i have been reading many of the threads in this forum and i must say that i think the help you provide to your members is amazing. I am in need of help beacause my laptop will not boot up. When i turn on my laptop it goes to a screen where it shows me the different options to start (ex. Press F2 to view system information ,etc.) I have also tried pressing the system recovery option and many other options but all i see in the screen is a black screen with a blinking underscore on the top left corner.when i hold a function button the laptop makes some kind of beeping noise. My operating system is windows vista model is Compaq presario c700 and i do not have an installation cd nor a system recovery cd. I have read many threads of similar problems and tried making a bootable cd Reatogo-x-PE with the OTLPENET.exe program. After that i started the scan as instructed by the instructors. I have also tried the fix.txt and pressing the fix button. Nothing seems to work please help me as soon as possible. Please tell me if you need any other information. This problem happened after trying to delete the Antimalware doctor program which ive heard its a virus and somehow installed itself to my laptop. Im not sure if i deleted something i wasnt suppose to or the if the program affected my laptop. Also im not sure if i need a different fix or scan file for my laptop. The only way the OTLPE program will work is when i clik on the windows foldder because when i click on my HD C: it gives me an error "Windows is not 2000 or later".
Laptop wont Boot
Started by
TechNooby
, Apr 22 2011 08:37 PM
-
This topic is locked
#1
Posted 22 April 2011 - 08:37 PM
TechNooby
-
- Member
-
- 7 posts
New Member
i have been reading many of the threads in this forum and i must say that i think the help you provide to your members is amazing. I am in need of help beacause my laptop will not boot up. When i turn on my laptop it goes to a screen where it shows me the different options to start (ex. Press F2 to view system information ,etc.) I have also tried pressing the system recovery option and many other options but all i see in the screen is a black screen with a blinking underscore on the top left corner.when i hold a function button the laptop makes some kind of beeping noise. My operating system is windows vista model is Compaq presario c700 and i do not have an installation cd nor a system recovery cd. I have read many threads of similar problems and tried making a bootable cd Reatogo-x-PE with the OTLPENET.exe program. After that i started the scan as instructed by the instructors. I have also tried the fix.txt and pressing the fix button. Nothing seems to work please help me as soon as possible. Please tell me if you need any other information. This problem happened after trying to delete the Antimalware doctor program which ive heard its a virus and somehow installed itself to my laptop. Im not sure if i deleted something i wasnt suppose to or the if the program affected my laptop. Also im not sure if i need a different fix or scan file for my laptop. The only way the OTLPE program will work is when i clik on the windows foldder because when i click on my HD C: it gives me an error "Windows is not 2000 or later".
#2
Posted 22 April 2011 - 09:58 PM
JSntgRvr
-
- Global Moderator
-
- 11,579 posts
Global Moderator
Run OTLPE. Select the Windows folder in the local drive C:. Once in OTLPE, follow these steps:
Save the instructions as a text file in the USB drive.
- Change the following settings
- Change Drivers to All
- Change Standard Registry to All
- Under the Custom Scan box paste this in
/md5start
UXTHEME.DLL
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
userinit.exe
explorer.exe
winlogon.exe
ntoskrnl.exe
/md5stop
C:\*.*
- Press Run Scan to start the scan.
- When finished, the file will be saved in drive C:\OTL.txt
- Copy this file to your USB drive.
- Please post the contents of the C:\OTL.txt file in your reply.
#3
Posted 26 April 2011 - 06:36 PM
TechNooby
- Topic Starter
-
- Member
-
- 7 posts
New Member
OTL logfile created on: 4/27/2011 3:01:09 AM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Windows Vista ™ Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,014.00 Mb Total Physical Memory | 695.00 Mb Available Physical Memory | 69.00% Memory free
902.00 Mb Paging File | 739.00 Mb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 137.58 Gb Total Space | 67.42 Gb Free Space | 49.00% Space Free | Partition Type: NTFS
Drive E: | 11.47 Gb Total Space | 2.01 Gb Free Space | 17.53% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - [2011/02/28 21:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 13:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/01/08 04:51:02 | 000,380,928 | -H-- | M] (Spigot, Inc.) [Auto] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2009/10/20 02:34:55 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe -- (NIS)
SRV - [2009/04/08 00:15:44 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto] -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/03 18:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/06/11 10:14:51 | 000,517,040 | ---- | M] ( ) [Auto] -- C:\Windows\System32\lxdicoms.exe -- (lxdi_device)
SRV - [2007/06/11 10:14:42 | 000,099,248 | ---- | M] () [Auto] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe -- (lxdiCATSCustConnectService)
SRV - [2007/03/05 12:30:06 | 000,110,592 | -H-- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
========== Driver Services (All) ==========
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (NAVEX15)
DRV - File not found [Kernel | On_Demand] -- -- (NAVENG)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand] -- -- (EagleNT)
DRV - [2011/02/22 09:24:10 | 000,213,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV - [2011/02/22 09:24:02 | 000,079,360 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV - [2011/02/22 09:23:59 | 000,106,496 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV - [2011/02/22 09:23:55 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\bowser.sys -- (bowser)
DRV - [2011/02/18 10:03:32 | 000,305,152 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\srv.sys -- (srv)
DRV - [2011/02/18 10:03:10 | 000,146,432 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\srv2.sys -- (srv2)
DRV - [2011/02/18 10:03:06 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\srvnet.sys -- (srvnet)
DRV - [2011/01/20 12:37:37 | 000,638,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV - [2010/09/28 19:44:52 | 000,041,984 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2010/06/16 12:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tcpip.sys -- (Tcpip6)
DRV - [2010/06/16 12:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\tcpip.sys -- (Tcpip)
DRV - [2010/02/20 16:53:34 | 000,411,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\http.sys -- (HTTP)
DRV - [2010/01/18 04:47:57 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/01/17 23:43:18 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/12/08 13:26:18 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV - [2009/12/05 00:54:05 | 000,529,456 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2009/11/05 18:06:13 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\NIS\1101000.013\SymDS.sys -- (SymDS)
DRV - [2009/10/28 18:37:22 | 000,343,088 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20100119.001\IDSvix86.sys -- (IDSVix86)
DRV - [2009/10/20 02:35:50 | 000,501,888 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NIS\1101000.013\ccHPx86.sys -- (ccHP)
DRV - [2009/10/14 21:50:48 | 000,339,504 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NIS\1101000.013\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2009/10/08 22:55:01 | 000,171,056 | R--- | M] (Symantec Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\NIS\1101000.013\SymEFA.sys -- (SymEFA)
DRV - [2009/10/08 22:54:25 | 000,114,736 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NIS\1101000.013\Ironx86.SYS -- (SymIRON)
DRV - [2009/10/08 22:54:10 | 000,325,168 | R--- | M] (Symantec Corporation) [File_System | System] -- C:\Windows\system32\drivers\NIS\1101000.013\SRTSP.SYS -- (SRTSP)
DRV - [2009/10/08 22:54:10 | 000,043,696 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NIS\1101000.013\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009/09/30 21:01:54 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV - [2009/06/15 19:15:25 | 000,439,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009/05/18 17:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/04/11 02:33:03 | 000,292,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volmgrx.sys -- (volmgrx)
DRV - [2009/04/11 02:32:55 | 000,226,280 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2009/04/11 02:32:55 | 000,149,480 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\pci.sys -- (pci)
DRV - [2009/04/11 02:32:52 | 000,053,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\termdd.sys -- (TermDD)
DRV - [2009/04/11 02:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2009/04/11 02:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2009/04/11 02:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\acpi.sys -- (ACPI)
DRV - [2009/04/11 02:32:46 | 000,245,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\clfs.sys -- (CLFS) Common Log (CLFS)
DRV - [2009/04/11 02:32:46 | 000,190,424 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2009/04/11 02:32:46 | 000,180,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\msiscsi.sys -- (iScsiPrt)
DRV - [2009/04/11 02:32:46 | 000,161,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC)
DRV - [2009/04/11 02:32:43 | 000,141,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ecache.sys -- (Ecache)
DRV - [2009/04/11 02:32:31 | 000,054,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (partmgr)
DRV - [2009/04/11 02:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\disk.sys -- (disk)
DRV - [2009/04/11 02:32:31 | 000,048,104 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\atapi.sys -- (atapi)
DRV - [2009/04/11 00:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2009/04/11 00:47:03 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\system32\drivers\afd.sys -- (AFD)
DRV - [2009/04/11 00:46:40 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rassstp.sys -- (RasSstp)
DRV - [2009/04/11 00:46:32 | 000,121,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2009/04/11 00:46:30 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2009/04/11 00:45:56 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\tdx.sys -- (tdx)
DRV - [2009/04/11 00:45:51 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\pacer.sys -- (PSched)
DRV - [2009/04/11 00:45:37 | 000,185,856 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\netbt.sys -- (netbt)
DRV - [2009/04/11 00:45:22 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\smb.sys -- (Smb)
DRV - [2009/04/11 00:43:28 | 000,148,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\nwifi.sys -- (NativeWifiP)
DRV - [2009/04/11 00:43:16 | 000,196,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbhub.sys -- (usbhub)
DRV - [2009/04/11 00:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2009/04/11 00:42:52 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbehci.sys -- (usbehci)
DRV - [2009/04/11 00:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2009/04/11 00:42:48 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\hidusb.sys -- (HidUsb)
DRV - [2009/04/11 00:42:42 | 000,561,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2009/04/11 00:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2009/04/11 00:38:40 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2009/04/11 00:14:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2009/04/11 00:14:29 | 000,225,280 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\rdbss.sys -- (rdbss)
DRV - [2009/04/11 00:14:12 | 000,075,264 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2009/04/11 00:14:01 | 000,035,328 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs)
DRV - [2009/04/11 00:13:59 | 000,226,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (udfs)
DRV - [2009/04/11 00:13:53 | 000,136,704 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\exfat.sys -- (exfat)
DRV - [2009/04/11 00:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat)
DRV - [2008/01/20 22:24:59 | 000,083,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\WUDFRd.sys -- (WUDFRd)
DRV - [2008/01/20 22:24:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV - [2008/01/20 22:24:57 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/01/20 22:24:55 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2008/01/20 22:24:55 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2008/01/20 22:24:55 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/01/20 22:24:51 | 000,006,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mstee.sys -- (MSTEE)
DRV - [2008/01/20 22:24:51 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/01/20 22:24:51 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/01/20 22:24:50 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/01/20 22:24:50 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/01/20 22:24:50 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV - [2008/01/20 22:24:47 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV - [2008/01/20 22:24:47 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\nsiproxy.sys -- (nsiproxy)
DRV - [2008/01/20 22:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2008/01/20 22:24:37 | 000,084,480 | ---- | M] (Microsoft Corporation) [File_System | Auto] -- C:\Windows\system32\drivers\luafv.sys -- (luafv)
DRV - [2008/01/20 22:24:37 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\rspndr.sys -- (rspndr)
DRV - [2008/01/20 22:24:37 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\lltdio.sys -- (lltdio)
DRV - [2008/01/20 22:24:25 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ipnat.sys -- (IPNAT)
DRV - [2008/01/20 22:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV - [2008/01/20 22:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/01/20 22:24:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2008/01/20 22:24:25 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tunnel.sys -- (tunnel)
DRV - [2008/01/20 22:24:25 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008/01/20 22:24:25 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\TUNMP.SYS -- (tunmp)
DRV - [2008/01/20 22:24:21 | 000,027,648 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\filetrace.sys -- (Filetrace)
DRV - [2008/01/20 22:24:20 | 000,035,840 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/01/20 22:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\rasacd.sys -- (RasAcd)
DRV - [2008/01/20 22:24:11 | 000,021,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\spldr.sys -- (spldr)
DRV - [2008/01/20 22:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/01/20 22:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/01/20 22:24:06 | 000,012,800 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2008/01/20 22:24:06 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV - [2008/01/20 22:24:04 | 000,058,936 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\fileinfo.sys -- (FileInfo)
DRV - [2008/01/20 22:24:04 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/01/20 22:23:54 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/01/20 22:23:51 | 000,503,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2008/01/20 22:23:51 | 000,070,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (cdfs)
DRV - [2008/01/20 22:23:51 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/01/20 22:23:50 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\null.sys -- (Null)
DRV - [2008/01/20 22:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\beep.sys -- (Beep)
DRV - [2008/01/20 22:23:43 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/01/20 22:23:31 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV - [2008/01/20 22:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 22:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 22:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbscan.sys -- (usbscan)
DRV - [2008/01/20 22:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 22:23:26 | 000,134,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV - [2008/01/20 22:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 22:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 22:23:26 | 000,041,016 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2008/01/20 22:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 22:23:26 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\circlass.sys -- (circlass)
DRV - [2008/01/20 22:23:26 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\CmBatt.sys -- (CmBatt)
DRV - [2008/01/20 22:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 22:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 22:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 22:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/20 22:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 22:23:24 | 000,022,072 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\wd.sys -- (Wd)
DRV - [2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 22:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 22:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 22:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 22:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2008/01/20 22:23:23 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2008/01/20 22:23:23 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV - [2008/01/20 22:23:23 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sffp_sd.sys -- (sffp_sd)
DRV - [2008/01/20 22:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 22:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/20 22:23:22 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ipmidrv.sys -- (IPMIDRV)
DRV - [2008/01/20 22:23:22 | 000,061,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\gagp30kx.sys -- (gagp30kx)
DRV - [2008/01/20 22:23:22 | 000,059,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\uagp35.sys -- (uagp35)
DRV - [2008/01/20 22:23:22 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\monitor.sys -- (monitor)
DRV - [2008/01/20 22:23:22 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\umbus.sys -- (umbus)
DRV - [2008/01/20 22:23:22 | 000,024,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\crcdisk.sys -- (crcdisk)
DRV - [2008/01/20 22:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/01/20 22:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 22:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 22:23:21 | 000,094,776 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\msdsm.sys -- (msdsm)
DRV - [2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 22:23:21 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/01/20 22:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2008/01/20 22:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 22:23:20 | 000,105,016 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mpio.sys -- (mpio)
DRV - [2008/01/20 22:23:20 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/01/20 22:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/01/20 22:23:20 | 000,034,360 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\mouclass.sys -- (mouclass)
DRV - [2008/01/20 22:23:20 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\fdc.sys -- (fdc)
DRV - [2008/01/20 22:23:20 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (flpydisk)
DRV - [2008/01/20 22:23:20 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sermouse.sys -- (sermouse)
DRV - [2008/01/20 22:23:20 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2008/01/20 22:23:03 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008/01/20 22:23:03 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\usbohci.sys -- (usbohci)
DRV - [2008/01/20 22:23:02 | 000,030,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\i2omp.sys -- (i2omp)
DRV - [2008/01/20 22:23:02 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\vgapnp.sys -- (vga)
DRV - [2008/01/20 22:23:01 | 000,248,832 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/01/20 22:23:01 | 000,109,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\nv_agp.sys -- (nv_agp)
DRV - [2008/01/20 22:23:01 | 000,060,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\uliagpkx.sys -- (uliagpkx)
DRV - [2008/01/20 22:23:01 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\amdagp.sys -- (amdagp)
DRV - [2008/01/20 22:23:01 | 000,056,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\viaagp.sys -- (viaagp)
DRV - [2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\agp440.sys -- (agp440)
DRV - [2008/01/20 22:23:01 | 000,055,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sisagp.sys -- (sisagp)
DRV - [2008/01/20 22:23:01 | 000,052,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volmgr.sys -- (volmgr)
DRV - [2008/01/20 22:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/01/20 22:23:01 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2008/01/20 22:23:01 | 000,031,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/01/20 22:23:01 | 000,016,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\msisadrv.sys -- (msisadrv)
DRV - [2008/01/20 22:23:01 | 000,015,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\swenum.sys -- (swenum)
DRV - [2008/01/20 22:23:00 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\amdk8.sys -- (AmdK8)
DRV - [2008/01/20 22:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\viac7.sys -- (ViaC7)
DRV - [2008/01/20 22:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/01/20 22:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\amdk7.sys -- (AmdK7)
DRV - [2008/01/20 22:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\processr.sys -- (Processor)
DRV - [2008/01/20 22:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\crusoe.sys -- (Crusoe)
DRV - [2008/01/20 22:23:00 | 000,028,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\msahci.sys -- (msahci)
DRV - [2008/01/20 22:23:00 | 000,020,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\compbatt.sys -- (Compbatt)
DRV - [2008/01/20 22:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 22:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 22:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\intelide.sys -- (intelide)
DRV - [2008/01/20 22:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\amdide.sys -- (amdide)
DRV - [2008/01/20 22:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/20 22:23:00 | 000,016,440 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\pciide.sys -- (pciide)
DRV - [2008/01/20 22:23:00 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2008/01/20 22:23:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\errdev.sys -- (ErrDev)
DRV - [2007/10/11 07:17:56 | 000,176,640 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/09/30 02:03:12 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\iaStor.sys -- (iaStor)
DRV - [2007/09/27 20:33:26 | 000,056,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2007/08/20 08:25:56 | 001,790,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/07/10 10:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/07/03 20:59:10 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)
DRV - [2007/07/03 20:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 20:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 20:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007/06/25 07:53:10 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/06/20 07:29:56 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/06/20 07:28:34 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/06/20 07:28:22 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/06/18 19:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/05/30 18:40:42 | 000,735,232 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr)
DRV - [2007/04/23 17:51:08 | 000,050,176 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006/11/02 05:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\pcmcia.sys -- (pcmcia)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 05:04:35 | 000,878,080 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\PEAuth.sys -- (PEAUTH)
DRV - [2006/11/02 04:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2006/11/02 04:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\hidbth.sys -- (HidBth)
DRV - [2006/11/02 04:55:16 | 000,062,080 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2006/11/02 04:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV - [2006/11/02 04:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\hidir.sys -- (HidIr)
DRV - [2006/11/02 04:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\wacompen.sys -- (WacomPen)
DRV - [2006/11/02 04:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2006/11/02 04:51:30 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\serial.sys -- (Serial)
DRV - [2006/11/02 04:51:30 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\parport.sys -- (Parport)
DRV - [2006/11/02 04:51:25 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\serenum.sys -- (Serenum)
DRV - [2006/11/02 04:51:23 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\Windows\system32\drivers\parvdm.sys -- (Parvdm)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 03:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/11/02 03:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/11/02 03:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\Windows\System32\WINSOCK.DLL -- (Winsock)
DRV - [2006/11/02 02:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/06/28 12:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2006/06/18 19:26:58 | 000,012,672 | ---- | M] (Conexant) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\mdmxsdk.sys -- (mdmxsdk)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...sario&pf=laptop
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...sario&pf=laptop
IE - HKU\.DEFAULT\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57152
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Administrator_ON_C\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKU\Administrator_ON_C\..\URLSearchHook: {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - Reg Error: Key error. File not found
IE - HKU\Administrator_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Guest_ON_C\..\URLSearchHook: {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - Reg Error: Key error. File not found
IE - HKU\Guest_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Guest_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\LocalService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\NetworkService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=14196&l=dis
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Owner_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\Owner_ON_C\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKU\Owner_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Owner_ON_C\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll (Spigot, Inc.)
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/01/18 05:03:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\IPSFFPlgn\ [2010/01/17 23:44:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{4C0766D3-67A7-45a3-85A2-752F77312F32}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\coFFPlgn\ [2010/01/17 23:44:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2A4DC605-AB14-40C6-99F5-A347CAAD2899}: C:\Windows\system32\config\systemprofile\AppData\Local\{2A4DC605-AB14-40C6-99F5-A347CAAD2899}\ [2011/04/18 19:54:19 | 000,000,000 | -H-D | M]
O1 HOSTS File: ([2011/04/18 19:54:04 | 000,000,047 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 173.192.170.88 drghwaweg45j4i6u3q32fg2h.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (C:\Windows\system32\m4yipu.dll) - {B9B220C2-A500-99BD-F120-04B53A2C8952} - C:\WINDOWS\System32\m4yipu.dll ()
O2 - BHO: (HP Print Clips) - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (no name) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - No CLSID value found.
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Anudevezuyocadis] C:\Windows\System32\config\systemprofile\AppData\Local\exegumesawegu.dll (Andrea Electronics Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [cftmon] C:\WINDOWS\System32\xnfcz.exe (EXRVXHNUDTSCDT)
O4 - HKLM..\Run: [conhost] C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\conhost.exe ()
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] File not found
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [MqmPd] File not found
O4 - HKLM..\Run: [MqmPfQ] File not found
O4 - HKLM..\Run: [MqmPme] File not found
O4 - HKLM..\Run: [MqmPoc] File not found
O4 - HKLM..\Run: [MqmPqg] File not found
O4 - HKLM..\Run: [MqmPrc] File not found
O4 - HKLM..\Run: [MqmPsd] File not found
O4 - HKLM..\Run: [MqmPte] File not found
O4 - HKLM..\Run: [MqmPth] File not found
O4 - HKLM..\Run: [MqmPusc] File not found
O4 - HKLM..\Run: [MqmPvZ] File not found
O4 - HKLM..\Run: [MqmPwe] File not found
O4 - HKLM..\Run: [MqmPwpc] File not found
O4 - HKLM..\Run: [MqmPY] File not found
O4 - HKLM..\Run: [MqmPz9] File not found
O4 - HKLM..\Run: [MqmPZP] File not found
O4 - HKLM..\Run: [Mqqsc] C:\WINDOWS\drweb.exe ()
O4 - HKLM..\Run: [MqqZ] C:\WINDOWS\cmd.exe ()
O4 - HKLM..\Run: [MqrMc] C:\WINDOWS\gdi32.exe ()
O4 - HKLM..\Run: [MqsZ] C:\WINDOWS\mdm.exe ()
O4 - HKLM..\Run: [Mqug] C:\WINDOWS\smss.exe ()
O4 - HKLM..\Run: [Mqutc] C:\WINDOWS\sysedit.exe ()
O4 - HKLM..\Run: [Mquuf] C:\WINDOWS\spoolsv.exe ()
O4 - HKLM..\Run: [MqvPc] C:\WINDOWS\win32.exe ()
O4 - HKLM..\Run: [Mqvpe] C:\WINDOWS\winamp.exe ()
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QlbCtrl] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QPService] C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [506E7F4A_0] File not found
O4 - HKU\.DEFAULT..\Run: [Hmibupewukuwup] C:\Windows\System32\config\systemprofile\AppData\Local\Wroxdstc.dll (ArcSoft Inc.)
