I mentioned in my last post.

I am at your mercy. Thanks again for your continuing efforts.

You're most welcome! We did get off to a wee bit of a rocky start but that was my fault I admit. English is actually a second language for myself and even after all these years of being fairly fluent I still misunderstand some things written if you will. :D :D

Next:

OK levity aside lets try another option first, as with my prior post I am always of the mind check if the most obvious/relatively easy will work before something more esoteric if you wil...

Reboot your machine and depress the Function Key 8 (F8) to acccess Startip Repair, then select the option System Restore. Now you may have to choose a SR point that is quite old, just try any available and see if your machine will boot-up successfully.

Let myself know the outcome please, good or bad and we will go from there.
  • 0

#13
Dakeyras
Posted 15 March 2011 - 03:39 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP