I have an older model XP Home 32 bit system that I got from a surveyor friend. The system had not been fired up in a couple of years.
I decided to run a few of the tools I'm being taught to use to see what might be within.
I ran an OTL scan and there was definitely signs of an infection or two, so I thought ok learning experience. I wrote and OTL fix and started working with various tools to see about what it would take to get rid of things. A recent PL had me working with ComboFix, so I ran that too.... and that's where the problem started. ComboFix acts like it's going to run, it goes thru the process and gets to the point of deleting a directory, and just sits there for a while, and eventually I get an error message that says PEV.exe has crashed and asking me to 'send' or 'don't send'. If I let it set there, for a day or more, it does nothing. If I click on the don't send button, the open window with blue screen that indicates ComboFix is deleting that directory, and nothing ever happens. I have to force the computer to shut down and restart.
Next, I ran Malwarebytes and had 19 results on a quick scan, which I let it remove.
I then tried RKill and RogueKiller, and Viprer rescue, to see if they would clear up whatever was stopping Combofix, but to no avail.
Next I tried running Frst and it crashes the same way as PEV.
Yes I know I've run a lot of tools that I wasn't instructed to run, I am using this as a learning experience, and if I've done something that prevents a solution it's not the end of the world, this system has XP and as such I don't intend to plug it back in to the internet after April anyway.
Ok, here is the result of my latest OTL Scan, please review and guide me:
OTL logfile created on: 02/10/2014 9:41:32 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\cotutor\cleanup updated 1-29-14
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: enu | Date Format: MM/dd/yyyy
1.50 Gb Total Physical Memory | 1.05 Gb Available Physical Memory | 70.29% Memory free
3.31 Gb Paging File | 3.02 Gb Available in Paging File | 91.36% Paging File free
Paging file location(s): c:\pagefile.sys 2000 4000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.98 Gb Total Space | 119.60 Gb Free Space | 80.28% Space Free | Partition Type: FAT32
Drive E: | 7.45 Gb Total Space | 2.87 Gb Free Space | 38.49% Space Free | Partition Type: FAT32
Computer Name: 3LHB011 | User Name: RICK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/10/11 18:32:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\cotutor\cleanup updated 1-29-14\OTL.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/12 09:52:14 | 000,180,269 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2006/05/11 07:40:50 | 000,426,038 | ---- | M] () -- C:\Program Files\ClipPad995\clippad\ClipPad.exe
PRC - [2005/11/11 18:30:22 | 000,995,328 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter2\brctrcen.exe
PRC - [2005/08/22 15:10:24 | 000,163,840 | ---- | M] (Software995) -- C:\Program Files\ePad995\ePad995.exe
PRC - [2004/09/03 04:58:48 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Ahead\ODD Toolkit\dvdtray.exe
PRC - [2002/04/17 10:49:16 | 000,077,824 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
PRC - [2001/09/04 15:31:50 | 000,655,360 | ---- | M] (Roxio) -- C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\Directcd.exe
========== Modules (No Company Name) ==========
MOD - [2007/11/13 08:55:36 | 000,051,716 | ---- | M] () -- C:\WINDOWS\SYSTEM32\pdf995mon.dll
MOD - [2006/05/11 07:40:50 | 000,426,038 | ---- | M] () -- C:\Program Files\ClipPad995\clippad\ClipPad.exe
MOD - [2006/05/11 07:39:58 | 000,049,152 | ---- | M] () -- C:\Program Files\ClipPad995\clippad\focus.dll
MOD - [2002/04/17 10:49:22 | 000,024,576 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll
MOD - [2002/04/17 10:49:16 | 000,077,824 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\mspmspsv.dll -- (WmdmPmSp)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2008/04/14 05:41:56 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SYSTEM32\iprip.dll -- (Iprip)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\RICK\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/05/25 13:14:24 | 000,101,112 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SBREDrv.sys -- (SBRE)
DRV - [2008/04/13 22:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\rtl8139.sys -- (rtl8139)
DRV - [2006/10/04 22:42:44 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/10/04 22:42:44 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Cdr4_xp.sys -- (Cdr4_xp)
DRV - [2005/11/10 13:54:56 | 000,402,944 | R--- | M] (Belkin Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\BLKWGU.sys -- (BLKWGU(Belkin)
DRV - [2004/08/03 22:31:20 | 000,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\an983.sys -- (AN983)
DRV - [2001/09/13 05:48:00 | 000,737,973 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\winachcf.sys -- (Winachcf)
DRV - [2001/09/10 10:43:46 | 000,205,824 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys -- (UdfReadr_xp)
DRV - [2001/09/04 16:37:08 | 000,233,344 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\cdudf_xp.sys -- (cdudf_xp)
DRV - [2001/09/04 15:39:50 | 000,017,990 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2001/09/04 15:39:40 | 000,019,702 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2001/09/04 15:39:28 | 000,078,454 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2K)
DRV - [2001/08/17 13:57:16 | 000,045,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\cirrus.sys -- (cirrus)
DRV - [2001/08/17 13:28:02 | 000,907,456 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HCF_MSFT.sys -- (HCF_MSFT)
DRV - [2001/08/17 12:50:26 | 000,731,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nv4.sys -- (nv4)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\.DEFAULT\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497}_ - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-18\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497}_ - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497}_ - No CLSID value found
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497}_ - No CLSID value found
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
IE - HKU\S-1-5-21-515967899-1220945662-725345543-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-515967899-1220945662-725345543-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-515967899-1220945662-725345543-1009\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-515967899-1220945662-725345543-1009\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-515967899-1220945662-725345543-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-515967899-1220945662-725345543-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-515967899-1220945662-725345543-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7E 4A CA B4 5A 23 CF 01 [binary data]
IE - HKU\S-1-5-21-515967899-1220945662-725345543-1009\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-515967899-1220945662-725345543-1009\..\URLSearchHook: _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - No CLSID value found
IE - HKU\S-1-5-21-515967899-1220945662-725345543-1009\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497}_ - No CLSID value found
IE - HKU\S-1-5-21-515967899-1220945662-725345543-1009\..\SearchScopes,DefaultScope = {2D96D0FF-C102-41E8-BD47-0680D7986976}
IE - HKU\S-1-5-21-515967899-1220945662-725345543-1009\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-515967899-1220945662-725345543-1009\..\SearchScopes\{2D96D0FF-C102-41E8-BD47-0680D7986976}: "URL" = http://www.google.co...ie7&rlz=1I7SUNA
IE - HKU\S-1-5-21-515967899-1220945662-725345543-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.charter.net"
FF - prefs.js..network.proxy.http: ""
FF - prefs.js..network.proxy.http_port: ""
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@macromedia.com/FlashPlayer9: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2321: C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2379: C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1483: C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@macromedia.com/FlashPlayer9: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2006/10/09 14:29:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2006/10/09 14:29:32 | 000,000,000 | ---D | M]
[2008/10/08 15:38:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\RICK\Application Data\Mozilla\Extensions
[2006/10/09 14:29:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\RICK\Application Data\Mozilla\Firefox\Profiles\g14tpedc.default\extensions
[2008/12/22 11:38:06 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\RICK\Application Data\Mozilla\Firefox\Profiles\g14tpedc.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2006/10/09 14:29:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2006/10/09 14:29:46 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/09/12 08:48:38 | 000,000,000 | ---D | M] (Google Settings) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2006/11/13 19:49:18 | 002,078,344 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
O1 HOSTS File: ([2006/10/09 12:43:30 | 000,000,002 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\etc\HOSTS
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKU\S-1-5-21-515967899-1220945662-725345543-1009\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O4 - HKLM..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe (Roxio)
O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [DVDTray] C:\Program Files\Ahead\ODD Toolkit\dvdtray.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\SYSTEM32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05c\BrStDvPt.exe (Brother Industories, Ltd.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\Run: [NvMediaCenter] C:\WINDOWS\System32\NVMCTRAY.DLL (NVIDIA Corporation)
O4 - HKU\S-1-5-18..\Run: [NvMediaCenter] C:\WINDOWS\System32\NVMCTRAY.DLL (NVIDIA Corporation)
O4 - HKU\S-1-5-21-515967899-1220945662-725345543-1009..\Run: [ClipPad] C:\Program Files\ClipPad995\clippad\ClipPad.exe ()
O4 - HKU\S-1-5-21-515967899-1220945662-725345543-1009..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 File not found
O4 - HKU\S-1-5-21-515967899-1220945662-725345543-1009..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe (Yahoo! Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [Printing Migration] C:\WINDOWS\System32\spool\migrate.dll (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\SYSTEM32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [Printing Migration] C:\WINDOWS\System32\spool\migrate.dll (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\SYSTEM32\tscupgrd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ePad995.lnk = C:\Program Files\ePad995\ePad995.exe (Software995)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-21-515967899-1220945662-725345543-1009\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-515967899-1220945662-725345543-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-515967899-1220945662-725345543-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-21-515967899-1220945662-725345543-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: &Define - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM ()
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM ()
O9 - Extra Button: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM ()
O9 - Extra 'Tools' menuitem : Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM ()
O9 - Extra Button: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM ()
O9 - Extra 'Tools' menuitem : Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM ()
O15 - HKU\.DEFAULT\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-18\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-19\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-20\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-21-515967899-1220945662-725345543-1009\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://install.char...bin/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} http://messenger.zon...nt.cab27571.cab (MessengerStatsClient Class)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} http://atlanta.ctnbg.com/smsx.cab (MeadCo ScriptX)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1135901941563 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1135914489452 (MUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\SYSTEM\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.3.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A2C2190-5549-4C7B-AFA1-6623E6C77902}: DhcpNameServer = 192.168.3.2
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WRNotifier: DllName - (WRLogonNTF.dll) - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\RICK\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\RICK\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/11/26 13:36:30 | 000,000,272 | ---- | M] () - C:\AUTOEXEC.ADK -- [ FAT32 ]
O32 - AutoRun File - [2000/08/09 10:26:38 | 000,000,079 | -HS- | M] () - C:\AUTOEXEC.DOS -- [ FAT32 ]
O32 - AutoRun File - [2001/11/26 17:37:38 | 000,000,302 | -HS- | M] () - C:\AUTOEXEC.BAK -- [ FAT32 ]
O32 - AutoRun File - [2009/01/08 18:39:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (SsiEfr.e)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014/02/09 12:10:19 | 000,000,000 | --SD | C] -- C:\ComboFix
[2014/02/09 10:57:25 | 000,000,000 | ---D | C] -- C:\FRST
[2014/02/07 13:24:33 | 000,101,112 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2014/02/07 13:24:33 | 000,042,864 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe
[2014/02/06 14:01:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\snack
[2014/02/06 12:14:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\RICK\Desktop\RK_Quarantine
[2014/02/06 11:44:31 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\RICK\PrivacIE
[2014/02/06 11:42:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\RICK\IETldCache
[2014/02/06 11:35:20 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2014/02/04 17:57:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2014/02/04 17:40:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2014/02/04 16:36:24 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/03 21:04:54 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2014/02/03 21:03:22 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2014/02/03 21:03:22 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2014/02/03 21:03:22 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2014/02/03 21:03:22 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2014/02/03 21:03:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/02/03 21:03:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2014/02/03 20:31:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\RICK\Application Data\Malwarebytes
[2014/02/03 20:31:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/02/03 20:31:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2014/02/03 20:31:48 | 000,020,552 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014/02/03 20:31:47 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014/02/03 19:56:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/02/03 19:36:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\RICK\Desktop\AOL Saved PFC
[2014/01/31 11:06:24 | 000,000,000 | ---D | C] -- C:\cotutor
========== Files - Modified Within 30 Days ==========
[2014/02/10 09:17:44 | 000,021,048 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/02/10 09:17:36 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2014/02/10 09:17:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/02/09 11:08:02 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\RICK\RICK_notes.dat
[2014/02/06 14:01:58 | 000,233,344 | ---- | M] () -- C:\WINDOWS\System32\drivers\cdudf_xp.sys.dump
[2014/02/06 14:01:58 | 000,205,824 | ---- | M] () -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys.dump
[2014/02/06 14:01:58 | 000,078,454 | ---- | M] () -- C:\WINDOWS\System32\drivers\pwd_2K.sys.dump
[2014/02/06 14:01:58 | 000,057,856 | ---- | M] () -- C:\WINDOWS\System32\drivers\atinbtxx.sys.dump
[2014/02/06 14:01:58 | 000,025,472 | ---- | M] () -- C:\WINDOWS\System32\drivers\imapiRox.sys.dump
[2014/02/06 14:01:58 | 000,019,702 | ---- | M] () -- C:\WINDOWS\System32\drivers\Mmc_2k.sys.dump
[2014/02/06 14:01:58 | 000,017,990 | ---- | M] () -- C:\WINDOWS\System32\drivers\Dvd_2k.sys.dump
[2014/02/06 14:01:58 | 000,014,336 | ---- | M] () -- C:\WINDOWS\System32\drivers\atinpdxx.sys.dump
[2014/02/06 14:01:58 | 000,013,824 | ---- | M] () -- C:\WINDOWS\System32\drivers\atinmdxx.sys.dump
[2014/02/06 14:01:58 | 000,012,032 | ---- | M] () -- C:\WINDOWS\System32\drivers\ws2ifsl.sys.dump
[2014/02/06 14:01:58 | 000,002,560 | ---- | M] () -- C:\WINDOWS\System32\drivers\cdralw2k.sys.dump
[2014/02/06 14:01:58 | 000,002,432 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cdr4_xp.sys.dump
[2014/02/06 14:01:56 | 000,104,960 | ---- | M] () -- C:\WINDOWS\System32\drivers\atinrvxx.sys.dump
[2014/02/06 14:01:56 | 000,055,936 | ---- | M] () -- C:\WINDOWS\System32\drivers\nwlnkspx.sys.dump
[2014/02/06 14:01:56 | 000,052,224 | ---- | M] () -- C:\WINDOWS\System32\drivers\atinraxx.sys.dump
[2014/02/06 14:01:56 | 000,051,712 | ---- | M] () -- C:\WINDOWS\System32\drivers\tosdvd.sys.dump
[2014/02/06 14:01:56 | 000,034,432 | ---- | M] () -- C:\WINDOWS\System32\drivers\rawwan.sys.dump
[2014/02/06 14:01:56 | 000,032,896 | ---- | M] () -- C:\WINDOWS\System32\drivers\ipfltdrv.sys.dump
[2014/02/06 14:01:56 | 000,032,512 | ---- | M] () -- C:\WINDOWS\System32\drivers\nwlnkfwd.sys.dump
[2014/02/06 14:01:56 | 000,028,672 | ---- | M] () -- C:\WINDOWS\System32\drivers\atinsnxx.sys.dump
[2014/02/06 14:01:56 | 000,021,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\tsbvcap.sys.dump
[2014/02/06 14:01:56 | 000,014,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\smclib.sys.dump
[2014/02/06 14:01:56 | 000,013,824 | ---- | M] () -- C:\WINDOWS\System32\drivers\atinttxx.sys.dump
[2014/02/06 14:01:56 | 000,012,416 | ---- | M] () -- C:\WINDOWS\System32\drivers\nwlnkflt.sys.dump
[2014/02/06 14:01:56 | 000,012,032 | ---- | M] () -- C:\WINDOWS\System32\drivers\riodrv.sys.dump
[2014/02/06 14:01:56 | 000,012,032 | ---- | M] () -- C:\WINDOWS\System32\drivers\rio8drv.sys.dump
[2014/02/06 14:01:54 | 000,352,256 | ---- | M] () -- C:\WINDOWS\System32\drivers\atmuni.sys.dump
[2014/02/06 14:01:54 | 000,262,528 | ---- | M] () -- C:\WINDOWS\System32\drivers\cinemst2.sys.dump
[2014/02/06 14:01:54 | 000,063,488 | ---- | M] () -- C:\WINDOWS\System32\drivers\atinxsxx.sys.dump
[2014/02/06 14:01:54 | 000,052,864 | ---- | M] () -- C:\WINDOWS\System32\drivers\DMusic.sys.dump
[2014/02/06 14:01:54 | 000,042,240 | ---- | M] () -- C:\WINDOWS\System32\drivers\viaagp.sys.dump
[2014/02/06 14:01:54 | 000,031,744 | ---- | M] () -- C:\WINDOWS\System32\drivers\atinxbxx.sys.dump
[2014/02/06 14:01:54 | 000,019,200 | ---- | M] () -- C:\WINDOWS\System32\drivers\hidir.sys.dump
[2014/02/06 14:01:54 | 000,016,512 | ---- | M] () -- C:\WINDOWS\System32\drivers\raspti.sys.dump
[2014/02/06 14:01:54 | 000,013,952 | ---- | M] () -- C:\WINDOWS\System32\drivers\cbidf2k.sys.dump
[2014/02/06 14:01:54 | 000,011,776 | ---- | M] () -- C:\WINDOWS\System32\drivers\cpqdap01.sys.dump
[2014/02/06 14:01:54 | 000,008,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\rasacd.sys.dump
[2014/02/06 14:01:54 | 000,007,936 | ---- | M] () -- C:\WINDOWS\System32\drivers\fs_rec.sys.dump
[2014/02/06 14:01:54 | 000,004,224 | ---- | M] () -- C:\WINDOWS\System32\drivers\rdpcdd.sys.dump
[2014/02/06 14:01:54 | 000,004,224 | ---- | M] () -- C:\WINDOWS\System32\drivers\beep.sys.dump
[2014/02/06 14:01:54 | 000,002,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\null.sys.dump
[2014/02/06 14:01:52 | 000,799,744 | ---- | M] () -- C:\WINDOWS\System32\drivers\dmboot.sys.dump
[2014/02/06 14:01:52 | 000,141,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\ks.sys.dump
[2014/02/06 14:01:52 | 000,125,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\ftdisk.sys.dump
[2014/02/06 14:01:52 | 000,092,288 | ---- | M] () -- C:\WINDOWS\System32\drivers\ksecdd.sys.dump
[2014/02/06 14:01:52 | 000,063,744 | ---- | M] () -- C:\WINDOWS\System32\drivers\cdfs.sys.dump
[2014/02/06 14:01:52 | 000,046,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\gagp30kx.sys.dump
[2014/02/06 14:01:52 | 000,036,864 | ---- | M] () -- C:\WINDOWS\System32\drivers\hidclass.sys.dump
[2014/02/06 14:01:52 | 000,024,576 | ---- | M] () -- C:\WINDOWS\System32\drivers\kbdclass.sys.dump
[2014/02/06 14:01:52 | 000,014,208 | ---- | M] () -- C:\WINDOWS\System32\drivers\diskdump.sys.dump
[2014/02/06 14:01:52 | 000,011,904 | ---- | M] () -- C:\WINDOWS\System32\drivers\sffdisk.sys.dump
[2014/02/06 14:01:52 | 000,005,504 | ---- | M] () -- C:\WINDOWS\System32\drivers\intelide.sys.dump
[2014/02/06 14:01:52 | 000,004,352 | ---- | M] () -- C:\WINDOWS\System32\drivers\wmilib.sys.dump
[2014/02/06 14:01:52 | 000,003,456 | ---- | M] () -- C:\WINDOWS\System32\drivers\oprghdlr.sys.dump
[2014/02/06 14:01:50 | 000,907,456 | ---- | M] () -- C:\WINDOWS\System32\drivers\HCF_MSFT.sys.dump
[2014/02/06 14:01:50 | 000,731,648 | ---- | M] () -- C:\WINDOWS\System32\drivers\nv4.sys.dump
[2014/02/06 14:01:50 | 000,574,976 | ---- | M] () -- C:\WINDOWS\System32\drivers\ntfs.sys.dump
[2014/02/06 14:01:50 | 000,402,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\BLKWGU.sys.dump
[2014/02/06 14:01:50 | 000,180,608 | ---- | M] () -- C:\WINDOWS\System32\drivers\mrxdav.sys.dump
[2014/02/06 14:01:50 | 000,091,520 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndiswan.sys.dump
[2014/02/06 14:01:50 | 000,080,128 | ---- | M] () -- C:\WINDOWS\System32\drivers\parport.sys.dump
[2014/02/06 14:01:50 | 000,058,112 | ---- | M] () -- C:\WINDOWS\System32\drivers\vdmindvd.sys.dump
[2014/02/06 14:01:50 | 000,041,472 | ---- | M] () -- C:\WINDOWS\System32\drivers\raspppoe.sys.dump
[2014/02/06 14:01:50 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\drivers\audstub.sys.dump
[2014/02/06 14:01:48 | 000,082,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\WudfRd.sys.dump
[2014/02/06 14:01:48 | 000,063,663 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1rvxx.sys.dump
[2014/02/06 14:01:48 | 000,056,623 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1btxx.sys.dump
[2014/02/06 14:01:48 | 000,044,928 | ---- | M] () -- C:\WINDOWS\System32\drivers\agpcpq.sys.dump
[2014/02/06 14:01:48 | 000,042,752 | ---- | M] () -- C:\WINDOWS\System32\drivers\alim1541.sys.dump
[2014/02/06 14:01:48 | 000,036,463 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1tuxx.sys.dump
[2014/02/06 14:01:48 | 000,034,735 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1xsxx.sys.dump
[2014/02/06 14:01:48 | 000,030,671 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1raxx.sys.dump
[2014/02/06 14:01:48 | 000,029,455 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1xbxx.sys.dump
[2014/02/06 14:01:48 | 000,026,367 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1snxx.sys.dump
[2014/02/06 14:01:48 | 000,021,343 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1ttxx.sys.dump
[2014/02/06 14:01:48 | 000,012,160 | ---- | M] () -- C:\WINDOWS\System32\drivers\fsvga.sys.dump
[2014/02/06 14:01:48 | 000,012,047 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1pdxx.sys.dump
[2014/02/06 14:01:48 | 000,011,615 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1mdxx.sys.dump
[2014/02/06 14:01:48 | 000,005,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\smbali.sys.dump
[2014/02/06 14:01:46 | 000,272,128 | ---- | M] () -- C:\WINDOWS\System32\drivers\bthport.sys.dump
[2014/02/06 14:01:46 | 000,202,624 | ---- | M] () -- C:\WINDOWS\System32\drivers\RMCast.sys.dump
[2014/02/06 14:01:46 | 000,101,120 | ---- | M] () -- C:\WINDOWS\System32\drivers\bthpan.sys.dump
[2014/02/06 14:01:46 | 000,073,472 | ---- | M] () -- C:\WINDOWS\System32\drivers\sr.sys.dump
[2014/02/06 14:01:46 | 000,066,048 | ---- | M] () -- C:\WINDOWS\System32\drivers\udfs.sys.dump
[2014/02/06 14:01:46 | 000,057,600 | ---- | M] () -- C:\WINDOWS\System32\drivers\redbook.sys.dump
[2014/02/06 14:01:46 | 000,037,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\bthmodem.sys.dump
[2014/02/06 14:01:46 | 000,036,480 | ---- | M] () -- C:\WINDOWS\System32\drivers\bthprint.sys.dump
[2014/02/06 14:01:46 | 000,030,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\rndismp.sys.dump
[2014/02/06 14:01:46 | 000,021,896 | ---- | M] () -- C:\WINDOWS\System32\drivers\tdtcp.sys.dump
[2014/02/06 14:01:46 | 000,017,024 | ---- | M] () -- C:\WINDOWS\System32\drivers\bthenum.sys.dump
[2014/02/06 14:01:46 | 000,012,800 | ---- | M] () -- C:\WINDOWS\System32\drivers\usb8023.sys.dump
[2014/02/06 14:01:46 | 000,012,288 | ---- | M] () -- C:\WINDOWS\System32\drivers\tunmp.sys.dump
[2014/02/06 14:01:46 | 000,004,352 | ---- | M] () -- C:\WINDOWS\System32\drivers\swenum.sys.dump
[2014/02/06 14:01:44 | 000,264,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\http.sys.dump
[2014/02/06 14:01:44 | 000,129,792 | ---- | M] () -- C:\WINDOWS\System32\drivers\fltmgr.sys.dump
[2014/02/06 14:01:44 | 000,042,368 | ---- | M] () -- C:\WINDOWS\System32\drivers\mountmgr.sys.dump
[2014/02/06 14:01:44 | 000,036,608 | ---- | M] () -- C:\WINDOWS\System32\drivers\ip6fw.sys.dump
[2014/02/06 14:01:44 | 000,036,352 | ---- | M] () -- C:\WINDOWS\System32\drivers\intelppm.sys.dump
[2014/02/06 14:01:44 | 000,025,600 | ---- | M] () -- C:\WINDOWS\System32\drivers\hidbth.sys.dump
[2014/02/06 14:01:44 | 000,018,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\bthusb.sys.dump
[2014/02/06 14:01:44 | 000,007,680 | ---- | M] () -- C:\WINDOWS\System32\drivers\mcd.sys.dump
[2014/02/06 14:01:42 | 001,309,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\mtlstrm.sys.dump
[2014/02/06 14:01:42 | 000,452,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\mtxparhm.sys.dump
[2014/02/06 14:01:42 | 000,180,360 | ---- | M] () -- C:\WINDOWS\System32\drivers\ntmtlfax.sys.dump
[2014/02/06 14:01:42 | 000,166,912 | ---- | M] () -- C:\WINDOWS\System32\drivers\s3gnbm.sys.dump
[2014/02/06 14:01:42 | 000,126,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\mtlmnt5.sys.dump
[2014/02/06 14:01:42 | 000,079,232 | ---- | M] () -- C:\WINDOWS\System32\drivers\sdbus.sys.dump
[2014/02/06 14:01:42 | 000,059,136 | ---- | M] () -- C:\WINDOWS\System32\drivers\rfcomm.sys.dump
[2014/02/06 14:01:42 | 000,030,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\rndismpx.sys.dump
[2014/02/06 14:01:42 | 000,025,600 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbcamd.sys.dump
[2014/02/06 14:01:42 | 000,015,488 | ---- | M] () -- C:\WINDOWS\System32\drivers\mssmbios.sys.dump
[2014/02/06 14:01:42 | 000,013,776 | ---- | M] () -- C:\WINDOWS\System32\drivers\recagent.sys.dump
[2014/02/06 14:01:42 | 000,011,008 | ---- | M] () -- C:\WINDOWS\System32\drivers\sffp_sd.sys.dump
[2014/02/06 14:01:42 | 000,010,240 | ---- | M] () -- C:\WINDOWS\System32\drivers\sffp_mmc.sys.dump
[2014/02/06 14:01:40 | 000,404,990 | ---- | M] () -- C:\WINDOWS\System32\drivers\slntamr.sys.dump
[2014/02/06 14:01:40 | 000,143,872 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbport.sys.dump
[2014/02/06 14:01:40 | 000,129,535 | ---- | M] () -- C:\WINDOWS\System32\drivers\slnt7554.sys.dump
[2014/02/06 14:01:40 | 000,121,984 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbvideo.sys.dump
[2014/02/06 14:01:40 | 000,095,424 | ---- | M] () -- C:\WINDOWS\System32\drivers\slnthal.sys.dump
[2014/02/06 14:01:40 | 000,059,520 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbhub.sys.dump
[2014/02/06 14:01:40 | 000,040,840 | ---- | M] () -- C:\WINDOWS\System32\drivers\termdd.sys.dump
[2014/02/06 14:01:40 | 000,030,208 | ---- | M] () -- C:\WINDOWS\System32\drivers\wceusbsh.sys.dump
[2014/02/06 14:01:40 | 000,030,208 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbehci.sys.dump
[2014/02/06 14:01:40 | 000,013,240 | ---- | M] () -- C:\WINDOWS\System32\drivers\slwdmsup.sys.dump
[2014/02/06 14:01:40 | 000,012,800 | ---- | M] () -- C:\WINDOWS\System32\drivers\usb8023x.sys.dump
[2014/02/06 14:01:40 | 000,011,871 | ---- | M] () -- C:\WINDOWS\System32\drivers\wadv09nt.sys.dump
[2014/02/06 14:01:40 | 000,011,807 | ---- | M] () -- C:\WINDOWS\System32\drivers\wadv07nt.sys.dump
[2014/02/06 14:01:40 | 000,011,295 | ---- | M] () -- C:\WINDOWS\System32\drivers\wadv08nt.sys.dump
[2014/02/06 14:01:40 | 000,004,224 | ---- | M] () -- C:\WINDOWS\System32\drivers\mnmdd.sys.dump
[2014/02/06 14:01:38 | 000,701,440 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati2mtag.sys.dump
[2014/02/06 14:01:38 | 000,096,512 | ---- | M] () -- C:\WINDOWS\System32\drivers\atapi.sys.dump
[2014/02/06 14:01:38 | 000,071,552 | ---- | M] () -- C:\WINDOWS\System32\drivers\bridge.sys.dump
[2014/02/06 14:01:38 | 000,069,120 | ---- | M] () -- C:\WINDOWS\System32\drivers\psched.sys.dump
[2014/02/06 14:01:38 | 000,059,904 | ---- | M] () -- C:\WINDOWS\System32\drivers\atmarpc.sys.dump
[2014/02/06 14:01:38 | 000,056,576 | ---- | M] () -- C:\WINDOWS\System32\drivers\swmidi.sys.dump
[2014/02/06 14:01:38 | 000,055,808 | ---- | M] () -- C:\WINDOWS\System32\drivers\atmlane.sys.dump
[2014/02/06 14:01:38 | 000,049,536 | ---- | M] () -- C:\WINDOWS\System32\drivers\classpnp.sys.dump
[2014/02/06 14:01:38 | 000,036,224 | ---- | M] () -- C:\WINDOWS\System32\drivers\an983.sys.dump
[2014/02/06 14:01:38 | 000,031,360 | ---- | M] () -- C:\WINDOWS\System32\drivers\atmepvc.sys.dump
[2014/02/06 14:01:38 | 000,025,856 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbprint.sys.dump
[2014/02/06 14:01:38 | 000,025,471 | ---- | M] () -- C:\WINDOWS\System32\drivers\watv10nt.sys.dump
[2014/02/06 14:01:38 | 000,022,271 | ---- | M] () -- C:\WINDOWS\System32\drivers\watv06nt.sys.dump
[2014/02/06 14:01:38 | 000,014,208 | ---- | M] () -- C:\WINDOWS\System32\drivers\wacompen.sys.dump
[2014/02/06 14:01:38 | 000,011,935 | ---- | M] () -- C:\WINDOWS\System32\drivers\wadv11nt.sys.dump
[2014/02/06 14:01:36 | 000,327,040 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati2mtaa.sys.dump
[2014/02/06 14:01:36 | 000,172,416 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmixer.sys.dump
[2014/02/06 14:01:36 | 000,146,048 | ---- | M] () -- C:\WINDOWS\System32\drivers\portcls.sys.dump
[2014/02/06 14:01:36 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\aec.sys.dump
[2014/02/06 14:01:36 | 000,105,344 | ---- | M] () -- C:\WINDOWS\System32\drivers\mup.sys.dump
[2014/02/06 14:01:36 | 000,077,568 | ---- | M] () -- C:\WINDOWS\System32\drivers\WudfPf.sys.dump
[2014/02/06 14:01:36 | 000,064,512 | ---- | M] () -- C:\WINDOWS\System32\drivers\serial.sys.dump
[2014/02/06 14:01:36 | 000,062,976 | ---- | M] () -- C:\WINDOWS\System32\drivers\cdrom.sys.dump
[2014/02/06 14:01:36 | 000,037,760 | ---- | M] () -- C:\WINDOWS\System32\drivers\amdk7.sys.dump
[2014/02/06 14:01:36 | 000,020,864 | ---- | M] () -- C:\WINDOWS\System32\drivers\ipinip.sys.dump
[2014/02/06 14:01:36 | 000,010,496 | ---- | M] () -- C:\WINDOWS\System32\drivers\dxapi.sys.dump
[2014/02/06 14:01:36 | 000,010,112 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndistapi.sys.dump
[2014/02/06 14:01:36 | 000,005,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\dmload.sys.dump
[2014/02/06 14:01:36 | 000,003,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\dxgthk.sys.dump
[2014/02/06 14:01:36 | 000,002,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\drmkaud.sys.dump
[2014/02/06 14:01:34 | 000,143,744 | ---- | M] () -- C:\WINDOWS\System32\drivers\fastfat.sys.dump
[2014/02/06 14:01:34 | 000,071,168 | ---- | M] () -- C:\WINDOWS\System32\drivers\dxg.sys.dump
[2014/02/06 14:01:34 | 000,068,224 | ---- | M] () -- C:\WINDOWS\System32\drivers\pci.sys.dump
[2014/02/06 14:01:34 | 000,060,160 | ---- | M] () -- C:\WINDOWS\System32\drivers\drmk.sys.dump
[2014/02/06 14:01:34 | 000,040,320 | ---- | M] () -- C:\WINDOWS\System32\drivers\nmnt.sys.dump
[2014/02/06 14:01:34 | 000,037,248 | ---- | M] () -- C:\WINDOWS\System32\drivers\isapnp.sys.dump
[2014/02/06 14:01:34 | 000,035,072 | ---- | M] () -- C:\WINDOWS\System32\drivers\msgpc.sys.dump
[2014/02/06 14:01:34 | 000,030,080 | ---- | M] () -- C:\WINDOWS\System32\drivers\modem.sys.dump
[2014/02/06 14:01:34 | 000,024,960 | ---- | M] () -- C:\WINDOWS\System32\drivers\hidparse.sys.dump
[2014/02/06 14:01:34 | 000,023,040 | ---- | M] () -- C:\WINDOWS\System32\drivers\mouclass.sys.dump
[2014/02/06 14:01:34 | 000,019,712 | ---- | M] () -- C:\WINDOWS\System32\drivers\partmgr.sys.dump
[2014/02/06 14:01:34 | 000,015,104 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbscan.sys.dump
[2014/02/06 14:01:34 | 000,014,976 | ---- | M] () -- C:\WINDOWS\System32\drivers\tape.sys.dump
[2014/02/06 14:01:34 | 000,011,648 | ---- | M] () -- C:\WINDOWS\System32\drivers\acpiec.sys.dump
[2014/02/06 14:01:34 | 000,004,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbd.sys.dump
[2014/02/06 14:01:32 | 000,162,816 | ---- | M] () -- C:\WINDOWS\System32\drivers\netbt.sys.dump
[2014/02/06 14:01:32 | 000,063,232 | ---- | M] () -- C:\WINDOWS\System32\drivers\nwlnknb.sys.dump
[2014/02/06 14:01:32 | 000,061,824 | ---- | M] () -- C:\WINDOWS\System32\drivers\nic1394.sys.dump
[2014/02/06 14:01:32 | 000,052,480 | ---- | M] () -- C:\WINDOWS\System32\drivers\i8042prt.sys.dump
[2014/02/06 14:01:32 | 000,051,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\rasl2tp.sys.dump
[2014/02/06 14:01:32 | 000,042,112 | ---- | M] () -- C:\WINDOWS\System32\drivers\imapi.sys.dump
[2014/02/06 14:01:32 | 000,040,576 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndproxy.sys.dump
[2014/02/06 14:01:32 | 000,036,352 | ---- | M] () -- C:\WINDOWS\System32\drivers\disk.sys.dump
[2014/02/06 14:01:32 | 000,030,848 | ---- | M] () -- C:\WINDOWS\System32\drivers\npfs.sys.dump
[2014/02/06 14:01:32 | 000,026,368 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbstor.sys.dump
[2014/02/06 14:01:32 | 000,024,960 | ---- | M] () -- C:\WINDOWS\System32\drivers\pciidex.sys.dump
[2014/02/06 14:01:32 | 000,020,992 | ---- | M] () -- C:\WINDOWS\System32\drivers\vga.sys.dump
[2014/02/06 14:01:32 | 000,018,688 | ---- | M] () -- C:\WINDOWS\System32\drivers\cdaudio.sys.dump
[2014/02/06 14:01:32 | 000,012,032 | ---- | M] () -- C:\WINDOWS\System32\drivers\nikedrv.sys.dump
[2014/02/06 14:01:32 | 000,011,392 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfloppy.sys.dump
[2014/02/06 14:01:32 | 000,005,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\mspclock.sys.dump
[2014/02/06 14:01:30 | 000,225,664 | ---- | M] () -- C:\WINDOWS\System32\drivers\tcpip6.sys.dump
[2014/02/06 14:01:30 | 000,153,344 | ---- | M] () -- C:\WINDOWS\System32\drivers\dmio.sys.dump
[2014/02/06 14:01:30 | 000,138,112 | ---- | M] () -- C:\WINDOWS\System32\drivers\afd.sys.dump
[2014/02/06 14:01:30 | 000,096,384 | ---- | M] () -- C:\WINDOWS\System32\drivers\scsiport.sys.dump
[2014/02/06 14:01:30 | 000,048,384 | ---- | M] () -- C:\WINDOWS\System32\drivers\raspptp.sys.dump
[2014/02/06 14:01:30 | 000,044,544 | ---- | M] () -- C:\WINDOWS\System32\drivers\fips.sys.dump
[2014/02/06 14:01:30 | 000,032,128 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbccgp.sys.dump
[2014/02/06 14:01:30 | 000,020,992 | ---- | M] () -- C:\WINDOWS\System32\drivers\rtl8139.sys.dump
[2014/02/06 14:01:30 | 000,019,072 | ---- | M] () -- C:\WINDOWS\System32\drivers\tdi.sys.dump
[2014/02/06 14:01:30 | 000,019,072 | ---- | M] () -- C:\WINDOWS\System32\drivers\msfs.sys.dump
[2014/02/06 14:01:30 | 000,018,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\wpdusb.sys.dump
[2014/02/06 14:01:30 | 000,014,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndisuio.sys.dump
[2014/02/06 14:01:30 | 000,011,264 | ---- | M] () -- C:\WINDOWS\System32\drivers\irenum.sys.dump
[2014/02/06 14:01:30 | 000,005,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\rootmdm.sys.dump
[2014/02/06 14:01:30 | 000,004,992 | ---- | M] () -- C:\WINDOWS\System32\drivers\mspqm.sys.dump
[2014/02/06 14:01:28 | 000,361,344 | ---- | M] () -- C:\WINDOWS\System32\drivers\tcpip.sys.dump
[2014/02/06 14:01:28 | 000,187,776 | ---- | M] () -- C:\WINDOWS\System32\drivers\acpi.sys.dump
[2014/02/06 14:01:28 | 000,182,656 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndis.sys.dump
[2014/02/06 14:01:28 | 000,124,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS.dump
[2014/02/06 14:01:28 | 000,081,664 | ---- | M] () -- C:\WINDOWS\System32\drivers\videoprt.sys.dump
[2014/02/06 14:01:28 | 000,060,800 | ---- | M] () -- C:\WINDOWS\System32\drivers\sysaudio.sys.dump
[2014/02/06 14:01:28 | 000,060,800 | ---- | M] () -- C:\WINDOWS\System32\drivers\arp1394.sys.dump
[2014/02/06 14:01:28 | 000,052,352 | ---- | M] () -- C:\WINDOWS\System32\drivers\volsnap.sys.dump
[2014/02/06 14:01:28 | 000,042,752 | ---- | M] () -- C:\WINDOWS\System32\drivers\p3.sys.dump
[2014/02/06 14:01:28 | 000,027,392 | ---- | M] () -- C:\WINDOWS\System32\drivers\fdc.sys.dump
[2014/02/06 14:01:28 | 000,025,344 | ---- | M] () -- C:\WINDOWS\System32\drivers\sonydcam.sys.dump
[2014/02/06 14:01:28 | 000,020,608 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbuhci.sys.dump
[2014/02/06 14:01:28 | 000,015,872 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbintel.sys.dump
[2014/02/06 14:01:28 | 000,015,744 | ---- | M] () -- C:\WINDOWS\System32\drivers\serenum.sys.dump
[2014/02/06 14:01:28 | 000,007,552 | ---- | M] () -- C:\WINDOWS\System32\drivers\mskssrv.sys.dump
[2014/02/06 14:01:28 | 000,006,784 | ---- | M] () -- C:\WINDOWS\System32\drivers\parvdm.sys.dump
[2014/02/06 14:01:26 | 000,456,576 | ---- | M] () -- C:\WINDOWS\System32\drivers\mrxsmb.sys.dump
[2014/02/06 14:01:26 | 000,175,744 | ---- | M] () -- C:\WINDOWS\System32\drivers\rdbss.sys.dump
[2014/02/06 14:01:26 | 000,152,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\ipnat.sys.dump
[2014/02/06 14:01:26 | 000,075,264 | ---- | M] () -- C:\WINDOWS\System32\drivers\ipsec.sys.dump
[2014/02/06 14:01:26 | 000,045,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\cirrus.sys.dump
[2014/02/06 14:01:26 | 000,044,672 | ---- | M] () -- C:\WINDOWS\System32\drivers\uagp35.sys.dump
[2014/02/06 14:01:26 | 000,036,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\crusoe.sys.dump
[2014/02/06 14:01:26 | 000,034,688 | ---- | M] () -- C:\WINDOWS\System32\drivers\netbios.sys.dump
[2014/02/06 14:01:26 | 000,034,560 | ---- | M] () -- C:\WINDOWS\System32\drivers\wanarp.sys.dump
[2014/02/06 14:01:26 | 000,025,728 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbcamd2.sys.dump
[2014/02/06 14:01:26 | 000,021,760 | ---- | M] () -- C:\WINDOWS\System32\drivers\point32.sys.dump
[2014/02/06 14:01:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\System32\drivers\flpydisk.sys.dump
[2014/02/06 14:01:26 | 000,014,336 | ---- | M] () -- C:\WINDOWS\System32\drivers\asyncmac.sys.dump
[2014/02/06 14:01:26 | 000,012,040 | ---- | M] () -- C:\WINDOWS\System32\drivers\tdpipe.sys.dump
[2014/02/06 14:01:26 | 000,006,272 | ---- | M] () -- C:\WINDOWS\System32\drivers\splitter.sys.dump
[2014/02/06 14:01:24 | 000,737,973 | ---- | M] () -- C:\WINDOWS\System32\drivers\winachcf.sys.dump
[2014/02/06 14:01:24 | 000,384,768 | ---- | M] () -- C:\WINDOWS\System32\drivers\update.sys.dump
[2014/02/06 14:01:24 | 000,334,848 | ---- | M] () -- C:\WINDOWS\System32\drivers\srv.sys.dump
[2014/02/06 14:01:24 | 000,196,224 | ---- | M] () -- C:\WINDOWS\System32\drivers\rdpdr.sys.dump
[2014/02/06 14:01:24 | 000,120,192 | ---- | M] () -- C:\WINDOWS\System32\drivers\pcmcia.sys.dump
[2014/02/06 14:01:24 | 000,083,072 | ---- | M] () -- C:\WINDOWS\System32\drivers\wdmaud.sys.dump
[2014/02/06 14:01:24 | 000,042,368 | ---- | M] () -- C:\WINDOWS\System32\drivers\agp440.sys.dump
[2014/02/06 14:01:24 | 000,035,840 | ---- | M] () -- C:\WINDOWS\System32\drivers\processr.sys.dump
[2014/02/06 14:01:24 | 000,020,552 | ---- | M] () -- C:\WINDOWS\System32\drivers\mbam.sys.dump
[2014/02/06 14:01:24 | 000,016,128 | ---- | M] () -- C:\WINDOWS\System32\drivers\MODEMCSA.sys.dump
[2014/02/06 14:01:24 | 000,012,672 | ---- | M] () -- C:\WINDOWS\System32\drivers\mutohpen.sys.dump
[2014/02/06 12:48:34 | 000,000,360 | ---- | M] () -- C:\WINDOWS\tasks\PCHealth Scheduler for Data Collection.job
[2014/02/06 11:42:46 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\RICK\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/02/06 11:42:44 | 000,000,708 | ---- | M] () -- C:\Documents and Settings\RICK\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2014/02/05 23:00:00 | 000,000,502 | ---- | M] () -- C:\WINDOWS\tasks\Tune-up Application Start.job
[2014/02/04 18:00:44 | 000,378,330 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/02/04 18:00:44 | 000,052,534 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/02/04 17:59:24 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2014/02/04 17:59:04 | 000,004,635 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014/02/04 17:57:40 | 000,373,672 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/02/04 17:45:46 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2014/02/04 17:42:56 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2014/02/04 17:42:56 | 000,047,564 | RHS- | M] () -- C:\ntdetect.com
[2014/02/03 19:47:08 | 000,001,341 | ---- | M] () -- C:\WINDOWS\JUNO.INI
[2014/02/03 19:36:20 | 000,000,039 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2014/02/03 19:36:18 | 000,000,028 | ---- | M] () -- C:\WINDOWS\msoffice.ini
[2014/01/31 10:28:48 | 000,002,560 | ---- | M] () -- C:\WINDOWS\_MSRSTRT.EXE
[2014/01/28 16:52:26 | 000,021,048 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
========== Files Created - No Company Name ==========
[2014/02/06 14:01:57 | 000,233,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\cdudf_xp.sys.dump
[2014/02/06 14:01:57 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys.dump
[2014/02/06 14:01:57 | 000,019,702 | ---- | C] () -- C:\WINDOWS\System32\drivers\Mmc_2k.sys.dump
[2014/02/06 14:01:57 | 000,017,990 | ---- | C] () -- C:\WINDOWS\System32\drivers\Dvd_2k.sys.dump
[2014/02/06 14:01:57 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\cdralw2k.sys.dump
[2014/02/06 14:01:56 | 000,078,454 | ---- | C] () -- C:\WINDOWS\System32\drivers\pwd_2K.sys.dump
[2014/02/06 14:01:56 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinbtxx.sys.dump
[2014/02/06 14:01:56 | 000,025,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\imapiRox.sys.dump
[2014/02/06 14:01:56 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinpdxx.sys.dump
[2014/02/06 14:01:56 | 000,013,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinmdxx.sys.dump
[2014/02/06 14:01:56 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\ws2ifsl.sys.dump
[2014/02/06 14:01:56 | 000,002,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cdr4_xp.sys.dump
[2014/02/06 14:01:55 | 000,104,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinrvxx.sys.dump
[2014/02/06 14:01:55 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinraxx.sys.dump
[2014/02/06 14:01:55 | 000,051,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\tosdvd.sys.dump
[2014/02/06 14:01:55 | 000,021,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\tsbvcap.sys.dump
[2014/02/06 14:01:55 | 000,014,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\smclib.sys.dump
[2014/02/06 14:01:55 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\riodrv.sys.dump
[2014/02/06 14:01:55 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\rio8drv.sys.dump
[2014/02/06 14:01:54 | 000,055,936 | ---- | C] () -- C:\WINDOWS\System32\drivers\nwlnkspx.sys.dump
[2014/02/06 14:01:54 | 000,034,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\rawwan.sys.dump
[2014/02/06 14:01:54 | 000,032,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\ipfltdrv.sys.dump
[2014/02/06 14:01:54 | 000,032,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\nwlnkfwd.sys.dump
[2014/02/06 14:01:54 | 000,031,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinxbxx.sys.dump
[2014/02/06 14:01:54 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinsnxx.sys.dump
[2014/02/06 14:01:54 | 000,013,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinttxx.sys.dump
[2014/02/06 14:01:54 | 000,012,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\nwlnkflt.sys.dump
[2014/02/06 14:01:53 | 000,352,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\atmuni.sys.dump
[2014/02/06 14:01:53 | 000,262,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\cinemst2.sys.dump
[2014/02/06 14:01:53 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinxsxx.sys.dump
[2014/02/06 14:01:53 | 000,052,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\DMusic.sys.dump
[2014/02/06 14:01:53 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\cbidf2k.sys.dump
[2014/02/06 14:01:53 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\cpqdap01.sys.dump
[2014/02/06 14:01:52 | 000,042,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\viaagp.sys.dump
[2014/02/06 14:01:52 | 000,019,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\hidir.sys.dump
[2014/02/06 14:01:52 | 000,016,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\raspti.sys.dump
[2014/02/06 14:01:52 | 000,008,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\rasacd.sys.dump
[2014/02/06 14:01:52 | 000,007,936 | ---- | C] () -- C:\WINDOWS\System32\drivers\fs_rec.sys.dump
[2014/02/06 14:01:52 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\rdpcdd.sys.dump
[2014/02/06 14:01:52 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\beep.sys.dump
[2014/02/06 14:01:52 | 000,002,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\null.sys.dump
[2014/02/06 14:01:51 | 000,799,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\dmboot.sys.dump
[2014/02/06 14:01:51 | 000,125,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\ftdisk.sys.dump
[2014/02/06 14:01:51 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\gagp30kx.sys.dump
[2014/02/06 14:01:51 | 000,014,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\diskdump.sys.dump
[2014/02/06 14:01:51 | 000,011,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sffdisk.sys.dump
[2014/02/06 14:01:51 | 000,004,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\wmilib.sys.dump
[2014/02/06 14:01:51 | 000,003,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\oprghdlr.sys.dump
[2014/02/06 14:01:50 | 000,141,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\ks.sys.dump
[2014/02/06 14:01:50 | 000,092,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ksecdd.sys.dump
[2014/02/06 14:01:50 | 000,063,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\cdfs.sys.dump
[2014/02/06 14:01:50 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\hidclass.sys.dump
[2014/02/06 14:01:50 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\kbdclass.sys.dump
[2014/02/06 14:01:50 | 000,016,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys.dump
[2014/02/06 14:01:50 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\intelide.sys.dump
[2014/02/06 14:01:49 | 000,731,648 | ---- | C] () -- C:\WINDOWS\System32\drivers\nv4.sys.dump
[2014/02/06 14:01:49 | 000,180,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\mrxdav.sys.dump
[2014/02/06 14:01:49 | 000,091,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndiswan.sys.dump
[2014/02/06 14:01:49 | 000,051,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\BrSerIf.sys.dump
[2014/02/06 14:01:49 | 000,015,295 | ---- | C] () -- C:\WINDOWS\System32\drivers\BrScnUsb.sys.dump
[2014/02/06 14:01:49 | 000,011,648 | ---- | C] () -- C:\WINDOWS\System32\drivers\BrUsbSer.sys.dump
[2014/02/06 14:01:49 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\audstub.sys.dump
[2014/02/06 14:01:48 | 000,907,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\HCF_MSFT.sys.dump
[2014/02/06 14:01:48 | 000,574,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\ntfs.sys.dump
[2014/02/06 14:01:48 | 000,402,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\BLKWGU.sys.dump
[2014/02/06 14:01:48 | 000,080,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\parport.sys.dump
[2014/02/06 14:01:48 | 000,058,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\vdmindvd.sys.dump
[2014/02/06 14:01:48 | 000,041,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\raspppoe.sys.dump
[2014/02/06 14:01:47 | 000,096,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\ac97intc.sys.dump
[2014/02/06 14:01:47 | 000,082,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\WudfRd.sys.dump
[2014/02/06 14:01:47 | 000,056,623 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1btxx.sys.dump
[2014/02/06 14:01:47 | 000,044,928 | ---- | C] () -- C:\WINDOWS\System32\drivers\agpcpq.sys.dump
[2014/02/06 14:01:47 | 000,042,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\alim1541.sys.dump
[2014/02/06 14:01:47 | 000,012,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsvga.sys.dump
[2014/02/06 14:01:47 | 000,011,615 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1mdxx.sys.dump
[2014/02/06 14:01:47 | 000,005,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\smbali.sys.dump
[2014/02/06 14:01:46 | 000,063,663 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1rvxx.sys.dump
[2014/02/06 14:01:46 | 000,036,463 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1tuxx.sys.dump
[2014/02/06 14:01:46 | 000,034,735 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1xsxx.sys.dump
[2014/02/06 14:01:46 | 000,030,671 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1raxx.sys.dump
[2014/02/06 14:01:46 | 000,029,455 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1xbxx.sys.dump
[2014/02/06 14:01:46 | 000,026,367 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1snxx.sys.dump
[2014/02/06 14:01:46 | 000,021,343 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1ttxx.sys.dump
[2014/02/06 14:01:46 | 000,012,047 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1pdxx.sys.dump
[2014/02/06 14:01:45 | 000,202,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\RMCast.sys.dump
[2014/02/06 14:01:45 | 000,073,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sr.sys.dump
[2014/02/06 14:01:45 | 000,066,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\udfs.sys.dump
[2014/02/06 14:01:45 | 000,057,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\redbook.sys.dump
[2014/02/06 14:01:45 | 000,030,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\rndismp.sys.dump
[2014/02/06 14:01:45 | 000,021,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\tdtcp.sys.dump
[2014/02/06 14:01:45 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys.dump
[2014/02/06 14:01:45 | 000,004,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\swenum.sys.dump
[2014/02/06 14:01:44 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\bthport.sys.dump
[2014/02/06 14:01:44 | 000,101,120 | ---- | C] () -- C:\WINDOWS\System32\drivers\bthpan.sys.dump
[2014/02/06 14:01:44 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\bthmodem.sys.dump
[2014/02/06 14:01:44 | 000,036,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\bthprint.sys.dump
[2014/02/06 14:01:44 | 000,017,024 | ---- | C] () -- C:\WINDOWS\System32\drivers\bthenum.sys.dump
[2014/02/06 14:01:44 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\usb8023.sys.dump
[2014/02/06 14:01:44 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\tunmp.sys.dump
[2014/02/06 14:01:43 | 000,685,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsfcxts2.sys.dump
[2014/02/06 14:01:43 | 000,220,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsfbs2s2.sys.dump
[2014/02/06 14:01:43 | 000,144,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\hdaudbus.sys.dump
[2014/02/06 14:01:43 | 000,129,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\fltmgr.sys.dump
[2014/02/06 14:01:43 | 000,042,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\mountmgr.sys.dump
[2014/02/06 14:01:43 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\hidbth.sys.dump
[2014/02/06 14:01:43 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\bthusb.sys.dump
[2014/02/06 14:01:42 | 001,041,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsfdpsp2.sys.dump
[2014/02/06 14:01:42 | 000,264,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\http.sys.dump
[2014/02/06 14:01:42 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\ip6fw.sys.dump
[2014/02/06 14:01:42 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\intelppm.sys.dump
[2014/02/06 14:01:42 | 000,011,868 | ---- | C] () -- C:\WINDOWS\System32\drivers\mdmxsdk.sys.dump
[2014/02/06 14:01:42 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\drivers\mcd.sys.dump
[2014/02/06 14:01:41 | 001,309,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\mtlstrm.sys.dump
[2014/02/06 14:01:41 | 000,452,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\mtxparhm.sys.dump
[2014/02/06 14:01:41 | 000,180,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\ntmtlfax.sys.dump
[2014/02/06 14:01:41 | 000,126,686 | ---- | C] () -- C:\WINDOWS\System32\drivers\mtlmnt5.sys.dump
[2014/02/06 14:01:41 | 000,015,488 | ---- | C] () -- C:\WINDOWS\System32\drivers\mssmbios.sys.dump
[2014/02/06 14:01:40 | 000,166,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\s3gnbm.sys.dump
[2014/02/06 14:01:40 | 000,079,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\sdbus.sys.dump
[2014/02/06 14:01:40 | 000,059,136 | ---- | C] () -- C:\WINDOWS\System32\drivers\rfcomm.sys.dump
[2014/02/06 14:01:40 | 000,030,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\rndismpx.sys.dump
[2014/02/06 14:01:40 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbcamd.sys.dump
[2014/02/06 14:01:40 | 000,013,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\recagent.sys.dump
[2014/02/06 14:01:40 | 000,011,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\sffp_sd.sys.dump
[2014/02/06 14:01:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\sffp_mmc.sys.dump
[2014/02/06 14:01:39 | 000,404,990 | ---- | C] () -- C:\WINDOWS\System32\drivers\slntamr.sys.dump
[2014/02/06 14:01:39 | 000,129,535 | ---- | C] () -- C:\WINDOWS\System32\drivers\slnt7554.sys.dump
[2014/02/06 14:01:39 | 000,095,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\slnthal.sys.dump
[2014/02/06 14:01:39 | 000,059,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbhub.sys.dump
[2014/02/06 14:01:39 | 000,040,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\termdd.sys.dump
[2014/02/06 14:01:39 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbehci.sys.dump
[2014/02/06 14:01:39 | 000,013,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\slwdmsup.sys.dump
[2014/02/06 14:01:38 | 000,143,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbport.sys.dump
[2014/02/06 14:01:38 | 000,121,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbvideo.sys.dump
[2014/02/06 14:01:38 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\wceusbsh.sys.dump
[2014/02/06 14:01:38 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\usb8023x.sys.dump
[2014/02/06 14:01:38 | 000,011,935 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv11nt.sys.dump
[2014/02/06 14:01:38 | 000,011,871 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv09nt.sys.dump
[2014/02/06 14:01:38 | 000,011,807 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv07nt.sys.dump
[2014/02/06 14:01:38 | 000,011,295 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv08nt.sys.dump
[2014/02/06 14:01:38 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\mnmdd.sys.dump
[2014/02/06 14:01:37 | 000,701,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati2mtag.sys.dump
[2014/02/06 14:01:37 | 000,056,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmidi.sys.dump
[2014/02/06 14:01:37 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\amdagp.sys.dump
[2014/02/06 14:01:37 | 000,036,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\an983.sys.dump
[2014/02/06 14:01:37 | 000,025,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbprint.sys.dump
[2014/02/06 14:01:37 | 000,025,471 | ---- | C] () -- C:\WINDOWS\System32\drivers\watv10nt.sys.dump
[2014/02/06 14:01:37 | 000,022,271 | ---- | C] () -- C:\WINDOWS\System32\drivers\watv06nt.sys.dump
[2014/02/06 14:01:36 | 000,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys.dump
[2014/02/06 14:01:36 | 000,071,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\bridge.sys.dump
[2014/02/06 14:01:36 | 000,069,120 | ---- | C] () -- C:\WINDOWS\System32\drivers\psched.sys.dump
[2014/02/06 14:01:36 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\atmarpc.sys.dump
[2014/02/06 14:01:36 | 000,055,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\atmlane.sys.dump
[2014/02/06 14:01:36 | 000,049,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\classpnp.sys.dump
[2014/02/06 14:01:36 | 000,031,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atmepvc.sys.dump
[2014/02/06 14:01:36 | 000,014,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\wacompen.sys.dump
[2014/02/06 14:01:35 | 000,327,040 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati2mtaa.sys.dump
[2014/02/06 14:01:35 | 000,146,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\portcls.sys.dump
[2014/02/06 14:01:35 | 000,105,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\mup.sys.dump
[2014/02/06 14:01:35 | 000,062,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\cdrom.sys.dump
[2014/02/06 14:01:35 | 000,037,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\amdk7.sys.dump
[2014/02/06 14:01:35 | 000,020,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\ipinip.sys.dump
[2014/02/06 14:01:35 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\dxapi.sys.dump
[2014/02/06 14:01:34 | 000,172,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmixer.sys.dump
[2014/02/06 14:01:34 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\aec.sys.dump
[2014/02/06 14:01:34 | 000,077,568 | ---- | C] () -- C:\WINDOWS\System32\drivers\WudfPf.sys.dump
[2014/02/06 14:01:34 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\serial.sys.dump
[2014/02/06 14:01:34 | 000,010,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndistapi.sys.dump
[2014/02/06 14:01:34 | 000,005,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\dmload.sys.dump
[2014/02/06 14:01:34 | 000,003,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\dxgthk.sys.dump
[2014/02/06 14:01:34 | 000,002,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\drmkaud.sys.dump
[2014/02/06 14:01:33 | 000,071,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\dxg.sys.dump
[2014/02/06 14:01:33 | 000,068,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\pci.sys.dump
[2014/02/06 14:01:33 | 000,035,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\msgpc.sys.dump
[2014/02/06 14:01:33 | 000,030,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\modem.sys.dump
[2014/02/06 14:01:33 | 000,019,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\partmgr.sys.dump
[2014/02/06 14:01:33 | 000,014,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\tape.sys.dump
[2014/02/06 14:01:33 | 000,011,648 | ---- | C] () -- C:\WINDOWS\System32\drivers\acpiec.sys.dump
[2014/02/06 14:01:33 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbd.sys.dump
[2014/02/06 14:01:32 | 000,143,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\fastfat.sys.dump
[2014/02/06 14:01:32 | 000,060,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\drmk.sys.dump
[2014/02/06 14:01:32 | 000,040,320 | ---- | C] () -- C:\WINDOWS\System32\drivers\nmnt.sys.dump
[2014/02/06 14:01:32 | 000,037,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\isapnp.sys.dump
[2014/02/06 14:01:32 | 000,024,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\hidparse.sys.dump
[2014/02/06 14:01:32 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\drivers\mouclass.sys.dump
[2014/02/06 14:01:32 | 000,017,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\ptilink.sys.dump
[2014/02/06 14:01:32 | 000,015,104 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbscan.sys.dump
[2014/02/06 14:01:31 | 000,162,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\netbt.sys.dump
[2014/02/06 14:01:31 | 000,052,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\i8042prt.sys.dump
[2014/02/06 14:01:31 | 000,051,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\rasl2tp.sys.dump
[2014/02/06 14:01:31 | 000,040,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndproxy.sys.dump
[2014/02/06 14:01:31 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\disk.sys.dump
[2014/02/06 14:01:31 | 000,018,688 | ---- | C] () -- C:\WINDOWS\System32\drivers\cdaudio.sys.dump
[2014/02/06 14:01:31 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\nikedrv.sys.dump
[2014/02/06 14:01:31 | 000,005,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\mspclock.sys.dump
[2014/02/06 14:01:30 | 000,063,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\nwlnknb.sys.dump
[2014/02/06 14:01:30 | 000,061,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\nic1394.sys.dump
[2014/02/06 14:01:30 | 000,042,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\imapi.sys.dump
[2014/02/06 14:01:30 | 000,030,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\npfs.sys.dump
[2014/02/06 14:01:30 | 000,026,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbstor.sys.dump
[2014/02/06 14:01:30 | 000,024,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\pciidex.sys.dump
[2014/02/06 14:01:30 | 000,020,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\vga.sys.dump
[2014/02/06 14:01:30 | 000,011,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfloppy.sys.dump
[2014/02/06 14:01:29 | 000,225,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\tcpip6.sys.dump
[2014/02/06 14:01:29 | 000,153,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\dmio.sys.dump