O4 - HKU\.DEFAULT..\Run: [JwWeagugDQKT] C:\ProgramData\JwWeagugDQKT.exe (BitSprx)
O4 - HKU\.DEFAULT..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\.DEFAULT..\Run: [MqmPd] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPfQ] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPme] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPoc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPqg] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPrc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPsd] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPte] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPth] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPusc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPvZ] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPwe] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPwpc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPY] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPz9] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPZP] File not found
O4 - HKU\.DEFAULT..\Run: [Mqqsc] C:\WINDOWS\drweb.exe ()
O4 - HKU\.DEFAULT..\Run: [MqqZ] C:\WINDOWS\cmd.exe ()
O4 - HKU\.DEFAULT..\Run: [MqrMc] C:\WINDOWS\gdi32.exe ()
O4 - HKU\.DEFAULT..\Run: [MqsZ] C:\WINDOWS\mdm.exe ()
O4 - HKU\.DEFAULT..\Run: [Mqug] C:\WINDOWS\smss.exe ()
O4 - HKU\.DEFAULT..\Run: [Mqutc] C:\WINDOWS\sysedit.exe ()
O4 - HKU\.DEFAULT..\Run: [Mquuf] C:\WINDOWS\spoolsv.exe ()
O4 - HKU\.DEFAULT..\Run: [MqvPc] C:\WINDOWS\win32.exe ()
O4 - HKU\.DEFAULT..\Run: [Mqvpe] C:\WINDOWS\winamp.exe ()
O4 - HKU\Administrator_ON_C..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
O4 - HKU\Administrator_ON_C..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\Administrator_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\Administrator_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Guest_ON_C..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
O4 - HKU\Guest_ON_C..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\Guest_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\Guest_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Owner_ON_C..\Run: [arg70techsdk.exe] File not found
O4 - HKU\Owner_ON_C..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\ARO.exe (Sammsoft)
O4 - HKU\Owner_ON_C..\Run: [EDF919B4FAA377BF] C:\winclaster\winclaster.exe (Yprcf Icntvwmosb)
O4 - HKU\Owner_ON_C..\Run: [ehTray.exe] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKU\Owner_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\Owner_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: WinUpdates = C:\Windows\windupdate\svchost.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: yj9khn = C:\Windows\TEMP\jizz.exe
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Guest_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Windows\system32\config\systemprofile\AppData\Roaming\dwm.exe) - C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\dwm.exe ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {B9B220C2-A500-99BD-F120-04B53A2C8952} - yshbef87w3hubdjnjksdf - C:\WINDOWS\System32\m4yipu.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\CompaqTrace.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\CompaqTrace.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/02/27 03:45:25 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 11:18:54 | 000,000,340 | -HS- | M] () - E:\AUTOMODE -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{98ae1e19-7b98-11dd-a1d8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{98ae1e19-7b98-11dd-a1d8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\hbcd\wintools\autorun.exe
O33 - MountPoints2\{98ae1e19-7b98-11dd-a1d8-806e6f6e6963}\Shell\Option1\Command - "" = E:\hbcd\wintools\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/04/24 02:39:56 | 000,000,000 | ---D | C] -- C:\Program Files\Smart-ActiveX
[2011/04/22 21:57:20 | 002,234,368 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2011/04/22 18:27:38 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/04/18 20:01:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011/04/18 20:01:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011/04/18 19:56:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/04/18 19:55:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Identities
[2011/04/18 19:54:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\{2A4DC605-AB14-40C6-99F5-A347CAAD2899}
[2011/04/18 19:51:54 | 000,405,504 | ---- | C] (EXRVXHNUDTSCDT) -- C:\Windows\System32\xnfcz.exe
[2011/04/18 19:51:15 | 000,569,344 | ---- | C] (BitSprx) -- C:\ProgramData\JwWeagugDQKT.exe
[2011/04/18 19:51:14 | 000,000,000 | ---D | C] -- C:\Temp
[2011/04/18 19:51:01 | 000,000,000 | ---D | C] -- C:\Windows\windupdate
[2011/04/18 16:30:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\Adobe
[2011/04/18 16:07:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/04/18 13:53:09 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Macromedia
[2011/04/18 13:53:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Adobe
[2011/04/18 13:24:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6E9ED99F-F492-44D0-895A-4641EA3196CD}
[2011/04/18 13:22:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antimalware Doctor
[2011/04/18 01:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011/04/18 01:24:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\uTorrent
[2011/04/14 23:13:15 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/04/14 23:13:15 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/04/14 23:13:13 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/04/14 23:13:13 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/04/14 23:13:04 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/04/14 23:13:04 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/14 23:13:03 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/04/14 23:13:03 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/14 23:13:02 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/14 23:13:02 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/14 23:13:02 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/04/14 23:13:02 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/04/14 23:13:02 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/04/14 23:13:02 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/04/14 23:13:02 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/04/14 23:13:02 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/04/14 23:13:02 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/04/14 23:13:02 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/14 23:13:01 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/14 23:13:01 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/04/14 23:13:01 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/04/14 23:12:58 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/04/14 23:12:56 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/04/14 23:12:50 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/14 23:12:50 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/04/07 14:03:44 | 000,000,000 | ---D | C] -- C:\27af692dc708fcf898bda1f57c921a01
[2011/04/07 14:03:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/04/07 14:03:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011/04/04 13:01:45 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/04/01 03:07:51 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2011/04/01 03:07:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011/03/30 20:21:41 | 000,000,000 | ---D | C] -- C:\5508e34d966670d992f8aa2c0a78
[2011/03/30 20:09:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/03/30 20:02:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011/03/30 20:02:09 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/03/30 20:02:09 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/03/30 20:02:09 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/03/30 20:02:05 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011/03/30 20:02:05 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011/03/30 20:02:00 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011/03/30 20:02:00 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/03/30 20:02:00 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011/03/30 20:02:00 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011/03/30 20:02:00 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011/03/30 20:01:47 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/03/30 20:01:47 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011/03/30 20:01:47 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/03/30 20:01:47 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/03/30 20:01:46 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/03/29 03:09:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2011/03/29 03:04:14 | 000,000,000 | ---D | C] -- C:\Nexon
[2011/03/29 03:04:08 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS
[2011/03/29 00:24:51 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\PMB Files
[2011/03/29 00:24:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011/03/29 00:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2011/03/28 23:44:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\AVS4YOU
[2011/03/28 23:40:20 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\AVSMedia
[2011/03/28 23:39:27 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll
[2011/03/28 23:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2011/03/28 23:39:27 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2011/03/28 23:19:54 | 000,000,000 | ---D | C] -- C:\Program Files\Search Toolbar
[2011/03/28 21:42:48 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011/03/28 20:55:28 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/03/28 20:55:27 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/03/28 20:54:58 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/03/28 20:54:57 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/03/28 20:54:57 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/03/28 20:54:57 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2010/01/19 22:56:52 | 000,377,344 | ---- | C] (ELAN Microelectronic Corp.) -- C:\Users\Owner\AppData\Local\ufeheraj.dll
[2010/01/19 22:56:52 | 000,274,432 | -H-- | C] (Andrea Electronics Corporation) -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\exegumesawegu.dll
[2010/01/19 22:56:52 | 000,118,784 | -H-- | C] (ArcSoft Inc.) -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\Wroxdstc.dll
[2010/01/19 22:56:52 | 000,089,088 | ---- | C] (FileZilla Project) -- C:\Users\Owner\AppData\Local\Lenphlbr.dll
[2009/04/07 01:10:54 | 000,311,296 | ---- | C] ( ) -- C:\Windows\System32\lxdihcp.dll
[2009/04/07 01:10:53 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\lxdiinpa.dll
[2009/04/07 01:10:53 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdiiesc.dll
[2009/04/07 01:10:52 | 001,187,840 | ---- | C] ( ) -- C:\Windows\System32\lxdiserv.dll
[2009/04/07 01:10:52 | 000,942,080 | ---- | C] ( ) -- C:\Windows\System32\lxdiusb1.dll
[2009/04/07 01:10:52 | 000,614,400 | ---- | C] ( ) -- C:\Windows\System32\lxdipmui.dll
[2009/04/07 01:10:52 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdiprox.dll
[2009/04/07 01:10:52 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdipplc.dll
[2009/04/07 01:10:51 | 000,532,480 | ---- | C] ( ) -- C:\Windows\System32\lxdilmpm.dll
[2009/04/07 01:10:51 | 000,320,432 | ---- | C] ( ) -- C:\Windows\System32\lxdiih.exe
[2009/04/07 01:10:50 | 000,671,744 | ---- | C] ( ) -- C:\Windows\System32\lxdihbn3.dll
[2009/04/07 01:10:49 | 000,517,040 | ---- | C] ( ) -- C:\Windows\System32\lxdicoms.exe
[2009/04/07 01:10:49 | 000,360,448 | ---- | C] ( ) -- C:\Windows\System32\lxdicomm.dll
[2009/04/07 01:10:48 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxdicomc.dll
[2009/04/07 01:10:48 | 000,340,912 | ---- | C] ( ) -- C:\Windows\System32\lxdicfg.exe
========== Files - Modified Within 30 Days ==========
[2011/04/18 20:17:42 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/18 20:17:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/18 20:03:45 | 000,016,220 | -H-- | M] () -- C:\Windows\win32.exe
[2011/04/18 20:03:45 | 000,016,220 | -H-- | M] () -- C:\Windows\mdm.exe
[2011/04/18 20:03:45 | 000,016,220 | -H-- | M] () -- C:\Windows\cmd.exe
[2011/04/18 20:03:45 | 000,015,968 | -H-- | M] () -- C:\Windows\sysedit.exe
[2011/04/18 20:01:59 | 000,000,184 | ---- | M] () -- C:\ProgramData\~44031752
[2011/04/18 20:01:55 | 000,000,152 | ---- | M] () -- C:\ProgramData\~44031752r
[2011/04/18 20:01:46 | 000,000,595 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | M] () -- C:\Users\Owner\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | M] () -- C:\Users\Guest\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | M] () -- C:\Users\Administrator\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011/04/18 20:00:23 | 000,000,336 | ---- | M] () -- C:\ProgramData\44031752
[2011/04/18 20:00:19 | 000,487,424 | ---- | M] () -- C:\ProgramData\44031752.exe
[2011/04/18 19:58:25 | 000,003,228 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\AppData\Roaming\092A.BC9
[2011/04/18 19:58:03 | 000,016,220 | -H-- | M] () -- C:\Windows\spoolsv.exe
[2011/04/18 19:58:03 | 000,015,968 | -H-- | M] () -- C:\Windows\smss.exe
[2011/04/18 19:58:03 | 000,015,968 | -H-- | M] () -- C:\Windows\drweb.exe
[2011/04/18 19:54:43 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\AppData\Local\Anafiyiy.bin
[2011/04/18 19:54:42 | 000,000,120 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\AppData\Local\Mcesamewobey.dat
[2011/04/18 19:54:04 | 000,000,047 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/04/18 19:52:29 | 000,195,584 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\AppData\Roaming\dwm.exe
[2011/04/18 19:52:26 | 000,000,211 | ---- | M] () -- C:\Windows\System32\winset.ini
[2011/04/18 19:51:54 | 000,405,504 | ---- | M] (EXRVXHNUDTSCDT) -- C:\Windows\System32\xnfcz.exe
[2011/04/18 19:51:54 | 000,000,166 | ---- | M] () -- C:\Windows\System32\delme.bat
[2011/04/18 19:51:36 | 000,100,000 | -H-- | M] () -- C:\Windows\winamp.exe
[2011/04/18 19:51:36 | 000,100,000 | -H-- | M] () -- C:\Windows\gdi32.exe
[2011/04/18 19:51:15 | 000,050,000 | ---- | M] () -- C:\Windows\System32\m4yipu.dll
[2011/04/18 19:51:08 | 000,569,344 | ---- | M] (BitSprx) -- C:\ProgramData\JwWeagugDQKT.exe
[2011/04/18 19:07:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/18 19:07:09 | 119,012,540 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/04/18 17:24:38 | 000,000,120 | ---- | M] () -- C:\Users\Owner\AppData\Local\Mcesamewobey.dat
[2011/04/18 17:18:06 | 000,007,680 | ---- | M] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/18 16:59:58 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
[2011/04/18 13:24:15 | 000,000,000 | ---- | M] () -- C:\Users\Owner\AppData\Local\Anafiyiy.bin
[2011/04/18 13:22:42 | 000,001,069 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
[2011/04/18 13:22:41 | 000,001,081 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk
[2011/04/18 07:54:10 | 000,000,000 | RH-- | M] () -- C:\2501i18lkr
[2011/04/17 21:22:40 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D4A56E26-F1A8-42CD-874E-437B04B68BD8}.job
[2011/04/16 15:34:08 | 000,312,336 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/16 14:56:20 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/16 14:56:19 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/12 00:00:10 | 000,000,664 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Owner.job
[2011/04/07 18:00:34 | 000,001,356 | ---- | M] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2011/04/07 14:03:14 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/04/04 13:01:45 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2011/04/01 03:07:49 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011/03/30 20:09:42 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/03/30 20:09:42 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/03/29 03:09:21 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2011/03/29 02:54:04 | 2355,765,613 | ---- | M] () -- C:\Users\Owner\Desktop\MSSetupv96.exe
[2011/03/28 23:19:01 | 004,562,491 | ---- | M] () -- C:\Users\Owner\Desktop\YouTubeDownloaderSetup265.exe
========== Files Created - No Company Name ==========
[2011/04/18 20:03:45 | 000,016,220 | -H-- | C] () -- C:\Windows\win32.exe
[2011/04/18 20:03:45 | 000,016,220 | -H-- | C] () -- C:\Windows\mdm.exe
[2011/04/18 20:03:45 | 000,016,220 | -H-- | C] () -- C:\Windows\cmd.exe
[2011/04/18 20:01:55 | 000,000,184 | ---- | C] () -- C:\ProgramData\~44031752
[2011/04/18 20:01:55 | 000,000,152 | ---- | C] () -- C:\ProgramData\~44031752r
[2011/04/18 20:01:46 | 000,000,595 | -H-- | C] () -- C:\Windows\system32\config\systemprofile\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | C] () -- C:\Users\Owner\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | C] () -- C:\Users\Guest\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | C] () -- C:\Users\Administrator\Desktop\Windows Recovery.lnk
[2011/04/18 20:00:23 | 000,000,336 | ---- | C] () -- C:\ProgramData\44031752
[2011/04/18 20:00:19 | 000,487,424 | ---- | C] () -- C:\ProgramData\44031752.exe
[2011/04/18 19:58:03 | 000,016,220 | -H-- | C] () -- C:\Windows\spoolsv.exe
[2011/04/18 19:58:03 | 000,015,968 | -H-- | C] () -- C:\Windows\smss.exe
[2011/04/18 19:58:03 | 000,015,968 | -H-- | C] () -- C:\Windows\drweb.exe
[2011/04/18 19:56:10 | 000,000,961 | -H-- | C] () -- C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/04/18 19:55:25 | 000,000,956 | -H-- | C] () -- C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/04/18 19:54:50 | 000,000,927 | -H-- | C] () -- C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/04/18 19:54:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\Anafiyiy.bin
[2011/04/18 19:54:42 | 000,000,120 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\Mcesamewobey.dat
[2011/04/18 19:52:29 | 000,195,584 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\dwm.exe
[2011/04/18 19:52:04 | 000,003,228 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\092A.BC9
[2011/04/18 19:51:54 | 000,000,166 | ---- | C] () -- C:\Windows\System32\delme.bat
[2011/04/18 19:51:51 | 000,000,211 | ---- | C] () -- C:\Windows\System32\winset.ini
[2011/04/18 19:51:37 | 000,015,968 | -H-- | C] () -- C:\Windows\sysedit.exe
[2011/04/18 19:51:36 | 000,100,000 | -H-- | C] () -- C:\Windows\winamp.exe
[2011/04/18 19:51:36 | 000,100,000 | -H-- | C] () -- C:\Windows\gdi32.exe
[2011/04/18 19:51:15 | 000,050,000 | ---- | C] () -- C:\Windows\System32\m4yipu.dll
[2011/04/18 19:45:05 | 134,217,728 | ---- | C] () -- C:\Users\Owner\Desktop\dd-pkmp.nds
[2011/04/18 16:07:04 | 119,012,540 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/04/18 13:24:15 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\Anafiyiy.bin
[2011/04/18 13:24:14 | 000,000,120 | ---- | C] () -- C:\Users\Owner\AppData\Local\Mcesamewobey.dat
[2011/04/18 13:22:41 | 000,001,081 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk
[2011/04/18 13:22:41 | 000,001,069 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
[2011/04/18 07:54:10 | 000,000,000 | RH-- | C] () -- C:\2501i18lkr
[2011/03/30 20:01:52 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/03/30 20:01:52 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/03/30 20:01:51 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/03/29 01:33:37 | 2355,765,613 | ---- | C] () -- C:\Users\Owner\Desktop\MSSetupv96.exe
[2011/03/28 23:18:54 | 004,562,491 | ---- | C] () -- C:\Users\Owner\Desktop\YouTubeDownloaderSetup265.exe
[2010/01/19 22:56:53 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/01/19 22:56:53 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/01/19 22:56:30 | 000,226,280 | ---- | C] () -- C:\Windows\System32\drivers\volsnap.sys
[2010/01/17 23:09:30 | 000,001,356 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2009/04/07 01:17:07 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxdicoin.dll
[2009/04/07 01:13:40 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXF3PMON.DLL
[2009/04/07 01:13:40 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXF3FXPU.DLL
[2009/04/07 01:13:20 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lxf3oem.dll
[2009/04/07 01:13:20 | 000,012,288 | ---- | C] () -- C:\Windows\System32\LXF3PMRC.DLL
[2009/04/07 01:11:05 | 000,000,060 | -H-- | C] () -- C:\Windows\System32\lxdirwrd.ini
[2009/04/07 01:10:54 | 000,294,912 | ---- | C] () -- C:\Windows\System32\lxdiinst.dll
[2009/04/07 01:10:50 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdigrd.dll
[2008/09/30 22:39:38 | 000,007,680 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/27 23:39:08 | 000,000,114 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\wklnhst.dat
[2008/09/26 13:16:40 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/05/21 22:19:06 | 000,155,648 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2008/02/27 03:59:45 | 000,101,605 | ---- | C] () -- C:\Windows\hpqins13.dat
[2007/08/20 08:34:08 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1318.dll
[2007/08/20 08:25:00 | 000,910,720 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/08/20 08:10:18 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007/03/23 15:44:45 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxdidrs.dll
[2007/02/09 14:07:06 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxdicnv4.dll
[2007/01/23 19:40:16 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxdicaps.dll
[2006/11/02 09:02:10 | 000,001,356 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\d3d9caps.dat
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,312,336 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/08/01 01:53:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdivs.dll
========== LOP Check ==========
[2008/09/22 21:56:47 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\7Wonders
[2008/10/07 20:18:01 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\FrostWire
[2008/09/22 18:39:46 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\WildTangent
[2008/10/07 22:34:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\7Wonders
[2011/04/18 00:21:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FrostWire
[2009/04/07 22:04:38 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Lexmark Productivity Studio
[2011/01/16 04:52:40 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenCandy
[2008/10/09 21:33:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PlayFirst
[2011/01/16 04:59:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Sammsoft
[2008/10/09 20:52:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Sierra Online
[2008/09/27 23:39:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Template
[2010/01/28 22:05:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Tific
[2011/04/18 18:54:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent
[2008/09/21 23:57:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WildTangent
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2008/09/05 18:40:22 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2009/04/07 01:30:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Lx_cats
[2008/02/27 03:44:55 | 000,000,000 | ---D | M] -- C:\ProgramData\muvee Technologies
[2011/03/29 03:04:08 | 000,000,000 | ---D | M] -- C:\ProgramData\NexonUS
[2010/01/17 23:19:27 | 000,000,000 | ---D | M] -- C:\ProgramData\PCSettings
[2011/03/29 01:33:35 | 000,000,000 | ---D | M] -- C:\ProgramData\PMB Files
[2008/10/09 20:52:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Sierra Online
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2010/01/17 19:55:31 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2008/02/27 03:22:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Viewpoint
[2008/10/13 13:36:36 | 000,000,000 | ---D | M] -- C:\ProgramData\WildTangent
[2011/03/28 21:42:49 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2008/02/27 03:58:11 | 000,000,000 | ---D | M] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2011/01/16 05:03:57 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/04/18 19:01:40 | 000,032,656 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2011/04/17 21:22:40 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D4A56E26-F1A8-42CD-874E-437B04B68BD8}.job
========== Purity Check ==========
========== Custom Scans ==========
< MD5 for: AGP440.SYS >
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\drivers\AGP440.sys
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\System32\drivers\atapi.sys
[2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 22:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 22:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\System32\cngaudit.dll
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EVENTLOG.DLL >
[2007/01/13 02:30:08 | 000,007,216 | -H-- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
< MD5 for: EXPLORER.EXE >
[2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 23:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 22:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 22:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: IASTOR.SYS >
[2007/09/30 02:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys
[2007/09/30 08:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\SwSetup\Drivers\IMSM\Files\64\iastor.sys
[2007/09/30 02:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\IaStor.sys
[2007/09/30 08:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\SwSetup\Drivers\IMSM\Files\32\iastor.sys
[2007/09/30 02:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\WINDOWS\System32\drivers\iaStor.sys
[2007/09/30 02:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\WINDOWS\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys
< MD5 for: IASTORV.SYS >
[2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\System32\drivers\iaStorV.sys
[2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\WINDOWS\System32\netlogon.dll
[2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/20 22:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NTOSKRNL.EXE >
[2008/09/18 00:35:07 | 003,470,904 | ---- | M] (Microsoft Corporation) MD5=03279407E78F76BA1131DAB35A5E55C0 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_6a18166cb7216faf\ntoskrnl.exe
[2009/08/05 10:10:22 | 003,548,216 | ---- | M] (Microsoft Corporation) MD5=09C5FB44F152EFF551A112C931DDE640 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b\ntoskrnl.exe
[2010/10/15 10:08:12 | 003,550,096 | ---- | M] (Microsoft Corporation) MD5=1ACD7FC485D0E0FF9097E08900D834CC -- C:\WINDOWS\System32\ntoskrnl.exe
[2010/10/15 10:08:12 | 003,550,096 | ---- | M] (Microsoft Corporation) MD5=1ACD7FC485D0E0FF9097E08900D834CC -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_6e08411ab1533fb9\ntoskrnl.exe
[2008/09/18 00:27:44 | 003,472,952 | ---- | M] (Microsoft Corporation) MD5=1E09CE4D9BB7B6521FB023CAE2E55F63 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_6abf2403d0296cc8\ntoskrnl.exe
[2008/09/18 01:09:09 | 003,549,240 | ---- | M] (Microsoft Corporation) MD5=1FD3E8BFFD38F9B145E4B2B238B692F7 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_6c0a2548b43efe06\ntoskrnl.exe
[2008/04/26 04:11:33 | 003,549,240 | ---- | M] (Microsoft Corporation) MD5=22D444D3D88A4C299894B3638A114BF7 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_6c8020e9cd6b0b39\ntoskrnl.exe
[2009/03/03 00:24:50 | 003,469,280 | ---- | M] (Microsoft Corporation) MD5=3910FE042C707E6BACD0FEC5AB9ECDE6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_6a29b702b714cf98\ntoskrnl.exe
[2009/03/03 00:46:01 | 003,547,632 | ---- | M] (Microsoft Corporation) MD5=393BB8FE05D66ABA7B091E6032179272 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_6c20c750b42ddca2\ntoskrnl.exe
[2009/08/05 13:15:59 | 003,547,736 | ---- | M] (Microsoft Corporation) MD5=3EEEDCCFB587BCB0E2DE075332498C11 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e\ntoskrnl.exe
[2009/08/05 10:28:44 | 003,467,864 | ---- | M] (Microsoft Corporation) MD5=4765C66A89E7151626FF3545B01D2601 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243\ntoskrnl.exe
[2010/06/08 12:47:40 | 003,548,552 | ---- | M] (Microsoft Corporation) MD5=47DB9968B8CF2031C46007F42CCE2437 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_6cc10bd5cd3a527d\ntoskrnl.exe
[2009/08/05 10:22:41 | 003,546,184 | ---- | M] (Microsoft Corporation) MD5=5302026B0FADB0819009798D3F6BCD77 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39\ntoskrnl.exe
[2009/08/04 08:34:19 | 003,548,216 | ---- | M] (Microsoft Corporation) MD5=575DD16BF4C21C2F7E2BBE203AC1E957 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137\ntoskrnl.exe
[2008/01/20 22:24:42 | 003,548,728 | ---- | M] (Microsoft Corporation) MD5=6700F35EBA206E5C89AC27C9A124DC01 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_6c3061a0b4231268\ntoskrnl.exe
[2009/04/11 02:32:49 | 003,549,672 | ---- | M] (Microsoft Corporation) MD5=6798DBF3F25721637AEF5B6C69911C9C -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_6e1bdaacb144ddb4\ntoskrnl.exe
[2009/03/03 00:22:43 | 003,471,328 | ---- | M] (Microsoft Corporation) MD5=808C86316AED98716C5F305A6265F393 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_6ac0fcb9d027d2b8\ntoskrnl.exe
[2010/10/15 10:08:12 | 003,552,144 | ---- | M] (Microsoft Corporation) MD5=8B5EEAA99965E26C3FBB9FAC8BD3B6A1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_6ea57f0fca62721a\ntoskrnl.exe
