Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

XP won't boot - Blinking cursor problem (new!)


  • This topic is locked This topic is locked

#1
Slash4848

Slash4848

    Member

  • Member
  • PipPip
  • 52 posts
My computer has a problem that I have learned via your site to be not uncommon, although it seems this issue can have several different causes.

I have read through a few threads here on the site but have come to the conclusion that I need some information before I act. Here are the details.

Computer seemed to be working fine the other day. I came back awhile later and it was shut off. When I turned it back on, the computer got to a blank screen with a blinking cursor and nothing else would happen.

Here is the type of computer:
Dell DXP051
Bios A03 (01/03/06)
Pent D 3.2 GHz
1.0 GB RAM
Running Windows XP Media Center Edition

I have the Windows XP DVD and went to the Recovery Console. On the C:> drive, I did a DIR command and found that the AUTOEXEC.BAT, MSDOS.SYS, CONFIG.SYS, and IO.SYS files all say 0 KB. The BOOT.INI and NTLDR have data, although they may very well be corrupt. I did not alter these files in any way.

My assumption is that some type of virus affected my computer's ability to boot up. As I mentioned, I did read through some threads here to see about finding an answer on my own. However, I saw some references that said before using the FIXMBR command to make sure that the computer is not infected with a virus. I am unable to check for a virus since I can't get the computer to boot up and don't have a DOS-based virus checker.

Here is what I have done so far:
- Went to System Setup (F2) and verified that my hardware is being properly detected. It appears so.
- Went to the Boot Menu (F12) and ran Hard Drive Diagnostics - All passed.
- Used the Dell Diagnostic Utility CD and checked all hardware - All passed.
- Used the Windows XP DVD and went to the Recovery Console. Used chkdsk /r ("found and fixed one or more errors", but did not solve the problem)

Here is what I have NOT tried yet:
- Repair XP install (not sure that would work since it seems the computer doesn't know how to boot to ANY type of Windows -> Sys files with 0 KB, etc.)
- FIXMBR or FIXBOOT (saw a reference to not try this if there is a virus. Since I am unsure, I didn't want to chance losing my data.)
- Multiple tries at chkdsk /r. (If one time didn't do it, would more than once help?)

I am open to just about anything I can do to restore my computer, but more importantly recover my data. (Some of it was backed up, but not all - a grave error on my part...)

Any help - Thanks in advance!
  • 0

Advertisements


#2
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,018 posts
Hi, :unsure:

:)

Lets give this a try throughout an External Environment, which simply means you will need to burn a boot CD with especial tools. You will also need a flash drive to move information from the troubled computer to a working computer. It is the only way we can see the progress of our actions. Save these instructions in your flash drive as a text file (use notepad) so you can have access to these while in an external environment (PE).

Here is what you need to do.
  • Download OTLPEStd.exe to your desktop. NOTE: This file is 93.5MB in size so it may take some time to download.
  • Once downloaded, insert a blank CD in your burner and click on OTLPEStd.exe.The executable includes the OTLPE_New_Std.iso and a copy of imgburn, a program to burn .iso files. When executed, the application will extract both and start the burning process automatically.
  • Once the CD is burned, boot the Non working computer using the boot CD you just created.
  • In order to do so, the computer must be set to boot from the CD first
    Note : For information click here
  • Your system should now display a REATOGO-X-PE desktop.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings
    • Change Drivers to All
    • Change Standard Registry to All
    • Under the Custom Scan box paste this in


      /md5start
      UXTHEME.DLL
      eventlog.dll
      scecli.dll
      netlogon.dll
      cngaudit.dll
      sceclt.dll
      ntelogon.dll
      logevent.dll
      iaStor.sys
      nvstor.sys
      atapi.sys
      IdeChnDr.sys
      viasraid.sys
      AGP440.sys
      vaxscsi.sys
      nvatabus.sys
      viamraid.sys
      nvata.sys
      nvgts.sys
      iastorv.sys
      ViPrt.sys
      eNetHook.dll
      ahcix86.sys
      KR10N.sys
      nvstor32.sys
      ahcix86s.sys
      nvrd32.sys
      volsnap.sys
      userinit.exe
      explorer.exe
      winlogon.exe
      ntoskrnl.exe
      /md5stop
      %SYSTEMDRIVE%\*.*
      %systemroot%\*. /mp /s
      %systemroot%\System32\config\*.sav

  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive.
  • Please post the contents of the C:\OTL.txt file in your reply.

  • 0

#3
Slash4848

Slash4848

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
OK, working on it. Will get right back to you with results.
  • 0

#4
Slash4848

Slash4848

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Just finished. Here is the info from the OTL.txt file.


OTL logfile created on: 6/12/2011 7:03:52 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 792.00 Mb Available Physical Memory | 77.00% Memory free
906.00 Mb Paging File | 843.00 Mb Available in Paging File | 93.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.14 Gb Total Space | 44.67 Gb Free Space | 19.58% Space Free | Partition Type: NTFS
Drive I: | 983.72 Mb Total Space | 510.84 Mb Free Space | 51.93% Space Free | Partition Type: FAT
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002

========== Win32 Services (SafeList) ==========

SRV - [2010/09/02 06:46:18 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto] -- C:\Program Files\VERIZONDM\bin\tgsrvc.exe -- (tgsrvc_verizondm) SupportSoft Repair Service (verizondm)
SRV - [2010/09/02 06:46:16 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto] -- C:\Program Files\VERIZONDM\bin\sprtsvc.exe -- (sprtsvc_verizondm) SupportSoft Sprocket Service (verizondm)
SRV - [2010/01/12 11:07:44 | 000,033,792 | ---- | M] (Palm) [Auto] -- C:\Program Files\Palm, Inc\novacom\x86\novacomd.exe -- (NovacomD)
SRV - [2009/11/02 14:17:00 | 001,098,968 | ---- | M] (TiVo Inc.) [Disabled] -- C:\Program Files\TiVo\Desktop\TiVoBeacon.exe -- (TivoBeacon2)
SRV - [2009/06/17 13:49:44 | 000,616,408 | ---- | M] () [Auto] -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2008/05/02 15:44:40 | 000,188,456 | ---- | M] (ActivIdentity) [Auto] -- C:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2007/05/28 12:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/09/04 20:54:44 | 000,880,722 | ---- | M] (Trend Micro Incorporated.) [Auto] -- C:\Program Files\Trend Micro\Internet Security 12\PcCtlCom.exe -- (PcCtlCom)
SRV - [2005/12/12 17:52:32 | 000,180,224 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe -- (ELService)
SRV - [2005/08/22 21:31:48 | 000,290,889 | ---- | M] (Trend Micro Incorporated.) [Auto] -- C:\Program Files\Trend Micro\Internet Security 12\Tmntsrv.exe -- (Tmntsrv)
SRV - [2005/06/17 08:55:58 | 000,086,140 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMon) Intel®
SRV - [2005/04/25 17:41:02 | 000,262,215 | ---- | M] (Trend Micro Inc.) [Auto] -- C:\Program Files\Trend Micro\Internet Security 12\tmproxy.exe -- (tmproxy)
SRV - [2005/04/25 17:39:02 | 000,585,792 | ---- | M] (Trend Micro Inc.) [Auto] -- C:\Program Files\Trend Micro\Internet Security 12\TmPfw.exe -- (TmPfw)


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (vaxscsi)
DRV - File not found [Kernel | Disabled] -- -- (Simbad)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | Auto] -- -- (mrtRate)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (catchme)
DRV - File not found [Kernel | On_Demand] -- -- (bvrp_pci)
DRV - File not found [Kernel | Disabled] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled] -- -- (Abiosdsk)
DRV - [2011/02/17 09:18:24 | 000,455,936 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2011/02/17 09:18:03 | 000,357,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2010/11/02 11:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2010/09/28 16:44:52 | 000,041,984 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/10/20 12:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009/09/08 19:13:16 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System] -- C:\WINDOWS\system32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2009/06/24 07:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009/05/18 14:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2008/11/26 18:42:42 | 000,205,328 | ---- | M] (Trend Micro Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\tmxpflt.sys -- (Tmfilter)
DRV - [2008/11/26 18:42:40 | 000,036,368 | ---- | M] (Trend Micro Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\tmpreflt.sys -- (Tmpreflt)
DRV - [2008/11/26 18:39:56 | 001,195,384 | ---- | M] (Trend Micro Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\VsapiNT.sys -- (Vsapint)
DRV - [2008/11/12 19:50:40 | 000,138,800 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2008/10/16 10:43:01 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2008/07/13 22:51:30 | 000,716,272 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008/04/13 20:13:22 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2008/04/13 20:13:21 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/04/13 20:13:20 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008/04/13 20:13:20 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/13 15:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 15:28:39 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008/04/13 15:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008/04/13 15:20:42 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/04/13 15:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/04/13 15:19:48 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2008/04/13 15:19:43 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2008/04/13 15:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008/04/13 15:18:00 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/04/13 15:17:18 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008/04/13 15:17:05 | 000,105,344 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2008/04/13 15:15:55 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008/04/13 15:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 15:15:45 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial)
DRV - [2008/04/13 15:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 15:14:21 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 15:00:19 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/04/13 14:57:32 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/13 14:57:27 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/13 14:57:27 | 000,010,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008/04/13 14:57:21 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/04/13 14:57:15 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008/04/13 14:57:07 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008/04/13 14:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usb8023x.sys -- (usb_rndisx)
DRV - [2008/04/13 14:56:38 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008/04/13 14:56:32 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008/04/13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 14:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/04/13 14:55:58 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/13 14:54:28 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/04/13 14:53:34 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2008/04/13 14:51:25 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/13 14:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/04/13 14:46:25 | 000,085,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nabtsfec.sys -- (NABTSFEC)
DRV - [2008/04/13 14:46:24 | 000,019,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wstcodec.sys -- (WSTCODEC)
DRV - [2008/04/13 14:46:23 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdecode.sys -- (CCDECODE)
DRV - [2008/04/13 14:46:23 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\slip.sys -- (SLIP)
DRV - [2008/04/13 14:46:22 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndisip.sys -- (NdisIP)
DRV - [2008/04/13 14:46:21 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\streamip.sys -- (streamip)
DRV - [2008/04/13 14:45:39 | 000,032,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/04/13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - [2008/04/13 14:45:37 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/04/13 14:45:35 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/04/13 14:45:35 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008/04/13 14:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2008/04/13 14:45:27 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb)
DRV - [2008/04/13 14:45:13 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/04/13 14:45:09 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008/04/13 14:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008/04/13 14:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008/04/13 14:45:01 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dmusic.sys -- (DMusic)
DRV - [2008/04/13 14:44:48 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 14:44:46 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/13 14:44:40 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/13 14:41:22 | 000,018,560 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\i2omp.sys -- (i2omp)
DRV - [2008/04/13 14:41:22 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\i2omgmt.sys -- (i2omgmt)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008/04/13 14:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008/04/13 14:40:49 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008/04/13 14:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk)
DRV - [2008/04/13 14:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008/04/13 14:40:31 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\viaide.sys -- (ViaIde)
DRV - [2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2008/04/13 14:40:29 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\intelide.sys -- (IntelIde)
DRV - [2008/04/13 14:40:27 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008/04/13 14:40:25 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc)
DRV - [2008/04/13 14:40:25 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/13 14:40:12 | 000,015,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum)
DRV - [2008/04/13 14:40:10 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2008/04/13 14:39:53 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008/04/13 14:39:52 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/04/13 14:39:51 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/04/13 14:39:50 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mstee.sys -- (MSTEE)
DRV - [2008/04/13 14:39:50 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/04/13 14:39:48 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2008/04/13 14:39:47 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/13 14:39:47 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008/04/13 14:39:46 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008/04/13 14:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/04/13 14:36:52 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr)
DRV - [2008/04/13 14:36:46 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/04/13 14:36:44 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)
DRV - [2008/04/13 14:36:43 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 14:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/04/13 14:36:40 | 000,042,240 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\viaagp.sys -- (viaagp)
DRV - [2008/04/13 14:36:39 | 000,044,928 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\agpCPQ.sys -- (agpCPQ)
DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 14:36:38 | 000,042,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\alim1541.sys -- (alim1541)
DRV - [2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\agp440.sys -- (agp440)
DRV - [2008/04/13 14:36:35 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)
DRV - [2008/04/13 14:33:28 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008/04/13 14:32:59 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2008/04/13 14:32:51 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/04/13 14:32:44 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/13 14:32:39 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/04/13 14:32:39 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/04/13 14:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/13 14:31:32 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/04/13 12:39:23 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/03/27 17:27:46 | 000,503,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdf01000.sys -- (Wdf01000)
DRV - [2008/01/18 23:53:06 | 000,083,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WudfRd.sys -- (WudfRd)
DRV - [2008/01/18 23:52:52 | 000,077,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WudfPf.sys -- (WudfPf)
DRV - [2007/11/13 06:25:53 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/10/22 13:22:00 | 003,994,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/04/13 07:31:35 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/12/12 17:52:34 | 000,010,112 | ---- | M] (Intel Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ELhid.sys -- (ELhid)
DRV - [2005/12/12 17:52:34 | 000,007,040 | ---- | M] (Intel Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ELmon.sys -- (ELmon)
DRV - [2005/12/12 17:52:34 | 000,006,912 | ---- | M] (Intel Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ELkbd.sys -- (ELkbd)
DRV - [2005/12/12 17:52:34 | 000,006,400 | ---- | M] (Intel Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ELmou.sys -- (ELmou)
DRV - [2005/12/12 17:52:32 | 000,007,808 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ELacpi.sys -- (ELacpi)
DRV - [2005/11/16 16:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/09/12 04:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005/09/08 06:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 06:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 06:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 06:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 06:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 06:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 06:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 13:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 13:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/12 06:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005/06/17 13:33:40 | 000,872,064 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iastor)
DRV - [2005/05/13 17:27:56 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
DRV - [2005/04/25 17:37:02 | 000,038,528 | ---- | M] (Trend Micro Inc.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\tmtdi.sys -- (tmtdi)
DRV - [2005/04/25 17:36:02 | 001,884,585 | ---- | M] (Trend Micro Inc.) [Kernel | Auto] -- C:\WINDOWS\System32\Drivers\tm_cfw.sys -- (tm_cfw)
DRV - [2005/04/25 03:03:00 | 000,020,640 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20)
DRV - [2005/03/31 18:04:52 | 000,180,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2004/08/10 06:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/10 06:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/10 06:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2004/08/10 06:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2004/08/10 06:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2004/08/10 06:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/10 06:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2004/08/10 06:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2004/08/10 06:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2004/08/10 06:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2004/08/10 06:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2004/08/10 06:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2004/08/10 06:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2004/08/10 06:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2004/08/10 06:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2004/08/10 06:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2004/08/10 06:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2004/08/10 06:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\System32\winsock.dll -- (Winsock)
DRV - [2004/08/10 04:45:04 | 000,011,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mhndrv.sys -- (MHNDRV)
DRV - [2004/08/09 07:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004/08/09 07:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004/07/19 10:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1)
DRV - [2003/12/01 11:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003/11/17 22:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 22:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 22:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/04/09 19:48:08 | 000,011,043 | ---- | M] (Conexant) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2001/08/17 15:07:44 | 000,025,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\hpn.sys -- (hpn)
DRV - [2001/08/17 15:07:44 | 000,020,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\dpti2o.sys -- (dpti2o)
DRV - [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 15:07:42 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\perc2hib.sys -- (perc2hib)
DRV - [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 15:07:40 | 000,027,296 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\perc2.sys -- (perc2)
DRV - [2001/08/17 15:07:38 | 000,056,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aic78xx.sys -- (aic78xx)
DRV - [2001/08/17 15:07:36 | 000,055,168 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aic78u2.sys -- (aic78u2)
DRV - [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 15:07:32 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\adpu160m.sys -- (adpu160m)
DRV - [2001/08/17 14:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [2001/08/17 14:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 14:52:50 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)
DRV - [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 14:52:16 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1240.sys -- (ql1240)
DRV - [2001/08/17 14:52:16 | 000,033,152 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql10wnt.sys -- (Ql10wnt)
DRV - [2001/08/17 14:52:16 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\dac960nt.sys -- (dac960nt)
DRV - [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 14:52:08 | 000,016,000 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ini910u.sys -- (ini910u)
DRV - [2001/08/17 14:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2001/08/17 14:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cbidf2k.sys -- (cbidf)
DRV - [2001/08/17 14:52:06 | 000,014,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cpqarray.sys -- (Cpqarray)
DRV - [2001/08/17 14:52:06 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys -- (cd20xrnt)
DRV - [2001/08/17 14:52:04 | 000,022,400 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc3350p.sys -- (asc3350p)
DRV - [2001/08/17 14:52:04 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\amsint.sys -- (amsint)
DRV - [2001/08/17 14:52:02 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aha154x.sys -- (Aha154x)
DRV - [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 14:52:00 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS -- (abp480n5)
DRV - [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 14:51:56 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\toside.sys -- (TosIde)
DRV - [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 14:51:52 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde)
DRV - [2001/08/17 14:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2001/08/17 13:12:10 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel®
DRV - [1999/11/13 15:19:12 | 000,453,475 | ---- | M] (Xirlink, Inc) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\C-itnt.sys -- (XIRLINK)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.co...-inc&channel=us
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Start Page = http://www.google.co...-inc&channel=us