[2014/02/06 14:01:29 | 000,138,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\afd.sys.dump
[2014/02/06 14:01:29 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\fips.sys.dump
[2014/02/06 14:01:29 | 000,032,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbccgp.sys.dump
[2014/02/06 14:01:29 | 000,020,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtl8139.sys.dump
[2014/02/06 14:01:29 | 000,019,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\msfs.sys.dump
[2014/02/06 14:01:29 | 000,014,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndisuio.sys.dump
[2014/02/06 14:01:28 | 000,182,656 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndis.sys.dump
[2014/02/06 14:01:28 | 000,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\scsiport.sys.dump
[2014/02/06 14:01:28 | 000,048,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\raspptp.sys.dump
[2014/02/06 14:01:28 | 000,019,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\tdi.sys.dump
[2014/02/06 14:01:28 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\wpdusb.sys.dump
[2014/02/06 14:01:28 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\irenum.sys.dump
[2014/02/06 14:01:28 | 000,005,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\rootmdm.sys.dump
[2014/02/06 14:01:28 | 000,004,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\mspqm.sys.dump
[2014/02/06 14:01:27 | 000,361,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\tcpip.sys.dump
[2014/02/06 14:01:27 | 000,124,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS.dump
[2014/02/06 14:01:27 | 000,081,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\videoprt.sys.dump
[2014/02/06 14:01:27 | 000,042,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\p3.sys.dump
[2014/02/06 14:01:27 | 000,025,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\sonydcam.sys.dump
[2014/02/06 14:01:27 | 000,020,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbuhci.sys.dump
[2014/02/06 14:01:27 | 000,015,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\serenum.sys.dump
[2014/02/06 14:01:26 | 000,187,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\acpi.sys.dump
[2014/02/06 14:01:26 | 000,060,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\sysaudio.sys.dump
[2014/02/06 14:01:26 | 000,060,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\arp1394.sys.dump
[2014/02/06 14:01:26 | 000,052,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys.dump
[2014/02/06 14:01:26 | 000,034,688 | ---- | C] () -- C:\WINDOWS\System32\drivers\netbios.sys.dump
[2014/02/06 14:01:26 | 000,027,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\fdc.sys.dump
[2014/02/06 14:01:26 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbintel.sys.dump
[2014/02/06 14:01:26 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\mskssrv.sys.dump
[2014/02/06 14:01:26 | 000,006,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\parvdm.sys.dump
[2014/02/06 14:01:25 | 000,456,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\mrxsmb.sys.dump
[2014/02/06 14:01:25 | 000,175,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\rdbss.sys.dump
[2014/02/06 14:01:25 | 000,044,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\uagp35.sys.dump
[2014/02/06 14:01:25 | 000,025,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbcamd2.sys.dump
[2014/02/06 14:01:25 | 000,021,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\point32.sys.dump
[2014/02/06 14:01:25 | 000,012,040 | ---- | C] () -- C:\WINDOWS\System32\drivers\tdpipe.sys.dump
[2014/02/06 14:01:25 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\splitter.sys.dump
[2014/02/06 14:01:24 | 000,152,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\ipnat.sys.dump
[2014/02/06 14:01:24 | 000,120,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\pcmcia.sys.dump
[2014/02/06 14:01:24 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\ipsec.sys.dump
[2014/02/06 14:01:24 | 000,045,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\cirrus.sys.dump
[2014/02/06 14:01:24 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\sisagp.sys.dump
[2014/02/06 14:01:24 | 000,036,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\crusoe.sys.dump
[2014/02/06 14:01:24 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\wanarp.sys.dump
[2014/02/06 14:01:24 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\flpydisk.sys.dump
[2014/02/06 14:01:24 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\drivers\asyncmac.sys.dump
[2014/02/06 14:01:23 | 001,341,339 | ---- | C] () -- C:\WINDOWS\System32\drivers\nv4_mini.sys.dump
[2014/02/06 14:01:23 | 000,334,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\srv.sys.dump
[2014/02/06 14:01:23 | 000,083,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\wdmaud.sys.dump
[2014/02/06 14:01:23 | 000,035,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\processr.sys.dump
[2014/02/06 14:01:23 | 000,020,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\mbam.sys.dump
[2014/02/06 14:01:23 | 000,016,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\MODEMCSA.sys.dump
[2014/02/06 14:01:22 | 000,737,973 | ---- | C] () -- C:\WINDOWS\System32\drivers\winachcf.sys.dump
[2014/02/06 14:01:22 | 000,384,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\update.sys.dump
[2014/02/06 14:01:22 | 000,196,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\rdpdr.sys.dump
[2014/02/06 14:01:22 | 000,042,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\agp440.sys.dump
[2014/02/06 14:01:22 | 000,036,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\pxhelp20.sys.dump
[2014/02/06 14:01:22 | 000,012,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\mutohpen.sys.dump
[2014/02/03 21:04:56 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2014/02/03 21:04:54 | 000,245,920 | RHS- | C] () -- C:\cmldr
[2014/02/03 21:03:22 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2014/02/03 21:03:22 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2014/02/03 21:03:22 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2014/02/03 21:03:22 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2014/02/03 21:03:22 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2014/01/31 10:28:45 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2008/07/29 11:41:10 | 000,002,383 | ---- | C] () -- C:\Documents and Settings\RICK\acadstk.dmp
[2007/12/22 11:28:52 | 000,002,635 | ---- | C] () -- C:\Documents and Settings\RICK\Application Data\SAS7_000.DAT
[2007/10/16 10:36:01 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\RICK\RICK_notes.dat
[2007/05/02 14:23:52 | 000,061,465 | ---- | C] () -- C:\Documents and Settings\RICK\ALTA2005.pdf
[2006/11/18 14:20:37 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/11/04 12:32:15 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\RICK\Application Data\tvmdmns.dll
[2005/02/04 14:02:33 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\RICK\Local Settings\Application Data\fusioncache.dat
[2005/02/04 14:00:56 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\RICK\Application Data\QuickBooks Templates.lnk
[2004/07/19 11:28:53 | 000,018,944 | ---- | C] () -- C:\Documents and Settings\RICK\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2000/10/13 16:56:49 | 000,023,357 | -H-- | C] () -- C:\Program Files\folder.htt
========== ZeroAccess Check ==========
[2005/02/04 13:54:54 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008/04/14 05:41:54 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2004/04/30 17:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sierra Imaging
[2004/04/30 17:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN Messenger 6.1.0211
[2006/11/29 12:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2007/01/02 15:47:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2007/12/22 10:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2004/07/17 19:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RICK\Application Data\InterVideo
[2005/07/18 15:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RICK\Application Data\Template
[2006/10/09 13:34:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RICK\Application Data\PEX
[2007/02/06 14:57:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RICK\Application Data\pdf995
[2006/10/09 11:32:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RICK\Application Data\ispnews
[2007/01/02 15:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RICK\Application Data\ScanSoft
[2007/01/30 11:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RICK\Application Data\Carlson Software
[2007/10/16 10:41:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RICK\Application Data\ClipPad
[2007/12/22 10:42:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RICK\Application Data\Nuance
========== Purity Check ==========
< End of report >