[2010/10/15 10:08:12 | 003,548,048 | ---- | M] (Microsoft Corporation) MD5=A573338BDCED710795C618EA5FCF48D5 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_6c17fdaab43422b6\ntoskrnl.exe
[2010/06/08 14:04:17 | 003,550,600 | ---- | M] (Microsoft Corporation) MD5=C5AB434D0C8FA38EAD136FB29E2504B7 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_6e8adbdfca772e22\ntoskrnl.exe
[2008/04/26 04:25:54 | 003,549,240 | ---- | M] (Microsoft Corporation) MD5=C9CD31B3CBA8134F2B47FB5E78376ACC -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_6bf282f6b4510613\ntoskrnl.exe
[2010/06/08 13:00:41 | 003,545,992 | ---- | M] (Microsoft Corporation) MD5=D5FA5D17F03E6D39E1A12431DD6F2A39 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_6be1ec28b45cb144\ntoskrnl.exe
[2009/08/05 10:10:15 | 003,469,896 | ---- | M] (Microsoft Corporation) MD5=D8DCA438CE571DB20BD8C4915CAC0760 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f\ntoskrnl.exe
[2008/09/18 00:54:49 | 003,549,752 | ---- | M] (Microsoft Corporation) MD5=DEA801F2D9FD1DB35ED6B9BC4A6657F1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_6c822363cd693b0e\ntoskrnl.exe
[2009/03/03 00:37:19 | 003,548,656 | ---- | M] (Microsoft Corporation) MD5=DFF34C5D66AB4BF1EED47BF19D1267BB -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_6c6c8571cd797017\ntoskrnl.exe
[2010/10/15 10:08:12 | 003,550,608 | ---- | M] (Microsoft Corporation) MD5=F276ABE13DD0BA1024A42A443E47A4A2 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_6c755c61cd731614\ntoskrnl.exe
[2010/06/08 13:35:04 | 003,548,040 | ---- | M] (Microsoft Corporation) MD5=F2BEE482023F146CF85EBB15B9E1CD35 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_6ddcff84b173b256\ntoskrnl.exe
< MD5 for: NVSTOR.SYS >
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\System32\drivers\nvstor.sys
[2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008/01/20 22:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\WINDOWS\System32\scecli.dll
[2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USERINIT.EXE >
[2008/01/20 22:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\System32\userinit.exe
[2008/01/20 22:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: UXTHEME.DLL >
[2008/01/20 22:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) MD5=999D69DEB576C2C424294DF025891CC6 -- C:\WINDOWS\System32\uxtheme.dll
[2008/01/20 22:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) MD5=999D69DEB576C2C424294DF025891CC6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-uxtheme_31bf3856ad364e35_6.0.6001.18000_none_a5e49ad4068f9b12\uxtheme.dll
< MD5 for: WINLOGON.EXE >
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\System32\winlogon.exe
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 22:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< C:\*.* >
[2011/04/18 07:54:10 | 000,000,000 | RH-- | M] () -- C:\2501i18lkr
[2008/02/27 03:45:25 | 000,000,074 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 02:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2008/02/27 03:22:08 | 000,000,383 | -H-- | M] () -- C:\IPH.PH
[2011/04/22 21:18:49 | 000,106,336 | ---- | M] () -- C:\OTL.Txt
[2011/04/22 21:19:13 | 000,106,336 | ---- | M] () -- C:\OTL2.txt
[2011/03/06 18:12:59 | 002,234,368 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe
[2011/04/18 19:07:10 | 1377,062,912 | -HS- | M] () -- C:\pagefile.sys
========== Alternate Data Streams ==========
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:FDCBDD8E
< End of report >
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Windows Vista ™ Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,014.00 Mb Total Physical Memory | 695.00 Mb Available Physical Memory | 69.00% Memory free
902.00 Mb Paging File | 739.00 Mb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 137.58 Gb Total Space | 67.42 Gb Free Space | 49.00% Space Free | Partition Type: NTFS
Drive E: | 11.47 Gb Total Space | 2.01 Gb Free Space | 17.53% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - [2011/02/28 21:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 13:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/01/08 04:51:02 | 000,380,928 | -H-- | M] (Spigot, Inc.) [Auto] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2009/10/20 02:34:55 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe -- (NIS)
SRV - [2009/04/08 00:15:44 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto] -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/03 18:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/06/11 10:14:51 | 000,517,040 | ---- | M] ( ) [Auto] -- C:\Windows\System32\lxdicoms.exe -- (lxdi_device)
SRV - [2007/06/11 10:14:42 | 000,099,248 | ---- | M] () [Auto] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe -- (lxdiCATSCustConnectService)
SRV - [2007/03/05 12:30:06 | 000,110,592 | -H-- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
========== Driver Services (All) ==========
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (NAVEX15)
DRV - File not found [Kernel | On_Demand] -- -- (NAVENG)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand] -- -- (EagleNT)
DRV - [2011/02/22 09:24:10 | 000,213,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV - [2011/02/22 09:24:02 | 000,079,360 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV - [2011/02/22 09:23:59 | 000,106,496 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV - [2011/02/22 09:23:55 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\bowser.sys -- (bowser)
DRV - [2011/02/18 10:03:32 | 000,305,152 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\srv.sys -- (srv)
DRV - [2011/02/18 10:03:10 | 000,146,432 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\srv2.sys -- (srv2)
DRV - [2011/02/18 10:03:06 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\srvnet.sys -- (srvnet)
DRV - [2011/01/20 12:37:37 | 000,638,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV - [2010/09/28 19:44:52 | 000,041,984 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2010/06/16 12:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tcpip.sys -- (Tcpip6)
DRV - [2010/06/16 12:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\tcpip.sys -- (Tcpip)
DRV - [2010/02/20 16:53:34 | 000,411,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\http.sys -- (HTTP)
DRV - [2010/01/18 04:47:57 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/01/17 23:43:18 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/12/08 13:26:18 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV - [2009/12/05 00:54:05 | 000,529,456 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2009/11/05 18:06:13 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\NIS\1101000.013\SymDS.sys -- (SymDS)
DRV - [2009/10/28 18:37:22 | 000,343,088 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20100119.001\IDSvix86.sys -- (IDSVix86)
DRV - [2009/10/20 02:35:50 | 000,501,888 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NIS\1101000.013\ccHPx86.sys -- (ccHP)
DRV - [2009/10/14 21:50:48 | 000,339,504 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NIS\1101000.013\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2009/10/08 22:55:01 | 000,171,056 | R--- | M] (Symantec Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\NIS\1101000.013\SymEFA.sys -- (SymEFA)
DRV - [2009/10/08 22:54:25 | 000,114,736 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NIS\1101000.013\Ironx86.SYS -- (SymIRON)
DRV - [2009/10/08 22:54:10 | 000,325,168 | R--- | M] (Symantec Corporation) [File_System | System] -- C:\Windows\system32\drivers\NIS\1101000.013\SRTSP.SYS -- (SRTSP)
DRV - [2009/10/08 22:54:10 | 000,043,696 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NIS\1101000.013\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009/09/30 21:01:54 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV - [2009/06/15 19:15:25 | 000,439,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009/05/18 17:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/04/11 02:33:03 | 000,292,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volmgrx.sys -- (volmgrx)
DRV - [2009/04/11 02:32:55 | 000,226,280 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2009/04/11 02:32:55 | 000,149,480 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\pci.sys -- (pci)
DRV - [2009/04/11 02:32:52 | 000,053,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\termdd.sys -- (TermDD)
DRV - [2009/04/11 02:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2009/04/11 02:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2009/04/11 02:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\acpi.sys -- (ACPI)
DRV - [2009/04/11 02:32:46 | 000,245,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\clfs.sys -- (CLFS) Common Log (CLFS)
DRV - [2009/04/11 02:32:46 | 000,190,424 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2009/04/11 02:32:46 | 000,180,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\msiscsi.sys -- (iScsiPrt)
DRV - [2009/04/11 02:32:46 | 000,161,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC)
DRV - [2009/04/11 02:32:43 | 000,141,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ecache.sys -- (Ecache)
DRV - [2009/04/11 02:32:31 | 000,054,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (partmgr)
DRV - [2009/04/11 02:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\disk.sys -- (disk)
DRV - [2009/04/11 02:32:31 | 000,048,104 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\atapi.sys -- (atapi)
DRV - [2009/04/11 00:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2009/04/11 00:47:03 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\system32\drivers\afd.sys -- (AFD)
DRV - [2009/04/11 00:46:40 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rassstp.sys -- (RasSstp)
DRV - [2009/04/11 00:46:32 | 000,121,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2009/04/11 00:46:30 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2009/04/11 00:45:56 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\tdx.sys -- (tdx)
DRV - [2009/04/11 00:45:51 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\pacer.sys -- (PSched)
DRV - [2009/04/11 00:45:37 | 000,185,856 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\netbt.sys -- (netbt)
DRV - [2009/04/11 00:45:22 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\smb.sys -- (Smb)
DRV - [2009/04/11 00:43:28 | 000,148,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\nwifi.sys -- (NativeWifiP)
DRV - [2009/04/11 00:43:16 | 000,196,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbhub.sys -- (usbhub)
DRV - [2009/04/11 00:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2009/04/11 00:42:52 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbehci.sys -- (usbehci)
DRV - [2009/04/11 00:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2009/04/11 00:42:48 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\hidusb.sys -- (HidUsb)
DRV - [2009/04/11 00:42:42 | 000,561,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2009/04/11 00:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2009/04/11 00:38:40 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2009/04/11 00:14:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2009/04/11 00:14:29 | 000,225,280 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\rdbss.sys -- (rdbss)
DRV - [2009/04/11 00:14:12 | 000,075,264 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2009/04/11 00:14:01 | 000,035,328 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs)
DRV - [2009/04/11 00:13:59 | 000,226,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (udfs)
DRV - [2009/04/11 00:13:53 | 000,136,704 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\exfat.sys -- (exfat)
DRV - [2009/04/11 00:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat)
DRV - [2008/01/20 22:24:59 | 000,083,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\WUDFRd.sys -- (WUDFRd)
DRV - [2008/01/20 22:24:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV - [2008/01/20 22:24:57 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/01/20 22:24:55 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2008/01/20 22:24:55 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2008/01/20 22:24:55 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/01/20 22:24:51 | 000,006,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mstee.sys -- (MSTEE)
DRV - [2008/01/20 22:24:51 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/01/20 22:24:51 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/01/20 22:24:50 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/01/20 22:24:50 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/01/20 22:24:50 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV - [2008/01/20 22:24:47 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV - [2008/01/20 22:24:47 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\nsiproxy.sys -- (nsiproxy)
DRV - [2008/01/20 22:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2008/01/20 22:24:37 | 000,084,480 | ---- | M] (Microsoft Corporation) [File_System | Auto] -- C:\Windows\system32\drivers\luafv.sys -- (luafv)
DRV - [2008/01/20 22:24:37 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\rspndr.sys -- (rspndr)
DRV - [2008/01/20 22:24:37 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\lltdio.sys -- (lltdio)
DRV - [2008/01/20 22:24:25 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ipnat.sys -- (IPNAT)
DRV - [2008/01/20 22:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV - [2008/01/20 22:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/01/20 22:24:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2008/01/20 22:24:25 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tunnel.sys -- (tunnel)
DRV - [2008/01/20 22:24:25 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008/01/20 22:24:25 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\TUNMP.SYS -- (tunmp)
DRV - [2008/01/20 22:24:21 | 000,027,648 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\filetrace.sys -- (Filetrace)
DRV - [2008/01/20 22:24:20 | 000,035,840 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/01/20 22:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\rasacd.sys -- (RasAcd)
DRV - [2008/01/20 22:24:11 | 000,021,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\spldr.sys -- (spldr)
DRV - [2008/01/20 22:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/01/20 22:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/01/20 22:24:06 | 000,012,800 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2008/01/20 22:24:06 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV - [2008/01/20 22:24:04 | 000,058,936 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\fileinfo.sys -- (FileInfo)
DRV - [2008/01/20 22:24:04 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/01/20 22:23:54 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/01/20 22:23:51 | 000,503,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2008/01/20 22:23:51 | 000,070,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (cdfs)
DRV - [2008/01/20 22:23:51 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/01/20 22:23:50 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\null.sys -- (Null)
DRV - [2008/01/20 22:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\beep.sys -- (Beep)
DRV - [2008/01/20 22:23:43 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/01/20 22:23:31 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV - [2008/01/20 22:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 22:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 22:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbscan.sys -- (usbscan)
DRV - [2008/01/20 22:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 22:23:26 | 000,134,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV - [2008/01/20 22:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 22:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 22:23:26 | 000,041,016 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2008/01/20 22:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 22:23:26 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\circlass.sys -- (circlass)
DRV - [2008/01/20 22:23:26 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\CmBatt.sys -- (CmBatt)
DRV - [2008/01/20 22:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 22:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 22:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 22:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/20 22:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 22:23:24 | 000,022,072 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\wd.sys -- (Wd)
DRV - [2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 22:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 22:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 22:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 22:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2008/01/20 22:23:23 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2008/01/20 22:23:23 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV - [2008/01/20 22:23:23 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sffp_sd.sys -- (sffp_sd)
DRV - [2008/01/20 22:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 22:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/20 22:23:22 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ipmidrv.sys -- (IPMIDRV)
DRV - [2008/01/20 22:23:22 | 000,061,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\gagp30kx.sys -- (gagp30kx)
DRV - [2008/01/20 22:23:22 | 000,059,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\uagp35.sys -- (uagp35)
DRV - [2008/01/20 22:23:22 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\monitor.sys -- (monitor)
DRV - [2008/01/20 22:23:22 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\umbus.sys -- (umbus)
DRV - [2008/01/20 22:23:22 | 000,024,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\crcdisk.sys -- (crcdisk)
DRV - [2008/01/20 22:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/01/20 22:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 22:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 22:23:21 | 000,094,776 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\msdsm.sys -- (msdsm)
DRV - [2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 22:23:21 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/01/20 22:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2008/01/20 22:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 22:23:20 | 000,105,016 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mpio.sys -- (mpio)
DRV - [2008/01/20 22:23:20 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/01/20 22:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/01/20 22:23:20 | 000,034,360 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\mouclass.sys -- (mouclass)
DRV - [2008/01/20 22:23:20 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\fdc.sys -- (fdc)
DRV - [2008/01/20 22:23:20 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (flpydisk)
DRV - [2008/01/20 22:23:20 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sermouse.sys -- (sermouse)
DRV - [2008/01/20 22:23:20 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2008/01/20 22:23:03 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008/01/20 22:23:03 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\usbohci.sys -- (usbohci)
DRV - [2008/01/20 22:23:02 | 000,030,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\i2omp.sys -- (i2omp)
DRV - [2008/01/20 22:23:02 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\vgapnp.sys -- (vga)
DRV - [2008/01/20 22:23:01 | 000,248,832 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/01/20 22:23:01 | 000,109,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\nv_agp.sys -- (nv_agp)
DRV - [2008/01/20 22:23:01 | 000,060,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\uliagpkx.sys -- (uliagpkx)
DRV - [2008/01/20 22:23:01 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\amdagp.sys -- (amdagp)
DRV - [2008/01/20 22:23:01 | 000,056,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\viaagp.sys -- (viaagp)
DRV - [2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\agp440.sys -- (agp440)
DRV - [2008/01/20 22:23:01 | 000,055,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sisagp.sys -- (sisagp)
DRV - [2008/01/20 22:23:01 | 000,052,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volmgr.sys -- (volmgr)
DRV - [2008/01/20 22:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/01/20 22:23:01 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2008/01/20 22:23:01 | 000,031,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/01/20 22:23:01 | 000,016,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\msisadrv.sys -- (msisadrv)
DRV - [2008/01/20 22:23:01 | 000,015,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\swenum.sys -- (swenum)
DRV - [2008/01/20 22:23:00 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\amdk8.sys -- (AmdK8)
DRV - [2008/01/20 22:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\viac7.sys -- (ViaC7)
DRV - [2008/01/20 22:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/01/20 22:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\amdk7.sys -- (AmdK7)
DRV - [2008/01/20 22:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\processr.sys -- (Processor)
DRV - [2008/01/20 22:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\crusoe.sys -- (Crusoe)
DRV - [2008/01/20 22:23:00 | 000,028,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\msahci.sys -- (msahci)
DRV - [2008/01/20 22:23:00 | 000,020,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\compbatt.sys -- (Compbatt)
DRV - [2008/01/20 22:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 22:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 22:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\intelide.sys -- (intelide)
DRV - [2008/01/20 22:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\amdide.sys -- (amdide)
DRV - [2008/01/20 22:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/20 22:23:00 | 000,016,440 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\pciide.sys -- (pciide)
DRV - [2008/01/20 22:23:00 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2008/01/20 22:23:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\errdev.sys -- (ErrDev)
DRV - [2007/10/11 07:17:56 | 000,176,640 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/09/30 02:03:12 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\iaStor.sys -- (iaStor)
DRV - [2007/09/27 20:33:26 | 000,056,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2007/08/20 08:25:56 | 001,790,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/07/10 10:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/07/03 20:59:10 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)
DRV - [2007/07/03 20:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 20:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 20:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007/06/25 07:53:10 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/06/20 07:29:56 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/06/20 07:28:34 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/06/20 07:28:22 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/06/18 19:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/05/30 18:40:42 | 000,735,232 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr)
DRV - [2007/04/23 17:51:08 | 000,050,176 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006/11/02 05:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\pcmcia.sys -- (pcmcia)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 05:04:35 | 000,878,080 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\PEAuth.sys -- (PEAUTH)
DRV - [2006/11/02 04:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2006/11/02 04:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\hidbth.sys -- (HidBth)
DRV - [2006/11/02 04:55:16 | 000,062,080 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2006/11/02 04:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV - [2006/11/02 04:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\hidir.sys -- (HidIr)
DRV - [2006/11/02 04:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\wacompen.sys -- (WacomPen)
DRV - [2006/11/02 04:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2006/11/02 04:51:30 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\serial.sys -- (Serial)
DRV - [2006/11/02 04:51:30 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\parport.sys -- (Parport)
DRV - [2006/11/02 04:51:25 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\serenum.sys -- (Serenum)
DRV - [2006/11/02 04:51:23 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\Windows\system32\drivers\parvdm.sys -- (Parvdm)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 03:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/11/02 03:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/11/02 03:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\Windows\System32\WINSOCK.DLL -- (Winsock)
DRV - [2006/11/02 02:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/06/28 12:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2006/06/18 19:26:58 | 000,012,672 | ---- | M] (Conexant) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\mdmxsdk.sys -- (mdmxsdk)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...sario&pf=laptop
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...sario&pf=laptop
IE - HKU\.DEFAULT\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57152
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Administrator_ON_C\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKU\Administrator_ON_C\..\URLSearchHook: {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - Reg Error: Key error. File not found
IE - HKU\Administrator_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Guest_ON_C\..\URLSearchHook: {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - Reg Error: Key error. File not found
IE - HKU\Guest_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Guest_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\LocalService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\NetworkService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=14196&l=dis
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Owner_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\Owner_ON_C\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKU\Owner_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Owner_ON_C\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll (Spigot, Inc.)
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/01/18 05:03:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\IPSFFPlgn\ [2010/01/17 23:44:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{4C0766D3-67A7-45a3-85A2-752F77312F32}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\coFFPlgn\ [2010/01/17 23:44:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2A4DC605-AB14-40C6-99F5-A347CAAD2899}: C:\Windows\system32\config\systemprofile\AppData\Local\{2A4DC605-AB14-40C6-99F5-A347CAAD2899}\ [2011/04/18 19:54:19 | 000,000,000 | -H-D | M]
O1 HOSTS File: ([2011/04/18 19:54:04 | 000,000,047 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 173.192.170.88 drghwaweg45j4i6u3q32fg2h.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (C:\Windows\system32\m4yipu.dll) - {B9B220C2-A500-99BD-F120-04B53A2C8952} - C:\WINDOWS\System32\m4yipu.dll ()
O2 - BHO: (HP Print Clips) - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (no name) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - No CLSID value found.
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Anudevezuyocadis] C:\Windows\System32\config\systemprofile\AppData\Local\exegumesawegu.dll (Andrea Electronics Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [cftmon] C:\WINDOWS\System32\xnfcz.exe (EXRVXHNUDTSCDT)
O4 - HKLM..\Run: [conhost] C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\conhost.exe ()
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] File not found
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [MqmPd] File not found
O4 - HKLM..\Run: [MqmPfQ] File not found
O4 - HKLM..\Run: [MqmPme] File not found
O4 - HKLM..\Run: [MqmPoc] File not found
O4 - HKLM..\Run: [MqmPqg] File not found
O4 - HKLM..\Run: [MqmPrc] File not found
O4 - HKLM..\Run: [MqmPsd] File not found
O4 - HKLM..\Run: [MqmPte] File not found
O4 - HKLM..\Run: [MqmPth] File not found
O4 - HKLM..\Run: [MqmPusc] File not found
O4 - HKLM..\Run: [MqmPvZ] File not found
O4 - HKLM..\Run: [MqmPwe] File not found
O4 - HKLM..\Run: [MqmPwpc] File not found
O4 - HKLM..\Run: [MqmPY] File not found
O4 - HKLM..\Run: [MqmPz9] File not found
O4 - HKLM..\Run: [MqmPZP] File not found
O4 - HKLM..\Run: [Mqqsc] C:\WINDOWS\drweb.exe ()
O4 - HKLM..\Run: [MqqZ] C:\WINDOWS\cmd.exe ()
O4 - HKLM..\Run: [MqrMc] C:\WINDOWS\gdi32.exe ()
O4 - HKLM..\Run: [MqsZ] C:\WINDOWS\mdm.exe ()
O4 - HKLM..\Run: [Mqug] C:\WINDOWS\smss.exe ()
O4 - HKLM..\Run: [Mqutc] C:\WINDOWS\sysedit.exe ()
O4 - HKLM..\Run: [Mquuf] C:\WINDOWS\spoolsv.exe ()
O4 - HKLM..\Run: [MqvPc] C:\WINDOWS\win32.exe ()
O4 - HKLM..\Run: [Mqvpe] C:\WINDOWS\winamp.exe ()
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QlbCtrl] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QPService] C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [506E7F4A_0] File not found
O4 - HKU\.DEFAULT..\Run: [Hmibupewukuwup] C:\Windows\System32\config\systemprofile\AppData\Local\Wroxdstc.dll (ArcSoft Inc.)
O4 - HKU\.DEFAULT..\Run: [JwWeagugDQKT] C:\ProgramData\JwWeagugDQKT.exe (BitSprx)
O4 - HKU\.DEFAULT..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\.DEFAULT..\Run: [MqmPd] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPfQ] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPme] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPoc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPqg] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPrc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPsd] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPte] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPth] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPusc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPvZ] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPwe] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPwpc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPY] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPz9] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPZP] File not found
O4 - HKU\.DEFAULT..\Run: [Mqqsc] C:\WINDOWS\drweb.exe ()
O4 - HKU\.DEFAULT..\Run: [MqqZ] C:\WINDOWS\cmd.exe ()
O4 - HKU\.DEFAULT..\Run: [MqrMc] C:\WINDOWS\gdi32.exe ()
O4 - HKU\.DEFAULT..\Run: [MqsZ] C:\WINDOWS\mdm.exe ()
O4 - HKU\.DEFAULT..\Run: [Mqug] C:\WINDOWS\smss.exe ()
O4 - HKU\.DEFAULT..\Run: [Mqutc] C:\WINDOWS\sysedit.exe ()
O4 - HKU\.DEFAULT..\Run: [Mquuf] C:\WINDOWS\spoolsv.exe ()
O4 - HKU\.DEFAULT..\Run: [MqvPc] C:\WINDOWS\win32.exe ()
O4 - HKU\.DEFAULT..\Run: [Mqvpe] C:\WINDOWS\winamp.exe ()
O4 - HKU\Administrator_ON_C..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
O4 - HKU\Administrator_ON_C..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\Administrator_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\Administrator_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Guest_ON_C..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
O4 - HKU\Guest_ON_C..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\Guest_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\Guest_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Owner_ON_C..\Run: [arg70techsdk.exe] File not found
O4 - HKU\Owner_ON_C..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\ARO.exe (Sammsoft)
O4 - HKU\Owner_ON_C..\Run: [EDF919B4FAA377BF] C:\winclaster\winclaster.exe (Yprcf Icntvwmosb)
O4 - HKU\Owner_ON_C..\Run: [ehTray.exe] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKU\Owner_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\Owner_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: WinUpdates = C:\Windows\windupdate\svchost.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: yj9khn = C:\Windows\TEMP\jizz.exe
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Guest_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Windows\system32\config\systemprofile\AppData\Roaming\dwm.exe) - C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\dwm.exe ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {B9B220C2-A500-99BD-F120-04B53A2C8952} - yshbef87w3hubdjnjksdf - C:\WINDOWS\System32\m4yipu.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\CompaqTrace.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\CompaqTrace.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/02/27 03:45:25 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 11:18:54 | 000,000,340 | -HS- | M] () - E:\AUTOMODE -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{98ae1e19-7b98-11dd-a1d8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{98ae1e19-7b98-11dd-a1d8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\hbcd\wintools\autorun.exe
O33 - MountPoints2\{98ae1e19-7b98-11dd-a1d8-806e6f6e6963}\Shell\Option1\Command - "" = E:\hbcd\wintools\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/04/24 02:39:56 | 000,000,000 | ---D | C] -- C:\Program Files\Smart-ActiveX
[2011/04/22 21:57:20 | 002,234,368 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2011/04/22 18:27:38 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/04/18 20:01:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011/04/18 20:01:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011/04/18 19:56:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/04/18 19:55:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Identities
[2011/04/18 19:54:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\{2A4DC605-AB14-40C6-99F5-A347CAAD2899}
[2011/04/18 19:51:54 | 000,405,504 | ---- | C] (EXRVXHNUDTSCDT) -- C:\Windows\System32\xnfcz.exe
[2011/04/18 19:51:15 | 000,569,344 | ---- | C] (BitSprx) -- C:\ProgramData\JwWeagugDQKT.exe
[2011/04/18 19:51:14 | 000,000,000 | ---D | C] -- C:\Temp
[2011/04/18 19:51:01 | 000,000,000 | ---D | C] -- C:\Windows\windupdate
[2011/04/18 16:30:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\Adobe
[2011/04/18 16:07:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/04/18 13:53:09 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Macromedia
[2011/04/18 13:53:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Adobe
[2011/04/18 13:24:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6E9ED99F-F492-44D0-895A-4641EA3196CD}
[2011/04/18 13:22:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antimalware Doctor
[2011/04/18 01:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011/04/18 01:24:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\uTorrent
[2011/04/14 23:13:15 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/04/14 23:13:15 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/04/14 23:13:13 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/04/14 23:13:13 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/04/14 23:13:04 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/04/14 23:13:04 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/14 23:13:03 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/04/14 23:13:03 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/14 23:13:02 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/14 23:13:02 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/14 23:13:02 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/04/14 23:13:02 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/04/14 23:13:02 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/04/14 23:13:02 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/04/14 23:13:02 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/04/14 23:13:02 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/04/14 23:13:02 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/04/14 23:13:02 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/14 23:13:01 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/14 23:13:01 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/04/14 23:13:01 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/04/14 23:12:58 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/04/14 23:12:56 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/04/14 23:12:50 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/14 23:12:50 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/04/07 14:03:44 | 000,000,000 | ---D | C] -- C:\27af692dc708fcf898bda1f57c921a01
[2011/04/07 14:03:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/04/07 14:03:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011/04/04 13:01:45 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/04/01 03:07:51 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2011/04/01 03:07:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011/03/30 20:21:41 | 000,000,000 | ---D | C] -- C:\5508e34d966670d992f8aa2c0a78
[2011/03/30 20:09:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/03/30 20:02:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011/03/30 20:02:09 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/03/30 20:02:09 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/03/30 20:02:09 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/03/30 20:02:05 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011/03/30 20:02:05 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011/03/30 20:02:00 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011/03/30 20:02:00 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/03/30 20:02:00 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011/03/30 20:02:00 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011/03/30 20:02:00 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011/03/30 20:01:47 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/03/30 20:01:47 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011/03/30 20:01:47 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/03/30 20:01:47 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/03/30 20:01:46 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/03/29 03:09:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2011/03/29 03:04:14 | 000,000,000 | ---D | C] -- C:\Nexon
[2011/03/29 03:04:08 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS
[2011/03/29 00:24:51 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\PMB Files
[2011/03/29 00:24:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011/03/29 00:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2011/03/28 23:44:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\AVS4YOU
[2011/03/28 23:40:20 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\AVSMedia
[2011/03/28 23:39:27 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll
[2011/03/28 23:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2011/03/28 23:39:27 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2011/03/28 23:19:54 | 000,000,000 | ---D | C] -- C:\Program Files\Search Toolbar
[2011/03/28 21:42:48 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011/03/28 20:55:28 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/03/28 20:55:27 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/03/28 20:54:58 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/03/28 20:54:57 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/03/28 20:54:57 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/03/28 20:54:57 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2010/01/19 22:56:52 | 000,377,344 | ---- | C] (ELAN Microelectronic Corp.) -- C:\Users\Owner\AppData\Local\ufeheraj.dll
[2010/01/19 22:56:52 | 000,274,432 | -H-- | C] (Andrea Electronics Corporation) -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\exegumesawegu.dll
[2010/01/19 22:56:52 | 000,118,784 | -H-- | C] (ArcSoft Inc.) -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\Wroxdstc.dll
[2010/01/19 22:56:52 | 000,089,088 | ---- | C] (FileZilla Project) -- C:\Users\Owner\AppData\Local\Lenphlbr.dll
[2009/04/07 01:10:54 | 000,311,296 | ---- | C] ( ) -- C:\Windows\System32\lxdihcp.dll
[2009/04/07 01:10:53 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\lxdiinpa.dll
[2009/04/07 01:10:53 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdiiesc.dll
[2009/04/07 01:10:52 | 001,187,840 | ---- | C] ( ) -- C:\Windows\System32\lxdiserv.dll
[2009/04/07 01:10:52 | 000,942,080 | ---- | C] ( ) -- C:\Windows\System32\lxdiusb1.dll
[2009/04/07 01:10:52 | 000,614,400 | ---- | C] ( ) -- C:\Windows\System32\lxdipmui.dll
[2009/04/07 01:10:52 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdiprox.dll
[2009/04/07 01:10:52 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdipplc.dll
[2009/04/07 01:10:51 | 000,532,480 | ---- | C] ( ) -- C:\Windows\System32\lxdilmpm.dll
[2009/04/07 01:10:51 | 000,320,432 | ---- | C] ( ) -- C:\Windows\System32\lxdiih.exe
[2009/04/07 01:10:50 | 000,671,744 | ---- | C] ( ) -- C:\Windows\System32\lxdihbn3.dll
[2009/04/07 01:10:49 | 000,517,040 | ---- | C] ( ) -- C:\Windows\System32\lxdicoms.exe
[2009/04/07 01:10:49 | 000,360,448 | ---- | C] ( ) -- C:\Windows\System32\lxdicomm.dll
[2009/04/07 01:10:48 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxdicomc.dll
[2009/04/07 01:10:48 | 000,340,912 | ---- | C] ( ) -- C:\Windows\System32\lxdicfg.exe
========== Files - Modified Within 30 Days ==========
[2011/04/18 20:17:42 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/18 20:17:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/18 20:03:45 | 000,016,220 | -H-- | M] () -- C:\Windows\win32.exe
[2011/04/18 20:03:45 | 000,016,220 | -H-- | M] () -- C:\Windows\mdm.exe
[2011/04/18 20:03:45 | 000,016,220 | -H-- | M] () -- C:\Windows\cmd.exe
[2011/04/18 20:03:45 | 000,015,968 | -H-- | M] () -- C:\Windows\sysedit.exe
[2011/04/18 20:01:59 | 000,000,184 | ---- | M] () -- C:\ProgramData\~44031752
[2011/04/18 20:01:55 | 000,000,152 | ---- | M] () -- C:\ProgramData\~44031752r
[2011/04/18 20:01:46 | 000,000,595 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | M] () -- C:\Users\Owner\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | M] () -- C:\Users\Guest\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | M] () -- C:\Users\Administrator\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011/04/18 20:00:23 | 000,000,336 | ---- | M] () -- C:\ProgramData\44031752
[2011/04/18 20:00:19 | 000,487,424 | ---- | M] () -- C:\ProgramData\44031752.exe
[2011/04/18 19:58:25 | 000,003,228 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\AppData\Roaming\092A.BC9
[2011/04/18 19:58:03 | 000,016,220 | -H-- | M] () -- C:\Windows\spoolsv.exe
[2011/04/18 19:58:03 | 000,015,968 | -H-- | M] () -- C:\Windows\smss.exe
[2011/04/18 19:58:03 | 000,015,968 | -H-- | M] () -- C:\Windows\drweb.exe
[2011/04/18 19:54:43 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\AppData\Local\Anafiyiy.bin
[2011/04/18 19:54:42 | 000,000,120 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\AppData\Local\Mcesamewobey.dat
[2011/04/18 19:54:04 | 000,000,047 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/04/18 19:52:29 | 000,195,584 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\AppData\Roaming\dwm.exe
[2011/04/18 19:52:26 | 000,000,211 | ---- | M] () -- C:\Windows\System32\winset.ini
[2011/04/18 19:51:54 | 000,405,504 | ---- | M] (EXRVXHNUDTSCDT) -- C:\Windows\System32\xnfcz.exe
[2011/04/18 19:51:54 | 000,000,166 | ---- | M] () -- C:\Windows\System32\delme.bat
[2011/04/18 19:51:36 | 000,100,000 | -H-- | M] () -- C:\Windows\winamp.exe
[2011/04/18 19:51:36 | 000,100,000 | -H-- | M] () -- C:\Windows\gdi32.exe
[2011/04/18 19:51:15 | 000,050,000 | ---- | M] () -- C:\Windows\System32\m4yipu.dll
[2011/04/18 19:51:08 | 000,569,344 | ---- | M] (BitSprx) -- C:\ProgramData\JwWeagugDQKT.exe
[2011/04/18 19:07:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/18 19:07:09 | 119,012,540 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/04/18 17:24:38 | 000,000,120 | ---- | M] () -- C:\Users\Owner\AppData\Local\Mcesamewobey.dat
[2011/04/18 17:18:06 | 000,007,680 | ---- | M] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/18 16:59:58 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
[2011/04/18 13:24:15 | 000,000,000 | ---- | M] () -- C:\Users\Owner\AppData\Local\Anafiyiy.bin
[2011/04/18 13:22:42 | 000,001,069 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
[2011/04/18 13:22:41 | 000,001,081 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk
[2011/04/18 07:54:10 | 000,000,000 | RH-- | M] () -- C:\2501i18lkr
[2011/04/17 21:22:40 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D4A56E26-F1A8-42CD-874E-437B04B68BD8}.job
[2011/04/16 15:34:08 | 000,312,336 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/16 14:56:20 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/16 14:56:19 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/12 00:00:10 | 000,000,664 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Owner.job
[2011/04/07 18:00:34 | 000,001,356 | ---- | M] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2011/04/07 14:03:14 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/04/04 13:01:45 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2011/04/01 03:07:49 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011/03/30 20:09:42 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/03/30 20:09:42 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/03/29 03:09:21 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2011/03/29 02:54:04 | 2355,765,613 | ---- | M] () -- C:\Users\Owner\Desktop\MSSetupv96.exe
[2011/03/28 23:19:01 | 004,562,491 | ---- | M] () -- C:\Users\Owner\Desktop\YouTubeDownloaderSetup265.exe
========== Files Created - No Company Name ==========
[2011/04/18 20:03:45 | 000,016,220 | -H-- | C] () -- C:\Windows\win32.exe
[2011/04/18 20:03:45 | 000,016,220 | -H-- | C] () -- C:\Windows\mdm.exe
[2011/04/18 20:03:45 | 000,016,220 | -H-- | C] () -- C:\Windows\cmd.exe
[2011/04/18 20:01:55 | 000,000,184 | ---- | C] () -- C:\ProgramData\~44031752
[2011/04/18 20:01:55 | 000,000,152 | ---- | C] () -- C:\ProgramData\~44031752r
[2011/04/18 20:01:46 | 000,000,595 | -H-- | C] () -- C:\Windows\system32\config\systemprofile\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | C] () -- C:\Users\Owner\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | C] () -- C:\Users\Guest\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | C] () -- C:\Users\Administrator\Desktop\Windows Recovery.lnk
[2011/04/18 20:00:23 | 000,000,336 | ---- | C] () -- C:\ProgramData\44031752
[2011/04/18 20:00:19 | 000,487,424 | ---- | C] () -- C:\ProgramData\44031752.exe
[2011/04/18 19:58:03 | 000,016,220 | -H-- | C] () -- C:\Windows\spoolsv.exe
[2011/04/18 19:58:03 | 000,015,968 | -H-- | C] () -- C:\Windows\smss.exe
[2011/04/18 19:58:03 | 000,015,968 | -H-- | C] () -- C:\Windows\drweb.exe
[2011/04/18 19:56:10 | 000,000,961 | -H-- | C] () -- C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/04/18 19:55:25 | 000,000,956 | -H-- | C] () -- C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/04/18 19:54:50 | 000,000,927 | -H-- | C] () -- C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/04/18 19:54:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\Anafiyiy.bin
[2011/04/18 19:54:42 | 000,000,120 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\Mcesamewobey.dat
[2011/04/18 19:52:29 | 000,195,584 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\dwm.exe
[2011/04/18 19:52:04 | 000,003,228 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\092A.BC9
[2011/04/18 19:51:54 | 000,000,166 | ---- | C] () -- C:\Windows\System32\delme.bat
[2011/04/18 19:51:51 | 000,000,211 | ---- | C] () -- C:\Windows\System32\winset.ini
[2011/04/18 19:51:37 | 000,015,968 | -H-- | C] () -- C:\Windows\sysedit.exe
[2011/04/18 19:51:36 | 000,100,000 | -H-- | C] () -- C:\Windows\winamp.exe
[2011/04/18 19:51:36 | 000,100,000 | -H-- | C] () -- C:\Windows\gdi32.exe
[2011/04/18 19:51:15 | 000,050,000 | ---- | C] () -- C:\Windows\System32\m4yipu.dll
[2011/04/18 19:45:05 | 134,217,728 | ---- | C] () -- C:\Users\Owner\Desktop\dd-pkmp.nds
[2011/04/18 16:07:04 | 119,012,540 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/04/18 13:24:15 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\Anafiyiy.bin
[2011/04/18 13:24:14 | 000,000,120 | ---- | C] () -- C:\Users\Owner\AppData\Local\Mcesamewobey.dat
[2011/04/18 13:22:41 | 000,001,081 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk
[2011/04/18 13:22:41 | 000,001,069 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
[2011/04/18 07:54:10 | 000,000,000 | RH-- | C] () -- C:\2501i18lkr
[2011/03/30 20:01:52 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/03/30 20:01:52 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/03/30 20:01:51 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/03/29 01:33:37 | 2355,765,613 | ---- | C] () -- C:\Users\Owner\Desktop\MSSetupv96.exe
[2011/03/28 23:18:54 | 004,562,491 | ---- | C] () -- C:\Users\Owner\Desktop\YouTubeDownloaderSetup265.exe
[2010/01/19 22:56:53 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/01/19 22:56:53 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/01/19 22:56:30 | 000,226,280 | ---- | C] () -- C:\Windows\System32\drivers\volsnap.sys
[2010/01/17 23:09:30 | 000,001,356 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2009/04/07 01:17:07 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxdicoin.dll
[2009/04/07 01:13:40 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXF3PMON.DLL
[2009/04/07 01:13:40 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXF3FXPU.DLL
[2009/04/07 01:13:20 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lxf3oem.dll
[2009/04/07 01:13:20 | 000,012,288 | ---- | C] () -- C:\Windows\System32\LXF3PMRC.DLL
[2009/04/07 01:11:05 | 000,000,060 | -H-- | C] () -- C:\Windows\System32\lxdirwrd.ini
[2009/04/07 01:10:54 | 000,294,912 | ---- | C] () -- C:\Windows\System32\lxdiinst.dll
[2009/04/07 01:10:50 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdigrd.dll
[2008/09/30 22:39:38 | 000,007,680 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/27 23:39:08 | 000,000,114 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\wklnhst.dat
[2008/09/26 13:16:40 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/05/21 22:19:06 | 000,155,648 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2008/02/27 03:59:45 | 000,101,605 | ---- | C] () -- C:\Windows\hpqins13.dat
[2007/08/20 08:34:08 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1318.dll
[2007/08/20 08:25:00 | 000,910,720 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/08/20 08:10:18 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007/03/23 15:44:45 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxdidrs.dll
[2007/02/09 14:07:06 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxdicnv4.dll
[2007/01/23 19:40:16 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxdicaps.dll
[2006/11/02 09:02:10 | 000,001,356 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\d3d9caps.dat
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,312,336 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/08/01 01:53:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdivs.dll
========== LOP Check ==========
[2008/09/22 21:56:47 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\7Wonders
[2008/10/07 20:18:01 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\FrostWire
[2008/09/22 18:39:46 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\WildTangent
[2008/10/07 22:34:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\7Wonders
[2011/04/18 00:21:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FrostWire
[2009/04/07 22:04:38 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Lexmark Productivity Studio
[2011/01/16 04:52:40 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenCandy
[2008/10/09 21:33:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PlayFirst
[2011/01/16 04:59:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Sammsoft
[2008/10/09 20:52:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Sierra Online
[2008/09/27 23:39:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Template
[2010/01/28 22:05:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Tific
[2011/04/18 18:54:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent
[2008/09/21 23:57:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WildTangent
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2008/09/05 18:40:22 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2009/04/07 01:30:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Lx_cats
[2008/02/27 03:44:55 | 000,000,000 | ---D | M] -- C:\ProgramData\muvee Technologies
[2011/03/29 03:04:08 | 000,000,000 | ---D | M] -- C:\ProgramData\NexonUS
[2010/01/17 23:19:27 | 000,000,000 | ---D | M] -- C:\ProgramData\PCSettings
[2011/03/29 01:33:35 | 000,000,000 | ---D | M] -- C:\ProgramData\PMB Files
[2008/10/09 20:52:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Sierra Online
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2010/01/17 19:55:31 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2008/02/27 03:22:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Viewpoint
[2008/10/13 13:36:36 | 000,000,000 | ---D | M] -- C:\ProgramData\WildTangent
[2011/03/28 21:42:49 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2008/02/27 03:58:11 | 000,000,000 | ---D | M] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2011/01/16 05:03:57 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/04/18 19:01:40 | 000,032,656 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2011/04/17 21:22:40 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D4A56E26-F1A8-42CD-874E-437B04B68BD8}.job
========== Purity Check ==========
========== Custom Scans ==========
< MD5 for: AGP440.SYS >
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\drivers\AGP440.sys
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\System32\drivers\atapi.sys
[2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 22:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 22:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\System32\cngaudit.dll
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EVENTLOG.DLL >
[2007/01/13 02:30:08 | 000,007,216 | -H-- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
< MD5 for: EXPLORER.EXE >
[2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 23:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 22:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 22:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: IASTOR.SYS >
[2007/09/30 02:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys
[2007/09/30 08:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\SwSetup\Drivers\IMSM\Files\64\iastor.sys
[2007/09/30 02:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\IaStor.sys
[2007/09/30 08:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\SwSetup\Drivers\IMSM\Files\32\iastor.sys
[2007/09/30 02:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\WINDOWS\System32\drivers\iaStor.sys
[2007/09/30 02:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\WINDOWS\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys
< MD5 for: IASTORV.SYS >
[2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\System32\drivers\iaStorV.sys
[2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\WINDOWS\System32\netlogon.dll
[2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/20 22:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NTOSKRNL.EXE >
[2008/09/18 00:35:07 | 003,470,904 | ---- | M] (Microsoft Corporation) MD5=03279407E78F76BA1131DAB35A5E55C0 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_6a18166cb7216faf\ntoskrnl.exe
[2009/08/05 10:10:22 | 003,548,216 | ---- | M] (Microsoft Corporation) MD5=09C5FB44F152EFF551A112C931DDE640 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b\ntoskrnl.exe
[2010/10/15 10:08:12 | 003,550,096 | ---- | M] (Microsoft Corporation) MD5=1ACD7FC485D0E0FF9097E08900D834CC -- C:\WINDOWS\System32\ntoskrnl.exe
[2010/10/15 10:08:12 | 003,550,096 | ---- | M] (Microsoft Corporation) MD5=1ACD7FC485D0E0FF9097E08900D834CC -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_6e08411ab1533fb9\ntoskrnl.exe
[2008/09/18 00:27:44 | 003,472,952 | ---- | M] (Microsoft Corporation) MD5=1E09CE4D9BB7B6521FB023CAE2E55F63 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_6abf2403d0296cc8\ntoskrnl.exe
[2008/09/18 01:09:09 | 003,549,240 | ---- | M] (Microsoft Corporation) MD5=1FD3E8BFFD38F9B145E4B2B238B692F7 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_6c0a2548b43efe06\ntoskrnl.exe
[2008/04/26 04:11:33 | 003,549,240 | ---- | M] (Microsoft Corporation) MD5=22D444D3D88A4C299894B3638A114BF7 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_6c8020e9cd6b0b39\ntoskrnl.exe
[2009/03/03 00:24:50 | 003,469,280 | ---- | M] (Microsoft Corporation) MD5=3910FE042C707E6BACD0FEC5AB9ECDE6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_6a29b702b714cf98\ntoskrnl.exe
[2009/03/03 00:46:01 | 003,547,632 | ---- | M] (Microsoft Corporation) MD5=393BB8FE05D66ABA7B091E6032179272 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_6c20c750b42ddca2\ntoskrnl.exe
[2009/08/05 13:15:59 | 003,547,736 | ---- | M] (Microsoft Corporation) MD5=3EEEDCCFB587BCB0E2DE075332498C11 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e\ntoskrnl.exe
[2009/08/05 10:28:44 | 003,467,864 | ---- | M] (Microsoft Corporation) MD5=4765C66A89E7151626FF3545B01D2601 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243\ntoskrnl.exe
[2010/06/08 12:47:40 | 003,548,552 | ---- | M] (Microsoft Corporation) MD5=47DB9968B8CF2031C46007F42CCE2437 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_6cc10bd5cd3a527d\ntoskrnl.exe
[2009/08/05 10:22:41 | 003,546,184 | ---- | M] (Microsoft Corporation) MD5=5302026B0FADB0819009798D3F6BCD77 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39\ntoskrnl.exe
[2009/08/04 08:34:19 | 003,548,216 | ---- | M] (Microsoft Corporation) MD5=575DD16BF4C21C2F7E2BBE203AC1E957 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137\ntoskrnl.exe
[2008/01/20 22:24:42 | 003,548,728 | ---- | M] (Microsoft Corporation) MD5=6700F35EBA206E5C89AC27C9A124DC01 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_6c3061a0b4231268\ntoskrnl.exe
[2009/04/11 02:32:49 | 003,549,672 | ---- | M] (Microsoft Corporation) MD5=6798DBF3F25721637AEF5B6C69911C9C -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_6e1bdaacb144ddb4\ntoskrnl.exe
[2009/03/03 00:22:43 | 003,471,328 | ---- | M] (Microsoft Corporation) MD5=808C86316AED98716C5F305A6265F393 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_6ac0fcb9d027d2b8\ntoskrnl.exe
[2010/10/15 10:08:12 | 003,552,144 | ---- | M] (Microsoft Corporation) MD5=8B5EEAA99965E26C3FBB9FAC8BD3B6A1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_6ea57f0fca62721a\ntoskrnl.exe
[2010/10/15 10:08:12 | 003,548,048 | ---- | M] (Microsoft Corporation) MD5=A573338BDCED710795C618EA5FCF48D5 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_6c17fdaab43422b6\ntoskrnl.exe
[2010/06/08 14:04:17 | 003,550,600 | ---- | M] (Microsoft Corporation) MD5=C5AB434D0C8FA38EAD136FB29E2504B7 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_6e8adbdfca772e22\ntoskrnl.exe
[2008/04/26 04:25:54 | 003,549,240 | ---- | M] (Microsoft Corporation) MD5=C9CD31B3CBA8134F2B47FB5E78376ACC -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_6bf282f6b4510613\ntoskrnl.exe
[2010/06/08 13:00:41 | 003,545,992 | ---- | M] (Microsoft Corporation) MD5=D5FA5D17F03E6D39E1A12431DD6F2A39 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_6be1ec28b45cb144\ntoskrnl.exe
[2009/08/05 10:10:15 | 003,469,896 | ---- | M] (Microsoft Corporation) MD5=D8DCA438CE571DB20BD8C4915CAC0760 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f\ntoskrnl.exe
[2008/09/18 00:54:49 | 003,549,752 | ---- | M] (Microsoft Corporation) MD5=DEA801F2D9FD1DB35ED6B9BC4A6657F1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_6c822363cd693b0e\ntoskrnl.exe
[2009/03/03 00:37:19 | 003,548,656 | ---- | M] (Microsoft Corporation) MD5=DFF34C5D66AB4BF1EED47BF19D1267BB -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_6c6c8571cd797017\ntoskrnl.exe
[2010/10/15 10:08:12 | 003,550,608 | ---- | M] (Microsoft Corporation) MD5=F276ABE13DD0BA1024A42A443E47A4A2 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_6c755c61cd731614\ntoskrnl.exe
[2010/06/08 13:35:04 | 003,548,040 | ---- | M] (Microsoft Corporation) MD5=F2BEE482023F146CF85EBB15B9E1CD35 -- C:\WINDOWS\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_6ddcff84b173b256\ntoskrnl.exe
< MD5 for: NVSTOR.SYS >
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\System32\drivers\nvstor.sys
[2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008/01/20 22:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\WINDOWS\System32\scecli.dll
[2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USERINIT.EXE >
[2008/01/20 22:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\System32\userinit.exe
[2008/01/20 22:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: UXTHEME.DLL >
[2008/01/20 22:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) MD5=999D69DEB576C2C424294DF025891CC6 -- C:\WINDOWS\System32\uxtheme.dll
[2008/01/20 22:23:43 | 000,240,128 | ---- | M] (Microsoft Corporation) MD5=999D69DEB576C2C424294DF025891CC6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-uxtheme_31bf3856ad364e35_6.0.6001.18000_none_a5e49ad4068f9b12\uxtheme.dll
< MD5 for: WINLOGON.EXE >
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\System32\winlogon.exe
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 22:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< C:\*.* >
[2011/04/18 07:54:10 | 000,000,000 | RH-- | M] () -- C:\2501i18lkr
[2008/02/27 03:45:25 | 000,000,074 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 02:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2008/02/27 03:22:08 | 000,000,383 | -H-- | M] () -- C:\IPH.PH
[2011/04/22 21:18:49 | 000,106,336 | ---- | M] () -- C:\OTL.Txt
[2011/04/22 21:19:13 | 000,106,336 | ---- | M] () -- C:\OTL2.txt
[2011/03/06 18:12:59 | 002,234,368 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe
[2011/04/18 19:07:10 | 1377,062,912 | -HS- | M] () -- C:\pagefile.sys
========== Alternate Data Streams ==========
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:FDCBDD8E
< End of report >
#4
Posted 26 April 2011 - 07:06 PM
JSntgRvr
-
- Global Moderator
-
- 11,579 posts
Global Moderator
- Boot to the OTLPE CD
- Please double-click OTLPE.exe to run it as you did before.
- Copy the lines in the quote below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
:OTL
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (C:\Windows\system32\m4yipu.dll) - {B9B220C2-A500-99BD-F120-04B53A2C8952} - C:\WINDOWS\System32\m4yipu.dll ()
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (no name) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - No CLSID value found.
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [conhost] C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\conhost.exe ()
O4 - HKLM..\Run: [HP Health Check Scheduler] File not found
O4 - HKLM..\Run: [MqmPd] File not found
O4 - HKLM..\Run: [MqmPfQ] File not found
O4 - HKLM..\Run: [MqmPme] File not found
O4 - HKLM..\Run: [MqmPoc] File not found
O4 - HKLM..\Run: [MqmPqg] File not found
O4 - HKLM..\Run: [MqmPrc] File not found
O4 - HKLM..\Run: [MqmPsd] File not found
O4 - HKLM..\Run: [MqmPte] File not found
O4 - HKLM..\Run: [MqmPth] File not found
O4 - HKLM..\Run: [MqmPusc] File not found
O4 - HKLM..\Run: [MqmPvZ] File not found
O4 - HKLM..\Run: [MqmPwe] File not found
O4 - HKLM..\Run: [MqmPwpc] File not found
O4 - HKLM..\Run: [MqmPY] File not found
O4 - HKLM..\Run: [MqmPz9] File not found
O4 - HKLM..\Run: [MqmPZP] File not found
O4 - HKLM..\Run: [Mqqsc] C:\WINDOWS\drweb.exe ()
O4 - HKLM..\Run: [MqqZ] C:\WINDOWS\cmd.exe ()
O4 - HKLM..\Run: [MqrMc] C:\WINDOWS\gdi32.exe ()
O4 - HKLM..\Run: [MqsZ] C:\WINDOWS\mdm.exe ()
O4 - HKLM..\Run: [Mqug] C:\WINDOWS\smss.exe ()
O4 - HKLM..\Run: [Mqutc] C:\WINDOWS\sysedit.exe ()
O4 - HKLM..\Run: [Mquuf] C:\WINDOWS\spoolsv.exe ()
O4 - HKLM..\Run: [MqvPc] C:\WINDOWS\win32.exe ()
O4 - HKLM..\Run: [Mqvpe] C:\WINDOWS\winamp.exe ()
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [SunJavaUpdateSched] File not found
O4 - HKLM..\Run: [Anudevezuyocadis] C:\Windows\System32\config\systemprofile\AppData\Local\exegumesawegu.dll (Andrea Electronics Corporation)
O4 - HKU\.DEFAULT..\Run: [506E7F4A_0] File not found
O4 - HKU\.DEFAULT..\Run: [Hmibupewukuwup] C:\Windows\System32\config\systemprofile\AppData\Local\Wroxdstc.dll (ArcSoft Inc.)
O4 - HKU\.DEFAULT..\Run: [JwWeagugDQKT] C:\ProgramData\JwWeagugDQKT.exe (BitSprx)
O4 - HKU\.DEFAULT..\Run: [MqmPd] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPfQ] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPme] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPoc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPqg] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPrc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPsd] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPte] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPth] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPusc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPvZ] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPwe] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPwpc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPY] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPz9] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPZP] File not found
O4 - HKU\.DEFAULT..\Run: [Mqqsc] C:\WINDOWS\drweb.exe ()
O4 - HKU\.DEFAULT..\Run: [MqqZ] C:\WINDOWS\cmd.exe ()
O4 - HKU\.DEFAULT..\Run: [MqrMc] C:\WINDOWS\gdi32.exe ()
O4 - HKU\.DEFAULT..\Run: [MqsZ] C:\WINDOWS\mdm.exe ()
O4 - HKU\.DEFAULT..\Run: [Mqug] C:\WINDOWS\smss.exe ()
O4 - HKU\.DEFAULT..\Run: [Mqutc] C:\WINDOWS\sysedit.exe ()
O4 - HKU\.DEFAULT..\Run: [Mquuf] C:\WINDOWS\spoolsv.exe ()
O4 - HKU\.DEFAULT..\Run: [MqvPc] C:\WINDOWS\win32.exe ()
O4 - HKU\.DEFAULT..\Run: [Mqvpe] C:\WINDOWS\winamp.exe ()
O4 - HKU\Owner_ON_C..\Run: [arg70techsdk.exe] File not found
O4 - HKU\Owner_ON_C..\Run: [EDF919B4FAA377BF] C:\winclaster\winclaster.exe (Yprcf Icntvwmosb)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: WinUpdates = C:\Windows\windupdate\svchost.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: yj9khn = C:\Windows\TEMP\jizz.exe
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O22 - SharedTaskScheduler: {B9B220C2-A500-99BD-F120-04B53A2C8952} - yshbef87w3hubdjnjksdf - C:\WINDOWS\System32\m4yipu.dll ()
:Commands
[EMPTYTEMP] - Return to OTLPE, right click in the "Custom Scans/Fixes" window and choose Paste.
- Click the red Run Fix button.
- A report will be produced and saved in the C:\_OTL\MovedFiles folder in the form of Date_Time.log. Open that report and post its contents in a reply.
Restart the computer back to the OTLPE CD.
- Double-click on the OTLPE icon.
- When asked "Do you wish to load the remote registry", select Yes
- When asked "Do you wish to load remote user profile(s) for scanning", select Yes
- Ensure the box "Automatically Load All Remaining Users" is checked and press OK
- OTL should now start. Change the following settings
- Change Drivers to All
- Change Standard Registry to All
- Under the Custom Scan box paste this in
/md5start
volsnap.sys
/md5stop
- Press Run Scan to start the scan.
- When finished, the file will be saved in drive C:\OTL.txt
- Copy this file to your USB drive.
- Please post the contents of the C:\OTL.txt file in your reply also.
#5
Posted 26 April 2011 - 07:17 PM
TechNooby
- Topic Starter
-
- Member
-
- 7 posts
New Member
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9B220C2-A500-99BD-F120-04B53A2C8952}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9B220C2-A500-99BD-F120-04B53A2C8952}\ deleted successfully.
C:\WINDOWS\System32\m4yipu.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ deleted successfully.
C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{9D425283-D487-4337-BAB6-AB8354A81457} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}\ deleted successfully.
C:\Program Files\Search Toolbar\SearchToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_USERS\Guest_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}\ not found.
Registry value HKEY_USERS\Owner_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
File C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL not found.
Registry value HKEY_USERS\Owner_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{9D425283-D487-4337-BAB6-AB8354A81457} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}\ not found.
File C:\Program Files\Search Toolbar\SearchToolbar.dll not found.
Registry value HKEY_USERS\Owner_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\conhost deleted successfully.
C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\conhost.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Health Check Scheduler deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPd deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPfQ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPme deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPoc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPqg deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPrc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPsd deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPte deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPth deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPusc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPvZ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPwe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPwpc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPY deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPz9 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPZP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Mqqsc deleted successfully.
C:\WINDOWS\drweb.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqqZ deleted successfully.
C:\WINDOWS\cmd.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqrMc deleted successfully.
C:\WINDOWS\gdi32.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqsZ deleted successfully.
C:\WINDOWS\mdm.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Mqug deleted successfully.
C:\WINDOWS\smss.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Mqutc deleted successfully.
C:\WINDOWS\sysedit.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Mquuf deleted successfully.
C:\WINDOWS\spoolsv.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqvPc deleted successfully.
C:\WINDOWS\win32.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Mqvpe deleted successfully.
C:\WINDOWS\winamp.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\My Web Search Bar Search Scope Monitor deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Anudevezuyocadis deleted successfully.
C:\WINDOWS\System32\config\systemprofile\AppData\Local\exegumesawegu.dll moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\506E7F4A_0 deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Hmibupewukuwup deleted successfully.
C:\WINDOWS\System32\config\systemprofile\AppData\Local\Wroxdstc.dll moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\JwWeagugDQKT deleted successfully.
C:\ProgramData\JwWeagugDQKT.exe moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPd deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPfQ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPme deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPoc deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPqg deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPrc deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPsd deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPte deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPth deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPusc deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPvZ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPwe deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPwpc deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPY deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPz9 deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPZP deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Mqqsc deleted successfully.
File C:\WINDOWS\drweb.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqqZ deleted successfully.
File C:\WINDOWS\cmd.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqrMc deleted successfully.
File C:\WINDOWS\gdi32.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqsZ deleted successfully.
File C:\WINDOWS\mdm.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Mqug deleted successfully.
File C:\WINDOWS\smss.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Mqutc deleted successfully.
File C:\WINDOWS\sysedit.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Mquuf deleted successfully.
File C:\WINDOWS\spoolsv.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqvPc deleted successfully.
File C:\WINDOWS\win32.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Mqvpe deleted successfully.
File C:\WINDOWS\winamp.exe not found.
Registry value HKEY_USERS\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\arg70techsdk.exe deleted successfully.
Registry value HKEY_USERS\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\EDF919B4FAA377BF deleted successfully.
C:\winclaster\winclaster.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\BindDirectlyToPropertySetStorage deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\WinUpdates deleted successfully.
C:\WINDOWS\windupdate\svchost.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\yj9khn deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoFolderOptions deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{B9B220C2-A500-99BD-F120-04B53A2C8952} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9B220C2-A500-99BD-F120-04B53A2C8952}\ not found.
File C:\WINDOWS\System32\m4yipu.dll not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Owner
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
Total Files Cleaned = 0.00 mb
OTLPE by OldTimer - Version 3.1.46.0 log created on 04272011_041401
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9B220C2-A500-99BD-F120-04B53A2C8952}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9B220C2-A500-99BD-F120-04B53A2C8952}\ deleted successfully.
C:\WINDOWS\System32\m4yipu.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ deleted successfully.
C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{9D425283-D487-4337-BAB6-AB8354A81457} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}\ deleted successfully.
C:\Program Files\Search Toolbar\SearchToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_USERS\Guest_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}\ not found.
Registry value HKEY_USERS\Owner_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
File C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL not found.
Registry value HKEY_USERS\Owner_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{9D425283-D487-4337-BAB6-AB8354A81457} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}\ not found.
File C:\Program Files\Search Toolbar\SearchToolbar.dll not found.
Registry value HKEY_USERS\Owner_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\conhost deleted successfully.
C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\conhost.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Health Check Scheduler deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPd deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPfQ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPme deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPoc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPqg deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPrc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPsd deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPte deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPth deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPusc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPvZ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPwe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPwpc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPY deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPz9 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPZP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Mqqsc deleted successfully.
C:\WINDOWS\drweb.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqqZ deleted successfully.
C:\WINDOWS\cmd.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqrMc deleted successfully.
C:\WINDOWS\gdi32.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqsZ deleted successfully.
C:\WINDOWS\mdm.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Mqug deleted successfully.
C:\WINDOWS\smss.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Mqutc deleted successfully.
C:\WINDOWS\sysedit.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Mquuf deleted successfully.
C:\WINDOWS\spoolsv.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqvPc deleted successfully.
C:\WINDOWS\win32.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Mqvpe deleted successfully.
C:\WINDOWS\winamp.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\My Web Search Bar Search Scope Monitor deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Anudevezuyocadis deleted successfully.
C:\WINDOWS\System32\config\systemprofile\AppData\Local\exegumesawegu.dll moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\506E7F4A_0 deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Hmibupewukuwup deleted successfully.
C:\WINDOWS\System32\config\systemprofile\AppData\Local\Wroxdstc.dll moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\JwWeagugDQKT deleted successfully.
C:\ProgramData\JwWeagugDQKT.exe moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPd deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPfQ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPme deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPoc deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPqg deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPrc deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPsd deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPte deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPth deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPusc deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPvZ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPwe deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPwpc deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPY deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPz9 deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqmPZP deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Mqqsc deleted successfully.
File C:\WINDOWS\drweb.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqqZ deleted successfully.
File C:\WINDOWS\cmd.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqrMc deleted successfully.
File C:\WINDOWS\gdi32.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqsZ deleted successfully.
File C:\WINDOWS\mdm.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Mqug deleted successfully.
File C:\WINDOWS\smss.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Mqutc deleted successfully.
File C:\WINDOWS\sysedit.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Mquuf deleted successfully.
File C:\WINDOWS\spoolsv.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MqvPc deleted successfully.
File C:\WINDOWS\win32.exe not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Mqvpe deleted successfully.
File C:\WINDOWS\winamp.exe not found.
Registry value HKEY_USERS\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\arg70techsdk.exe deleted successfully.
Registry value HKEY_USERS\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\EDF919B4FAA377BF deleted successfully.
C:\winclaster\winclaster.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\BindDirectlyToPropertySetStorage deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\WinUpdates deleted successfully.
C:\WINDOWS\windupdate\svchost.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\yj9khn deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoFolderOptions deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{B9B220C2-A500-99BD-F120-04B53A2C8952} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9B220C2-A500-99BD-F120-04B53A2C8952}\ not found.
File C:\WINDOWS\System32\m4yipu.dll not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Owner
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
Total Files Cleaned = 0.00 mb
OTLPE by OldTimer - Version 3.1.46.0 log created on 04272011_041401
#6
Posted 26 April 2011 - 07:22 PM
JSntgRvr
-
- Global Moderator
-
- 11,579 posts
Global Moderator
There is another report after the fix.
#7
Posted 26 April 2011 - 08:00 PM
JSntgRvr
-
- Global Moderator
-
- 11,579 posts
Global Moderator
Sorry, but I was also expecting this report.
Restart the computer back to the OTLPE CD.
Restart the computer back to the OTLPE CD.
- Double-click on the OTLPE icon.
- When asked "Do you wish to load the remote registry", select Yes
- When asked "Do you wish to load remote user profile(s) for scanning", select Yes
- Ensure the box "Automatically Load All Remaining Users" is checked and press OK
- OTL should now start. Change the following settings
- Change Drivers to All
- Change Standard Registry to All
- Under the Custom Scan box paste this in
/md5start
volsnap.sys
/md5stop
- Press Run Scan to start the scan.
- When finished, the file will be saved in drive C:\OTL.txt
- Copy this file to your USB drive.
- Please post the contents of the C:\OTL.txt file in your reply also.
#8
Posted 26 April 2011 - 08:32 PM
TechNooby
- Topic Starter
-
- Member
-
- 7 posts
New Member
OTL logfile created on: 4/27/2011 6:19:56 AM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Windows Vista ™ Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,014.00 Mb Total Physical Memory | 726.00 Mb Available Physical Memory | 72.00% Memory free
902.00 Mb Paging File | 775.00 Mb Available in Paging File | 86.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 137.58 Gb Total Space | 67.41 Gb Free Space | 49.00% Space Free | Partition Type: NTFS
Drive E: | 11.47 Gb Total Space | 2.01 Gb Free Space | 17.53% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - [2011/02/28 21:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 13:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/01/08 04:51:02 | 000,380,928 | -H-- | M] (Spigot, Inc.) [Auto] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2009/10/20 02:34:55 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe -- (NIS)
SRV - [2009/04/08 00:15:44 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto] -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/03 18:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/06/11 10:14:51 | 000,517,040 | ---- | M] ( ) [Auto] -- C:\Windows\System32\lxdicoms.exe -- (lxdi_device)
SRV - [2007/06/11 10:14:42 | 000,099,248 | ---- | M] () [Auto] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe -- (lxdiCATSCustConnectService)
SRV - [2007/03/05 12:30:06 | 000,110,592 | -H-- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
========== Driver Services (All) ==========
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (NAVEX15)
DRV - File not found [Kernel | On_Demand] -- -- (NAVENG)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand] -- -- (EagleNT)
DRV - [2011/02/22 09:24:10 | 000,213,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV - [2011/02/22 09:24:02 | 000,079,360 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV - [2011/02/22 09:23:59 | 000,106,496 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV - [2011/02/22 09:23:55 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\bowser.sys -- (bowser)
DRV - [2011/02/18 10:03:32 | 000,305,152 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\srv.sys -- (srv)
DRV - [2011/02/18 10:03:10 | 000,146,432 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\srv2.sys -- (srv2)
DRV - [2011/02/18 10:03:06 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\srvnet.sys -- (srvnet)
DRV - [2011/01/20 12:37:37 | 000,638,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV - [2010/09/28 19:44:52 | 000,041,984 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2010/06/16 12:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tcpip.sys -- (Tcpip6)
DRV - [2010/06/16 12:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\tcpip.sys -- (Tcpip)
DRV - [2010/02/20 16:53:34 | 000,411,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\http.sys -- (HTTP)
DRV - [2010/01/18 04:47:57 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/01/17 23:43:18 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/12/08 13:26:18 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV - [2009/12/05 00:54:05 | 000,529,456 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2009/11/05 18:06:13 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\NIS\1101000.013\SymDS.sys -- (SymDS)
DRV - [2009/10/28 18:37:22 | 000,343,088 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20100119.001\IDSvix86.sys -- (IDSVix86)
DRV - [2009/10/20 02:35:50 | 000,501,888 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NIS\1101000.013\ccHPx86.sys -- (ccHP)
DRV - [2009/10/14 21:50:48 | 000,339,504 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NIS\1101000.013\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2009/10/08 22:55:01 | 000,171,056 | R--- | M] (Symantec Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\NIS\1101000.013\SymEFA.sys -- (SymEFA)
DRV - [2009/10/08 22:54:25 | 000,114,736 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NIS\1101000.013\Ironx86.SYS -- (SymIRON)
DRV - [2009/10/08 22:54:10 | 000,325,168 | R--- | M] (Symantec Corporation) [File_System | System] -- C:\Windows\system32\drivers\NIS\1101000.013\SRTSP.SYS -- (SRTSP)
DRV - [2009/10/08 22:54:10 | 000,043,696 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NIS\1101000.013\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009/09/30 21:01:54 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV - [2009/06/15 19:15:25 | 000,439,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009/05/18 17:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/04/11 02:33:03 | 000,292,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volmgrx.sys -- (volmgrx)
DRV - [2009/04/11 02:32:55 | 000,226,280 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2009/04/11 02:32:55 | 000,149,480 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\pci.sys -- (pci)
DRV - [2009/04/11 02:32:52 | 000,053,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\termdd.sys -- (TermDD)
DRV - [2009/04/11 02:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2009/04/11 02:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2009/04/11 02:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\acpi.sys -- (ACPI)
DRV - [2009/04/11 02:32:46 | 000,245,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\clfs.sys -- (CLFS) Common Log (CLFS)
DRV - [2009/04/11 02:32:46 | 000,190,424 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2009/04/11 02:32:46 | 000,180,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\msiscsi.sys -- (iScsiPrt)
DRV - [2009/04/11 02:32:46 | 000,161,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC)
DRV - [2009/04/11 02:32:43 | 000,141,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ecache.sys -- (Ecache)
DRV - [2009/04/11 02:32:31 | 000,054,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (partmgr)
DRV - [2009/04/11 02:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\disk.sys -- (disk)
DRV - [2009/04/11 02:32:31 | 000,048,104 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\atapi.sys -- (atapi)
DRV - [2009/04/11 00:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2009/04/11 00:47:03 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\system32\drivers\afd.sys -- (AFD)
DRV - [2009/04/11 00:46:40 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rassstp.sys -- (RasSstp)
DRV - [2009/04/11 00:46:32 | 000,121,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2009/04/11 00:46:30 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2009/04/11 00:45:56 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\tdx.sys -- (tdx)
DRV - [2009/04/11 00:45:51 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\pacer.sys -- (PSched)
DRV - [2009/04/11 00:45:37 | 000,185,856 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\netbt.sys -- (netbt)
DRV - [2009/04/11 00:45:22 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\smb.sys -- (Smb)
DRV - [2009/04/11 00:43:28 | 000,148,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\nwifi.sys -- (NativeWifiP)
DRV - [2009/04/11 00:43:16 | 000,196,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbhub.sys -- (usbhub)
DRV - [2009/04/11 00:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2009/04/11 00:42:52 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbehci.sys -- (usbehci)
DRV - [2009/04/11 00:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2009/04/11 00:42:48 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\hidusb.sys -- (HidUsb)
DRV - [2009/04/11 00:42:42 | 000,561,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2009/04/11 00:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2009/04/11 00:38:40 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2009/04/11 00:14:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2009/04/11 00:14:29 | 000,225,280 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\rdbss.sys -- (rdbss)
DRV - [2009/04/11 00:14:12 | 000,075,264 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2009/04/11 00:14:01 | 000,035,328 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs)
DRV - [2009/04/11 00:13:59 | 000,226,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (udfs)
DRV - [2009/04/11 00:13:53 | 000,136,704 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\exfat.sys -- (exfat)
DRV - [2009/04/11 00:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat)
DRV - [2008/01/20 22:24:59 | 000,083,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\WUDFRd.sys -- (WUDFRd)
DRV - [2008/01/20 22:24:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV - [2008/01/20 22:24:57 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/01/20 22:24:55 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2008/01/20 22:24:55 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2008/01/20 22:24:55 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/01/20 22:24:51 | 000,006,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mstee.sys -- (MSTEE)
DRV - [2008/01/20 22:24:51 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/01/20 22:24:51 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/01/20 22:24:50 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/01/20 22:24:50 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/01/20 22:24:50 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV - [2008/01/20 22:24:47 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV - [2008/01/20 22:24:47 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\nsiproxy.sys -- (nsiproxy)
DRV - [2008/01/20 22:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2008/01/20 22:24:37 | 000,084,480 | ---- | M] (Microsoft Corporation) [File_System | Auto] -- C:\Windows\system32\drivers\luafv.sys -- (luafv)
DRV - [2008/01/20 22:24:37 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\rspndr.sys -- (rspndr)
DRV - [2008/01/20 22:24:37 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\lltdio.sys -- (lltdio)
DRV - [2008/01/20 22:24:25 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ipnat.sys -- (IPNAT)
DRV - [2008/01/20 22:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV - [2008/01/20 22:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/01/20 22:24:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2008/01/20 22:24:25 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tunnel.sys -- (tunnel)
DRV - [2008/01/20 22:24:25 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008/01/20 22:24:25 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\TUNMP.SYS -- (tunmp)
DRV - [2008/01/20 22:24:21 | 000,027,648 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\filetrace.sys -- (Filetrace)
DRV - [2008/01/20 22:24:20 | 000,035,840 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/01/20 22:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\rasacd.sys -- (RasAcd)
DRV - [2008/01/20 22:24:11 | 000,021,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\spldr.sys -- (spldr)
DRV - [2008/01/20 22:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/01/20 22:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/01/20 22:24:06 | 000,012,800 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2008/01/20 22:24:06 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV - [2008/01/20 22:24:04 | 000,058,936 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\fileinfo.sys -- (FileInfo)
DRV - [2008/01/20 22:24:04 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/01/20 22:23:54 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/01/20 22:23:51 | 000,503,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2008/01/20 22:23:51 | 000,070,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (cdfs)
DRV - [2008/01/20 22:23:51 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/01/20 22:23:50 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\null.sys -- (Null)
DRV - [2008/01/20 22:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\beep.sys -- (Beep)
DRV - [2008/01/20 22:23:43 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/01/20 22:23:31 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV - [2008/01/20 22:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 22:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 22:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbscan.sys -- (usbscan)
DRV - [2008/01/20 22:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 22:23:26 | 000,134,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV - [2008/01/20 22:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 22:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 22:23:26 | 000,041,016 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2008/01/20 22:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 22:23:26 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\circlass.sys -- (circlass)
DRV - [2008/01/20 22:23:26 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\CmBatt.sys -- (CmBatt)
DRV - [2008/01/20 22:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 22:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 22:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 22:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/20 22:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 22:23:24 | 000,022,072 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\wd.sys -- (Wd)
DRV - [2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 22:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 22:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 22:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 22:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2008/01/20 22:23:23 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2008/01/20 22:23:23 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV - [2008/01/20 22:23:23 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sffp_sd.sys -- (sffp_sd)
DRV - [2008/01/20 22:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 22:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/20 22:23:22 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ipmidrv.sys -- (IPMIDRV)
DRV - [2008/01/20 22:23:22 | 000,061,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\gagp30kx.sys -- (gagp30kx)
DRV - [2008/01/20 22:23:22 | 000,059,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\uagp35.sys -- (uagp35)
DRV - [2008/01/20 22:23:22 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\monitor.sys -- (monitor)
DRV - [2008/01/20 22:23:22 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\umbus.sys -- (umbus)
DRV - [2008/01/20 22:23:22 | 000,024,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\crcdisk.sys -- (crcdisk)
DRV - [2008/01/20 22:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/01/20 22:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 22:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 22:23:21 | 000,094,776 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\msdsm.sys -- (msdsm)
DRV - [2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 22:23:21 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/01/20 22:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2008/01/20 22:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 22:23:20 | 000,105,016 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mpio.sys -- (mpio)
DRV - [2008/01/20 22:23:20 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/01/20 22:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/01/20 22:23:20 | 000,034,360 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\mouclass.sys -- (mouclass)
DRV - [2008/01/20 22:23:20 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\fdc.sys -- (fdc)
DRV - [2008/01/20 22:23:20 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (flpydisk)
DRV - [2008/01/20 22:23:20 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sermouse.sys -- (sermouse)
DRV - [2008/01/20 22:23:20 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2008/01/20 22:23:03 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008/01/20 22:23:03 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\usbohci.sys -- (usbohci)
DRV - [2008/01/20 22:23:02 | 000,030,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\i2omp.sys -- (i2omp)
DRV - [2008/01/20 22:23:02 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\vgapnp.sys -- (vga)
DRV - [2008/01/20 22:23:01 | 000,248,832 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/01/20 22:23:01 | 000,109,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\nv_agp.sys -- (nv_agp)
DRV - [2008/01/20 22:23:01 | 000,060,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\uliagpkx.sys -- (uliagpkx)
DRV - [2008/01/20 22:23:01 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\amdagp.sys -- (amdagp)
DRV - [2008/01/20 22:23:01 | 000,056,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\viaagp.sys -- (viaagp)
DRV - [2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\agp440.sys -- (agp440)
DRV - [2008/01/20 22:23:01 | 000,055,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sisagp.sys -- (sisagp)
DRV - [2008/01/20 22:23:01 | 000,052,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volmgr.sys -- (volmgr)
DRV - [2008/01/20 22:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/01/20 22:23:01 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2008/01/20 22:23:01 | 000,031,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/01/20 22:23:01 | 000,016,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\msisadrv.sys -- (msisadrv)
DRV - [2008/01/20 22:23:01 | 000,015,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\swenum.sys -- (swenum)
DRV - [2008/01/20 22:23:00 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\amdk8.sys -- (AmdK8)
DRV - [2008/01/20 22:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\viac7.sys -- (ViaC7)
DRV - [2008/01/20 22:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/01/20 22:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\amdk7.sys -- (AmdK7)
DRV - [2008/01/20 22:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\processr.sys -- (Processor)
DRV - [2008/01/20 22:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\crusoe.sys -- (Crusoe)
DRV - [2008/01/20 22:23:00 | 000,028,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\msahci.sys -- (msahci)
DRV - [2008/01/20 22:23:00 | 000,020,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\compbatt.sys -- (Compbatt)
DRV - [2008/01/20 22:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 22:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 22:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\intelide.sys -- (intelide)
DRV - [2008/01/20 22:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\amdide.sys -- (amdide)
DRV - [2008/01/20 22:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/20 22:23:00 | 000,016,440 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\pciide.sys -- (pciide)
DRV - [2008/01/20 22:23:00 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2008/01/20 22:23:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\errdev.sys -- (ErrDev)
DRV - [2007/10/11 07:17:56 | 000,176,640 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/09/30 02:03:12 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\iaStor.sys -- (iaStor)
DRV - [2007/09/27 20:33:26 | 000,056,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2007/08/20 08:25:56 | 001,790,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/07/10 10:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/07/03 20:59:10 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)
DRV - [2007/07/03 20:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 20:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 20:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007/06/25 07:53:10 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/06/20 07:29:56 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/06/20 07:28:34 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/06/20 07:28:22 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/06/18 19:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/05/30 18:40:42 | 000,735,232 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr)
DRV - [2007/04/23 17:51:08 | 000,050,176 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006/11/02 05:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\pcmcia.sys -- (pcmcia)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 05:04:35 | 000,878,080 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\PEAuth.sys -- (PEAUTH)
DRV - [2006/11/02 04:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2006/11/02 04:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\hidbth.sys -- (HidBth)
DRV - [2006/11/02 04:55:16 | 000,062,080 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2006/11/02 04:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV - [2006/11/02 04:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\hidir.sys -- (HidIr)
DRV - [2006/11/02 04:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\wacompen.sys -- (WacomPen)
DRV - [2006/11/02 04:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2006/11/02 04:51:30 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\serial.sys -- (Serial)
DRV - [2006/11/02 04:51:30 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\parport.sys -- (Parport)
DRV - [2006/11/02 04:51:25 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\serenum.sys -- (Serenum)
DRV - [2006/11/02 04:51:23 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\Windows\system32\drivers\parvdm.sys -- (Parvdm)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 03:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/11/02 03:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/11/02 03:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\Windows\System32\WINSOCK.DLL -- (Winsock)
DRV - [2006/11/02 02:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/06/28 12:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2006/06/18 19:26:58 | 000,012,672 | ---- | M] (Conexant) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\mdmxsdk.sys -- (mdmxsdk)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...sario&pf=laptop
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...sario&pf=laptop
IE - HKU\.DEFAULT\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57152
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Administrator_ON_C\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKU\Administrator_ON_C\..\URLSearchHook: {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - Reg Error: Key error. File not found
IE - HKU\Administrator_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Guest_ON_C\..\URLSearchHook: {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - Reg Error: Key error. File not found
IE - HKU\Guest_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Guest_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\LocalService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\NetworkService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=14196&l=dis
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Owner_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - File not found
IE - HKU\Owner_ON_C\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKU\Owner_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Owner_ON_C\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll (Spigot, Inc.)
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/01/18 05:03:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\IPSFFPlgn\ [2010/01/17 23:44:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{4C0766D3-67A7-45a3-85A2-752F77312F32}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\coFFPlgn\ [2010/01/17 23:44:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2A4DC605-AB14-40C6-99F5-A347CAAD2899}: C:\Windows\system32\config\systemprofile\AppData\Local\{2A4DC605-AB14-40C6-99F5-A347CAAD2899}\ [2011/04/18 19:54:19 | 000,000,000 | -H-D | M]
O1 HOSTS File: ([2011/04/18 19:54:04 | 000,000,047 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 173.192.170.88 drghwaweg45j4i6u3q32fg2h.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (C:\Windows\system32\m4yipu.dll) - {B9B220C2-A500-99BD-F120-04B53A2C8952} - File not found
O2 - BHO: (HP Print Clips) - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - File not found
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - File not found
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (no name) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - No CLSID value found.
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - File not found
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - File not found
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Anudevezuyocadis] File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [cftmon] C:\WINDOWS\System32\xnfcz.exe (EXRVXHNUDTSCDT)
O4 - HKLM..\Run: [conhost] File not found
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] File not found
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [MqmPd] File not found
O4 - HKLM..\Run: [MqmPfQ] File not found
O4 - HKLM..\Run: [MqmPme] File not found
O4 - HKLM..\Run: [MqmPoc] File not found
O4 - HKLM..\Run: [MqmPqg] File not found
O4 - HKLM..\Run: [MqmPrc] File not found
O4 - HKLM..\Run: [MqmPsd] File not found
O4 - HKLM..\Run: [MqmPte] File not found
O4 - HKLM..\Run: [MqmPth] File not found
O4 - HKLM..\Run: [MqmPusc] File not found
O4 - HKLM..\Run: [MqmPvZ] File not found
O4 - HKLM..\Run: [MqmPwe] File not found
O4 - HKLM..\Run: [MqmPwpc] File not found
O4 - HKLM..\Run: [MqmPY] File not found
O4 - HKLM..\Run: [MqmPz9] File not found
O4 - HKLM..\Run: [MqmPZP] File not found
O4 - HKLM..\Run: [Mqqsc] File not found
O4 - HKLM..\Run: [MqqZ] File not found
O4 - HKLM..\Run: [MqrMc] File not found
O4 - HKLM..\Run: [MqsZ] File not found
O4 - HKLM..\Run: [Mqug] File not found
O4 - HKLM..\Run: [Mqutc] File not found
O4 - HKLM..\Run: [Mquuf] File not found
O4 - HKLM..\Run: [MqvPc] File not found
O4 - HKLM..\Run: [Mqvpe] File not found
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] File not found
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QlbCtrl] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QPService] C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [506E7F4A_0] File not found
O4 - HKU\.DEFAULT..\Run: [Hmibupewukuwup] File not found
O4 - HKU\.DEFAULT..\Run: [JwWeagugDQKT] File not found
O4 - HKU\.DEFAULT..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\.DEFAULT..\Run: [MqmPd] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPfQ] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPme] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPoc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPqg] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPrc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPsd] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPte] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPth] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPusc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPvZ] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPwe] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPwpc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPY] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPz9] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPZP] File not found
O4 - HKU\.DEFAULT..\Run: [Mqqsc] File not found
O4 - HKU\.DEFAULT..\Run: [MqqZ] File not found
O4 - HKU\.DEFAULT..\Run: [MqrMc] File not found
O4 - HKU\.DEFAULT..\Run: [MqsZ] File not found
O4 - HKU\.DEFAULT..\Run: [Mqug] File not found
O4 - HKU\.DEFAULT..\Run: [Mqutc] File not found
O4 - HKU\.DEFAULT..\Run: [Mquuf] File not found
O4 - HKU\.DEFAULT..\Run: [MqvPc] File not found
O4 - HKU\.DEFAULT..\Run: [Mqvpe] File not found
O4 - HKU\Administrator_ON_C..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
O4 - HKU\Administrator_ON_C..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\Administrator_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\Administrator_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Guest_ON_C..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
O4 - HKU\Guest_ON_C..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\Guest_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\Guest_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Owner_ON_C..\Run: [arg70techsdk.exe] File not found
O4 - HKU\Owner_ON_C..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\ARO.exe (Sammsoft)
O4 - HKU\Owner_ON_C..\Run: [EDF919B4FAA377BF] File not found
O4 - HKU\Owner_ON_C..\Run: [ehTray.exe] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKU\Owner_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\Owner_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: WinUpdates = C:\Windows\windupdate\svchost.exe
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: yj9khn = C:\Windows\TEMP\jizz.exe
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Guest_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Windows\system32\config\systemprofile\AppData\Roaming\dwm.exe) - C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\dwm.exe ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {B9B220C2-A500-99BD-F120-04B53A2C8952} - yshbef87w3hubdjnjksdf - File not found
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\CompaqTrace.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\CompaqTrace.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/02/27 03:45:25 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 11:18:54 | 000,000,340 | -HS- | M] () - E:\AUTOMODE -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{98ae1e19-7b98-11dd-a1d8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{98ae1e19-7b98-11dd-a1d8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\hbcd\wintools\autorun.exe
O33 - MountPoints2\{98ae1e19-7b98-11dd-a1d8-806e6f6e6963}\Shell\Option1\Command - "" = E:\hbcd\wintools\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/04/24 02:39:56 | 000,000,000 | ---D | C] -- C:\Program Files\Smart-ActiveX
[2011/04/22 21:57:20 | 002,234,368 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2011/04/22 18:27:38 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/04/18 20:01:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011/04/18 20:01:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011/04/18 19:56:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/04/18 19:55:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Identities
[2011/04/18 19:54:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\{2A4DC605-AB14-40C6-99F5-A347CAAD2899}
[2011/04/18 19:51:54 | 000,405,504 | ---- | C] (EXRVXHNUDTSCDT) -- C:\Windows\System32\xnfcz.exe
[2011/04/18 19:51:14 | 000,000,000 | ---D | C] -- C:\Temp
[2011/04/18 19:51:01 | 000,000,000 | ---D | C] -- C:\Windows\windupdate
[2011/04/18 16:30:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\Adobe
[2011/04/18 16:07:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/04/18 13:53:09 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Macromedia
[2011/04/18 13:53:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Adobe
[2011/04/18 13:24:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6E9ED99F-F492-44D0-895A-4641EA3196CD}
[2011/04/18 13:22:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antimalware Doctor
[2011/04/18 01:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011/04/18 01:24:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\uTorrent
[2011/04/14 23:13:15 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/04/14 23:13:15 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/04/14 23:13:13 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/04/14 23:13:13 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/04/14 23:13:04 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/04/14 23:13:04 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/14 23:13:03 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/04/14 23:13:03 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/14 23:13:02 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/14 23:13:02 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/14 23:13:02 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/04/14 23:13:02 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/04/14 23:13:02 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/04/14 23:13:02 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/04/14 23:13:02 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/04/14 23:13:02 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/04/14 23:13:02 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/04/14 23:13:02 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/14 23:13:01 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/14 23:13:01 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/04/14 23:13:01 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/04/14 23:12:58 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/04/14 23:12:56 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/04/14 23:12:50 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/14 23:12:50 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/04/07 14:03:44 | 000,000,000 | ---D | C] -- C:\27af692dc708fcf898bda1f57c921a01
[2011/04/07 14:03:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/04/07 14:03:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011/04/04 13:01:45 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/04/01 03:07:51 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2011/04/01 03:07:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011/03/30 20:21:41 | 000,000,000 | ---D | C] -- C:\5508e34d966670d992f8aa2c0a78
[2011/03/30 20:09:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/03/30 20:02:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011/03/30 20:02:09 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/03/30 20:02:09 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/03/30 20:02:09 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/03/30 20:02:05 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011/03/30 20:02:05 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011/03/30 20:02:00 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011/03/30 20:02:00 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/03/30 20:02:00 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011/03/30 20:02:00 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011/03/30 20:02:00 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011/03/30 20:01:47 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/03/30 20:01:47 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011/03/30 20:01:47 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/03/30 20:01:47 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/03/30 20:01:46 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/03/29 03:09:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2011/03/29 03:04:14 | 000,000,000 | ---D | C] -- C:\Nexon
[2011/03/29 03:04:08 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS
[2011/03/29 00:24:51 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\PMB Files
[2011/03/29 00:24:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011/03/29 00:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2011/03/28 23:44:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\AVS4YOU
[2011/03/28 23:40:20 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\AVSMedia
[2011/03/28 23:39:27 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll
[2011/03/28 23:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2011/03/28 23:39:27 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2011/03/28 23:19:54 | 000,000,000 | ---D | C] -- C:\Program Files\Search Toolbar
[2011/03/28 21:42:48 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011/03/28 20:55:28 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/03/28 20:55:27 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/03/28 20:54:58 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/03/28 20:54:57 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/03/28 20:54:57 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/03/28 20:54:57 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2010/01/19 22:56:52 | 000,377,344 | ---- | C] (ELAN Microelectronic Corp.) -- C:\Users\Owner\AppData\Local\ufeheraj.dll
[2010/01/19 22:56:52 | 000,089,088 | ---- | C] (FileZilla Project) -- C:\Users\Owner\AppData\Local\Lenphlbr.dll
[2009/04/07 01:10:54 | 000,311,296 | ---- | C] ( ) -- C:\Windows\System32\lxdihcp.dll
[2009/04/07 01:10:53 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\lxdiinpa.dll
[2009/04/07 01:10:53 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdiiesc.dll
[2009/04/07 01:10:52 | 001,187,840 | ---- | C] ( ) -- C:\Windows\System32\lxdiserv.dll
[2009/04/07 01:10:52 | 000,942,080 | ---- | C] ( ) -- C:\Windows\System32\lxdiusb1.dll
[2009/04/07 01:10:52 | 000,614,400 | ---- | C] ( ) -- C:\Windows\System32\lxdipmui.dll
[2009/04/07 01:10:52 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdiprox.dll
[2009/04/07 01:10:52 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdipplc.dll
[2009/04/07 01:10:51 | 000,532,480 | ---- | C] ( ) -- C:\Windows\System32\lxdilmpm.dll
[2009/04/07 01:10:51 | 000,320,432 | ---- | C] ( ) -- C:\Windows\System32\lxdiih.exe
[2009/04/07 01:10:50 | 000,671,744 | ---- | C] ( ) -- C:\Windows\System32\lxdihbn3.dll
[2009/04/07 01:10:49 | 000,517,040 | ---- | C] ( ) -- C:\Windows\System32\lxdicoms.exe
[2009/04/07 01:10:49 | 000,360,448 | ---- | C] ( ) -- C:\Windows\System32\lxdicomm.dll
[2009/04/07 01:10:48 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxdicomc.dll
[2009/04/07 01:10:48 | 000,340,912 | ---- | C] ( ) -- C:\Windows\System32\lxdicfg.exe
========== Files - Modified Within 30 Days ==========
[2011/04/18 20:17:42 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/18 20:17:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/18 20:01:59 | 000,000,184 | ---- | M] () -- C:\ProgramData\~44031752
[2011/04/18 20:01:55 | 000,000,152 | ---- | M] () -- C:\ProgramData\~44031752r
[2011/04/18 20:01:46 | 000,000,595 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | M] () -- C:\Users\Owner\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | M] () -- C:\Users\Guest\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | M] () -- C:\Users\Administrator\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011/04/18 20:00:23 | 000,000,336 | ---- | M] () -- C:\ProgramData\44031752
[2011/04/18 20:00:19 | 000,487,424 | ---- | M] () -- C:\ProgramData\44031752.exe
[2011/04/18 19:58:25 | 000,003,228 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\AppData\Roaming\092A.BC9
[2011/04/18 19:54:43 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\AppData\Local\Anafiyiy.bin
[2011/04/18 19:54:42 | 000,000,120 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\AppData\Local\Mcesamewobey.dat
[2011/04/18 19:54:04 | 000,000,047 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/04/18 19:52:29 | 000,195,584 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\AppData\Roaming\dwm.exe
[2011/04/18 19:52:26 | 000,000,211 | ---- | M] () -- C:\Windows\System32\winset.ini
[2011/04/18 19:51:54 | 000,405,504 | ---- | M] (EXRVXHNUDTSCDT) -- C:\Windows\System32\xnfcz.exe
[2011/04/18 19:51:54 | 000,000,166 | ---- | M] () -- C:\Windows\System32\delme.bat
[2011/04/18 19:07:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/18 19:07:09 | 119,012,540 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/04/18 17:24:38 | 000,000,120 | ---- | M] () -- C:\Users\Owner\AppData\Local\Mcesamewobey.dat
[2011/04/18 17:18:06 | 000,007,680 | ---- | M] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/18 16:59:58 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
[2011/04/18 13:24:15 | 000,000,000 | ---- | M] () -- C:\Users\Owner\AppData\Local\Anafiyiy.bin
[2011/04/18 13:22:42 | 000,001,069 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
[2011/04/18 13:22:41 | 000,001,081 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk
[2011/04/18 07:54:10 | 000,000,000 | RH-- | M] () -- C:\2501i18lkr
[2011/04/17 21:22:40 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D4A56E26-F1A8-42CD-874E-437B04B68BD8}.job
[2011/04/16 15:34:08 | 000,312,336 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/16 14:56:20 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/16 14:56:19 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/12 00:00:10 | 000,000,664 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Owner.job
[2011/04/07 18:00:34 | 000,001,356 | ---- | M] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2011/04/07 14:03:14 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/04/04 13:01:45 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2011/04/01 03:07:49 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011/03/30 20:09:42 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/03/30 20:09:42 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/03/29 03:09:21 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2011/03/29 02:54:04 | 2355,765,613 | ---- | M] () -- C:\Users\Owner\Desktop\MSSetupv96.exe
[2011/03/28 23:19:01 | 004,562,491 | ---- | M] () -- C:\Users\Owner\Desktop\YouTubeDownloaderSetup265.exe
========== Files Created - No Company Name ==========
[2011/04/18 20:01:55 | 000,000,184 | ---- | C] () -- C:\ProgramData\~44031752
[2011/04/18 20:01:55 | 000,000,152 | ---- | C] () -- C:\ProgramData\~44031752r
[2011/04/18 20:01:46 | 000,000,595 | -H-- | C] () -- C:\Windows\system32\config\systemprofile\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | C] () -- C:\Users\Owner\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | C] () -- C:\Users\Guest\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | C] () -- C:\Users\Administrator\Desktop\Windows Recovery.lnk
[2011/04/18 20:00:23 | 000,000,336 | ---- | C] () -- C:\ProgramData\44031752
[2011/04/18 20:00:19 | 000,487,424 | ---- | C] () -- C:\ProgramData\44031752.exe
[2011/04/18 19:56:10 | 000,000,961 | -H-- | C] () -- C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/04/18 19:55:25 | 000,000,956 | -H-- | C] () -- C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/04/18 19:54:50 | 000,000,927 | -H-- | C] () -- C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/04/18 19:54:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\Anafiyiy.bin
[2011/04/18 19:54:42 | 000,000,120 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\Mcesamewobey.dat
[2011/04/18 19:52:29 | 000,195,584 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\dwm.exe
[2011/04/18 19:52:04 | 000,003,228 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\092A.BC9
[2011/04/18 19:51:54 | 000,000,166 | ---- | C] () -- C:\Windows\System32\delme.bat
[2011/04/18 19:51:51 | 000,000,211 | ---- | C] () -- C:\Windows\System32\winset.ini
[2011/04/18 19:45:05 | 134,217,728 | ---- | C] () -- C:\Users\Owner\Desktop\dd-pkmp.nds
[2011/04/18 16:07:04 | 119,012,540 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/04/18 13:24:15 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\Anafiyiy.bin
[2011/04/18 13:24:14 | 000,000,120 | ---- | C] () -- C:\Users\Owner\AppData\Local\Mcesamewobey.dat
[2011/04/18 13:22:41 | 000,001,081 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk
[2011/04/18 13:22:41 | 000,001,069 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
[2011/04/18 07:54:10 | 000,000,000 | RH-- | C] () -- C:\2501i18lkr
[2011/03/30 20:01:52 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/03/30 20:01:52 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/03/30 20:01:51 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/03/29 01:33:37 | 2355,765,613 | ---- | C] () -- C:\Users\Owner\Desktop\MSSetupv96.exe
[2011/03/28 23:18:54 | 004,562,491 | ---- | C] () -- C:\Users\Owner\Desktop\YouTubeDownloaderSetup265.exe
[2010/01/19 22:56:53 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/01/19 22:56:53 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/01/19 22:56:30 | 000,226,280 | ---- | C] () -- C:\Windows\System32\drivers\volsnap.sys
[2010/01/17 23:09:30 | 000,001,356 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2009/04/07 01:17:07 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxdicoin.dll
[2009/04/07 01:13:40 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXF3PMON.DLL
[2009/04/07 01:13:40 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXF3FXPU.DLL
[2009/04/07 01:13:20 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lxf3oem.dll
[2009/04/07 01:13:20 | 000,012,288 | ---- | C] () -- C:\Windows\System32\LXF3PMRC.DLL
[2009/04/07 01:11:05 | 000,000,060 | -H-- | C] () -- C:\Windows\System32\lxdirwrd.ini
[2009/04/07 01:10:54 | 000,294,912 | ---- | C] () -- C:\Windows\System32\lxdiinst.dll
[2009/04/07 01:10:50 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdigrd.dll
[2008/09/30 22:39:38 | 000,007,680 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/27 23:39:08 | 000,000,114 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\wklnhst.dat
[2008/09/26 13:16:40 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/05/21 22:19:06 | 000,155,648 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2008/02/27 03:59:45 | 000,101,605 | ---- | C] () -- C:\Windows\hpqins13.dat
[2007/08/20 08:34:08 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1318.dll
[2007/08/20 08:25:00 | 000,910,720 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/08/20 08:10:18 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007/03/23 15:44:45 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxdidrs.dll
[2007/02/09 14:07:06 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxdicnv4.dll
[2007/01/23 19:40:16 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxdicaps.dll
[2006/11/02 09:02:10 | 000,001,356 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\d3d9caps.dat
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,312,336 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/08/01 01:53:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdivs.dll
========== LOP Check ==========
[2008/09/22 21:56:47 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\7Wonders
[2008/10/07 20:18:01 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\FrostWire
[2008/09/22 18:39:46 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\WildTangent
[2008/10/07 22:34:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\7Wonders
[2011/04/18 00:21:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FrostWire
[2009/04/07 22:04:38 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Lexmark Productivity Studio
[2011/01/16 04:52:40 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenCandy
[2008/10/09 21:33:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PlayFirst
[2011/01/16 04:59:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Sammsoft
[2008/10/09 20:52:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Sierra Online
[2008/09/27 23:39:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Template
[2010/01/28 22:05:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Tific
[2011/04/18 18:54:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent
[2008/09/21 23:57:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WildTangent
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2008/09/05 18:40:22 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2009/04/07 01:30:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Lx_cats
[2008/02/27 03:44:55 | 000,000,000 | ---D | M] -- C:\ProgramData\muvee Technologies
[2011/03/29 03:04:08 | 000,000,000 | ---D | M] -- C:\ProgramData\NexonUS
[2010/01/17 23:19:27 | 000,000,000 | ---D | M] -- C:\ProgramData\PCSettings
[2011/03/29 01:33:35 | 000,000,000 | ---D | M] -- C:\ProgramData\PMB Files
[2008/10/09 20:52:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Sierra Online
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2010/01/17 19:55:31 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2008/02/27 03:22:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Viewpoint
[2008/10/13 13:36:36 | 000,000,000 | ---D | M] -- C:\ProgramData\WildTangent
[2011/03/28 21:42:49 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2008/02/27 03:58:11 | 000,000,000 | ---D | M] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2011/01/16 05:03:57 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/04/18 19:01:40 | 000,032,656 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2011/04/17 21:22:40 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D4A56E26-F1A8-42CD-874E-437B04B68BD8}.job
========== Purity Check ==========
========== Custom Scans ==========
< MD5 for: VOLSNAP.SYS >
[2006/11/02 05:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\WINDOWS\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys
[2009/04/11 02:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\WINDOWS\System32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys
[2009/04/11 02:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\WINDOWS\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys
[2008/01/20 22:23:21 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\WINDOWS\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys
[2008/01/20 22:23:21 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\WINDOWS\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys
[2009/04/11 02:32:55 | 000,226,280 | ---- | M] () MD5=E269BB33062F9A6B4115C86781D767AA -- C:\WINDOWS\System32\drivers\volsnap.sys
========== Alternate Data Streams ==========
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:FDCBDD8E
< End of report >
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Windows Vista ™ Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,014.00 Mb Total Physical Memory | 726.00 Mb Available Physical Memory | 72.00% Memory free
902.00 Mb Paging File | 775.00 Mb Available in Paging File | 86.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 137.58 Gb Total Space | 67.41 Gb Free Space | 49.00% Space Free | Partition Type: NTFS
Drive E: | 11.47 Gb Total Space | 2.01 Gb Free Space | 17.53% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - [2011/02/28 21:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 13:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/01/08 04:51:02 | 000,380,928 | -H-- | M] (Spigot, Inc.) [Auto] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2009/10/20 02:34:55 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe -- (NIS)
SRV - [2009/04/08 00:15:44 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto] -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/03 18:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/06/11 10:14:51 | 000,517,040 | ---- | M] ( ) [Auto] -- C:\Windows\System32\lxdicoms.exe -- (lxdi_device)
SRV - [2007/06/11 10:14:42 | 000,099,248 | ---- | M] () [Auto] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe -- (lxdiCATSCustConnectService)
SRV - [2007/03/05 12:30:06 | 000,110,592 | -H-- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
========== Driver Services (All) ==========
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (NAVEX15)
DRV - File not found [Kernel | On_Demand] -- -- (NAVENG)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand] -- -- (EagleNT)
DRV - [2011/02/22 09:24:10 | 000,213,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV - [2011/02/22 09:24:02 | 000,079,360 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV - [2011/02/22 09:23:59 | 000,106,496 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV - [2011/02/22 09:23:55 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\bowser.sys -- (bowser)
DRV - [2011/02/18 10:03:32 | 000,305,152 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\srv.sys -- (srv)
DRV - [2011/02/18 10:03:10 | 000,146,432 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\srv2.sys -- (srv2)
DRV - [2011/02/18 10:03:06 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\srvnet.sys -- (srvnet)
DRV - [2011/01/20 12:37:37 | 000,638,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV - [2010/09/28 19:44:52 | 000,041,984 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2010/06/16 12:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tcpip.sys -- (Tcpip6)
DRV - [2010/06/16 12:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\tcpip.sys -- (Tcpip)
DRV - [2010/02/20 16:53:34 | 000,411,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\http.sys -- (HTTP)
DRV - [2010/01/18 04:47:57 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/01/17 23:43:18 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/12/08 13:26:18 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV - [2009/12/05 00:54:05 | 000,529,456 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2009/11/05 18:06:13 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\NIS\1101000.013\SymDS.sys -- (SymDS)
DRV - [2009/10/28 18:37:22 | 000,343,088 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20100119.001\IDSvix86.sys -- (IDSVix86)
DRV - [2009/10/20 02:35:50 | 000,501,888 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NIS\1101000.013\ccHPx86.sys -- (ccHP)
DRV - [2009/10/14 21:50:48 | 000,339,504 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NIS\1101000.013\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2009/10/08 22:55:01 | 000,171,056 | R--- | M] (Symantec Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\NIS\1101000.013\SymEFA.sys -- (SymEFA)
DRV - [2009/10/08 22:54:25 | 000,114,736 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NIS\1101000.013\Ironx86.SYS -- (SymIRON)
DRV - [2009/10/08 22:54:10 | 000,325,168 | R--- | M] (Symantec Corporation) [File_System | System] -- C:\Windows\system32\drivers\NIS\1101000.013\SRTSP.SYS -- (SRTSP)
DRV - [2009/10/08 22:54:10 | 000,043,696 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NIS\1101000.013\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009/09/30 21:01:54 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV - [2009/06/15 19:15:25 | 000,439,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009/05/18 17:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/04/11 02:33:03 | 000,292,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volmgrx.sys -- (volmgrx)
DRV - [2009/04/11 02:32:55 | 000,226,280 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2009/04/11 02:32:55 | 000,149,480 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\pci.sys -- (pci)
DRV - [2009/04/11 02:32:52 | 000,053,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\termdd.sys -- (TermDD)
DRV - [2009/04/11 02:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2009/04/11 02:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2009/04/11 02:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\acpi.sys -- (ACPI)
DRV - [2009/04/11 02:32:46 | 000,245,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\clfs.sys -- (CLFS) Common Log (CLFS)
DRV - [2009/04/11 02:32:46 | 000,190,424 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2009/04/11 02:32:46 | 000,180,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\msiscsi.sys -- (iScsiPrt)
DRV - [2009/04/11 02:32:46 | 000,161,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC)
DRV - [2009/04/11 02:32:43 | 000,141,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ecache.sys -- (Ecache)
DRV - [2009/04/11 02:32:31 | 000,054,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (partmgr)
DRV - [2009/04/11 02:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\disk.sys -- (disk)
DRV - [2009/04/11 02:32:31 | 000,048,104 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\atapi.sys -- (atapi)
DRV - [2009/04/11 00:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2009/04/11 00:47:03 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\system32\drivers\afd.sys -- (AFD)
DRV - [2009/04/11 00:46:40 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rassstp.sys -- (RasSstp)
DRV - [2009/04/11 00:46:32 | 000,121,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2009/04/11 00:46:30 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2009/04/11 00:45:56 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\tdx.sys -- (tdx)
DRV - [2009/04/11 00:45:51 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\pacer.sys -- (PSched)
DRV - [2009/04/11 00:45:37 | 000,185,856 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\netbt.sys -- (netbt)
DRV - [2009/04/11 00:45:22 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\smb.sys -- (Smb)
DRV - [2009/04/11 00:43:28 | 000,148,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\nwifi.sys -- (NativeWifiP)
DRV - [2009/04/11 00:43:16 | 000,196,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbhub.sys -- (usbhub)
DRV - [2009/04/11 00:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2009/04/11 00:42:52 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbehci.sys -- (usbehci)
DRV - [2009/04/11 00:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2009/04/11 00:42:48 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\hidusb.sys -- (HidUsb)
DRV - [2009/04/11 00:42:42 | 000,561,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2009/04/11 00:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2009/04/11 00:38:40 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2009/04/11 00:14:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2009/04/11 00:14:29 | 000,225,280 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\rdbss.sys -- (rdbss)
DRV - [2009/04/11 00:14:12 | 000,075,264 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2009/04/11 00:14:01 | 000,035,328 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs)
DRV - [2009/04/11 00:13:59 | 000,226,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (udfs)
DRV - [2009/04/11 00:13:53 | 000,136,704 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\exfat.sys -- (exfat)
DRV - [2009/04/11 00:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat)
DRV - [2008/01/20 22:24:59 | 000,083,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\WUDFRd.sys -- (WUDFRd)
DRV - [2008/01/20 22:24:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV - [2008/01/20 22:24:57 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/01/20 22:24:55 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2008/01/20 22:24:55 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2008/01/20 22:24:55 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/01/20 22:24:51 | 000,006,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mstee.sys -- (MSTEE)
DRV - [2008/01/20 22:24:51 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/01/20 22:24:51 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/01/20 22:24:50 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/01/20 22:24:50 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/01/20 22:24:50 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV - [2008/01/20 22:24:47 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV - [2008/01/20 22:24:47 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\nsiproxy.sys -- (nsiproxy)
DRV - [2008/01/20 22:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2008/01/20 22:24:37 | 000,084,480 | ---- | M] (Microsoft Corporation) [File_System | Auto] -- C:\Windows\system32\drivers\luafv.sys -- (luafv)
DRV - [2008/01/20 22:24:37 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\rspndr.sys -- (rspndr)
DRV - [2008/01/20 22:24:37 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\lltdio.sys -- (lltdio)
DRV - [2008/01/20 22:24:25 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ipnat.sys -- (IPNAT)
DRV - [2008/01/20 22:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV - [2008/01/20 22:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/01/20 22:24:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2008/01/20 22:24:25 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tunnel.sys -- (tunnel)
DRV - [2008/01/20 22:24:25 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008/01/20 22:24:25 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\TUNMP.SYS -- (tunmp)
DRV - [2008/01/20 22:24:21 | 000,027,648 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\filetrace.sys -- (Filetrace)
DRV - [2008/01/20 22:24:20 | 000,035,840 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/01/20 22:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\rasacd.sys -- (RasAcd)
DRV - [2008/01/20 22:24:11 | 000,021,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\spldr.sys -- (spldr)
DRV - [2008/01/20 22:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/01/20 22:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/01/20 22:24:06 | 000,012,800 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2008/01/20 22:24:06 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV - [2008/01/20 22:24:04 | 000,058,936 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\fileinfo.sys -- (FileInfo)
DRV - [2008/01/20 22:24:04 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/01/20 22:23:54 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/01/20 22:23:51 | 000,503,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2008/01/20 22:23:51 | 000,070,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (cdfs)
DRV - [2008/01/20 22:23:51 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/01/20 22:23:50 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\null.sys -- (Null)
DRV - [2008/01/20 22:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\beep.sys -- (Beep)
DRV - [2008/01/20 22:23:43 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/01/20 22:23:31 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV - [2008/01/20 22:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 22:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 22:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbscan.sys -- (usbscan)
DRV - [2008/01/20 22:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 22:23:26 | 000,134,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV - [2008/01/20 22:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 22:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 22:23:26 | 000,041,016 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2008/01/20 22:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 22:23:26 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\circlass.sys -- (circlass)
DRV - [2008/01/20 22:23:26 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\CmBatt.sys -- (CmBatt)
DRV - [2008/01/20 22:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 22:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 22:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 22:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/20 22:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 22:23:24 | 000,022,072 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\wd.sys -- (Wd)
DRV - [2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 22:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 22:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 22:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 22:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2008/01/20 22:23:23 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2008/01/20 22:23:23 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV - [2008/01/20 22:23:23 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sffp_sd.sys -- (sffp_sd)
DRV - [2008/01/20 22:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 22:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/20 22:23:22 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ipmidrv.sys -- (IPMIDRV)
DRV - [2008/01/20 22:23:22 | 000,061,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\gagp30kx.sys -- (gagp30kx)
DRV - [2008/01/20 22:23:22 | 000,059,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\uagp35.sys -- (uagp35)
DRV - [2008/01/20 22:23:22 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\monitor.sys -- (monitor)
DRV - [2008/01/20 22:23:22 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\umbus.sys -- (umbus)
DRV - [2008/01/20 22:23:22 | 000,024,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\crcdisk.sys -- (crcdisk)
DRV - [2008/01/20 22:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/01/20 22:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 22:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 22:23:21 | 000,094,776 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\msdsm.sys -- (msdsm)
DRV - [2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 22:23:21 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/01/20 22:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2008/01/20 22:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 22:23:20 | 000,105,016 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mpio.sys -- (mpio)
DRV - [2008/01/20 22:23:20 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/01/20 22:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/01/20 22:23:20 | 000,034,360 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\mouclass.sys -- (mouclass)
DRV - [2008/01/20 22:23:20 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\fdc.sys -- (fdc)
DRV - [2008/01/20 22:23:20 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (flpydisk)
DRV - [2008/01/20 22:23:20 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sermouse.sys -- (sermouse)
DRV - [2008/01/20 22:23:20 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2008/01/20 22:23:03 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008/01/20 22:23:03 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\usbohci.sys -- (usbohci)
DRV - [2008/01/20 22:23:02 | 000,030,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\i2omp.sys -- (i2omp)
DRV - [2008/01/20 22:23:02 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\vgapnp.sys -- (vga)
DRV - [2008/01/20 22:23:01 | 000,248,832 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/01/20 22:23:01 | 000,109,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\nv_agp.sys -- (nv_agp)
DRV - [2008/01/20 22:23:01 | 000,060,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\uliagpkx.sys -- (uliagpkx)
DRV - [2008/01/20 22:23:01 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\amdagp.sys -- (amdagp)
DRV - [2008/01/20 22:23:01 | 000,056,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\viaagp.sys -- (viaagp)
DRV - [2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\agp440.sys -- (agp440)
DRV - [2008/01/20 22:23:01 | 000,055,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sisagp.sys -- (sisagp)
DRV - [2008/01/20 22:23:01 | 000,052,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volmgr.sys -- (volmgr)
DRV - [2008/01/20 22:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/01/20 22:23:01 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2008/01/20 22:23:01 | 000,031,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/01/20 22:23:01 | 000,016,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\msisadrv.sys -- (msisadrv)
DRV - [2008/01/20 22:23:01 | 000,015,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\swenum.sys -- (swenum)
DRV - [2008/01/20 22:23:00 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\amdk8.sys -- (AmdK8)
DRV - [2008/01/20 22:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\viac7.sys -- (ViaC7)
DRV - [2008/01/20 22:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/01/20 22:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\amdk7.sys -- (AmdK7)
DRV - [2008/01/20 22:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\processr.sys -- (Processor)
DRV - [2008/01/20 22:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\crusoe.sys -- (Crusoe)
DRV - [2008/01/20 22:23:00 | 000,028,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\msahci.sys -- (msahci)
DRV - [2008/01/20 22:23:00 | 000,020,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\compbatt.sys -- (Compbatt)
DRV - [2008/01/20 22:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 22:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 22:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\intelide.sys -- (intelide)
DRV - [2008/01/20 22:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\amdide.sys -- (amdide)
DRV - [2008/01/20 22:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/20 22:23:00 | 000,016,440 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\pciide.sys -- (pciide)
DRV - [2008/01/20 22:23:00 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2008/01/20 22:23:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\errdev.sys -- (ErrDev)
DRV - [2007/10/11 07:17:56 | 000,176,640 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/09/30 02:03:12 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\iaStor.sys -- (iaStor)
DRV - [2007/09/27 20:33:26 | 000,056,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2007/08/20 08:25:56 | 001,790,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/07/10 10:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/07/03 20:59:10 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)
DRV - [2007/07/03 20:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 20:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 20:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007/06/25 07:53:10 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/06/20 07:29:56 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/06/20 07:28:34 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/06/20 07:28:22 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/06/18 19:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/05/30 18:40:42 | 000,735,232 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr)
DRV - [2007/04/23 17:51:08 | 000,050,176 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006/11/02 05:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\pcmcia.sys -- (pcmcia)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 05:04:35 | 000,878,080 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\PEAuth.sys -- (PEAUTH)
DRV - [2006/11/02 04:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2006/11/02 04:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\hidbth.sys -- (HidBth)
DRV - [2006/11/02 04:55:16 | 000,062,080 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2006/11/02 04:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV - [2006/11/02 04:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\hidir.sys -- (HidIr)
DRV - [2006/11/02 04:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\wacompen.sys -- (WacomPen)
DRV - [2006/11/02 04:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2006/11/02 04:51:30 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\serial.sys -- (Serial)
DRV - [2006/11/02 04:51:30 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\parport.sys -- (Parport)
DRV - [2006/11/02 04:51:25 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\serenum.sys -- (Serenum)
DRV - [2006/11/02 04:51:23 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\Windows\system32\drivers\parvdm.sys -- (Parvdm)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 03:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/11/02 03:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/11/02 03:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\Windows\System32\WINSOCK.DLL -- (Winsock)
DRV - [2006/11/02 02:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/06/28 12:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2006/06/18 19:26:58 | 000,012,672 | ---- | M] (Conexant) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\mdmxsdk.sys -- (mdmxsdk)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...sario&pf=laptop
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...sario&pf=laptop
IE - HKU\.DEFAULT\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57152
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Administrator_ON_C\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKU\Administrator_ON_C\..\URLSearchHook: {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - Reg Error: Key error. File not found
IE - HKU\Administrator_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Guest_ON_C\..\URLSearchHook: {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - Reg Error: Key error. File not found
IE - HKU\Guest_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Guest_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\LocalService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\NetworkService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=14196&l=dis
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Owner_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - File not found
IE - HKU\Owner_ON_C\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKU\Owner_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Owner_ON_C\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll (Spigot, Inc.)
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/01/18 05:03:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\IPSFFPlgn\ [2010/01/17 23:44:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{4C0766D3-67A7-45a3-85A2-752F77312F32}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\coFFPlgn\ [2010/01/17 23:44:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2A4DC605-AB14-40C6-99F5-A347CAAD2899}: C:\Windows\system32\config\systemprofile\AppData\Local\{2A4DC605-AB14-40C6-99F5-A347CAAD2899}\ [2011/04/18 19:54:19 | 000,000,000 | -H-D | M]
O1 HOSTS File: ([2011/04/18 19:54:04 | 000,000,047 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 173.192.170.88 drghwaweg45j4i6u3q32fg2h.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (C:\Windows\system32\m4yipu.dll) - {B9B220C2-A500-99BD-F120-04B53A2C8952} - File not found
O2 - BHO: (HP Print Clips) - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - File not found
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - File not found
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (no name) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - No CLSID value found.
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - File not found
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - File not found
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Anudevezuyocadis] File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [cftmon] C:\WINDOWS\System32\xnfcz.exe (EXRVXHNUDTSCDT)
O4 - HKLM..\Run: [conhost] File not found
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] File not found
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [MqmPd] File not found
O4 - HKLM..\Run: [MqmPfQ] File not found
O4 - HKLM..\Run: [MqmPme] File not found
O4 - HKLM..\Run: [MqmPoc] File not found
O4 - HKLM..\Run: [MqmPqg] File not found
O4 - HKLM..\Run: [MqmPrc] File not found
O4 - HKLM..\Run: [MqmPsd] File not found
O4 - HKLM..\Run: [MqmPte] File not found
O4 - HKLM..\Run: [MqmPth] File not found
O4 - HKLM..\Run: [MqmPusc] File not found
O4 - HKLM..\Run: [MqmPvZ] File not found
O4 - HKLM..\Run: [MqmPwe] File not found
O4 - HKLM..\Run: [MqmPwpc] File not found
O4 - HKLM..\Run: [MqmPY] File not found
O4 - HKLM..\Run: [MqmPz9] File not found
O4 - HKLM..\Run: [MqmPZP] File not found
O4 - HKLM..\Run: [Mqqsc] File not found
O4 - HKLM..\Run: [MqqZ] File not found
O4 - HKLM..\Run: [MqrMc] File not found
O4 - HKLM..\Run: [MqsZ] File not found
O4 - HKLM..\Run: [Mqug] File not found
O4 - HKLM..\Run: [Mqutc] File not found
O4 - HKLM..\Run: [Mquuf] File not found
O4 - HKLM..\Run: [MqvPc] File not found
O4 - HKLM..\Run: [Mqvpe] File not found
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] File not found
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QlbCtrl] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QPService] C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [506E7F4A_0] File not found
O4 - HKU\.DEFAULT..\Run: [Hmibupewukuwup] File not found
O4 - HKU\.DEFAULT..\Run: [JwWeagugDQKT] File not found
O4 - HKU\.DEFAULT..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\.DEFAULT..\Run: [MqmPd] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPfQ] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPme] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPoc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPqg] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPrc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPsd] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPte] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPth] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPusc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPvZ] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPwe] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPwpc] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPY] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPz9] File not found
O4 - HKU\.DEFAULT..\Run: [MqmPZP] File not found
O4 - HKU\.DEFAULT..\Run: [Mqqsc] File not found
O4 - HKU\.DEFAULT..\Run: [MqqZ] File not found
O4 - HKU\.DEFAULT..\Run: [MqrMc] File not found
O4 - HKU\.DEFAULT..\Run: [MqsZ] File not found
O4 - HKU\.DEFAULT..\Run: [Mqug] File not found
O4 - HKU\.DEFAULT..\Run: [Mqutc] File not found
O4 - HKU\.DEFAULT..\Run: [Mquuf] File not found
O4 - HKU\.DEFAULT..\Run: [MqvPc] File not found
O4 - HKU\.DEFAULT..\Run: [Mqvpe] File not found
O4 - HKU\Administrator_ON_C..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
O4 - HKU\Administrator_ON_C..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\Administrator_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\Administrator_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Guest_ON_C..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
O4 - HKU\Guest_ON_C..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\Guest_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\Guest_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Owner_ON_C..\Run: [arg70techsdk.exe] File not found
O4 - HKU\Owner_ON_C..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\ARO.exe (Sammsoft)
O4 - HKU\Owner_ON_C..\Run: [EDF919B4FAA377BF] File not found
O4 - HKU\Owner_ON_C..\Run: [ehTray.exe] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKU\Owner_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\Owner_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: WinUpdates = C:\Windows\windupdate\svchost.exe
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: yj9khn = C:\Windows\TEMP\jizz.exe
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Guest_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Windows\system32\config\systemprofile\AppData\Roaming\dwm.exe) - C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\dwm.exe ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {B9B220C2-A500-99BD-F120-04B53A2C8952} - yshbef87w3hubdjnjksdf - File not found
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\CompaqTrace.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\CompaqTrace.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/02/27 03:45:25 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 11:18:54 | 000,000,340 | -HS- | M] () - E:\AUTOMODE -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{98ae1e19-7b98-11dd-a1d8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{98ae1e19-7b98-11dd-a1d8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\hbcd\wintools\autorun.exe
O33 - MountPoints2\{98ae1e19-7b98-11dd-a1d8-806e6f6e6963}\Shell\Option1\Command - "" = E:\hbcd\wintools\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/04/24 02:39:56 | 000,000,000 | ---D | C] -- C:\Program Files\Smart-ActiveX
[2011/04/22 21:57:20 | 002,234,368 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2011/04/22 18:27:38 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/04/18 20:01:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011/04/18 20:01:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011/04/18 19:56:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/04/18 19:55:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Identities
[2011/04/18 19:54:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\{2A4DC605-AB14-40C6-99F5-A347CAAD2899}
[2011/04/18 19:51:54 | 000,405,504 | ---- | C] (EXRVXHNUDTSCDT) -- C:\Windows\System32\xnfcz.exe
[2011/04/18 19:51:14 | 000,000,000 | ---D | C] -- C:\Temp
[2011/04/18 19:51:01 | 000,000,000 | ---D | C] -- C:\Windows\windupdate
[2011/04/18 16:30:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\Adobe
[2011/04/18 16:07:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/04/18 13:53:09 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Macromedia
[2011/04/18 13:53:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\Adobe
[2011/04/18 13:24:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6E9ED99F-F492-44D0-895A-4641EA3196CD}
[2011/04/18 13:22:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antimalware Doctor
[2011/04/18 01:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011/04/18 01:24:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\uTorrent
[2011/04/14 23:13:15 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/04/14 23:13:15 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/04/14 23:13:13 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/04/14 23:13:13 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/04/14 23:13:04 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/04/14 23:13:04 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/14 23:13:03 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/04/14 23:13:03 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/14 23:13:02 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/14 23:13:02 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/14 23:13:02 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/04/14 23:13:02 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/04/14 23:13:02 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/04/14 23:13:02 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/04/14 23:13:02 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/04/14 23:13:02 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/04/14 23:13:02 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/04/14 23:13:02 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/14 23:13:01 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/14 23:13:01 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/04/14 23:13:01 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/04/14 23:12:58 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/04/14 23:12:56 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/04/14 23:12:50 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/14 23:12:50 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/04/07 14:03:44 | 000,000,000 | ---D | C] -- C:\27af692dc708fcf898bda1f57c921a01
[2011/04/07 14:03:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/04/07 14:03:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011/04/04 13:01:45 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/04/01 03:07:51 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2011/04/01 03:07:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011/03/30 20:21:41 | 000,000,000 | ---D | C] -- C:\5508e34d966670d992f8aa2c0a78
[2011/03/30 20:09:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/03/30 20:02:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011/03/30 20:02:09 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/03/30 20:02:09 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/03/30 20:02:09 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/03/30 20:02:05 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011/03/30 20:02:05 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011/03/30 20:02:00 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011/03/30 20:02:00 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/03/30 20:02:00 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011/03/30 20:02:00 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011/03/30 20:02:00 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011/03/30 20:01:47 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/03/30 20:01:47 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011/03/30 20:01:47 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/03/30 20:01:47 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/03/30 20:01:46 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/03/29 03:09:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2011/03/29 03:04:14 | 000,000,000 | ---D | C] -- C:\Nexon
[2011/03/29 03:04:08 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS
[2011/03/29 00:24:51 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\PMB Files
[2011/03/29 00:24:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011/03/29 00:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2011/03/28 23:44:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\AVS4YOU
[2011/03/28 23:40:20 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\AVSMedia
[2011/03/28 23:39:27 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll
[2011/03/28 23:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2011/03/28 23:39:27 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2011/03/28 23:19:54 | 000,000,000 | ---D | C] -- C:\Program Files\Search Toolbar
[2011/03/28 21:42:48 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011/03/28 20:55:28 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/03/28 20:55:27 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/03/28 20:54:58 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/03/28 20:54:57 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/03/28 20:54:57 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/03/28 20:54:57 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2010/01/19 22:56:52 | 000,377,344 | ---- | C] (ELAN Microelectronic Corp.) -- C:\Users\Owner\AppData\Local\ufeheraj.dll
[2010/01/19 22:56:52 | 000,089,088 | ---- | C] (FileZilla Project) -- C:\Users\Owner\AppData\Local\Lenphlbr.dll
[2009/04/07 01:10:54 | 000,311,296 | ---- | C] ( ) -- C:\Windows\System32\lxdihcp.dll
[2009/04/07 01:10:53 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\lxdiinpa.dll
[2009/04/07 01:10:53 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdiiesc.dll
[2009/04/07 01:10:52 | 001,187,840 | ---- | C] ( ) -- C:\Windows\System32\lxdiserv.dll
[2009/04/07 01:10:52 | 000,942,080 | ---- | C] ( ) -- C:\Windows\System32\lxdiusb1.dll
[2009/04/07 01:10:52 | 000,614,400 | ---- | C] ( ) -- C:\Windows\System32\lxdipmui.dll
[2009/04/07 01:10:52 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdiprox.dll
[2009/04/07 01:10:52 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdipplc.dll
[2009/04/07 01:10:51 | 000,532,480 | ---- | C] ( ) -- C:\Windows\System32\lxdilmpm.dll
[2009/04/07 01:10:51 | 000,320,432 | ---- | C] ( ) -- C:\Windows\System32\lxdiih.exe
[2009/04/07 01:10:50 | 000,671,744 | ---- | C] ( ) -- C:\Windows\System32\lxdihbn3.dll
[2009/04/07 01:10:49 | 000,517,040 | ---- | C] ( ) -- C:\Windows\System32\lxdicoms.exe
[2009/04/07 01:10:49 | 000,360,448 | ---- | C] ( ) -- C:\Windows\System32\lxdicomm.dll
[2009/04/07 01:10:48 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxdicomc.dll
[2009/04/07 01:10:48 | 000,340,912 | ---- | C] ( ) -- C:\Windows\System32\lxdicfg.exe
========== Files - Modified Within 30 Days ==========
[2011/04/18 20:17:42 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/18 20:17:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/18 20:01:59 | 000,000,184 | ---- | M] () -- C:\ProgramData\~44031752
[2011/04/18 20:01:55 | 000,000,152 | ---- | M] () -- C:\ProgramData\~44031752r
[2011/04/18 20:01:46 | 000,000,595 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | M] () -- C:\Users\Owner\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | M] () -- C:\Users\Guest\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | M] () -- C:\Users\Administrator\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011/04/18 20:00:23 | 000,000,336 | ---- | M] () -- C:\ProgramData\44031752
[2011/04/18 20:00:19 | 000,487,424 | ---- | M] () -- C:\ProgramData\44031752.exe
[2011/04/18 19:58:25 | 000,003,228 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\AppData\Roaming\092A.BC9
[2011/04/18 19:54:43 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\AppData\Local\Anafiyiy.bin
[2011/04/18 19:54:42 | 000,000,120 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\AppData\Local\Mcesamewobey.dat
[2011/04/18 19:54:04 | 000,000,047 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/04/18 19:52:29 | 000,195,584 | -H-- | M] () -- C:\Windows\system32\config\systemprofile\AppData\Roaming\dwm.exe
[2011/04/18 19:52:26 | 000,000,211 | ---- | M] () -- C:\Windows\System32\winset.ini
[2011/04/18 19:51:54 | 000,405,504 | ---- | M] (EXRVXHNUDTSCDT) -- C:\Windows\System32\xnfcz.exe
[2011/04/18 19:51:54 | 000,000,166 | ---- | M] () -- C:\Windows\System32\delme.bat
[2011/04/18 19:07:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/18 19:07:09 | 119,012,540 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/04/18 17:24:38 | 000,000,120 | ---- | M] () -- C:\Users\Owner\AppData\Local\Mcesamewobey.dat
[2011/04/18 17:18:06 | 000,007,680 | ---- | M] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/18 16:59:58 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
[2011/04/18 13:24:15 | 000,000,000 | ---- | M] () -- C:\Users\Owner\AppData\Local\Anafiyiy.bin
[2011/04/18 13:22:42 | 000,001,069 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
[2011/04/18 13:22:41 | 000,001,081 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk
[2011/04/18 07:54:10 | 000,000,000 | RH-- | M] () -- C:\2501i18lkr
[2011/04/17 21:22:40 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D4A56E26-F1A8-42CD-874E-437B04B68BD8}.job
[2011/04/16 15:34:08 | 000,312,336 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/16 14:56:20 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/16 14:56:19 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/12 00:00:10 | 000,000,664 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Owner.job
[2011/04/07 18:00:34 | 000,001,356 | ---- | M] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2011/04/07 14:03:14 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/04/04 13:01:45 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2011/04/01 03:07:49 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011/03/30 20:09:42 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/03/30 20:09:42 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/03/29 03:09:21 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2011/03/29 02:54:04 | 2355,765,613 | ---- | M] () -- C:\Users\Owner\Desktop\MSSetupv96.exe
[2011/03/28 23:19:01 | 004,562,491 | ---- | M] () -- C:\Users\Owner\Desktop\YouTubeDownloaderSetup265.exe
========== Files Created - No Company Name ==========
[2011/04/18 20:01:55 | 000,000,184 | ---- | C] () -- C:\ProgramData\~44031752
[2011/04/18 20:01:55 | 000,000,152 | ---- | C] () -- C:\ProgramData\~44031752r
[2011/04/18 20:01:46 | 000,000,595 | -H-- | C] () -- C:\Windows\system32\config\systemprofile\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | C] () -- C:\Users\Owner\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | C] () -- C:\Users\Guest\Desktop\Windows Recovery.lnk
[2011/04/18 20:01:46 | 000,000,583 | ---- | C] () -- C:\Users\Administrator\Desktop\Windows Recovery.lnk
[2011/04/18 20:00:23 | 000,000,336 | ---- | C] () -- C:\ProgramData\44031752
[2011/04/18 20:00:19 | 000,487,424 | ---- | C] () -- C:\ProgramData\44031752.exe
[2011/04/18 19:56:10 | 000,000,961 | -H-- | C] () -- C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/04/18 19:55:25 | 000,000,956 | -H-- | C] () -- C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/04/18 19:54:50 | 000,000,927 | -H-- | C] () -- C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/04/18 19:54:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\Anafiyiy.bin
[2011/04/18 19:54:42 | 000,000,120 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\Mcesamewobey.dat
[2011/04/18 19:52:29 | 000,195,584 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\dwm.exe
[2011/04/18 19:52:04 | 000,003,228 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\092A.BC9
[2011/04/18 19:51:54 | 000,000,166 | ---- | C] () -- C:\Windows\System32\delme.bat
[2011/04/18 19:51:51 | 000,000,211 | ---- | C] () -- C:\Windows\System32\winset.ini
[2011/04/18 19:45:05 | 134,217,728 | ---- | C] () -- C:\Users\Owner\Desktop\dd-pkmp.nds
[2011/04/18 16:07:04 | 119,012,540 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/04/18 13:24:15 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\Anafiyiy.bin
[2011/04/18 13:24:14 | 000,000,120 | ---- | C] () -- C:\Users\Owner\AppData\Local\Mcesamewobey.dat
[2011/04/18 13:22:41 | 000,001,081 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk
[2011/04/18 13:22:41 | 000,001,069 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
[2011/04/18 07:54:10 | 000,000,000 | RH-- | C] () -- C:\2501i18lkr
[2011/03/30 20:01:52 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/03/30 20:01:52 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/03/30 20:01:51 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/03/29 01:33:37 | 2355,765,613 | ---- | C] () -- C:\Users\Owner\Desktop\MSSetupv96.exe
[2011/03/28 23:18:54 | 004,562,491 | ---- | C] () -- C:\Users\Owner\Desktop\YouTubeDownloaderSetup265.exe
[2010/01/19 22:56:53 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/01/19 22:56:53 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/01/19 22:56:30 | 000,226,280 | ---- | C] () -- C:\Windows\System32\drivers\volsnap.sys
[2010/01/17 23:09:30 | 000,001,356 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2009/04/07 01:17:07 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxdicoin.dll
[2009/04/07 01:13:40 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXF3PMON.DLL
[2009/04/07 01:13:40 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXF3FXPU.DLL
[2009/04/07 01:13:20 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lxf3oem.dll
[2009/04/07 01:13:20 | 000,012,288 | ---- | C] () -- C:\Windows\System32\LXF3PMRC.DLL
[2009/04/07 01:11:05 | 000,000,060 | -H-- | C] () -- C:\Windows\System32\lxdirwrd.ini
[2009/04/07 01:10:54 | 000,294,912 | ---- | C] () -- C:\Windows\System32\lxdiinst.dll
[2009/04/07 01:10:50 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdigrd.dll
[2008/09/30 22:39:38 | 000,007,680 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/27 23:39:08 | 000,000,114 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\wklnhst.dat
[2008/09/26 13:16:40 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/05/21 22:19:06 | 000,155,648 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2008/02/27 03:59:45 | 000,101,605 | ---- | C] () -- C:\Windows\hpqins13.dat
[2007/08/20 08:34:08 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1318.dll
[2007/08/20 08:25:00 | 000,910,720 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/08/20 08:10:18 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007/03/23 15:44:45 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxdidrs.dll
[2007/02/09 14:07:06 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxdicnv4.dll
[2007/01/23 19:40:16 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxdicaps.dll
[2006/11/02 09:02:10 | 000,001,356 | -H-- | C] () -- C:\WINDOWS\System32\config\systemprofile\AppData\Local\d3d9caps.dat
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,312,336 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/08/01 01:53:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdivs.dll
========== LOP Check ==========
[2008/09/22 21:56:47 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\7Wonders
[2008/10/07 20:18:01 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\FrostWire
[2008/09/22 18:39:46 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\WildTangent
[2008/10/07 22:34:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\7Wonders
[2011/04/18 00:21:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FrostWire
[2009/04/07 22:04:38 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Lexmark Productivity Studio
[2011/01/16 04:52:40 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenCandy
[2008/10/09 21:33:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PlayFirst
[2011/01/16 04:59:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Sammsoft
[2008/10/09 20:52:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Sierra Online
[2008/09/27 23:39:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Template
[2010/01/28 22:05:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Tific
[2011/04/18 18:54:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent
[2008/09/21 23:57:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WildTangent
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2008/09/05 18:40:22 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2009/04/07 01:30:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Lx_cats
[2008/02/27 03:44:55 | 000,000,000 | ---D | M] -- C:\ProgramData\muvee Technologies
[2011/03/29 03:04:08 | 000,000,000 | ---D | M] -- C:\ProgramData\NexonUS
[2010/01/17 23:19:27 | 000,000,000 | ---D | M] -- C:\ProgramData\PCSettings
[2011/03/29 01:33:35 | 000,000,000 | ---D | M] -- C:\ProgramData\PMB Files
[2008/10/09 20:52:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Sierra Online
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2010/01/17 19:55:31 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2008/09/05 18:30:05 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2008/02/27 03:22:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Viewpoint
[2008/10/13 13:36:36 | 000,000,000 | ---D | M] -- C:\ProgramData\WildTangent
[2011/03/28 21:42:49 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2008/02/27 03:58:11 | 000,000,000 | ---D | M] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2011/01/16 05:03:57 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/04/18 19:01:40 | 000,032,656 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2011/04/17 21:22:40 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D4A56E26-F1A8-42CD-874E-437B04B68BD8}.job
========== Purity Check ==========
========== Custom Scans ==========
< MD5 for: VOLSNAP.SYS >
[2006/11/02 05:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\WINDOWS\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys
[2009/04/11 02:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\WINDOWS\System32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys
[2009/04/11 02:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\WINDOWS\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys
[2008/01/20 22:23:21 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\WINDOWS\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys
[2008/01/20 22:23:21 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\WINDOWS\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys
[2009/04/11 02:32:55 | 000,226,280 | ---- | M] () MD5=E269BB33062F9A6B4115C86781D767AA -- C:\WINDOWS\System32\drivers\volsnap.sys
========== Alternate Data Streams ==========
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:FDCBDD8E
< End of report >
#9
Posted 26 April 2011 - 10:27 PM
JSntgRvr
-
- Global Moderator
-
- 11,579 posts
Global Moderator
Download the enclosed file and save it to the USB drive. [attachment=49540:Fix.txt]
If the file replacement is successful, attempt to restart in Normal mode.
If boot is successful, run Combofix as follows:
Please download ComboFix from Here or Here to your Desktop.
**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.
Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.
- Boot to the OTLPE CD
- Please double-click OTLPE.exe to run it as you did before.
- Doubleclick the "Custom Scans/Fixes" window. You will be asked if you want to load a custom file, select Yes. Browse to the Fix.txt you just downloaded and click on open.
- Click the red Run Fix button.
- A report will be produced and saved in the C:\_OTL\MovedFiles folder in the form of Date_Time.log. Open that report and post its contents in a reply.
If the file replacement is successful, attempt to restart in Normal mode.
If boot is successful, run Combofix as follows:
Please download ComboFix from Here or Here to your Desktop.
**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
- Please, never rename Combofix unless instructed.
- Close any open browsers.
- Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
-----------------------------------------------------------
- Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
- Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
If AVG or CA Internet Security Suite is installed, you must remove these programs before using Combofix. If any of these applications will not uninstall, it is first recommended to uninstall it with AppRemover by Opswat. http://www.appremove...ed-applications. Do not use AppRemover on Norton
-----------------------------------------------------------
- Close any open browsers.
- WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
- Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
- If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
-----------------------------------------------------------
- Double click on combofix.exe & follow the prompts.
- Install the Recovery Console if prompted.
- When finished, it will produce a report for you.
- Please post the "C:\ComboFix.txt" .
Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.
Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.
#10
Posted 27 April 2011 - 09:27 AM
TechNooby
- Topic Starter
-
- Member
-
- 7 posts
New Member
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\cftmon deleted successfully.
C:\WINDOWS\System32\xnfcz.exe moved successfully.
========== FILES ==========
File C:\WINDOWS\System32\drivers\volsnap.sys successfully replaced with C:\WINDOWS\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys
OTLPE by OldTimer - Version 3.1.46.0 log created on 04272011_212544
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\cftmon deleted successfully.
C:\WINDOWS\System32\xnfcz.exe moved successfully.
========== FILES ==========
File C:\WINDOWS\System32\drivers\volsnap.sys successfully replaced with C:\WINDOWS\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys
OTLPE by OldTimer - Version 3.1.46.0 log created on 04272011_212544
#11
Posted 27 April 2011 - 10:02 AM
JSntgRvr
-
- Global Moderator
-
- 11,579 posts
Global Moderator
Were you able to boot in Normal Mode?
#12
Posted 27 April 2011 - 10:32 AM
TechNooby
- Topic Starter
-
- Member
-
- 7 posts
New Member
i was not able to
#13
Posted 27 April 2011 - 12:31 PM
JSntgRvr
-
- Global Moderator
-
- 11,579 posts
Global Moderator
Lets get a backup of the MBR (Master boot record) for review.
Boot with the OTLPE CD and allow it to get to the Reatogo desktop. On the desktop you will see an icon for MBRFix. Double click on it. It will bring you to a command prompt. At the prompt type the following and press Enter after each line:
Copy MBRFix.exe C:\
C:
cd \
MBRFix /Drive 0 savembr mbr.bin
The argument /Drive 0, is Drive zero.
If successful, it should produce a file in the C:\ folder labeled MBR.bin. Please copy that file to the USB drive, zip it and attach it to a reply.
Boot with the OTLPE CD and allow it to get to the Reatogo desktop. On the desktop you will see an icon for MBRFix. Double click on it. It will bring you to a command prompt. At the prompt type the following and press Enter after each line:
Copy MBRFix.exe C:\
C:
cd \
MBRFix /Drive 0 savembr mbr.bin
The argument /Drive 0, is Drive zero.
If successful, it should produce a file in the C:\ folder labeled MBR.bin. Please copy that file to the USB drive, zip it and attach it to a reply.
#14
Posted 27 April 2011 - 12:47 PM
TechNooby
- Topic Starter
-
- Member
-
- 7 posts
New Member
all i get is this error
error 21: the device is not ready
error 21: the device is not ready
#15
Posted 27 April 2011 - 01:42 PM
JSntgRvr
-
- Global Moderator
-
- 11,579 posts
Global Moderator
Sounds like is unable to read the drive. Lets try another tool.
You will need another CD to burn.
Download GETxPUD.exe to the desktop of a clean computer
You will need another CD to burn.
Download GETxPUD.exe to the desktop of a clean computer
- Run GETxPUD.exe
- A new folder will appear on the desktop.
- Open the GETxPUD folder and click on the get&burn.bat
- The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
- Click on Start and follow the prompts to burn the image to a CD.
- Once this process is completed, download Dumpit by noahdfear to the USB drive.
- Remove the USB & CD and insert it in the sick computer
- Boot the Sick computer with the CD you just burned
- The computer must be set to boot from the CD
- In some computers you need to tap F12 and choose to boot from the CD, in others is the Esc key. Please consult your computer's documentation.
- Follow the prompts
- A Welcome to xPUD screen will appear
- Press File
- Expand mnt
- sda1,2...usually corresponds to your HDD
- sdb1 is likely your USB
- Click on the folder that represents your USB drive (sdb1 ?)
- Confirm that you see the file dumpit in your USB drive and double click on it.
- After it has finished a report will be located in your USB drive named mbr.zip
- Attach this file to a reply
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