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...-inc&channel=us
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...-inc&channel=us
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...html?channel=us
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...-inc&channel=us
IE - HKU\Administrator_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Bantas_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Bantas_ON_C\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\Bantas_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKU\Bantas_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\Bantas_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\Bantas_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\Bantas_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0A 08 66 DE EA 51 CA 01 [binary data]
IE - HKU\Bantas_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\Bantas_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Bantas_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKU\Bantas_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555



IE - HKU\Sarah_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...-inc&channel=us
IE - HKU\Sarah_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Sarah_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Sarah_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...-inc&channel=us
IE - HKU\Sarah_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Sarah_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\Sarah_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 03:00:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/01/19 22:51:40 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2007/04/07 23:45:47 | 000,000,762 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 207.210.117.60 www.winmx.com
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Comcast Toolbar) - {79CEEA4E-C231-4614-9E3B-53B2A02F39B7} - C:\Program Files\comcasttb\comcastdx.dll ()
O2 - BHO: (no name) - {A3EF6FD4-4769-4734-9494-4707087225B9} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Comcast Toolbar) - {79CEEA4E-C231-4614-9E3B-53B2A02F39B7} - C:\Program Files\comcasttb\comcastdx.dll ()
O3 - HKU\Administrator_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Bantas_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Bantas_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Bantas_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\Bantas_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Sarah_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Sarah_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Sarah_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\Sarah_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe (Corel, Inc.)
O4 - HKLM..\Run: [Dell AIO Printer A920] C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe (Dell Computer Corporation)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MimBoot] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mimboot.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [pccguide.exe] C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe (Trend Micro Incorporated.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [VERIZONDM] C:\Program Files\VERIZONDM\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Administrator_ON_C..\Run: [OE_OEM] C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKU\Bantas_ON_C..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKU\Bantas_ON_C..\Run: [ComcastAntispyClient] C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe ()
O4 - HKU\Bantas_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\Bantas_ON_C..\Run: [EA Core] File not found
O4 - HKU\Bantas_ON_C..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKU\Bantas_ON_C..\Run: [OE_OEM] C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKU\Bantas_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\Bantas_ON_C..\Run: [TivoNotify] C:\Program Files\TiVo\Desktop\TiVoNotify.exe (TiVo Inc.)
O4 - HKU\Bantas_ON_C..\Run: [TivoServer] C:\Program Files\TiVo\Desktop\TiVoServer.exe (TiVo Inc.)
O4 - HKU\Bantas_ON_C..\Run: [TivoTransfer] C:\Program Files\TiVo\Desktop\TiVoTransfer.exe (TiVo Inc.)
O4 - HKU\Bantas_ON_C..\Run: [TranscodingService] C:\Program Files\TiVo\Desktop\Plus\\TranscodingService.exe ()
O4 - HKU\Bantas_ON_C..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKU\Sarah_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Sarah_ON_C..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKU\Sarah_ON_C..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKU\Sarah_ON_C..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\Sarah_ON_C..\Run: [OE_OEM] C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKU\Sarah_ON_C..\Run: [swg] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ActivClient Agent.lnk = C:\Program Files\ActivIdentity\ActivClient\acsagent.exe (ActivIdentity)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe (Intuit Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Bantas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\Bantas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Bantas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\Bantas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Sarah_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_17.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe ()
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {00000075-9980-0010-8000-00AA00389B71} http://codecs.micros...i386/voxacm.CAB (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www1.snapfish...fishActivia.cab (Snapfish Activia)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.nvidia.co.../sysreqlab2.cab (System Requirements Lab Class)
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} http://launch.gamesp...nch/alaunch.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.252.0.12
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\appconf32.exe) - C:\WINDOWS\system32\appconf32.exe ()
O20 - HKLM Winlogon: GinaDLL - (msgina.dll) - C:\WINDOWS\System32\msgina.dll (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\ackpbsc: DllName - C:\WINDOWS\system32\ackpbsc.dll - C:\WINDOWS\system32\ackpbsc.dll (ActivIdentity)
O20 - Winlogon\Notify\acunlock: DllName - C:\Program Files\ActivIdentity\ActivClient\acunlock.dll - C:\Program Files\ActivIdentity\ActivClient\acunlock.dll (ActivIdentity)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (zwebauth.dll) - C:\WINDOWS\System32\ZWebAuth.dll ()
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/08 14:19:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\SpICE
[2011/06/08 08:51:47 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/06/08 08:41:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/06/08 08:40:39 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/06/08 08:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/06/08 08:34:29 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/06/08 08:33:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/05/30 05:55:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/05/28 14:37:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Pink Venom
[2011/05/26 20:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\iTouch photos
[2011/05/23 04:15:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bantas\Application Data\Gradkell Systems, Inc
[2011/05/21 18:24:51 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2011/05/21 18:17:51 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/05/21 18:08:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xmldm
[2011/05/21 10:36:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\fD06504DlOgE06504
[22 C:\Documents and Settings\Bantas\My Documents\*.tmp files -> C:\Documents and Settings\Bantas\My Documents\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[11 C:\Documents and Settings\All Users\Documents\*.tmp files -> C:\Documents and Settings\All Users\Documents\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Bantas\Desktop\*.tmp files -> C:\Documents and Settings\Bantas\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/10 18:44:28 | 000,000,286 | -H-- | M] () -- C:\WINDOWS\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011/06/10 18:44:25 | 000,000,238 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011/06/10 18:44:09 | 000,231,424 | ---- | M] () -- C:\WINDOWS\Pfyboa.exe
[2011/06/10 17:53:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/09 18:53:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/09 14:34:19 | 000,000,527 | ---- | M] () -- C:\WINDOWS\dellstat.ini
[2011/06/08 19:25:03 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/08 19:22:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/08 19:22:29 | 1071,812,608 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/08 14:01:54 | 000,001,570 | ---- | M] () -- C:\WINDOWS\QUICKEN.INI
[2011/06/08 08:51:47 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/06/08 08:41:43 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/06/08 08:41:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/06/07 22:19:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/06 22:16:47 | 000,000,632 | ---- | M] () -- C:\WINDOWS\System32\urhtps.dat
[2011/06/01 21:01:19 | 000,000,050 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2011/05/30 05:55:27 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/05/30 05:55:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/05/29 06:50:44 | 000,065,523 | ---- | M] () -- C:\Documents and Settings\Bantas\My Documents\Prog Ins Temp Card 05-29-2011.pdf
[2011/05/28 23:55:25 | 000,001,776 | ---- | M] () -- C:\Documents and Settings\Bantas\Desktop\HP webOS® Doctor™ Build Sprint.251.299, webOS 1.4.5.lnk
[2011/05/25 11:06:56 | 004,510,301 | ---- | M] () -- C:\Documents and Settings\Bantas\My Documents\NDUSpousesCookbook.pdf
[2011/05/21 13:10:46 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2011/05/16 16:58:01 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\doxillionShakeIcon.job
[22 C:\Documents and Settings\Bantas\My Documents\*.tmp files -> C:\Documents and Settings\Bantas\My Documents\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[11 C:\Documents and Settings\All Users\Documents\*.tmp files -> C:\Documents and Settings\All Users\Documents\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Bantas\Desktop\*.tmp files -> C:\Documents and Settings\Bantas\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/10 18:44:28 | 000,231,424 | ---- | C] () -- C:\WINDOWS\Pfyboa.exe
[2011/06/10 18:44:22 | 000,000,238 | -H-- | C] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011/06/10 18:44:18 | 000,000,286 | -H-- | C] () -- C:\WINDOWS\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011/06/08 08:41:43 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/05/30 05:55:27 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/05/29 06:50:44 | 000,065,523 | ---- | C] () -- C:\Documents and Settings\Bantas\My Documents\Prog Ins Temp Card 05-29-2011.pdf
[2011/05/25 11:06:56 | 004,510,301 | ---- | C] () -- C:\Documents and Settings\Bantas\My Documents\NDUSpousesCookbook.pdf
[2011/05/24 19:16:23 | 000,001,776 | ---- | C] () -- C:\Documents and Settings\Bantas\Desktop\HP webOS® Doctor™ Build Sprint.251.299, webOS 1.4.5.lnk
[2011/05/21 14:04:37 | 1071,812,608 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/21 11:13:12 | 001,228,854 | ---- | C] () -- C:\fsqwr.bmp
[2011/03/28 21:20:08 | 000,000,632 | ---- | C] () -- C:\WINDOWS\System32\urhtps.dat
[2010/12/04 22:12:53 | 000,000,020 | ---- | C] () -- C:\WINDOWS\crackpdf.INI
[2010/12/04 19:17:02 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\Image2PDF.dat
[2010/12/04 17:10:56 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\Bantas\minitool.ini
[2010/11/21 12:41:37 | 000,000,219 | ---- | C] () -- C:\Documents and Settings\Bantas\Application Data\jkdhk.bat
[2010/03/12 23:11:08 | 000,115,116 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/11/30 03:09:24 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2009/11/30 03:09:21 | 000,260,608 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/11/30 03:09:21 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/11/30 03:09:20 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/11/30 03:09:20 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/06/27 13:15:57 | 000,000,023 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2008/12/09 11:23:13 | 000,046,312 | RHS- | C] () -- C:\WINDOWS\System32\appconf32.exe
[2008/08/05 18:26:53 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008/07/27 22:32:03 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/04/02 16:39:10 | 000,000,248 | ---- | C] () -- C:\WINDOWS\winmine.ini
[2008/02/23 03:19:22 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2008/02/15 13:54:02 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/12/05 02:41:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/12/05 02:41:00 | 001,622,016 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2007/12/05 02:41:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/12/05 02:41:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2007/12/05 02:41:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/12/05 02:41:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/12/05 02:41:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2007/12/05 02:41:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2007/12/05 02:41:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/12/05 02:41:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2007/08/18 22:16:38 | 000,000,803 | ---- | C] () -- C:\WINDOWS\CoDUO.INI
[2007/08/08 17:32:56 | 000,000,754 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2007/06/01 17:37:51 | 000,000,978 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2007/05/25 11:41:31 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Sarah\Application Data\PFP120JPR.{PB
[2007/05/25 11:41:31 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Sarah\Application Data\PFP120JCM.{PB
[2007/04/29 19:54:08 | 000,138,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2007/04/29 19:54:03 | 000,201,904 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2007/04/29 19:53:55 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2007/03/21 17:02:46 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\libmySQL.dll
[2007/03/21 17:02:46 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\TrackerNET.dll
[2007/03/20 19:01:25 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2007/03/20 19:01:25 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2007/03/20 19:01:25 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2007/03/20 16:48:09 | 000,000,644 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007/01/25 23:56:16 | 000,000,046 | ---- | C] () -- C:\WINDOWS\SA2006HH.ini
[2006/10/22 13:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/09/28 07:36:37 | 000,002,209 | ---- | C] () -- C:\WINDOWS\EntPack.dat
[2006/09/12 16:34:19 | 000,000,838 | ---- | C] () -- C:\WINDOWS\MEDIAPAQ.INI
[2006/08/30 11:01:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Textart.INI
[2006/06/11 14:21:51 | 000,000,751 | ---- | C] () -- C:\WINDOWS\Bti.ini
[2006/06/11 14:21:49 | 000,116,640 | ---- | C] () -- C:\WINDOWS\System32\Ptsaci40.dll
[2006/06/11 14:21:49 | 000,030,080 | ---- | C] () -- C:\WINDOWS\System32\Ptabimp3.exe
[2006/05/16 12:14:19 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Bantas\Application Data\dvd.bmk
[2006/05/04 21:29:15 | 000,000,050 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2006/04/30 18:14:37 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2006/04/30 18:09:07 | 000,001,415 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2006/04/30 18:09:00 | 000,000,013 | ---- | C] () -- C:\WINDOWS\BATLGRID.INI
[2006/04/30 18:08:47 | 000,001,445 | ---- | C] () -- C:\WINDOWS\ARCADE.INI
[2006/04/30 10:57:49 | 000,000,527 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2006/04/30 10:57:33 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2006/04/30 10:57:15 | 000,000,255 | ---- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2006/04/29 22:00:18 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2006/04/29 12:13:37 | 000,000,064 | ---- | C] () -- C:\WINDOWS\qwimp.ini
[2006/04/29 11:39:19 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\Bantas\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/04/29 10:54:38 | 000,001,570 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/04/29 10:01:14 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Sarah\Application Data\$_hpcst$.hpc
[2006/04/29 10:00:35 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Sarah\Local Settings\Application Data\fusioncache.dat
[2006/04/27 03:06:45 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2006/04/24 20:07:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2006/04/23 23:55:50 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Bantas\Application Data\$_hpcst$.hpc
[2006/04/23 10:40:06 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/04/22 17:41:34 | 000,016,973 | ---- | C] () -- C:\WINDOWS\System32\ZWebAuth.dll
[2006/04/21 23:54:39 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\4E7F40BFEE.sys
[2006/04/21 23:53:47 | 000,005,018 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/04/18 16:43:57 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Bantas\Application Data\PFP120JPR.{PB
[2006/04/18 16:43:57 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Bantas\Application Data\PFP120JCM.{PB
[2006/04/17 19:24:13 | 000,001,275 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2006/04/17 18:56:16 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Bantas\Local Settings\Application Data\fusioncache.dat
[2006/04/13 07:43:42 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/04/13 07:37:40 | 000,000,267 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/04/13 07:35:05 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/04/13 07:30:57 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/04/13 07:09:04 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/04/13 07:08:34 | 000,000,387 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/03/20 15:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2006/03/20 15:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2006/03/20 15:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2006/03/20 15:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2006/03/20 15:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2006/03/20 15:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2006/03/20 15:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2006/03/20 15:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2006/03/20 15:43:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2005/11/10 09:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/16 21:52:01 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2005/08/16 05:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/16 05:38:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/16 05:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 05:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/16 05:27:59 | 000,434,168 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/16 05:18:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/08/16 05:18:33 | 000,442,470 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/16 05:18:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/08/16 05:18:33 | 000,071,736 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/16 05:18:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/08/16 05:18:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/08/16 05:18:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/08/16 05:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/08/16 05:18:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/08/16 05:18:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/08/16 05:18:15 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/08/16 05:18:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/08/05 15:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[1999/01/22 14:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2009/08/13 15:44:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bantas\Application Data\Activision
[2010/10/28 00:03:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bantas\Application Data\CallingID
[2010/11/28 20:33:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bantas\Application Data\CanuckSoftware
[2010/10/02 18:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bantas\Application Data\comcasttb
[2007/05/25 10:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bantas\Application Data\DeLorme
[2011/05/23 04:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bantas\Application Data\Gradkell Systems, Inc
[2010/12/20 20:25:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bantas\Application Data\ICAClient
[2006/04/21 23:49:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bantas\Application Data\Leadertech
[2006/06/18 11:27:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bantas\Application Data\LucasArts
[2008/08/16 17:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bantas\Application Data\My Games
[2010/11/23 23:21:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bantas\Application Data\NCH Swift Sound
[2007/10/28 19:57:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bantas\Application Data\Petroglyph
[2011/04/07 17:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bantas\Application Data\Smilebox
[2006/05/01 10:21:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bantas\Application Data\Snapfish
[2009/06/20 18:05:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bantas\Application Data\SPORE
[2009/02/27 20:34:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bantas\Application Data\Unity
[2007/02/21 07:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bantas\Application Data\Viewpoint
[2006/11/09 23:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bantas\Application Data\WildTangent
[2007/01/25 23:58:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sarah\Application Data\DeLorme
[2009/08/13 15:44:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Activision
[2006/05/06 08:30:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2010/12/20 19:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2005/08/16 21:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2010/01/23 17:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2011/05/21 14:51:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fD06504DlOgE06504
[2010/11/23 23:21:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/11/15 18:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/12/05 17:22:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TiVo
[2007/02/21 07:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/11/09 23:54:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2010/12/22 07:33:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/23 20:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/07/26 14:25:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/16 16:58:01 | 000,000,286 | ---- | M] () -- C:\WINDOWS\Tasks\doxillionShakeIcon.job
[2010/11/26 23:21:03 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\photostageShakeIcon.job
[2011/03/23 03:42:01 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\videopadShakeIcon.job
[2010/11/26 23:21:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\wavepadShakeIcon.job
[2011/06/10 18:44:25 | 000,000,238 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011/06/10 18:44:28 | 000,000,286 | -H-- | M] () -- C:\WINDOWS\Tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: AGP440.SYS >
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/08/21 17:30:08 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/08/21 17:30:08 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/08/21 17:30:08 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/08/21 17:30:08 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/10 06:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\i386\eventlog.dll
[2004/08/10 06:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/10 06:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: IASTOR.SYS >
[2005/06/17 13:33:40 | 000,872,064 | ---- | M] (Intel Corporation) MD5=9A65E42664D1534B68512CAAD0EFE963 -- C:\drivers\storage\sata\onboard\iastor.sys
[2005/06/17 13:33:40 | 000,872,064 | ---- | M] (Intel Corporation) MD5=9A65E42664D1534B68512CAAD0EFE963 -- C:\i386\iaStor.sys
[2005/06/17 13:33:40 | 000,872,064 | ---- | M] (Intel Corporation) MD5=9A65E42664D1534B68512CAAD0EFE963 -- C:\WINDOWS\system32\drivers\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/10 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
[2004/08/10 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NTOSKRNL.EXE >
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:ntoskrnl.exe
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:ntoskrnl.exe
[2008/08/21 17:30:08 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:ntoskrnl.exe
[2008/08/21 17:30:08 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:ntoskrnl.exe
[2010/02/16 10:08:49 | 002,146,304 | ---- | M] (Microsoft Corporation) MD5=048DB3459FAB4CA741DCC84E1F374D65 -- C:\WINDOWS\$NtUninstallKB981852$\ntoskrnl.exe
[2009/12/09 00:52:36 | 002,189,312 | ---- | M] (Microsoft Corporation) MD5=05BE3D9A71972223AFF6A3C823BA51B1 -- C:\WINDOWS\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[2008/04/13 15:27:53 | 002,188,928 | ---- | M] (Microsoft Corporation) MD5=0C89243C7C3EE199B96FCC16990E0679 -- C:\WINDOWS\ServicePackFiles\i386\ntoskrnl.exe
[2009/02/06 07:06:41 | 002,145,280 | ---- | M] (Microsoft Corporation) MD5=0CBA44D0938D57F334C0862424148B70 -- C:\WINDOWS\$NtUninstallKB971486$\ntoskrnl.exe
[2005/03/01 21:04:22 | 002,179,456 | ---- | M] (Microsoft Corporation) MD5=28187802B7C368C0D3AEF7D4C382AABB -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[2008/08/14 16:11:10 | 002,189,184 | ---- | M] (Microsoft Corporation) MD5=31914172342BFF330063F343AC6958FE -- C:\WINDOWS\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[2008/04/13 15:24:37 | 002,145,280 | ---- | M] (Microsoft Corporation) MD5=40F8880122A030A7E9E1FEDEA833B33D -- C:\WINDOWS\$NtUninstallKB956841$\ntoskrnl.exe
[2010/04/27 09:59:13 | 002,146,304 | ---- | M] (Microsoft Corporation) MD5=466A3E1239F4A9428797730E81A7A865 -- C:\WINDOWS\$NtUninstallKB2393802$\ntoskrnl.exe
[2005/06/22 20:30:54 | 002,136,064 | ---- | M] (Microsoft Corporation) MD5=5611F453C6D20AB0552956F39BCDDB88 -- C:\i386\ntoskrnl.exe
[2005/06/22 20:30:54 | 002,136,064 | ---- | M] (Microsoft Corporation) MD5=5611F453C6D20AB0552956F39BCDDB88 -- C:\WINDOWS\$NtUninstallKB929338$\ntoskrnl.exe
[2006/12/19 12:49:02 | 002,137,600 | ---- | M] (Microsoft Corporation) MD5=57B9D140E1EB8B0EA06DF927B63B0EEE -- C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe
[2010/12/09 09:42:26 | 002,148,864 | ---- | M] (Microsoft Corporation) MD5=60E16152D847D7A7B7D3DA4C4B8E2120 -- C:\WINDOWS\system32\ntoskrnl.exe
[2010/12/09 09:38:47 | 002,192,768 | ---- | M] (Microsoft Corporation) MD5=64C1ADF6DF629F340C5A439FE0EF8ED1 -- C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
[2010/12/09 09:38:47 | 002,192,768 | ---- | M] (Microsoft Corporation) MD5=64C1ADF6DF629F340C5A439FE0EF8ED1 -- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
[2009/08/04 11:13:08 | 002,145,280 | ---- | M] (Microsoft Corporation) MD5=78FCC97CD878D4CF5B5D2158A5A7CF92 -- C:\WINDOWS\$NtUninstallKB977165$\ntoskrnl.exe
[2009/08/04 11:13:08 | 002,145,280 | ---- | M] (Microsoft Corporation) MD5=78FCC97CD878D4CF5B5D2158A5A7CF92 -- C:\WINDOWS\ERDNT\cache\ntoskrnl.exe
[2009/12/08 15:26:15 | 002,145,280 | ---- | M] (Microsoft Corporation) MD5=9696C553F994340CD6AA5C5A724C3A19 -- C:\WINDOWS\$NtUninstallKB979683$\ntoskrnl.exe
[2010/04/27 09:50:44 | 002,190,080 | ---- | M] (Microsoft Corporation) MD5=A2ABBEC40CDB57454645D06B7EBD22F5 -- C:\WINDOWS\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[2010/12/09 09:43:18 | 002,192,768 | ---- | M] (Microsoft Corporation) MD5=A531BBD3DE13121C1380ED7DC99082DB -- C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[2010/02/16 08:52:12 | 002,190,080 | ---- | M] (Microsoft Corporation) MD5=E1F653A542449D54FA2D27463D99B6B6 -- C:\WINDOWS\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[2007/02/28 05:53:04 | 002,137,600 | ---- | M] (Microsoft Corporation) MD5=E6679C3023B17D8B78946BC5DF53FA20 -- C:\WINDOWS\$NtServicePackUninstall$\ntoskrnl.exe
[2009/02/07 19:35:26 | 002,189,184 | ---- | M] (Microsoft Corporation) MD5=EFE8EACE83EAAD5849A7A548FB75B584 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[2008/08/14 06:09:26 | 002,145,280 | ---- | M] (Microsoft Corporation) MD5=F6F8245B3A2E9CA834DD318E7AE0C6D0 -- C:\WINDOWS\$NtUninstallKB956572$\ntoskrnl.exe
[2009/08/04 09:56:10 | 002,189,312 | ---- | M] (Microsoft Corporation) MD5=FDE779EA1A564EBFE16F4E0F82B61BAD -- C:\WINDOWS\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe

< MD5 for: SCECLI.DLL >
[2004/08/10 06:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\i386\scecli.dll
[2004/08/10 06:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USERINIT.EXE >
[2004/08/10 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\i386\userinit.exe
[2004/08/10 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: UXTHEME.DLL >
[2004/08/10 06:00:00 | 000,218,624 | ---- | M] (Microsoft Corporation) MD5=2CDE496666A975A2CE8F969F3042C8DB -- C:\i386\uxtheme.dll
[2004/08/10 06:00:00 | 000,218,624 | ---- | M] (Microsoft Corporation) MD5=2CDE496666A975A2CE8F969F3042C8DB -- C:\WINDOWS\$NtServicePackUninstall$\uxtheme.dll
[2008/04/13 20:12:08 | 000,218,624 | ---- | M] (Microsoft Corporation) MD5=7A2CC3719B255E6B5D74396183B7715B -- C:\WINDOWS\ServicePackFiles\i386\uxtheme.dll
[2008/04/13 20:12:08 | 000,218,624 | ---- | M] (Microsoft Corporation) MD5=7A2CC3719B255E6B5D74396183B7715B -- C:\WINDOWS\system32\uxtheme.dll

< MD5 for: VOLSNAP.SYS >
[2008/04/13 14:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\ServicePackFiles\i386\volsnap.sys
[2008/04/13 14:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\system32\drivers\volsnap.sys
[2004/08/10 06:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=EE4660083DEBA849FF6C485D944B379B -- C:\i386\volsnap.sys
[2004/08/10 06:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=EE4660083DEBA849FF6C485D944B379B -- C:\WINDOWS\$NtServicePackUninstall$\volsnap.sys

< MD5 for: WINLOGON.EXE >
[2004/08/10 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\i386\winlogon.exe
[2004/08/10 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %SYSTEMDRIVE%\*.* >
[2007/06/11 20:06:02 | 000,000,000 | ---- | M] () -- C:\AILog.txt
[2007/01/07 19:01:24 | 000,014,915 | ---- | M] () -- C:\AlexHorowitz.jpg
[2006/12/29 22:47:09 | 000,004,778 | ---- | M] () -- C:\aoesync.txt
[2010/10/12 15:27:30 | 000,031,744 | ---- | M] () -- C:\Aspen Dale Orientation.wps
[2010/10/12 15:27:34 | 000,008,052 | ---- | M] () -- C:\AspenDaleOrientation_wps.zip
[2005/08/16 05:43:04 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/11/30 01:52:21 | 000,000,209 | ---- | M] () -- C:\Boot.bak
[2009/11/30 03:10:32 | 000,000,279 | RHS- | M] () -- C:\boot.ini
[2011/06/11 20:51:11 | 000,002,978 | ---- | M] () -- C:\bootex.log
[2009/07/28 23:23:21 | 000,122,368 | ---- | M] () -- C:\CAPT Bush Bio.doc
[2004/08/04 00:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2009/12/13 13:10:01 | 000,030,640 | ---- | M] () -- C:\ComboFix.txt
[2005/08/16 05:43:04 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2006/06/09 19:15:56 | 000,000,081 | ---- | M] () -- C:\CTX.DAT
[2006/04/13 07:13:04 | 000,006,665 | RH-- | M] () -- C:\dell.sdr
[2006/05/20 12:53:52 | 000,002,616 | ---- | M] () -- C:\Depeche Mode 1.sonic
[2006/05/20 12:54:40 | 000,002,270 | ---- | M] () -- C:\Depeche Mode 2.sonic
[2006/05/20 13:30:01 | 000,002,174 | ---- | M] () -- C:\Depeche Mode 3.sonic
[2011/05/21 13:10:46 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2011/06/08 19:22:29 | 1071,812,608 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/28 22:40:34 | 000,079,832 | ---- | M] () -- C:\Image1.jpg
[2009/07/28 22:41:47 | 000,045,943 | ---- | M] () -- C:\Image10.jpg
[2009/07/28 22:40:44 | 000,067,148 | ---- | M] () -- C:\Image2.jpg
[2009/07/28 22:40:52 | 000,055,314 | ---- | M] () -- C:\Image3.jpg
[2009/07/28 22:41:02 | 000,033,503 | ---- | M] () -- C:\Image4.jpg
[2009/07/28 22:41:10 | 000,077,025 | ---- | M] () -- C:\Image6.jpg
[2009/07/28 22:41:19 | 000,077,517 | ---- | M] () -- C:\Image7.jpg
[2009/07/28 22:41:28 | 000,075,800 | ---- | M] () -- C:\Image8.jpg
[2009/07/28 22:41:36 | 000,052,682 | ---- | M] () -- C:\Image9.jpg
[2006/04/24 00:36:48 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2005/08/16 05:43:04 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2006/04/13 07:31:50 | 000,000,840 | -H-- | M] () -- C:\IPH.PH
[2009/04/09 18:24:48 | 000,000,214 | ---- | M] () -- C:\K Info.lnk
[2005/08/16 05:43:04 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2006/05/11 07:09:32 | 000,003,038 | ---- | M] () -- C:\MyProject.sonic
[2007/06/30 13:44:26 | 000,001,043 | ---- | M] () -- C:\net_save.dna
[2004/08/10 06:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/08/21 17:33:09 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2006/04/13 07:31:57 | 000,000,087 | ---- | M] () -- C:\SystemInfo.ini
[2006/12/01 00:35:02 | 000,000,157 | ---- | M] () -- C:\systemscandata.txt
[2007/04/28 09:44:01 | 000,057,344 | ---- | M] () -- C:\t5b0.8
[2010/01/31 18:29:09 | 000,047,616 | -HS- | M] () -- C:\Thumbs.db
[2008/02/23 00:16:26 | 001,790,790 | ---- | M] () -- C:\vipers hsl 48 box.cdr
[2008/02/23 00:35:23 | 000,045,571 | ---- | M] () -- C:\vipers hsl 48.jpg
[2 C:\*.tmp files -> C:\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2005/08/16 05:27:08 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/08/16 05:27:08 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/08/16 05:27:08 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< End of report >
  • 0

#5
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,018 posts
Save this in the USB drive.

  • Boot to the OTLPE CD
  • Please double-click OTLPE.exe to run it as you did before.
  • Copy the lines in the quote below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    :OTL
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\appconf32.exe) - C:\WINDOWS\system32\appconf32.exe ()

    :files
    C:\WINDOWS\Tasks\doxillionShakeIcon.job
    C:\WINDOWS\Tasks\photostageShakeIcon.job
    C:\WINDOWS\Tasks\videopadShakeIcon.job
    C:\WINDOWS\Tasks\wavepadShakeIcon.job
    C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
    C:\WINDOWS\Tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
    C:\WINDOWS\Pfyboa.exe

  • Return to OTLPE, right click in the "Custom Scans/Fixes" window and choose Paste.
  • Click the red Run Fix button.
  • A report will be produced and saved in the C:\_OTL\MovedFiles folder in the form of Date_Time.log. Open that report and post its contents in a reply.

Attempt to boot in Normal Mode. If successful, Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • OTL should now start. Change the following settings
    • Change Drivers to All
    • Change Standard Registry to All
    • Under File Scans, change File age to 30
  • Under the Custom Scan box paste this in



    %TEMP%\smtmp\*.* /s

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt (first run only). These are saved in the same location as OTL.
    • Please post the contents of the OTL.txt file and attach the Extras.Txt, if any, in your next reply.

  • 0

#6
Slash4848

Slash4848

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Here is the first part:

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\appconf32.exe deleted successfully.
C:\WINDOWS\system32\appconf32.exe moved successfully.
========== FILES ==========
C:\WINDOWS\Tasks\doxillionShakeIcon.job moved successfully.
C:\WINDOWS\Tasks\photostageShakeIcon.job moved successfully.
C:\WINDOWS\Tasks\videopadShakeIcon.job moved successfully.
C:\WINDOWS\Tasks\wavepadShakeIcon.job moved successfully.
C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job moved successfully.
C:\WINDOWS\Tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job moved successfully.
C:\WINDOWS\Pfyboa.exe moved successfully.

OTLPE by OldTimer - Version 3.1.46.0 log created on 06132011_103907
  • 0

#7
Slash4848

Slash4848

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Still unable to boot the computer in normal mode. Blank screen with blinking cursor.

I checked the C: directory, and the AUTOEXEC.BAT, MSDOS.SYS, CONFIG.SYS, and IO.SYS files all still say 0 KB. That's not normal, right? Don't those files need commands to tell the computer how to boot up?

My knowledge of computers barely scratches the surface compared to what we are doing here. I understand some basics (so only enough to be dangerous...), but I am not familiar with OTL or the reasoning behind the steps we are taking. As we proceed, it would be most helpful for me if you would include a short description of what/why we have tried so far and the anticipated process/results for future steps. Much appreciated.
  • 0

#8
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,018 posts
It is normal for those files to be 0 bytes. Lets take a look at the Master Boot Record.

Boot to the Reatogo desktop. There will be an icon for MBRFix. Double click on it. A command prompt will be presented. Type the following commands and press Enter after each line:

Copy MBRFix.exe C:\
C:
cd C:\
MbrFix /drive 0 savembr MBRDUMP.txt
Exit


It is drive zero (0)

If successful, a MBRDUMP.txt file will be created in the C:\ folder.

Please attach this file on your next reply.
  • 0

#9
Slash4848

Slash4848

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Here is the MBRDUMP.txt. I saw the word "failed" in there... OK regarding the other files having 0 bytes. Thanks for all of your help so far. Appreciate the time and patience.

Attached Files


  • 0

#10
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,018 posts
I am not satisfied with the results of the Boot Record, although it does not seem to be infected.

Is there an error message when attempting to boot in Normal Mode? Does the Dell splash logo is seen before the black windows? Are you able to reach the Advanced menu by tapping on F8 during startup? Files involved in the boot process seem to be in place, thus if the computer would have access to the boot loader, at least an error message should be received. As far as we know, only a corrupted boot sector would prevent this to happen.

We can attempt to write a new boot sector, but fixing the mbr may prevent access to the Dell Restore Utility, which allows you to press a key on startup and revert your computer to a factory delivered state. There are a couple of known fixes for this condition, but the methods are somewhat advanced. If you are unwilling to take such a risk, you should not write a new MBR, and you will need to restore your computer to a factory state (all data will be erased) or allow your computer to remain having a corrupted mbr (the latter not recommended). If you decide to write a new MBR, follow these steps:

Boot to the Reatogo desktop. Double click MBRFix. A command prompt will be presented. Type the following commands and press Enter after each line:

C:
cd C:\
MbrFix /drive 0 fixmbr
Exit


It is drive zero (0)

Once done attempt to boot in Normal Mode.
  • 0

Advertisements


#11
Slash4848

Slash4848

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Answers to your questions:
1. No Error msg when attempting to boot in Normal mode.
2. The Dell splash logo does show during startup (with F2 & F12 choices), followed by the blank screen with blinking cursor.
3. No results with F8 during startup.

****
All I really care about is the data. If I can just access that (and get it over to my external hard drive) then I have no problem taking the computer to a factory state or possibly risking messing with the MBR.

Two problems with that plan:
1. I see when I run the Reatogo Desktop that I am able to open "My Computer" and see the C drive contents. However, one folder that I can't see is a Shared Folder that is normally listed under "My Computer", not under the C drive. (Does that make sense?) Of course, that is the one folder that I would need to access the most to get the data out of it.

2. If I plug in my external hard drive, I don't see it listed in the File Explorer in the same way I see the small Flash Drive that I have been using to transfer the text log files.

****
Some Questions:
1. Does the Reatogo Desktop purposely restrict access to some areas of the hard drive? (In the File Explorer, the "My Documents" folder is empty, but when I access the "Documents and Settings" folder, then I see the data in "My Documents".)

2. How can I get the Reatogo Desktop to access the Shared Folder I mentioned and also recognize my external hard drive so that I can transfer the data? Or, is there some other program I should use for that?

3. If I use MBRfix, it sounds like that MAY solve my problem, but do I understand correctly that it may also mess things up further and therefore prevent me from accessing the data at all? If so, then I would only want to use MBRFix as a last resort.

Thoughts?

Thanks.
  • 0

#12
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,018 posts

Answers to your questions:
1. No Error msg when attempting to boot in Normal mode.
2. The Dell splash logo does show during startup (with F2 & F12 choices), followed by the blank screen with blinking cursor.
3. No results with F8 during startup.

****
All I really care about is the data. If I can just access that (and get it over to my external hard drive) then I have no problem taking the computer to a factory state or possibly risking messing with the MBR.

Two problems with that plan:
1. I see when I run the Reatogo Desktop that I am able to open "My Computer" and see the C drive contents. However, one folder that I can't see is a Shared Folder that is normally listed under "My Computer", not under the C drive. (Does that make sense?) Of course, that is the one folder that I would need to access the most to get the data out of it.


That share folder usally redirect to C:\Documents and Settings\All Users\Documents

2. If I plug in my external hard drive, I don't see it listed in the File Explorer in the same way I see the small Flash Drive that I have been using to transfer the text log files.


Plug the external drive prior to loading Reatogo. If the issue persists may be due to lack of drivers.

****
Some Questions:
1. Does the Reatogo Desktop purposely restrict access to some areas of the hard drive? (In the File Explorer, the "My Documents" folder is empty, but when I access the "Documents and Settings" folder, then I see the data in "My Documents".)


Are you seeing it under your user profile?

2. How can I get the Reatogo Desktop to access the Shared Folder I mentioned and also recognize my external hard drive so that I can transfer the data? Or, is there some other program I should use for that?

3. If I use MBRfix, it sounds like that MAY solve my problem, but do I understand correctly that it may also mess things up further and therefore prevent me from accessing the data at all? If so, then I would only want to use MBRFix as a last resort.

Thoughts?

Thanks.


Lets try another utility. It is based on linux. You may be able to backup your data this way.

Download GETxPUD.exe to the desktop of your clean computer
  • Run GETxPUD.exe
  • A new folder will appear on the desktop.
  • Open the GETxPUD folder and click on the get&burn.bat
  • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  • Click on Start and follow the prompts to burn the image to a CD.
  • Remove the CD and insert them in the sick computer
  • Boot the Sick computer with the CD you just burned
  • The computer must be set to boot from the CD
  • In some computers you need to tap F12 and choose to boot from the CD, in others is the Esc key. Please consult your computer's documentation.
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB

See if the backup is easier this way.
  • 0

#13
Slash4848

Slash4848

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
- OK re: Share Folder location - Found it! Thx! I can now find all of my data. Now to just transfer it...

- Tried plugging in the external drive prior to loading Reatogo, still won't recognize it. Must be a driver issue as you said. Any way to solve that?

- I am working on setting up GETxPUD. Will inform you of the results.
  • 0

#14
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,018 posts

- OK re: Share Folder location - Found it! Thx! I can now find all of my data. Now to just transfer it...

- Tried plugging in the external drive prior to loading Reatogo, still won't recognize it. Must be a driver issue as you said. Any way to solve that?

- I am working on setting up GETxPUD. Will inform you of the results.

If it is a driver's issue, there is no way to resolve it. Try xPUD.
  • 0

#15
Slash4848

Slash4848

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Used xPUD and successfully saved my data! Thanks. Now I am ready to mess with the computer with no worries of losing anything.

I have the XP DVD that would reload Windows, but that doesn't help the MRB issue, right? If not, what is the next step? MBRFix? (You mentioned that might put the computer in a state where the Dell Restore Utility can't be used.)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP