Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Window XP Blue Screen will not boot in any mode after messing up system32


  • This topic is locked This topic is locked
41 replies to this topic

#1 Brad1973

Brad1973

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:23 PM

Posted 25 April 2010 - 07:33 PM

(I am writing this on another computer with Windows 7)

Yesterday my other computer (Windows XP Home) found a virus with Microsoft Security Essentials. It removed it but then my computer gave me a warning that a file "system32" had been replaced with an unrecognizable version. I figured I would reboot and then go do a system restore.

Upon reboot, I got the following blue screen message:

STOP (C000021a) Fatal system error
Logon process terminated unexpectedly with a status of 0XC00000022 (0X00000000 0X00000000)
System has been shut down.

It will not boot in normal mode, safe more, or "last known successful configuration". I am at my wits end. I cannot find the XP disk and as far as I can tell I cannot get the computer to do anything once the blue screen appears. It ALWAYS stops at this message.

Help!?!?!?

BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,736 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:11:23 AM

Posted 25 April 2010 - 07:49 PM

http://support.microsoft.com/kb/156669

That's just a reference, do not try anything there.

I am going to ask one of our Malware Team to try to assist you, please be patient smile.gif.

Louis

Edited by Pandy, 28 April 2010 - 08:05 AM.
Moved from Windows XP to a more appropriate forum ~Pandy


#3 Brad1973

Brad1973
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:23 PM

Posted 26 April 2010 - 05:57 AM

OK.... thank you smile.gif


#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,561 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:23 PM

Posted 26 April 2010 - 06:48 PM

Hi, Brad1973 smile.gif

welcome.gif

Lets give this a try. You will need a flash drive to move information from the sick computer to a working computer. It is the only way we can see the progress of our actions. Save these instructions in your flash drive as a text file (use notepad) so you can have access to these while in an external environment (PE).

Here is what you need to do.

Two programs to download

First

Download ISOBurner. Click Here for ISOBurner Instructions. Install the program, and follow the next set of steps.

Second
  • Download OTLPE.iso and burn to a CD using ISO Burner. NOTE: This file is 276.7MB in size so it may take some time to download.
  • When downloaded double click and this will then open ISOBurner to burn the file to CD
  • Boot the Non working computer using the boot CD you just created.
  • In order to do so, the computer must be set to boot from the CD first
    Note : For information click here
  • Your system should now display a REATOGO-X-PE desktop.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings
    • Change Drivers to All
    • Change Standart Registry to All
    • Under the Custom Scan box paste this in

      /md5start
      eventlog.dll
      scecli.dll
      netlogon.dll
      cngaudit.dll
      sceclt.dll
      ntelogon.dll
      logevent.dll
      iaStor.sys
      nvstor.sys
      atapi.sys
      IdeChnDr.sys
      viasraid.sys
      AGP440.sys
      vaxscsi.sys
      nvatabus.sys
      viamraid.sys
      nvata.sys
      nvgts.sys
      iastorv.sys
      ViPrt.sys
      eNetHook.dll
      ahcix86.sys
      KR10N.sys
      nvstor32.sys
      ahcix86s.sys
      nvrd32.sys
      userinit.exe
      explorer.exe
      ntoskrnl.exe
      /md5stop
      %SYSTEMDRIVE%\*.*
      %systemroot%\*. /mp /s
      %systemroot%\System32\config\*.sav
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive.
  • Please post the contents of the C:\OTL.txt file in your reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 Brad1973

Brad1973
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:23 PM

Posted 27 April 2010 - 07:53 AM

Thank you SO much for helping me. I did it all. This file you want me to paste is a monster, but here you go. I'll keep an eye out for your reply.

Brad


OTL logfile created on: 4/27/2010 9:22:55 AM - Run
OTLPE by OldTimer - Version 3.1.38.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 265.00 Mb Available Physical Memory | 52.00% Memory free
459.00 Mb Paging File | 321.00 Mb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.75 Gb Total Space | 56.20 Gb Free Space | 50.29% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 276.80 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled] -- -- (sctywgbnhxvwgip)
SRV - File not found [Disabled] -- -- (eejsxalvmcwj)
SRV - File not found [Disabled] -- -- (DigiChat_4.0_Server)
SRV - [2009/12/09 19:02:38 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/09/29 10:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/09/21 20:04:22 | 001,028,432 | ---- | M] (Lavasoft) [Auto] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2007/03/07 10:51:52 | 000,049,152 | ---- | M] () [Auto] -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s)
SRV - [2005/12/19 21:41:49 | 000,151,616 | ---- | M] (ewido networks) [Disabled] -- C:\Program Files\ewido\security suite\ewidoguard.exe -- (ewido security suite guard)
SRV - [2005/11/30 05:47:52 | 000,013,888 | ---- | M] (ewido networks) [Disabled] -- C:\Program Files\ewido\security suite\ewidoctrl.exe -- (ewido security suite control)
SRV - [2005/04/05 11:17:22 | 000,206,552 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2004/11/02 17:59:50 | 000,316,544 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC)
SRV - [2004/01/29 23:47:37 | 000,585,728 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2003/06/24 19:23:10 | 000,066,784 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe -- (SBService)
SRV - [2002/10/10 06:18:36 | 001,118,208 | ---- | M] (Intel Corporation) [On_Demand] -- C:\WINDOWS\SYSTEM32\NMSSvc.Exe -- (NMSSvc) Intel®


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | Disabled] -- -- (Simbad)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (nenum13E)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand] -- -- (iAimTV2)
DRV - File not found [Kernel | On_Demand] -- -- (ComFiltr)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (bvrp_pci)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - File not found [Kernel | On_Demand] -- -- (ATWPKT2)
DRV - File not found [Kernel | Disabled] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled] -- -- (Abiosdsk)
DRV - [2010/02/24 09:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\mrxsmb.sys -- (MRxSmb)
DRV - [2009/12/31 12:50:03 | 000,353,792 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\srv.sys -- (Srv)
DRV - [2009/12/02 16:23:40 | 000,149,040 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\MpFilter.sys -- (MpFilter)
DRV - [2009/10/20 12:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\http.sys -- (HTTP)
DRV - [2009/06/24 07:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\ksecdd.sys -- (KSecDD)
DRV - [2009/06/05 11:42:38 | 000,039,424 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbaapl.sys -- (USBAAPL)
DRV - [2009/04/24 20:04:31 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2008/08/14 06:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\tcpip.sys -- (Tcpip)
DRV - [2008/05/20 19:33:50 | 000,022,784 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\RimUsb.sys -- (RimUsb)
DRV - [2008/04/13 20:13:22 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\rdpwd.sys -- (RDPWD)
DRV - [2008/04/13 20:13:21 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\tdtcp.sys -- (TDTCP)
DRV - [2008/04/13 20:13:20 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\termdd.sys -- (TermDD)
DRV - [2008/04/13 20:13:20 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/13 15:28:39 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\rdbss.sys -- (Rdbss)
DRV - [2008/04/13 15:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\netbt.sys -- (NetBT)
DRV - [2008/04/13 15:20:42 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ndiswan.sys -- (NdisWan)
DRV - [2008/04/13 15:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\ndis.sys -- (NDIS)
DRV - [2008/04/13 15:19:48 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2008/04/13 15:19:43 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2008/04/13 15:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\ipsec.sys -- (IPSec)
DRV - [2008/04/13 15:18:00 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\i8042prt.sys -- (i8042prt)
DRV - [2008/04/13 15:17:18 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wdmaud.sys -- (wdmaud)
DRV - [2008/04/13 15:17:05 | 000,105,344 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\mup.sys -- (Mup)
DRV - [2008/04/13 15:15:55 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\sysaudio.sys -- (sysaudio)
DRV - [2008/04/13 15:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 15:15:45 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\serial.sys -- (Serial)
DRV - [2008/04/13 15:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 15:14:21 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 15:00:19 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\modem.sys -- (Modem)
DRV - [2008/04/13 14:57:32 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/13 14:57:29 | 000,040,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ndproxy.sys -- (NDProxy)
DRV - [2008/04/13 14:57:27 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/13 14:57:27 | 000,010,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ndistapi.sys -- (NdisTapi)
DRV - [2008/04/13 14:57:21 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanarp.sys -- (Wanarp)
DRV - [2008/04/13 14:57:15 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ipnat.sys -- (IpNat)
DRV - [2008/04/13 14:57:07 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2008/04/13 14:56:38 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\psched.sys -- (PSched)
DRV - [2008/04/13 14:56:32 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\msgpc.sys -- (Gpc)
DRV - [2008/04/13 14:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\netbios.sys -- (NetBIOS)
DRV - [2008/04/13 14:55:58 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/13 14:54:28 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\irenum.sys -- (IRENUM)
DRV - [2008/04/13 14:53:34 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ip6fw.sys -- (ip6fw)
DRV - [2008/04/13 14:51:25 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/13 14:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbprint.sys -- (usbprint)
DRV - [2008/04/13 14:46:25 | 000,085,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\nabtsfec.sys -- (NABTSFEC)
DRV - [2008/04/13 14:46:24 | 000,019,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wstcodec.sys -- (WSTCODEC)
DRV - [2008/04/13 14:46:23 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ccdecode.sys -- (CCDECODE)
DRV - [2008/04/13 14:46:23 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\slip.sys -- (SLIP)
DRV - [2008/04/13 14:46:22 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ndisip.sys -- (NdisIP)
DRV - [2008/04/13 14:46:21 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\streamip.sys -- (streamip)
DRV - [2008/04/13 14:45:39 | 000,032,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbccgp.sys -- (usbccgp)
DRV - [2008/04/13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbstor.sys -- (USBSTOR)
DRV - [2008/04/13 14:45:37 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbhub.sys -- (usbhub)
DRV - [2008/04/13 14:45:35 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbehci.sys -- (usbehci)
DRV - [2008/04/13 14:45:35 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbuhci.sys -- (usbuhci)
DRV - [2008/04/13 14:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbscan.sys -- (usbscan)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2008/04/13 14:45:27 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\hidusb.sys -- (HidUsb)
DRV - [2008/04/13 14:45:13 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\drmkaud.sys -- (drmkaud)
DRV - [2008/04/13 14:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 14:45:09 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\kmixer.sys -- (kmixer)
DRV - [2008/04/13 14:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\swmidi.sys -- (swmidi)
DRV - [2008/04/13 14:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\splitter.sys -- (splitter)
DRV - [2008/04/13 14:45:01 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\dmusic.sys -- (DMusic)
DRV - [2008/04/13 14:44:46 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\dmio.sys -- (dmio)
DRV - [2008/04/13 14:44:40 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/13 14:41:22 | 000,018,560 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\i2omp.sys -- (i2omp)
DRV - [2008/04/13 14:41:22 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\i2omgmt.sys -- (i2omgmt)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\volsnap.sys -- (VolSnap)
DRV - [2008/04/13 14:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\imapi.sys -- (Imapi)
DRV - [2008/04/13 14:40:49 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\partmgr.sys -- (PartMgr)
DRV - [2008/04/13 14:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\disk.sys -- (Disk)
DRV - [2008/04/13 14:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\cdrom.sys -- (Cdrom)
DRV - [2008/04/13 14:40:31 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\viaide.sys -- (ViaIde)
DRV - [2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys -- (atapi)
DRV - [2008/04/13 14:40:29 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\intelide.sys -- (IntelIde)
DRV - [2008/04/13 14:40:27 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\redbook.sys -- (redbook)
DRV - [2008/04/13 14:40:25 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\fdc.sys -- (Fdc)
DRV - [2008/04/13 14:40:25 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/13 14:40:12 | 000,015,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\serenum.sys -- (serenum)
DRV - [2008/04/13 14:40:10 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\parport.sys -- (Parport)
DRV - [2008/04/13 14:39:53 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\swenum.sys -- (swenum)
DRV - [2008/04/13 14:39:52 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mskssrv.sys -- (MSKSSRV)
DRV - [2008/04/13 14:39:51 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mspqm.sys -- (MSPQM)
DRV - [2008/04/13 14:39:50 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mstee.sys -- (MSTEE)
DRV - [2008/04/13 14:39:50 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mspclock.sys -- (MSPCLOCK)
DRV - [2008/04/13 14:39:48 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\kbdhid.sys -- (kbdhid)
DRV - [2008/04/13 14:39:47 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/13 14:39:47 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\mouclass.sys -- (Mouclass)
DRV - [2008/04/13 14:39:46 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\update.sys -- (Update)
DRV - [2008/04/13 14:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\mountmgr.sys -- (MountMgr)
DRV - [2008/04/13 14:36:52 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\sr.sys -- (sr)
DRV - [2008/04/13 14:36:46 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mssmbios.sys -- (mssmbios)
DRV - [2008/04/13 14:36:44 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\pci.sys -- (PCI)
DRV - [2008/04/13 14:36:43 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 14:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\isapnp.sys -- (isapnp)
DRV - [2008/04/13 14:36:40 | 000,042,240 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\viaagp.sys -- (viaagp)
DRV - [2008/04/13 14:36:39 | 000,044,928 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\agpCPQ.sys -- (agpCPQ)
DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 14:36:38 | 000,042,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\alim1541.sys -- (alim1541)
DRV - [2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\agp440.sys -- (agp440)
DRV - [2008/04/13 14:36:35 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\acpi.sys -- (ACPI)
DRV - [2008/04/13 14:33:28 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\fips.sys -- (Fips)
DRV - [2008/04/13 14:32:59 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\fltmgr.sys -- (FltMgr)
DRV - [2008/04/13 14:32:51 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\rdpdr.sys -- (rdpdr)
DRV - [2008/04/13 14:32:44 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/13 14:32:39 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\npfs.sys -- (Npfs)
DRV - [2008/04/13 14:32:39 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\msfs.sys -- (Msfs)
DRV - [2008/04/13 14:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\udfs.sys -- (Udfs)
DRV - [2008/04/13 14:31:32 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\intelppm.sys -- (intelppm)
DRV - [2008/04/13 14:31:31 | 000,042,752 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\p3.sys -- (P3)
DRV - [2008/04/13 14:31:30 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\processr.sys -- (Processor)
DRV - [2008/04/13 12:39:23 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\aec.sys -- (aec)
DRV - [2007/11/13 06:25:53 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\WINDOWS\SYSTEM32\DRIVERS\secdrv.sys -- (Secdrv)
DRV - [2007/03/07 10:51:52 | 000,072,672 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\SYSTEM32\DRIVERS\LxrSII1d.sys -- (LxrSII1d)
DRV - [2006/12/12 12:28:26 | 000,052,224 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\BrSerIf.sys -- (BrSerIf)
DRV - [2006/11/12 20:58:56 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\MxlW2k.sys -- (MxlW2k)
DRV - [2006/10/18 20:00:00 | 000,038,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV - [2006/09/28 19:00:34 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\WudfRd.sys -- (WudfRd)
DRV - [2006/09/28 18:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\WudfPf.sys -- (WudfPf)
DRV - [2006/09/19 14:44:04 | 000,015,664 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2006/09/03 10:53:54 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\BrUsbSer.sys -- (BrUsbSer)
DRV - [2005/04/05 11:17:02 | 000,267,192 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2005/04/05 11:17:00 | 000,017,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2004/12/20 19:58:18 | 000,110,352 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2004/11/22 10:15:15 | 000,003,072 | ---- | M] () [Kernel | System] -- C:\Program Files\ewido\security suite\guard.sys -- (ewido security suite driver)
DRV - [2004/10/15 13:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004/08/04 01:29:49 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 01:29:47 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 01:29:45 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 01:29:43 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 01:29:42 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 01:29:41 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 01:29:37 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 01:29:37 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 01:29:37 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 01:29:36 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004/01/29 23:47:37 | 000,002,397 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\SYSTEM32\DRIVERS\symlcbrd.sys -- (symlcbrd)
DRV - [2003/10/06 15:16:00 | 001,550,043 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys -- (nv)
DRV - [2003/08/29 04:59:24 | 001,101,696 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\BCMSM.sys -- (BCMModem)
DRV - [2003/03/25 00:14:57 | 000,241,152 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\cdudf_xp.sys -- (cdudf_xp)
DRV - [2003/03/25 00:14:57 | 000,206,464 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\udfreadr_xp.sys -- (UdfReadr_xp)
DRV - [2003/03/25 00:14:57 | 000,139,674 | ---- | M] (Roxio) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\pwd_2K.sys -- (pwd_2k)
DRV - [2003/03/25 00:14:57 | 000,030,630 | ---- | M] (Roxio) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\Mmc_2k.sys -- (mmc_2K)
DRV - [2003/03/25 00:14:57 | 000,025,930 | ---- | M] (Roxio) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\Dvd_2k.sys -- (dvd_2K)
DRV - [2003/03/25 00:14:55 | 000,061,424 | ---- | M] (Roxio) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2003/03/25 00:14:55 | 000,023,436 | ---- | M] (Roxio) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\cdralw2k.sys -- (Cdralw2k)
DRV - [2002/11/28 04:26:38 | 000,609,792 | R--- | M] (Intersil Americas Inc.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\EXPSUSB.sys -- (PRISM_USB)
DRV - [2002/10/10 06:18:58 | 000,009,868 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\NMSCFG.SYS -- (NMSCFG)
DRV - [2002/09/19 16:59:50 | 000,139,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\e100b325.sys -- (E100B) Intel®
DRV - [2002/08/30 18:29:02 | 001,293,440 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\P16X.sys -- (P16X) Creative SB Live! Series (WDM)
DRV - [2002/08/29 07:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS -- (IpFilterDriver)
DRV - [2002/08/29 07:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFWD.SYS -- (NwlnkFwd)
DRV - [2002/08/29 07:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\CDAUDIO.SYS -- (Cdaudio)
DRV - [2002/08/29 07:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS -- (Ptilink)
DRV - [2002/08/29 07:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS -- (Raspti)
DRV - [2002/08/29 07:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFLT.SYS -- (NwlnkFlt)
DRV - [2002/08/29 07:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - [2002/08/29 07:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\ACPIEC.SYS -- (ACPIEC)
DRV - [2002/08/29 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS -- (RasAcd)
DRV - [2002/08/29 07:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\FS_REC.SYS -- (Fs_Rec)
DRV - [2002/08/29 07:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\SYSTEM32\DRIVERS\PARVDM.SYS -- (ParVdm)
DRV - [2002/08/29 07:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS -- (dmload)
DRV - [2002/08/29 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS -- (RDPCDD)
DRV - [2002/08/29 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\MNMDD.SYS -- (mnmdd)
DRV - [2002/08/29 07:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\NULL.SYS -- (Null)
DRV - [2002/08/29 07:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\SYSTEM32\WINSOCK.DLL -- (Winsock)
DRV - [2002/07/19 12:22:08 | 000,017,153 | ---- | M] (Dell Computer Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/05/03 15:56:24 | 000,024,528 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\sqcaptur.sys -- (DCamUSBSQTECH)
DRV - [2001/08/17 16:07:44 | 000,025,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\hpn.sys -- (hpn)
DRV - [2001/08/17 16:07:44 | 000,020,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\dpti2o.sys -- (dpti2o)
DRV - [2001/08/17 16:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 16:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 16:07:42 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\perc2hib.sys -- (perc2hib)
DRV - [2001/08/17 16:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 16:07:40 | 000,027,296 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\perc2.sys -- (perc2)
DRV - [2001/08/17 16:07:38 | 000,056,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aic78xx.sys -- (aic78xx)
DRV - [2001/08/17 16:07:36 | 000,055,168 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aic78u2.sys -- (aic78u2)
DRV - [2001/08/17 16:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 16:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 16:07:32 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\adpu160m.sys -- (adpu160m)
DRV - [2001/08/17 15:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS -- (audstub)
DRV - [2001/08/17 15:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 15:52:50 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\FTDISK.SYS -- (Ftdisk)
DRV - [2001/08/17 15:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 15:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 15:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 15:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 15:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 15:52:16 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql1240.sys -- (ql1240)
DRV - [2001/08/17 15:52:16 | 000,033,152 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql10wnt.sys -- (Ql10wnt)
DRV - [2001/08/17 15:52:16 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\dac960nt.sys -- (dac960nt)
DRV - [2001/08/17 15:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 15:52:08 | 000,016,000 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ini910u.sys -- (ini910u)
DRV - [2001/08/17 15:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\CBIDF2K.SYS -- (cbidf2k)
DRV - [2001/08/17 15:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cbidf2k.sys -- (cbidf)
DRV - [2001/08/17 15:52:06 | 000,014,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cpqarray.sys -- (Cpqarray)
DRV - [2001/08/17 15:52:06 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys -- (cd20xrnt)
DRV - [2001/08/17 15:52:04 | 000,022,400 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\asc3350p.sys -- (asc3350p)
DRV - [2001/08/17 15:52:04 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\amsint.sys -- (amsint)
DRV - [2001/08/17 15:52:02 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aha154x.sys -- (Aha154x)
DRV - [2001/08/17 15:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 15:52:00 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS -- (abp480n5)
DRV - [2001/08/17 15:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 15:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 15:51:56 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\toside.sys -- (TosIde)
DRV - [2001/08/17 15:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 15:51:52 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDE.SYS -- (PCIIde)
DRV - [2001/08/17 15:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mouhid.sys -- (mouhid)
DRV - [2001/08/17 14:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)
DRV - [2000/01/21 03:16:26 | 000,004,416 | ---- | M] (FreeAmp Open Source Development Effort) [Kernel | On_Demand] -- C:\Documents and Settings\BRAD\Desktop\Win95\WINDOWS95 (F)\Program Files\FreeAmp\portio.sys -- (portio)
DRV - [1999/12/17 03:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto] -- C:\WINDOWS\SYSTEM32\PFMODNT.SYS -- (PfModNT)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_Url = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Local Page = http://www.008i.com/
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dellnet.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System32\blank.htm
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&fr=yie7c
IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\BRAD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTe...-8&fr=b1ie7
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Guest_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Guest_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&fr=yie7c
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://freshvideogals.com/search/
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\JESSICA_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
IE - HKU\JESSICA_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\JESSICA_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\Jessie_II_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
IE - HKU\Jessie_II_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Jessie_II_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\Jessie_II_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jessie_II_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Roo_Boy_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
IE - HKU\Roo_Boy_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Roo_Boy_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\Roo_Boy_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
IE - HKU\Roo_Boy_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\sweetie_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\sweetie_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\sweetie_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\sweetie_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://news.yahoo.com [binary data]
IE - HKU\sweetie_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKU\sweetie_ON_C\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKU\sweetie_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\sweetie_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
IE - HKU\sweetie_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\sweetie_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/07/30 23:35:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 03:00:55 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/10/24 08:30:36 | 000,000,277 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O3 - HKU\BRAD_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O3 - HKU\BRAD_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O3 - HKU\BRAD_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKU\BRAD_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O3 - HKU\Guest_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKU\JESSICA_ON_C\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKU\JESSICA_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O3 - HKU\JESSICA_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O3 - HKU\JESSICA_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKU\JESSICA_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O3 - HKU\Roo_Boy_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKU\sweetie_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O3 - HKU\sweetie_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O3 - HKU\sweetie_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKU\sweetie_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe (Roxio)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [BCMSMMSG] C:\WINDOWS\BCMSMMSG.exe (Broadcom Corporation)
O4 - HKLM..\Run: [diagent] C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DVDSentry] C:\WINDOWS\SYSTEM32\DSentry.exe (Dell - Advanced Desktop Engineering)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.)
O4 - HKLM..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe (TODO: <Company name>)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [Run StartupMonitor] C:\WINDOWS\StartupMonitor.exe ()
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\.DEFAULT..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE (Symantec Corporation)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\BRAD_ON_C..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\Guest_ON_C..\Run: [msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe File not found
O4 - HKU\JESSICA_ON_C..\Run: [asg984jgkfmgasi8ug98jgkfgfb] C:\DOCUME~1\JESSICA\LOCALS~1\Temp\win32.exe File not found
O4 - HKU\JESSICA_ON_C..\Run: [Bjqctllf] C:\WINDOWS\System32\ѕсanregw.exe File not found
O4 - HKU\JESSICA_ON_C..\Run: [cdloader] C:\Documents and Settings\JESSICA\Application Data\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\JESSICA_ON_C..\Run: [License Manager] C:\Program Files\License_Manager\license_manager.exe File not found
O4 - HKU\JESSICA_ON_C..\Run: [LxrAutorun] C:\Documents and Settings\JESSICA\Local Settings\Application Data\Lexar Media\LxrAutorun.exe ()
O4 - HKU\JESSICA_ON_C..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\JESSICA_ON_C..\Run: [Remote System Protection] C:\WINDOWS\System32\j0ojz.DLL File not found
O4 - HKU\JESSICA_ON_C..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\JESSICA_ON_C..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\JESSICA_ON_C..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\Jessie_II_ON_C..\Run: [cdloader] C:\Documents and Settings\Jessie II\Application Data\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\Jessie_II_ON_C..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\sweetie_ON_C..\Run: [Aim6] C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe File not found
O4 - HKU\sweetie_ON_C..\Run: [DW4] C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe File not found
O4 - HKU\sweetie_ON_C..\Run: [MySpaceIM] C:\Documents and Settings\sweetie\Application Data\MySpace\IM\bin\MySpaceIM.exe ()
O4 - HKU\sweetie_ON_C..\Run: [sysav] C:\Documents and Settings\sweetie\Application Data\pcdefender.exe File not found
O4 - HKU\Administrator_ON_C..\RunOnce: [SpybotDeletingB4583] C:\WINDOWS\System32\COMMAND.COM ()
O4 - HKU\Administrator_ON_C..\RunOnce: [SpybotDeletingB8401] C:\WINDOWS\System32\COMMAND.COM ()
O4 - HKU\Administrator_ON_C..\RunOnce: [SpybotDeletingD1752] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\Administrator_ON_C..\RunOnce: [SpybotDeletingD4762] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = _ [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: Wallpaper =
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\Guest_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\JESSICA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\JESSICA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\JESSICA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\JESSICA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\Jessie_II_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Roo_Boy_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\sweetie_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\SYSTEM32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\SYSTEM32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\SYSTEM32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {00000075-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/voxacm.CAB (Reg Error: Key error.)
O16 - DPF: {00000161-0000-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/msaudio.cab (Reg Error: Key error.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shock...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/3/9...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} http://download.microsoft.com/download/0/5...b?1093178266312 (MSSecurityAdvisor Class)
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} https://wavenet2.sentara.com/cabs/wficat4.cab (Citrix ICA Client)
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab (Yahoo! Audio Conferencing)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/0/A...01F/wmvadvd.cab (Reg Error: Key error.)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1135615252062 (MUWebControl Class)
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} http://chat.yahoo.com/cab/yacsui.cab (Yahoo! Audio UI1)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab (ZoneIntro Class)
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} http://www.wickedgarden.com/Uploader/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://navlink.uk.navigantconsulting.com/d...perSetupSP1.cab (JuniperSetupSP1 Control)
O16 - DPF: ConferenceRoom Java Client http://www.streamchat.com:8000/java/cr.cab (Reg Error: Key error.)
O16 - DPF: DigiChat Applet http://palatka.digi-net.com/DigiChat/DigiC..._IE_5_1_0_1.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O16 - DPF: Web-Based Email Tools http://email.secureserver.net/Download.CAB (Reg Error: Key error.)
O16 - DPF: Yahoo! Backgammon http://download.games.yahoo.com/games/clients/y/at1_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Blackjack http://download.games.yahoo.com/games/clients/y/jt0_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Chat http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Checkers http://download.games.yahoo.com/games/clients/y/kt4_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Chess http://download.games.yahoo.com/games/clients/y/ct2_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Chinese Checkers http://download.games.yahoo.com/games/clients/y/cct0_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Euchre http://download.games.yahoo.com/games/clients/y/et3_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Go Fish http://download.games.yahoo.com/games/clients/y/zt3_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! MahJong http://download.games.yahoo.com/games/clients/y/ot0_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! MahJong Solitaire http://download.games.yahoo.com/games/clients/y/mjst4_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Poker http://download.games.yahoo.com/games/clients/y/pt3_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Pool 2 http://download.games.yahoo.com/games/clients/y/pote_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Pyramids http://download.games.yahoo.com/games/clients/y/pyt1_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Reversi http://download.games.yahoo.com/games/clients/y/rt0_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Towers 2.0 http://download.games.yahoo.com/games/clients/y/ywt0_x.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\SYSTEM32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\SYSTEM32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\SYSTEM32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\SYSTEM32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\SYSTEM32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\SYSTEM32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\SYSTEM32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\System32\WPDShServiceObj.dll File not found
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\F\Shell\phone\command - "" = F:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/04/24 04:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jessie II\Local Settings\Application Data\Google
[2010/04/15 23:05:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood.Tmp
[2010/04/15 19:24:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jessie II\Local Settings\Application Data\ABBYY
[2010/04/13 07:17:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sweetie\My Documents\Downloads
[2010/04/12 15:24:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jessie II\Local Settings\Application Data\Apple
[2010/04/04 20:41:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Guest\Application Data\skypePM
[2010/04/03 14:37:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jessie II\Application Data\Brother
[2004/02/21 12:58:44 | 000,103,936 | ---- | C] (Soeperman Enterprises Ltd.) -- C:\Program Files\CWShredder.exe
[2003/03/18 14:25:45 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\sweetie\Application Data\*.tmp files -> C:\Documents and Settings\sweetie\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\JESSICA\*.tmp files -> C:\Documents and Settings\JESSICA\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/04/26 23:25:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2010/04/24 06:56:44 | 000,237,568 | ---- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010/04/24 06:56:44 | 000,233,472 | ---- | M] () -- C:\Documents and Settings\LocalService\ntuser.dat
[2010/04/24 06:56:33 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/24 06:56:18 | 005,505,024 | ---- | M] () -- C:\Documents and Settings\BRAD\ntuser.dat
[2010/04/24 06:56:18 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\BRAD\NTUSER.INI
[2010/04/24 06:56:13 | 006,479,892 | -H-- | M] () -- C:\Documents and Settings\BRAD\Local Settings\Application Data\IconCache.db
[2010/04/24 06:56:02 | 003,407,872 | -H-- | M] () -- C:\Documents and Settings\Jessie II\NTUSER.DAT
[2010/04/24 06:56:02 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Jessie II\NTUSER.INI
[2010/04/24 06:55:01 | 007,010,904 | -H-- | M] () -- C:\Documents and Settings\Jessie II\Local Settings\Application Data\IconCache.db
[2010/04/24 06:53:54 | 007,077,888 | ---- | M] () -- C:\Documents and Settings\JESSICA\ntuser.dat
[2010/04/24 06:53:45 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\sweetie\ntuser.dat
[2010/04/24 06:53:39 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\Roo Boy\ntuser.dat
[2010/04/24 06:53:35 | 001,048,576 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/04/24 06:53:34 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\Guest\ntuser.dat
[2010/04/24 06:52:03 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/24 05:59:29 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2010/04/24 04:52:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/24 04:30:15 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2010/04/24 01:53:06 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/04/23 22:36:07 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\JESSICA\NTUSER.INI
[2010/04/23 22:36:02 | 007,547,994 | -H-- | M] () -- C:\Documents and Settings\JESSICA\Local Settings\Application Data\IconCache.db
[2010/04/23 22:34:45 | 002,637,740 | -H-- | M] () -- C:\Documents and Settings\Guest\Local Settings\Application Data\IconCache.db
[2010/04/23 21:07:15 | 000,000,088 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2010/04/23 17:31:58 | 000,083,968 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\money calendar.xls
[2010/04/23 07:07:12 | 000,153,749 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\e01_23056097.jpg
[2010/04/20 19:03:23 | 001,313,574 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\attachments_2010_04_20.zip
[2010/04/20 18:41:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/04/20 17:45:09 | 000,009,906 | ---- | M] () -- C:\Documents and Settings\Guest\My Documents\Game 4 Renn Schmor stats.docx
[2010/04/20 17:37:28 | 000,011,923 | ---- | M] () -- C:\Documents and Settings\Guest\My Documents\Game 3 Renn Schmor stats.docx
[2010/04/20 06:21:18 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/04/19 22:37:22 | 000,042,228 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\amenityhourtracker_04_17_10.xlsx
[2010/04/19 22:29:33 | 000,095,301 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\EDIWatchTracker_04_17_10.xlsx
[2010/04/19 22:16:02 | 000,124,825 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\Jess_Co_tracker_04_24_10.xlsx
[2010/04/19 22:05:43 | 000,123,815 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\Jess_Co_tracker_04_17_10(1).xlsx
[2010/04/19 15:24:46 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/04/15 19:36:55 | 000,212,722 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\receipts.docx
[2010/04/14 04:22:49 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/04/13 07:18:16 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\sweetie\NTUSER.INI
[2010/04/13 07:18:07 | 010,206,880 | -H-- | M] () -- C:\Documents and Settings\sweetie\Local Settings\Application Data\IconCache.db
[2010/04/08 23:24:56 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\Doc1[1].doc
[2010/04/04 20:40:53 | 000,082,072 | ---- | M] () -- C:\Documents and Settings\Guest\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/04/03 14:40:28 | 000,801,772 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\ediwatch.docx
[2010/04/03 14:37:13 | 000,000,426 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010/03/30 07:21:58 | 000,177,576 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\sweetie\Application Data\*.tmp files -> C:\Documents and Settings\sweetie\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\JESSICA\*.tmp files -> C:\Documents and Settings\JESSICA\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/04/23 07:14:11 | 000,153,749 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\e01_23056097.jpg
[2010/04/20 19:03:17 | 001,313,574 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\attachments_2010_04_20.zip
[2010/04/20 17:45:09 | 000,009,906 | ---- | C] () -- C:\Documents and Settings\Guest\My Documents\Game 4 Renn Schmor stats.docx
[2010/04/20 17:37:27 | 000,011,923 | ---- | C] () -- C:\Documents and Settings\Guest\My Documents\Game 3 Renn Schmor stats.docx
[2010/04/19 22:29:33 | 000,095,301 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\EDIWatchTracker_04_17_10.xlsx
[2010/04/19 22:19:04 | 000,042,228 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\amenityhourtracker_04_17_10.xlsx
[2010/04/19 22:16:01 | 000,124,825 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\Jess_Co_tracker_04_24_10.xlsx
[2010/04/19 22:05:43 | 000,123,815 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\Jess_Co_tracker_04_17_10(1).xlsx
[2010/04/15 19:36:52 | 000,212,722 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\receipts.docx
[2010/04/08 23:24:55 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\Doc1[1].doc
[2010/04/03 14:40:27 | 000,801,772 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\ediwatch.docx
[2010/03/20 01:55:37 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Jessie II\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/08 08:39:36 | 000,177,576 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/02/28 15:31:58 | 000,003,644 | -HS- | C] () -- C:\Documents and Settings\Jessie II\Local Settings\Application Data\RYWytq56AV
[2010/02/26 21:08:38 | 000,000,967 | ---- | C] () -- C:\Documents and Settings\Jessie II\Application Data\BBMS_EXCEPTION.txt
[2010/02/26 21:02:59 | 003,407,872 | -H-- | C] () -- C:\Documents and Settings\Jessie II\NTUSER.DAT
[2010/02/26 21:02:59 | 000,020,480 | -H-- | C] () -- C:\Documents and Settings\Jessie II\ntuser.dat.LOG
[2010/02/26 21:02:59 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Jessie II\NTUSER.INI
[2010/02/23 19:19:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\ggward.sys
[2010/02/23 19:17:47 | 000,010,970 | -HS- | C] () -- C:\Documents and Settings\JESSICA\Local Settings\Application Data\iHFx3
[2010/02/21 22:08:46 | 000,000,426 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/02/21 18:18:51 | 000,013,556 | -HS- | C] () -- C:\Documents and Settings\JESSICA\Local Settings\Application Data\e1wnOl
[2010/02/20 18:53:21 | 007,077,888 | ---- | C] () -- C:\Documents and Settings\JESSICA\ntuser.dat
[2010/02/20 18:49:46 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2010/02/20 18:49:46 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2010/02/20 18:48:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2010/02/20 18:48:02 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2010/02/20 18:43:41 | 000,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009/12/16 23:11:08 | 000,008,610 | ---- | C] () -- C:\Documents and Settings\JESSICA\Application Data\BBMS_EXCEPTION.txt
[2009/11/22 23:38:30 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\sweetie\Local Settings\Application Data\d3d9caps.dat
[2009/05/13 21:44:24 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/04/01 07:49:02 | 000,003,774 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\A6D19C89-7F32-4A54-A401-B275DFAB6975.txt
[2009/04/01 06:35:21 | 000,004,610 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\A6D19C89-7F32-4A54-A401-B275DFAB6975.txt
[2009/04/01 01:56:26 | 000,002,494 | ---- | C] () -- C:\Documents and Settings\JESSICA\Local Settings\Application Data\A6D19C89-7F32-4A54-A401-B275DFAB6975.txt
[2009/02/25 22:40:35 | 000,072,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrSII1d.sys
[2008/08/29 15:00:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Roo Boy\jagex_runescape_preferences.dat
[2008/07/17 07:04:20 | 000,001,011 | ---- | C] () -- C:\Documents and Settings\JESSICA\.airappinstall.log
[2008/07/17 07:04:20 | 000,000,412 | ---- | C] () -- C:\Documents and Settings\JESSICA\.airinstall.log
[2008/06/19 20:43:03 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\Roo Boy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/13 08:44:18 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\Guest\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/07/17 13:09:38 | 001,099,004 | ---- | C] () -- C:\Documents and Settings\Roo Boy\Application Data\Install.dat
[2007/06/27 20:25:27 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\Roo Boy\ntuser.dat.LOG
[2007/06/27 20:25:27 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\Roo Boy\NTUSER.INI
[2007/06/27 20:25:26 | 003,145,728 | -H-- | C] () -- C:\Documents and Settings\Roo Boy\ntuser.dat
[2007/04/14 20:59:23 | 000,000,108 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2007/01/12 21:48:54 | 000,000,027 | ---- | C] () -- C:\WINDOWS\webica.ini
[2006/12/26 19:31:38 | 000,000,219 | ---- | C] () -- C:\WINDOWS\apoapp.INI
[2006/10/01 14:53:40 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2006/09/30 09:40:10 | 000,000,121 | ---- | C] () -- C:\Documents and Settings\JESSICA\Application Data\SQSDRVRM.SYS
[2006/09/30 09:37:11 | 000,000,069 | ---- | C] () -- C:\Documents and Settings\JESSICA\Application Data\RipEditBurn.ini
[2006/09/30 09:36:36 | 000,000,036 | ---- | C] () -- C:\WINDOWS\System32\drvlock.sys
[2006/09/30 09:36:36 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\symbios.sys
[2006/07/20 21:30:19 | 003,670,016 | -H-- | C] () -- C:\Documents and Settings\sweetie\ntuser.dat
[2006/07/20 21:30:19 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\sweetie\ntuser.dat.LOG
[2006/07/20 21:30:19 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\sweetie\NTUSER.INI
[2006/07/17 17:57:17 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/06/22 20:25:22 | 000,233,472 | ---- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat
[2006/05/31 06:23:24 | 000,049,465 | ---- | C] () -- C:\Program Files\moviepass Terms.html
[2006/05/09 21:23:39 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\JESSICA\usb3
[2006/01/30 08:42:22 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2005/12/12 14:17:27 | 002,235,201 | ---- | C] () -- C:\Documents and Settings\BRAD\Application Data\Install.dat
[2005/11/19 18:09:55 | 000,000,021 | ---- | C] () -- C:\WINDOWS\dvdsentry.ini._eac_qt_
[2005/04/01 03:06:57 | 000,003,894 | ---- | C] () -- C:\WINDOWS\aoetkc.dll
[2005/03/30 22:05:13 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/03/29 19:26:22 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2005/03/29 19:22:14 | 000,000,045 | ---- | C] () -- C:\WINDOWS\DGIMEOOM.ini
[2005/03/20 21:12:48 | 000,081,920 | -H-- | C] () -- C:\Documents and Settings\Administrator\ntuser.dat.LOG
[2005/03/20 21:12:48 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Administrator\NTUSER.INI
[2005/03/20 21:12:47 | 001,048,576 | -H-- | C] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2005/03/06 11:47:17 | 000,374,784 | ---- | C] () -- C:\WINDOWS\3dg32.dll
[2005/01/06 19:44:10 | 000,000,004 | ---- | C] () -- C:\WINDOWS\info147.sys
[2004/12/03 21:14:02 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\BRAD\Local Settings\Application Data\fusioncache.dat
[2004/05/30 17:15:46 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\JESSICA\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/05/15 15:21:36 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2004/05/15 15:21:36 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2004/05/15 15:21:36 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2004/05/08 21:15:19 | 000,000,112 | ---- | C] () -- C:\WINDOWS\WEBLINK.INI
[2004/04/20 02:24:57 | 000,004,056 | ---- | C] () -- C:\Program Files\asd.hta
[2004/04/17 02:50:34 | 000,000,002 | ---- | C] () -- C:\WINDOWS\System32\nthst32.dll
[2004/03/28 22:45:18 | 000,003,735 | ---- | C] () -- C:\WINDOWS\ISISAIHP.INI
[2004/03/28 22:45:18 | 000,000,988 | ---- | C] () -- C:\WINDOWS\ISISAIM.INI
[2004/02/22 11:55:32 | 000,000,401 | ---- | C] () -- C:\WINDOWS\CHEMDRAW.INI
[2004/02/05 22:50:36 | 000,000,048 | ---- | C] () -- C:\WINDOWS\PerWin.ini
[2004/01/29 23:47:37 | 000,002,397 | ---- | C] () -- C:\WINDOWS\System32\drivers\symlcbrd.sys
[2003/12/24 20:42:55 | 000,000,887 | ---- | C] () -- C:\WINDOWS\ACROREAD.INI
[2003/12/12 22:36:22 | 000,000,021 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2003/11/28 18:31:18 | 000,000,573 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2003/11/28 17:14:01 | 000,000,058 | ---- | C] () -- C:\WINDOWS\MADCCX.INI
[2003/11/28 17:10:44 | 000,000,047 | ---- | C] () -- C:\WINDOWS\STRINGS.INI
[2003/11/28 17:09:42 | 000,000,306 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2003/11/28 17:09:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MADCCS.INI
[2003/11/28 17:09:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MADCCF.INI
[2003/11/28 16:58:03 | 000,000,116 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2003/11/28 16:33:30 | 000,000,032 | ---- | C] () -- C:\WINDOWS\cdhome.ini
[2003/11/27 09:59:09 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\spkpsys.ini
[2003/10/06 15:16:00 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\nvcod.dll
[2003/09/23 19:24:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2003/07/31 17:32:07 | 000,000,298 | ---- | C] () -- C:\WINDOWS\atl_save.ini
[2003/06/26 01:18:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2003/06/10 09:32:46 | 000,188,644 | ---- | C] () -- C:\Documents and Settings\JESSICA\~
[2003/05/30 19:08:52 | 000,001,266 | ---- | C] () -- C:\WINDOWS\disney.ini
[2003/05/21 17:09:23 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\TTSServer.dll
[2003/03/27 21:38:16 | 003,145,728 | -H-- | C] () -- C:\Documents and Settings\Guest\ntuser.dat
[2003/03/27 21:38:16 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\Guest\ntuser.dat.LOG
[2003/03/27 21:38:16 | 000,000,180 | -HS- | C] () -- C:\Documents and Settings\Guest\NTUSER.INI
[2003/03/27 17:48:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2003/03/26 23:37:35 | 000,002,006 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2003/03/24 07:26:54 | 000,006,739 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2003/03/23 21:41:35 | 000,000,729 | ---- | C] () -- C:\WINDOWS\fantasy2.ini
[2003/03/23 21:41:35 | 000,000,525 | ---- | C] () -- C:\WINDOWS\photoprn.ini
[2003/03/23 21:41:35 | 000,000,428 | ---- | C] () -- C:\WINDOWS\pstudio.ini
[2003/03/23 21:41:10 | 000,000,021 | ---- | C] () -- C:\WINDOWS\ccam_suite.ini
[2003/03/23 00:54:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\BRAD\Application Data\dm.ini
[2003/03/21 09:14:31 | 000,002,970 | ---- | C] () -- C:\WINDOWS\VTruck1.ini
[2003/03/21 09:11:55 | 000,000,749 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2003/03/21 02:43:25 | 000,107,520 | ---- | C] () -- C:\Documents and Settings\BRAD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/03/20 17:54:17 | 000,020,480 | -H-- | C] () -- C:\Documents and Settings\BRAD\ntuser.dat.LOG
[2003/03/20 17:54:17 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\BRAD\NTUSER.INI
[2003/03/20 17:54:16 | 005,505,024 | ---- | C] () -- C:\Documents and Settings\BRAD\ntuser.dat
[2003/03/20 16:43:41 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\JESSICA\ntuser.dat.LOG
[2003/03/20 16:43:41 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\JESSICA\NTUSER.INI
[2003/03/18 14:36:34 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/03/18 14:26:00 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2003/03/18 14:25:46 | 000,039,936 | ---- | C] () -- C:\WINDOWS\System32\P16X.dll
[2003/03/18 14:25:46 | 000,002,092 | ---- | C] () -- C:\WINDOWS\System32\P16X.ini
[2003/03/18 14:25:46 | 000,000,026 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2003/03/18 14:25:45 | 000,006,175 | ---- | C] () -- C:\WINDOWS\MIXDEF.INI
[2003/03/18 14:25:45 | 000,005,917 | ---- | C] () -- C:\WINDOWS\SBMIXDEF.INI
[2003/03/18 14:25:45 | 000,000,064 | ---- | C] () -- C:\WINDOWS\P16x.ini
[2003/03/18 14:25:17 | 000,000,245 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2003/03/18 14:23:08 | 000,000,788 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/03/18 14:14:52 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[2003/03/18 14:14:52 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat.LOG
[2003/03/18 14:10:52 | 000,008,192 | -H-- | C] () -- C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\NTUSER.DAT.LOG
[2003/03/18 14:01:58 | 000,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2002/12/10 00:00:00 | 001,708,032 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[2002/12/10 00:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[2002/12/10 00:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[2002/12/10 00:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[2002/11/13 03:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2002/09/09 16:58:38 | 000,000,784 | ---- | C] () -- C:\WINDOWS\LRUN32.INI
[2002/09/09 16:54:34 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2002/09/03 11:05:20 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.INI
[2002/09/03 11:05:20 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\LocalService\NTUSER.INI
[2002/08/29 07:00:00 | 000,001,024 | ---- | C] () -- C:\WINDOWS\ONETW.DRV
[2002/02/06 11:04:14 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\NMSInst.dll
[2002/01/21 16:17:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PROInst.dll
[1980/01/01 08:00:00 | 000,237,568 | ---- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[1980/01/01 02:00:00 | 000,262,144 | ---- | C] () -- C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\ntuser.dat

========== LOP Check ==========

[2008/10/07 17:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\eAcceleration
[2005/04/06 20:43:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\alta
[2008/03/16 01:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\eAcceleration
[2005/03/24 22:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\iemv
[2003/03/23 00:56:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\InterTrust
[2004/09/05 15:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\pixelStorm
[2009/04/27 17:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\Research In Motion
[2005/03/07 09:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\{12EE7A5E-0674-42f9-A76B-000000004D00}
[2008/06/06 19:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\eAcceleration
[2009/04/24 17:34:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\Research In Motion
[2006/07/22 11:57:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\acccore
[2005/04/07 17:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\alta
[2009/04/01 04:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\avvpvyms
[2005/02/12 17:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\Broderbund Software
[2010/02/08 23:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\Facebook
[2009/11/02 22:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\GetRightToGo
[2007/01/12 22:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\ICAClient
[2008/10/28 17:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\Juniper Networks
[2010/02/22 22:51:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\mjusbsp
[2009/05/10 15:40:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\Research In Motion
[2007/11/20 22:28:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\Viewpoint
[2005/03/30 07:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\WeatherBug
[2008/09/15 11:47:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\webex
[2005/03/06 22:50:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\{12EE7A5E-0674-42f9-A76B-000000004D00}
[2010/03/02 00:57:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jessie II\Application Data\mjusbsp
[2010/02/26 21:08:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jessie II\Application Data\Research In Motion
[2008/08/10 17:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roo Boy\Application Data\alot
[2008/06/08 10:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roo Boy\Application Data\eAcceleration
[2006/07/20 21:35:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sweetie\Application Data\acccore
[2008/03/16 11:53:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sweetie\Application Data\eAcceleration
[2008/11/21 18:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sweetie\Application Data\Viewpoint
[2006/07/23 19:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sweetie\Application Data\WeatherBug
[2010/04/20 18:41:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010/04/24 01:53:06 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2005/03/27 22:21:18 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\XoftSpy.job

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: AGP440.SYS >
[2004/09/30 06:55:00 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp2.cab:AGP440.sys
[2008/09/09 22:56:47 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp3.cab:AGP440.sys
[2004/09/30 06:55:00 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008/09/09 22:56:47 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SYSTEM32\DRIVERS\agp440.sys
[2004/08/04 02:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2001/08/17 15:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\I386\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2002/08/29 07:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\I386\sp1.cab:atapi.sys
[2002/08/29 07:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp1.cab:atapi.sys
[2004/09/30 06:55:00 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp2.cab:atapi.sys
[2008/09/09 22:56:47 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp3.cab:atapi.sys
[2004/09/30 06:55:00 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008/09/09 22:56:47 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002/10/16 19:31:10 | 000,087,040 | ---- | M] (Microsoft Corporation) MD5=3DF589B9A15FF9EF4AA499F98C1C16D5 -- C:\I386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys
[2004/08/04 01:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SYSTEM32\eventlog.dll
[2004/08/04 03:56:42 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2002/08/29 07:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=BF3C8CF53C77B48206B39910B6D6CBCC -- C:\I386\EVENTLOG.DLL

< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[1996/08/24 13:11:10 | 000,204,288 | ---- | M] (Microsoft Corporation) MD5=5AE4E07B85DCF51F1D082C7F139CFC97 -- C:\Documents and Settings\BRAD\Desktop\Win95\WINDOWS95 (F)\WINDOWS\EXPLORER.EXE
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/04 03:56:49 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SYSTEM32\netlogon.dll
[2002/08/29 07:00:00 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=3ADD563ED7A1C66E6F5E0F7A661AA96D -- C:\I386\NETLOGON.DLL
[2004/08/04 03:56:44 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NTOSKRNL.EXE >
[2002/08/29 07:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\I386\sp1.cab:ntoskrnl.exe
[2002/08/29 07:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp1.cab:ntoskrnl.exe
[2004/09/30 06:55:00 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp2.cab:ntoskrnl.exe
[2008/09/09 22:56:47 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp3.cab:ntoskrnl.exe
[2004/09/30 06:55:00 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:ntoskrnl.exe
[2008/09/09 22:56:47 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:ntoskrnl.exe
[2009/12/09 00:52:36 | 002,189,312 | ---- | M] (Microsoft Corporation) MD5=05BE3D9A71972223AFF6A3C823BA51B1 -- C:\WINDOWS\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[2008/04/13 15:27:53 | 002,188,928 | ---- | M] (Microsoft Corporation) MD5=0C89243C7C3EE199B96FCC16990E0679 -- C:\WINDOWS\$NtUninstallKB956841$\ntoskrnl.exe
[2008/04/13 15:27:53 | 002,188,928 | ---- | M] (Microsoft Corporation) MD5=0C89243C7C3EE199B96FCC16990E0679 -- C:\WINDOWS\ServicePackFiles\i386\ntoskrnl.exe
[2005/03/01 21:04:22 | 002,179,456 | ---- | M] (Microsoft Corporation) MD5=28187802B7C368C0D3AEF7D4C382AABB -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[2008/08/14 16:11:10 | 002,189,184 | ---- | M] (Microsoft Corporation) MD5=31914172342BFF330063F343AC6958FE -- C:\WINDOWS\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[2005/03/01 20:59:53 | 002,179,328 | ---- | M] (Microsoft Corporation) MD5=4D4CF2C14550A4B7718E94A6E581856E -- C:\WINDOWS\$NtUninstallKB929338$\ntoskrnl.exe
[2007/02/28 05:10:57 | 002,180,352 | ---- | M] (Microsoft Corporation) MD5=582A8DBAA58C3B1F176EB2817DAEE77C -- C:\WINDOWS\$NtServicePackUninstall$\ntoskrnl.exe
[2007/02/28 05:55:14 | 002,182,144 | ---- | M] (Microsoft Corporation) MD5=5A5C8DB4AA962C714C8371FBDF189FC9 -- C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
[2009/12/08 15:27:51 | 002,189,184 | ---- | M] (Microsoft Corporation) MD5=78EC47F9B9A3A1D539262D8834C896CE -- C:\WINDOWS\$NtUninstallKB979683$\ntoskrnl.exe
[2009/02/06 07:08:19 | 002,189,056 | ---- | M] (Microsoft Corporation) MD5=7A95B10A73737EBF24139AAA63F5212B -- C:\WINDOWS\$NtUninstallKB971486$\ntoskrnl.exe
[2009/08/04 20:44:46 | 002,189,184 | ---- | M] (Microsoft Corporation) MD5=8415D9C7C050E7022AED8ABF281BE4A6 -- C:\WINDOWS\$NtUninstallKB977165$\ntoskrnl.exe
[2006/12/19 10:17:19 | 002,180,352 | ---- | M] (Microsoft Corporation) MD5=8F0DEAB1F81FB83F9C5995853CE48B9F -- C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe
[2010/02/16 13:37:57 | 002,186,880 | ---- | M] (Microsoft Corporation) MD5=97E2BF68857818A4D142B872404DC41B -- C:\WINDOWS\SoftwareDistribution\Download\9d21500a4aa475547c4a2420fee1c623\SP2QFE\ntoskrnl.exe
[2002/08/29 04:03:30 | 002,042,240 | ---- | M] (Microsoft Corporation) MD5=B9080D97DBD631AADF9128F7316958D2 -- C:\I386\ntoskrnl.exe
[2002/08/29 04:03:30 | 002,042,240 | ---- | M] (Microsoft Corporation) MD5=B9080D97DBD631AADF9128F7316958D2 -- C:\WINDOWS\$NtUninstallQ811493$\ntoskrnl.exe
[2004/08/04 02:19:59 | 002,180,992 | ---- | M] (Microsoft Corporation) MD5=CE218BC7088681FAA06633E218596CA7 -- C:\WINDOWS\$NtUninstallKB890859$\ntoskrnl.exe
[2006/12/19 12:51:12 | 002,182,016 | ---- | M] (Microsoft Corporation) MD5=CEF243F6DEFD20BE4ADDE26C7ECACB54 -- C:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe
[2010/02/17 09:10:28 | 002,189,952 | ---- | M] (Microsoft Corporation) MD5=D41C3CBAD0E1C0728D1CDFD541F60CFA -- C:\WINDOWS\Driver Cache\I386\ntoskrnl.exe
[2010/02/17 09:10:28 | 002,189,952 | ---- | M] (Microsoft Corporation) MD5=D41C3CBAD0E1C0728D1CDFD541F60CFA -- C:\WINDOWS\SoftwareDistribution\Download\9d21500a4aa475547c4a2420fee1c623\SP3GDR\ntoskrnl.exe
[2010/02/17 09:10:28 | 002,189,952 | ---- | M] (Microsoft Corporation) MD5=D41C3CBAD0E1C0728D1CDFD541F60CFA -- C:\WINDOWS\SYSTEM32\DLLCACHE\ntoskrnl.exe
[2010/02/17 09:10:28 | 002,189,952 | ---- | M] (Microsoft Corporation) MD5=D41C3CBAD0E1C0728D1CDFD541F60CFA -- C:\WINDOWS\SYSTEM32\ntoskrnl.exe
[2010/02/16 08:52:12 | 002,190,080 | ---- | M] (Microsoft Corporation) MD5=E1F653A542449D54FA2D27463D99B6B6 -- C:\WINDOWS\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[2010/02/16 08:52:12 | 002,190,080 | ---- | M] (Microsoft Corporation) MD5=E1F653A542449D54FA2D27463D99B6B6 -- C:\WINDOWS\SoftwareDistribution\Download\9d21500a4aa475547c4a2420fee1c623\SP3QFE\ntoskrnl.exe
[2010/02/16 09:19:55 | 002,181,376 | ---- | M] (Microsoft Corporation) MD5=EBB75B113E74E90074382347B74D652B -- C:\WINDOWS\SoftwareDistribution\Download\9d21500a4aa475547c4a2420fee1c623\SP2GDR\ntoskrnl.exe
[2008/08/14 06:11:02 | 002,189,184 | ---- | M] (Microsoft Corporation) MD5=EEAF32F8E15A24F62BECB1BD403BB5C5 -- C:\WINDOWS\$NtUninstallKB956572$\ntoskrnl.exe
[2009/02/07 19:35:26 | 002,189,184 | ---- | M] (Microsoft Corporation) MD5=EFE8EACE83EAAD5849A7A548FB75B584 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[2009/08/04 09:56:10 | 002,189,312 | ---- | M] (Microsoft Corporation) MD5=FDE779EA1A564EBFE16F4E0F82B61BAD -- C:\WINDOWS\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe

< MD5 for: SCECLI.DLL >
[2004/08/04 03:56:44 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2002/08/29 07:00:00 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=97418A5C642A5C748A28BD7CF6860B57 -- C:\I386\SCECLI.DLL
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SYSTEM32\scecli.dll

< MD5 for: USERINIT.EXE >
[2004/08/04 03:56:57 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SYSTEM32\userinit.exe
[2002/08/29 07:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=E931E0A2B8BF0019DB902E98D03662CB -- C:\I386\USERINIT.EXE

< %SYSTEMDRIVE%\*.* >
[2010/04/26 23:25:23 | 000,046,910 | ---- | M] () -- C:\aaw7boot.log
[2003/06/26 01:15:03 | 000,066,336 | -H-- | M] () -- C:\ABAPADAA
[2006/03/03 16:16:02 | 000,000,211 | RHS- | M] () -- C:\BOOT.INI
[2010/04/24 07:08:20 | 000,003,048 | ---- | M] () -- C:\bootex.log
[2002/09/03 10:38:46 | 000,000,512 | -HS- | M] () -- C:\BOOTSECT.DOS
[2002/09/03 10:59:58 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2005/05/12 21:27:47 | 000,588,626 | ---- | M] () -- C:\crash.txt
[2003/03/18 14:05:28 | 000,004,909 | RH-- | M] () -- C:\DELL.SDR
[2005/02/18 23:07:51 | 000,000,095 | ---- | M] () -- C:\DownloadLog.txt
[2006/04/07 20:10:44 | 000,000,051 | ---- | M] () -- C:\DVDPATH.TXT
[2005/03/25 00:14:10 | 000,004,370 | ---- | M] () -- C:\errors.log
[2004/05/08 14:48:34 | 000,000,037 | ---- | M] () -- C:\HRS_APP.BAT
[2002/09/03 10:59:58 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2005/03/05 12:24:09 | 000,000,048 | -HS- | M] () -- C:\keys.ini
[2004/11/10 22:30:23 | 000,000,254 | ---- | M] () -- C:\LEGO Creator Knights Kingdom Error Log_0.log
[2002/09/03 10:59:58 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2004/09/30 07:02:05 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/09/09 23:11:54 | 000,250,048 | RHS- | M] () -- C:\NTLDR
[2008/10/30 12:25:04 | 000,262,144 | ---- | M] () -- C:\ntuser.dat
[2008/10/30 12:25:05 | 000,001,024 | -H-- | M] () -- C:\ntuser.dat.LOG
[2010/04/26 23:25:25 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2005/06/25 23:54:51 | 000,000,224 | ---- | M] () -- C:\PPCleanDeleteAtReboot.bat
[2007/04/14 21:02:12 | 000,000,168 | ---- | M] () -- C:\setupfax.log
[2005/10/31 11:56:00 | 000,700,416 | ---- | M] (LimeWire) -- C:\StubInstaller.exe
[2003/03/18 14:27:05 | 000,000,087 | ---- | M] () -- C:\SystemInfo.ini
[2005/03/30 22:04:18 | 024,265,736 | ---- | M] (Microsoft) -- C:\temp1.exe
[2003/06/16 23:50:57 | 000,004,096 | ---- | M] () -- C:\Thumbs.db
[2003/05/21 14:05:41 | 000,154,386 | ---- | M] () -- C:\tn1 visa.jpg
[2003/03/25 01:38:13 | 000,000,044 | ---- | M] () -- C:\Track01.cda
[2003/03/25 01:38:13 | 000,000,044 | ---- | M] () -- C:\Track02.cda
[2003/03/25 01:38:14 | 000,000,044 | ---- | M] () -- C:\Track03.cda
[2003/03/25 01:38:15 | 000,000,044 | ---- | M] () -- C:\Track04.cda
[2003/03/25 01:38:15 | 000,000,044 | ---- | M] () -- C:\Track05.cda
[2003/03/25 01:38:16 | 000,000,044 | ---- | M] () -- C:\Track06.cda
[2003/03/25 01:38:16 | 000,000,044 | ---- | M] () -- C:\Track07.cda
[2003/03/25 01:38:17 | 000,000,044 | ---- | M] () -- C:\Track08.cda
[2003/03/25 01:38:17 | 000,000,044 | ---- | M] () -- C:\Track09.cda
[2003/03/25 01:38:18 | 000,000,044 | ---- | M] () -- C:\Track10.cda
[2005/12/11 22:12:43 | 000,557,326 | ---- | M] () -- C:\USBDetectorHelper.txt
[2009/04/14 22:39:16 | 000,049,008 | ---- | M] () -- C:\YServer.txt
[1 C:\*.tmp files -> C:\*.tmp -> ]

< %systemroot%\*./mp /s >

< %systemroot%\System32\config\*.sav >
[2002/09/03 10:47:18 | 000,094,208 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.SAV
[2002/09/03 10:47:18 | 000,602,112 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.SAV
[2002/09/03 10:47:18 | 000,380,928 | ---- | M] () -- C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.SAV

========== Files - Unicode (All) ==========
[2005/04/15 07:29:35 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??sembly) -- C:\WINDOWS\System32\аѕsembly
[2005/04/15 07:29:35 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??sembly) -- C:\WINDOWS\System32\аѕsembly
[2005/04/06 20:43:44 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??crosoft.NET) -- C:\WINDOWS\System32\Міcrosoft.NET
[2005/04/06 20:43:44 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??crosoft.NET) -- C:\WINDOWS\System32\Міcrosoft.NET
[2005/04/06 16:27:37 | 000,000,000 | ---D | M](C:\WINDOWS\System32\F?nts) -- C:\WINDOWS\System32\Fоnts
[2005/04/06 16:27:37 | 000,000,000 | ---D | C](C:\WINDOWS\System32\F?nts) -- C:\WINDOWS\System32\Fоnts

========== Alternate Data Streams ==========

@Alternate Data Stream - 3567 bytes -> C:\WINDOWS\TMPCPYIS.BAT:cgxpgj
< End of report >


#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,561 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:23 PM

Posted 27 April 2010 - 11:50 AM

Please post the exact error message and the file involved if indicated. Save these instructions in the Flash drive.
  • Boot to the OTLPE CD
  • Please double-click OTLPE.exe to run it as you did before.
  • Copy the lines in the quote below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    QUOTE
    :OTL
    SRV - File not found [Disabled] -- -- (sctywgbnhxvwgip)
    SRV - File not found [Disabled] -- -- (eejsxalvmcwj)
    SRV - File not found [Disabled] -- -- (DigiChat_4.0_Server)
    O4 - HKU\JESSICA_ON_C..\Run: [asg984jgkfmgasi8ug98jgkfgfb] C:\DOCUME~1\JESSICA\LOCALS~1\Temp\win32.exe File not found
    O4 - HKU\JESSICA_ON_C..\Run: [Bjqctllf] C:\WINDOWS\System32\ѕсanregw.exe File not found
    O4 - HKU\JESSICA_ON_C..\Run: [Remote System Protection] C:\WINDOWS\System32\j0ojz.DLL File not found
    O4 - HKU\sweetie_ON_C..\Run: [Aim6] C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe File not found
    O4 - HKU\sweetie_ON_C..\Run: [DW4] C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe File not found
    O7 - HKU\JESSICA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
    O7 - HKU\JESSICA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
    O7 - HKU\JESSICA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
    [2005/04/15 07:29:35 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??sembly) -- C:\WINDOWS\System32\аѕsembly
    [2005/04/15 07:29:35 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??sembly) -- C:\WINDOWS\System32\аѕsembly
    [2005/04/06 20:43:44 | 000,000,000 | ---D | M](C:\WINDOWS\System32\??crosoft.NET) -- C:\WINDOWS\System32\Міcrosoft.NET
    [2005/04/06 20:43:44 | 000,000,000 | ---D | C](C:\WINDOWS\System32\??crosoft.NET) -- C:\WINDOWS\System32\Міcrosoft.NET
    [2005/04/06 16:27:37 | 000,000,000 | ---D | M](C:\WINDOWS\System32\F?nts) -- C:\WINDOWS\System32\Fоnts
    [2005/04/06 16:27:37 | 000,000,000 | ---D | C](C:\WINDOWS\System32\F?nts) -- C:\WINDOWS\System32\Fоnts
    @Alternate Data Stream - 3567 bytes -> C:\WINDOWS\TMPCPYIS.BAT:cgxpgj

    :Commands
    [EMPTYTEMP]
    [RESETHOSTS]

  • Return to OTLPE, right click in the "Custom Scans/Fixes" window and choose Paste.
  • Click the red Run Fix button.
  • A report will be produced and saved in the C:\_OTL\MovedFiles folder in the form of Date_Time.log. Open that report and post its contents in a reply.

Restart the computer back to the OTLPE CD.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings
  • Change Drivers to All
  • Change Standard Registry to All
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive.
  • Please post the contents of the C:\OTL.txt file in your reply also.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#7 Brad1973

Brad1973
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:23 PM

Posted 27 April 2010 - 12:31 PM

Hello

Ok.. did all like you said. However, when it was done it told me in order to finish removing files I needed to reboot. I got the contents of the log file first and then said "ok" but it didn't reboot. So, I just left it there for now.

Here are the contents of the log file.

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sctywgbnhxvwgip deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\eejsxalvmcwj deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\DigiChat_4.0_Server deleted successfully.
Registry value HKEY_USERS\JESSICA_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\asg984jgkfmgasi8ug98jgkfgfb deleted successfully.
Registry value HKEY_USERS\JESSICA_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\Bjqctllf deleted successfully.
Registry value HKEY_USERS\JESSICA_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\Remote System Protection deleted successfully.
Registry value HKEY_USERS\sweetie_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\Aim6 deleted successfully.
Registry value HKEY_USERS\sweetie_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\DW4 deleted successfully.
Registry value HKEY_USERS\JESSICA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoFolderOptions deleted successfully.
Registry value HKEY_USERS\JESSICA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr deleted successfully.
Registry value HKEY_USERS\JESSICA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools deleted successfully.
C:\WINDOWS\System32\аѕsembly folder moved successfully.
Folder C:\WINDOWS\System32\аѕsembly\ not found.
C:\WINDOWS\System32\Міcrosoft.NET folder moved successfully.
Folder C:\WINDOWS\System32\Міcrosoft.NET\ not found.
C:\WINDOWS\System32\Fоnts folder moved successfully.
Folder C:\WINDOWS\System32\Fоnts\ not found.
ADS C:\WINDOWS\TMPCPYIS.BAT:cgxpgj deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 66176 bytes
->Temporary Internet Files folder emptied: 128478 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: BRAD
->Temp folder emptied: 3788554 bytes
->Temporary Internet Files folder emptied: 176652402 bytes
->Java cache emptied: 71831821 bytes
->Flash cache emptied: 19949 bytes

User: CORRINE

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Guest
->Temp folder emptied: 23393544 bytes
->Temporary Internet Files folder emptied: 168424809 bytes
->Java cache emptied: 139852 bytes
->Flash cache emptied: 131523 bytes

User: JESSICA
->Temp folder emptied: 1379365096 bytes
->Temporary Internet Files folder emptied: 32360680 bytes
->Java cache emptied: 73480724 bytes
->Google Chrome cache emptied: 6138516 bytes
->Apple Safari cache emptied: 14159661 bytes
->Flash cache emptied: 1281895 bytes

User: Jessie II
->Temp folder emptied: 7546863 bytes
->Temporary Internet Files folder emptied: 189921283 bytes
->Java cache emptied: 12672669 bytes
->Flash cache emptied: 23767 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 168271 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 1952719 bytes
->Temporary Internet Files folder emptied: 795490 bytes

User: Owner

User: Roo Boy
->Temp folder emptied: 1933405991 bytes
->Temporary Internet Files folder emptied: 192555631 bytes
->Java cache emptied: 2033864 bytes
->Flash cache emptied: 1621513 bytes

User: sweetie
->Temp folder emptied: 434010587 bytes
->Temporary Internet Files folder emptied: 117816545 bytes
->Java cache emptied: 7728880 bytes
->Google Chrome cache emptied: 7685664 bytes
->Flash cache emptied: 1199157 bytes

%systemdrive% .tmp files removed: 14154 bytes
%systemroot% .tmp files removed: 39097 bytes
%systemroot%\System32 .tmp files removed: 10317841 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 11377796 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23939066 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 1455379 bytes

Total Files Cleaned = 4,682.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTLPE by OldTimer - Version 3.1.38.0 log created on 04272010_151601


#8 Brad1973

Brad1973
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:23 PM

Posted 27 April 2010 - 12:34 PM

Oh and no error message was indicated. I hope I've given you what you asked for.

Sorry if this gets really repetitive... but thanks smile.gif

#9 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,561 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:23 PM

Posted 27 April 2010 - 02:35 PM

Attempt to boot in Normal Mode. Write down any error message, including the file invloved in the error.

Restart the computer back to the OTLPE CD.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings
  • Change Drivers to All
  • Change Standard Registry to All
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive.
  • Please post the contents of the C:\OTL.txt file in your reply also.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#10 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,561 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:23 PM

Posted 27 April 2010 - 02:47 PM

I am modifying my last post.

Restart the computer back to the OTLPE CD.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings
    • Change Drivers to All
    • Change Standard Registry to All
    • Under the Custom Scan box paste this in
      /md5start
      Winlogon.exe
      CSRSS.exe
      /md5stop
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive.
  • Please post the contents of the C:\OTL.txt file in your reply also.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#11 Brad1973

Brad1973
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:23 PM

Posted 27 April 2010 - 03:06 PM

I tried to boot in normal mode and got the same blue-screen error message as before

STOP: c000021a {Fatal System Error}
The Windows Login Process system process terminated unexpectedly with a status of 0xc0000022 (0x00000000 0x00000000).
The system has been shut down.

Then I ran through the rest of your instructions, booting from the OTLPE disk. Here are the results of the OTL scan.

OTL logfile created on: 4/27/2010 6:57:29 PM - Run
OTLPE by OldTimer - Version 3.1.38.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 265.00 Mb Available Physical Memory | 52.00% Memory free
459.00 Mb Paging File | 321.00 Mb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.75 Gb Total Space | 60.87 Gb Free Space | 54.47% Space Free | Partition Type: NTFS
Drive D: | 1.86 Gb Total Space | 1.86 Gb Free Space | 99.70% Space Free | Partition Type: FAT
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 276.80 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled] -- -- (sctywgbnhxvwgip)
SRV - File not found [Disabled] -- -- (eejsxalvmcwj)
SRV - File not found [Disabled] -- -- (DigiChat_4.0_Server)
SRV - [2009/12/09 19:02:38 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/09/29 10:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/09/21 20:04:22 | 001,028,432 | ---- | M] (Lavasoft) [Auto] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2007/03/07 10:51:52 | 000,049,152 | ---- | M] () [Auto] -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s)
SRV - [2005/12/19 21:41:49 | 000,151,616 | ---- | M] (ewido networks) [Disabled] -- C:\Program Files\ewido\security suite\ewidoguard.exe -- (ewido security suite guard)
SRV - [2005/11/30 05:47:52 | 000,013,888 | ---- | M] (ewido networks) [Disabled] -- C:\Program Files\ewido\security suite\ewidoctrl.exe -- (ewido security suite control)
SRV - [2005/04/05 11:17:22 | 000,206,552 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2004/11/02 17:59:50 | 000,316,544 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC)
SRV - [2004/01/29 23:47:37 | 000,585,728 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2003/06/24 19:23:10 | 000,066,784 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe -- (SBService)
SRV - [2002/10/10 06:18:36 | 001,118,208 | ---- | M] (Intel Corporation) [On_Demand] -- C:\WINDOWS\SYSTEM32\NMSSvc.Exe -- (NMSSvc) Intel®


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | Disabled] -- -- (Simbad)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (nenum13E)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand] -- -- (iAimTV2)
DRV - File not found [Kernel | On_Demand] -- -- (ComFiltr)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (bvrp_pci)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - File not found [Kernel | On_Demand] -- -- (ATWPKT2)
DRV - File not found [Kernel | Disabled] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled] -- -- (Abiosdsk)
DRV - [2010/02/24 09:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\mrxsmb.sys -- (MRxSmb)
DRV - [2009/12/31 12:50:03 | 000,353,792 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\srv.sys -- (Srv)
DRV - [2009/12/02 16:23:40 | 000,149,040 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\MpFilter.sys -- (MpFilter)
DRV - [2009/10/20 12:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\http.sys -- (HTTP)
DRV - [2009/06/24 07:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\ksecdd.sys -- (KSecDD)
DRV - [2009/06/05 11:42:38 | 000,039,424 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbaapl.sys -- (USBAAPL)
DRV - [2009/04/24 20:04:31 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2008/08/14 06:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\tcpip.sys -- (Tcpip)
DRV - [2008/05/20 19:33:50 | 000,022,784 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\RimUsb.sys -- (RimUsb)
DRV - [2008/04/13 20:13:22 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\rdpwd.sys -- (RDPWD)
DRV - [2008/04/13 20:13:21 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\tdtcp.sys -- (TDTCP)
DRV - [2008/04/13 20:13:20 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\termdd.sys -- (TermDD)
DRV - [2008/04/13 20:13:20 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/13 15:28:39 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\rdbss.sys -- (Rdbss)
DRV - [2008/04/13 15:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\netbt.sys -- (NetBT)
DRV - [2008/04/13 15:20:42 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ndiswan.sys -- (NdisWan)
DRV - [2008/04/13 15:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\ndis.sys -- (NDIS)
DRV - [2008/04/13 15:19:48 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2008/04/13 15:19:43 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2008/04/13 15:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\ipsec.sys -- (IPSec)
DRV - [2008/04/13 15:18:00 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\i8042prt.sys -- (i8042prt)
DRV - [2008/04/13 15:17:18 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wdmaud.sys -- (wdmaud)
DRV - [2008/04/13 15:17:05 | 000,105,344 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\mup.sys -- (Mup)
DRV - [2008/04/13 15:15:55 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\sysaudio.sys -- (sysaudio)
DRV - [2008/04/13 15:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 15:15:45 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\serial.sys -- (Serial)
DRV - [2008/04/13 15:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 15:14:21 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 15:00:19 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\modem.sys -- (Modem)
DRV - [2008/04/13 14:57:32 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/13 14:57:29 | 000,040,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ndproxy.sys -- (NDProxy)
DRV - [2008/04/13 14:57:27 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/13 14:57:27 | 000,010,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ndistapi.sys -- (NdisTapi)
DRV - [2008/04/13 14:57:21 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanarp.sys -- (Wanarp)
DRV - [2008/04/13 14:57:15 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ipnat.sys -- (IpNat)
DRV - [2008/04/13 14:57:07 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2008/04/13 14:56:38 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\psched.sys -- (PSched)
DRV - [2008/04/13 14:56:32 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\msgpc.sys -- (Gpc)
DRV - [2008/04/13 14:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\netbios.sys -- (NetBIOS)
DRV - [2008/04/13 14:55:58 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/13 14:54:28 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\irenum.sys -- (IRENUM)
DRV - [2008/04/13 14:53:34 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ip6fw.sys -- (ip6fw)
DRV - [2008/04/13 14:51:25 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/13 14:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbprint.sys -- (usbprint)
DRV - [2008/04/13 14:46:25 | 000,085,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\nabtsfec.sys -- (NABTSFEC)
DRV - [2008/04/13 14:46:24 | 000,019,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wstcodec.sys -- (WSTCODEC)
DRV - [2008/04/13 14:46:23 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ccdecode.sys -- (CCDECODE)
DRV - [2008/04/13 14:46:23 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\slip.sys -- (SLIP)
DRV - [2008/04/13 14:46:22 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ndisip.sys -- (NdisIP)
DRV - [2008/04/13 14:46:21 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\streamip.sys -- (streamip)
DRV - [2008/04/13 14:45:39 | 000,032,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbccgp.sys -- (usbccgp)
DRV - [2008/04/13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbstor.sys -- (USBSTOR)
DRV - [2008/04/13 14:45:37 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbhub.sys -- (usbhub)
DRV - [2008/04/13 14:45:35 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbehci.sys -- (usbehci)
DRV - [2008/04/13 14:45:35 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbuhci.sys -- (usbuhci)
DRV - [2008/04/13 14:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbscan.sys -- (usbscan)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2008/04/13 14:45:27 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\hidusb.sys -- (HidUsb)
DRV - [2008/04/13 14:45:13 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\drmkaud.sys -- (drmkaud)
DRV - [2008/04/13 14:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 14:45:09 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\kmixer.sys -- (kmixer)
DRV - [2008/04/13 14:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\swmidi.sys -- (swmidi)
DRV - [2008/04/13 14:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\splitter.sys -- (splitter)
DRV - [2008/04/13 14:45:01 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\dmusic.sys -- (DMusic)
DRV - [2008/04/13 14:44:46 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\dmio.sys -- (dmio)
DRV - [2008/04/13 14:44:40 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/13 14:41:22 | 000,018,560 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\i2omp.sys -- (i2omp)
DRV - [2008/04/13 14:41:22 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\i2omgmt.sys -- (i2omgmt)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\volsnap.sys -- (VolSnap)
DRV - [2008/04/13 14:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\imapi.sys -- (Imapi)
DRV - [2008/04/13 14:40:49 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\partmgr.sys -- (PartMgr)
DRV - [2008/04/13 14:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\disk.sys -- (Disk)
DRV - [2008/04/13 14:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\cdrom.sys -- (Cdrom)
DRV - [2008/04/13 14:40:31 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\viaide.sys -- (ViaIde)
DRV - [2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys -- (atapi)
DRV - [2008/04/13 14:40:29 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\intelide.sys -- (IntelIde)
DRV - [2008/04/13 14:40:27 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\redbook.sys -- (redbook)
DRV - [2008/04/13 14:40:25 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\fdc.sys -- (Fdc)
DRV - [2008/04/13 14:40:25 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/13 14:40:12 | 000,015,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\serenum.sys -- (serenum)
DRV - [2008/04/13 14:40:10 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\parport.sys -- (Parport)
DRV - [2008/04/13 14:39:53 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\swenum.sys -- (swenum)
DRV - [2008/04/13 14:39:52 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mskssrv.sys -- (MSKSSRV)
DRV - [2008/04/13 14:39:51 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mspqm.sys -- (MSPQM)
DRV - [2008/04/13 14:39:50 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mstee.sys -- (MSTEE)
DRV - [2008/04/13 14:39:50 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mspclock.sys -- (MSPCLOCK)
DRV - [2008/04/13 14:39:48 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\kbdhid.sys -- (kbdhid)
DRV - [2008/04/13 14:39:47 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/13 14:39:47 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\mouclass.sys -- (Mouclass)
DRV - [2008/04/13 14:39:46 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\update.sys -- (Update)
DRV - [2008/04/13 14:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\mountmgr.sys -- (MountMgr)
DRV - [2008/04/13 14:36:52 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\sr.sys -- (sr)
DRV - [2008/04/13 14:36:46 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mssmbios.sys -- (mssmbios)
DRV - [2008/04/13 14:36:44 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\pci.sys -- (PCI)
DRV - [2008/04/13 14:36:43 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 14:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\isapnp.sys -- (isapnp)
DRV - [2008/04/13 14:36:40 | 000,042,240 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\viaagp.sys -- (viaagp)
DRV - [2008/04/13 14:36:39 | 000,044,928 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\agpCPQ.sys -- (agpCPQ)
DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 14:36:38 | 000,042,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\alim1541.sys -- (alim1541)
DRV - [2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\agp440.sys -- (agp440)
DRV - [2008/04/13 14:36:35 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\acpi.sys -- (ACPI)
DRV - [2008/04/13 14:33:28 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\fips.sys -- (Fips)
DRV - [2008/04/13 14:32:59 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\fltmgr.sys -- (FltMgr)
DRV - [2008/04/13 14:32:51 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\rdpdr.sys -- (rdpdr)
DRV - [2008/04/13 14:32:44 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/13 14:32:39 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\npfs.sys -- (Npfs)
DRV - [2008/04/13 14:32:39 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\msfs.sys -- (Msfs)
DRV - [2008/04/13 14:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\udfs.sys -- (Udfs)
DRV - [2008/04/13 14:31:32 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\intelppm.sys -- (intelppm)
DRV - [2008/04/13 14:31:31 | 000,042,752 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\p3.sys -- (P3)
DRV - [2008/04/13 14:31:30 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\processr.sys -- (Processor)
DRV - [2008/04/13 12:39:23 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\aec.sys -- (aec)
DRV - [2007/11/13 06:25:53 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\WINDOWS\SYSTEM32\DRIVERS\secdrv.sys -- (Secdrv)
DRV - [2007/03/07 10:51:52 | 000,072,672 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\SYSTEM32\DRIVERS\LxrSII1d.sys -- (LxrSII1d)
DRV - [2006/12/12 12:28:26 | 000,052,224 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\BrSerIf.sys -- (BrSerIf)
DRV - [2006/11/12 20:58:56 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\MxlW2k.sys -- (MxlW2k)
DRV - [2006/10/18 20:00:00 | 000,038,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV - [2006/09/28 19:00:34 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\WudfRd.sys -- (WudfRd)
DRV - [2006/09/28 18:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\WudfPf.sys -- (WudfPf)
DRV - [2006/09/19 14:44:04 | 000,015,664 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2006/09/03 10:53:54 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\BrUsbSer.sys -- (BrUsbSer)
DRV - [2005/04/05 11:17:02 | 000,267,192 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2005/04/05 11:17:00 | 000,017,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2004/12/20 19:58:18 | 000,110,352 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2004/11/22 10:15:15 | 000,003,072 | ---- | M] () [Kernel | System] -- C:\Program Files\ewido\security suite\guard.sys -- (ewido security suite driver)
DRV - [2004/10/15 13:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004/08/04 01:29:49 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 01:29:47 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 01:29:45 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 01:29:43 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 01:29:42 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 01:29:41 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 01:29:37 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 01:29:37 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 01:29:37 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 01:29:36 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004/01/29 23:47:37 | 000,002,397 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\SYSTEM32\DRIVERS\symlcbrd.sys -- (symlcbrd)
DRV - [2003/10/06 15:16:00 | 001,550,043 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys -- (nv)
DRV - [2003/08/29 04:59:24 | 001,101,696 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\BCMSM.sys -- (BCMModem)
DRV - [2003/03/25 00:14:57 | 000,241,152 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\cdudf_xp.sys -- (cdudf_xp)
DRV - [2003/03/25 00:14:57 | 000,206,464 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\udfreadr_xp.sys -- (UdfReadr_xp)
DRV - [2003/03/25 00:14:57 | 000,139,674 | ---- | M] (Roxio) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\pwd_2K.sys -- (pwd_2k)
DRV - [2003/03/25 00:14:57 | 000,030,630 | ---- | M] (Roxio) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\Mmc_2k.sys -- (mmc_2K)
DRV - [2003/03/25 00:14:57 | 000,025,930 | ---- | M] (Roxio) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\Dvd_2k.sys -- (dvd_2K)
DRV - [2003/03/25 00:14:55 | 000,061,424 | ---- | M] (Roxio) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2003/03/25 00:14:55 | 000,023,436 | ---- | M] (Roxio) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\cdralw2k.sys -- (Cdralw2k)
DRV - [2002/11/28 04:26:38 | 000,609,792 | R--- | M] (Intersil Americas Inc.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\EXPSUSB.sys -- (PRISM_USB)
DRV - [2002/10/10 06:18:58 | 000,009,868 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\NMSCFG.SYS -- (NMSCFG)
DRV - [2002/09/19 16:59:50 | 000,139,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\e100b325.sys -- (E100B) Intel®
DRV - [2002/08/30 18:29:02 | 001,293,440 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\P16X.sys -- (P16X) Creative SB Live! Series (WDM)
DRV - [2002/08/29 07:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS -- (IpFilterDriver)
DRV - [2002/08/29 07:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFWD.SYS -- (NwlnkFwd)
DRV - [2002/08/29 07:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\CDAUDIO.SYS -- (Cdaudio)
DRV - [2002/08/29 07:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS -- (Ptilink)
DRV - [2002/08/29 07:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS -- (Raspti)
DRV - [2002/08/29 07:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFLT.SYS -- (NwlnkFlt)
DRV - [2002/08/29 07:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - [2002/08/29 07:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\ACPIEC.SYS -- (ACPIEC)
DRV - [2002/08/29 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS -- (RasAcd)
DRV - [2002/08/29 07:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\FS_REC.SYS -- (Fs_Rec)
DRV - [2002/08/29 07:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\SYSTEM32\DRIVERS\PARVDM.SYS -- (ParVdm)
DRV - [2002/08/29 07:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS -- (dmload)
DRV - [2002/08/29 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS -- (RDPCDD)
DRV - [2002/08/29 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\MNMDD.SYS -- (mnmdd)
DRV - [2002/08/29 07:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\NULL.SYS -- (Null)
DRV - [2002/08/29 07:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\SYSTEM32\WINSOCK.DLL -- (Winsock)
DRV - [2002/07/19 12:22:08 | 000,017,153 | ---- | M] (Dell Computer Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/05/03 15:56:24 | 000,024,528 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\sqcaptur.sys -- (DCamUSBSQTECH)
DRV - [2001/08/17 16:07:44 | 000,025,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\hpn.sys -- (hpn)
DRV - [2001/08/17 16:07:44 | 000,020,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\dpti2o.sys -- (dpti2o)
DRV - [2001/08/17 16:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 16:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 16:07:42 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\perc2hib.sys -- (perc2hib)
DRV - [2001/08/17 16:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 16:07:40 | 000,027,296 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\perc2.sys -- (perc2)
DRV - [2001/08/17 16:07:38 | 000,056,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aic78xx.sys -- (aic78xx)
DRV - [2001/08/17 16:07:36 | 000,055,168 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aic78u2.sys -- (aic78u2)
DRV - [2001/08/17 16:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 16:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 16:07:32 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\adpu160m.sys -- (adpu160m)
DRV - [2001/08/17 15:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS -- (audstub)
DRV - [2001/08/17 15:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 15:52:50 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\FTDISK.SYS -- (Ftdisk)
DRV - [2001/08/17 15:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 15:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 15:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 15:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 15:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 15:52:16 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql1240.sys -- (ql1240)
DRV - [2001/08/17 15:52:16 | 000,033,152 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql10wnt.sys -- (Ql10wnt)
DRV - [2001/08/17 15:52:16 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\dac960nt.sys -- (dac960nt)
DRV - [2001/08/17 15:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 15:52:08 | 000,016,000 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ini910u.sys -- (ini910u)
DRV - [2001/08/17 15:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\CBIDF2K.SYS -- (cbidf2k)
DRV - [2001/08/17 15:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cbidf2k.sys -- (cbidf)
DRV - [2001/08/17 15:52:06 | 000,014,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cpqarray.sys -- (Cpqarray)
DRV - [2001/08/17 15:52:06 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys -- (cd20xrnt)
DRV - [2001/08/17 15:52:04 | 000,022,400 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\asc3350p.sys -- (asc3350p)
DRV - [2001/08/17 15:52:04 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\amsint.sys -- (amsint)
DRV - [2001/08/17 15:52:02 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aha154x.sys -- (Aha154x)
DRV - [2001/08/17 15:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 15:52:00 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS -- (abp480n5)
DRV - [2001/08/17 15:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 15:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 15:51:56 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\toside.sys -- (TosIde)
DRV - [2001/08/17 15:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 15:51:52 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDE.SYS -- (PCIIde)
DRV - [2001/08/17 15:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mouhid.sys -- (mouhid)
DRV - [2001/08/17 14:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)
DRV - [2000/01/21 03:16:26 | 000,004,416 | ---- | M] (FreeAmp Open Source Development Effort) [Kernel | On_Demand] -- C:\Documents and Settings\BRAD\Desktop\Win95\WINDOWS95 (F)\Program Files\FreeAmp\portio.sys -- (portio)
DRV - [1999/12/17 03:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto] -- C:\WINDOWS\SYSTEM32\PFMODNT.SYS -- (PfModNT)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_Url = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Local Page = http://www.008i.com/
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dellnet.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System32\blank.htm
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&fr=yie7c
IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\BRAD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTe...-8&fr=b1ie7
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Guest_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Guest_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&fr=yie7c
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://freshvideogals.com/search/
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\JESSICA_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
IE - HKU\JESSICA_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\JESSICA_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\Jessie_II_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
IE - HKU\Jessie_II_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Jessie_II_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\Jessie_II_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jessie_II_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Roo_Boy_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
IE - HKU\Roo_Boy_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Roo_Boy_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\Roo_Boy_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
IE - HKU\Roo_Boy_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\sweetie_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\sweetie_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\sweetie_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\sweetie_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://news.yahoo.com [binary data]
IE - HKU\sweetie_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKU\sweetie_ON_C\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKU\sweetie_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\sweetie_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
IE - HKU\sweetie_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\sweetie_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/07/30 23:35:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 03:00:55 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010/04/27 15:25:23 | 000,000,098 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O3 - HKU\BRAD_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O3 - HKU\BRAD_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O3 - HKU\BRAD_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKU\BRAD_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O3 - HKU\Guest_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKU\JESSICA_ON_C\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKU\JESSICA_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O3 - HKU\JESSICA_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O3 - HKU\JESSICA_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKU\JESSICA_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O3 - HKU\Roo_Boy_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKU\sweetie_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O3 - HKU\sweetie_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O3 - HKU\sweetie_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKU\sweetie_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe (Roxio)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [BCMSMMSG] C:\WINDOWS\BCMSMMSG.exe (Broadcom Corporation)
O4 - HKLM..\Run: [diagent] C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DVDSentry] C:\WINDOWS\SYSTEM32\DSentry.exe (Dell - Advanced Desktop Engineering)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.)
O4 - HKLM..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe (TODO: <Company name>)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [Run StartupMonitor] C:\WINDOWS\StartupMonitor.exe ()
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\.DEFAULT..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE (Symantec Corporation)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\BRAD_ON_C..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\Guest_ON_C..\Run: [msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe File not found
O4 - HKU\JESSICA_ON_C..\Run: [asg984jgkfmgasi8ug98jgkfgfb] C:\DOCUME~1\JESSICA\LOCALS~1\Temp\win32.exe File not found
O4 - HKU\JESSICA_ON_C..\Run: [Bjqctllf] C:\WINDOWS\System32\ѕсanregw.exe File not found
O4 - HKU\JESSICA_ON_C..\Run: [cdloader] C:\Documents and Settings\JESSICA\Application Data\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\JESSICA_ON_C..\Run: [License Manager] C:\Program Files\License_Manager\license_manager.exe File not found
O4 - HKU\JESSICA_ON_C..\Run: [LxrAutorun] C:\Documents and Settings\JESSICA\Local Settings\Application Data\Lexar Media\LxrAutorun.exe ()
O4 - HKU\JESSICA_ON_C..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\JESSICA_ON_C..\Run: [Remote System Protection] C:\WINDOWS\System32\j0ojz.DLL File not found
O4 - HKU\JESSICA_ON_C..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\JESSICA_ON_C..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\JESSICA_ON_C..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\Jessie_II_ON_C..\Run: [cdloader] C:\Documents and Settings\Jessie II\Application Data\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\Jessie_II_ON_C..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\sweetie_ON_C..\Run: [Aim6] C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe File not found
O4 - HKU\sweetie_ON_C..\Run: [DW4] C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe File not found
O4 - HKU\sweetie_ON_C..\Run: [MySpaceIM] C:\Documents and Settings\sweetie\Application Data\MySpace\IM\bin\MySpaceIM.exe ()
O4 - HKU\sweetie_ON_C..\Run: [sysav] C:\Documents and Settings\sweetie\Application Data\pcdefender.exe File not found
O4 - HKU\Administrator_ON_C..\RunOnce: [SpybotDeletingB4583] C:\WINDOWS\System32\COMMAND.COM ()
O4 - HKU\Administrator_ON_C..\RunOnce: [SpybotDeletingB8401] C:\WINDOWS\System32\COMMAND.COM ()
O4 - HKU\Administrator_ON_C..\RunOnce: [SpybotDeletingD1752] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\Administrator_ON_C..\RunOnce: [SpybotDeletingD4762] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = _ [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: Wallpaper =
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\Guest_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\JESSICA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\JESSICA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\JESSICA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\JESSICA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\Jessie_II_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Roo_Boy_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\sweetie_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\SYSTEM32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\SYSTEM32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\SYSTEM32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {00000075-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/voxacm.CAB (Reg Error: Key error.)
O16 - DPF: {00000161-0000-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/msaudio.cab (Reg Error: Key error.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shock...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/3/9...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} http://download.microsoft.com/download/0/5...b?1093178266312 (MSSecurityAdvisor Class)
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} https://wavenet2.sentara.com/cabs/wficat4.cab (Citrix ICA Client)
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab (Yahoo! Audio Conferencing)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/0/A...01F/wmvadvd.cab (Reg Error: Key error.)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1135615252062 (MUWebControl Class)
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} http://chat.yahoo.com/cab/yacsui.cab (Yahoo! Audio UI1)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab (ZoneIntro Class)
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} http://www.wickedgarden.com/Uploader/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://navlink.uk.navigantconsulting.com/d...perSetupSP1.cab (JuniperSetupSP1 Control)
O16 - DPF: ConferenceRoom Java Client http://www.streamchat.com:8000/java/cr.cab (Reg Error: Key error.)
O16 - DPF: DigiChat Applet http://palatka.digi-net.com/DigiChat/DigiC..._IE_5_1_0_1.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O16 - DPF: Web-Based Email Tools http://email.secureserver.net/Download.CAB (Reg Error: Key error.)
O16 - DPF: Yahoo! Backgammon http://download.games.yahoo.com/games/clients/y/at1_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Blackjack http://download.games.yahoo.com/games/clients/y/jt0_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Chat http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Checkers http://download.games.yahoo.com/games/clients/y/kt4_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Chess http://download.games.yahoo.com/games/clients/y/ct2_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Chinese Checkers http://download.games.yahoo.com/games/clients/y/cct0_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Euchre http://download.games.yahoo.com/games/clients/y/et3_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Go Fish http://download.games.yahoo.com/games/clients/y/zt3_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! MahJong http://download.games.yahoo.com/games/clients/y/ot0_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! MahJong Solitaire http://download.games.yahoo.com/games/clients/y/mjst4_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Poker http://download.games.yahoo.com/games/clients/y/pt3_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Pool 2 http://download.games.yahoo.com/games/clients/y/pote_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Pyramids http://download.games.yahoo.com/games/clients/y/pyt1_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Reversi http://download.games.yahoo.com/games/clients/y/rt0_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Towers 2.0 http://download.games.yahoo.com/games/clients/y/ywt0_x.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\SYSTEM32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\SYSTEM32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\SYSTEM32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\SYSTEM32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\SYSTEM32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\SYSTEM32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\SYSTEM32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\System32\WPDShServiceObj.dll File not found
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\F\Shell\phone\command - "" = F:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/04/27 15:19:36 | 000,552,448 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2010/04/27 15:16:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/04/24 04:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jessie II\Local Settings\Application Data\Google
[2010/04/15 19:24:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jessie II\Local Settings\Application Data\ABBYY
[2010/04/13 07:17:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sweetie\My Documents\Downloads
[2010/04/12 15:24:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jessie II\Local Settings\Application Data\Apple
[2010/04/04 20:41:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Guest\Application Data\skypePM
[2010/04/03 14:37:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jessie II\Application Data\Brother
[2004/02/21 12:58:44 | 000,103,936 | ---- | C] (Soeperman Enterprises Ltd.) -- C:\Program Files\CWShredder.exe
[2003/03/18 14:25:45 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[1 C:\Documents and Settings\sweetie\Application Data\*.tmp files -> C:\Documents and Settings\sweetie\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\JESSICA\*.tmp files -> C:\Documents and Settings\JESSICA\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/04/27 17:46:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2010/04/24 06:56:44 | 000,237,568 | ---- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010/04/24 06:56:44 | 000,233,472 | ---- | M] () -- C:\Documents and Settings\LocalService\ntuser.dat
[2010/04/24 06:56:33 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/24 06:56:18 | 005,505,024 | ---- | M] () -- C:\Documents and Settings\BRAD\ntuser.dat
[2010/04/24 06:56:18 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\BRAD\NTUSER.INI
[2010/04/24 06:56:13 | 006,479,892 | -H-- | M] () -- C:\Documents and Settings\BRAD\Local Settings\Application Data\IconCache.db
[2010/04/24 06:56:02 | 003,407,872 | -H-- | M] () -- C:\Documents and Settings\Jessie II\NTUSER.DAT
[2010/04/24 06:56:02 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Jessie II\NTUSER.INI
[2010/04/24 06:55:01 | 007,010,904 | -H-- | M] () -- C:\Documents and Settings\Jessie II\Local Settings\Application Data\IconCache.db
[2010/04/24 06:53:54 | 007,077,888 | ---- | M] () -- C:\Documents and Settings\JESSICA\ntuser.dat
[2010/04/24 06:53:45 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\sweetie\ntuser.dat
[2010/04/24 06:53:39 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\Roo Boy\ntuser.dat
[2010/04/24 06:53:35 | 001,048,576 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/04/24 06:53:34 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\Guest\ntuser.dat
[2010/04/24 06:52:03 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/24 05:59:29 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2010/04/24 04:52:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/24 04:30:15 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2010/04/24 01:53:06 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/04/23 22:36:07 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\JESSICA\NTUSER.INI
[2010/04/23 22:36:02 | 007,547,994 | -H-- | M] () -- C:\Documents and Settings\JESSICA\Local Settings\Application Data\IconCache.db
[2010/04/23 22:34:45 | 002,637,740 | -H-- | M] () -- C:\Documents and Settings\Guest\Local Settings\Application Data\IconCache.db
[2010/04/23 21:07:15 | 000,000,088 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2010/04/23 17:31:58 | 000,083,968 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\money calendar.xls
[2010/04/23 09:30:39 | 000,552,448 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe
[2010/04/23 07:07:12 | 000,153,749 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\e01_23056097.jpg
[2010/04/20 19:03:23 | 001,313,574 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\attachments_2010_04_20.zip
[2010/04/20 18:41:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/04/20 17:45:09 | 000,009,906 | ---- | M] () -- C:\Documents and Settings\Guest\My Documents\Game 4 Renn Schmor stats.docx
[2010/04/20 17:37:28 | 000,011,923 | ---- | M] () -- C:\Documents and Settings\Guest\My Documents\Game 3 Renn Schmor stats.docx
[2010/04/20 06:21:18 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/04/19 22:37:22 | 000,042,228 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\amenityhourtracker_04_17_10.xlsx
[2010/04/19 22:29:33 | 000,095,301 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\EDIWatchTracker_04_17_10.xlsx
[2010/04/19 22:16:02 | 000,124,825 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\Jess_Co_tracker_04_24_10.xlsx
[2010/04/19 22:05:43 | 000,123,815 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\Jess_Co_tracker_04_17_10(1).xlsx
[2010/04/19 15:24:46 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/04/15 19:36:55 | 000,212,722 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\receipts.docx
[2010/04/14 04:22:49 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/04/13 07:18:16 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\sweetie\NTUSER.INI
[2010/04/13 07:18:07 | 010,206,880 | -H-- | M] () -- C:\Documents and Settings\sweetie\Local Settings\Application Data\IconCache.db
[2010/04/08 23:24:56 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\Doc1[1].doc
[2010/04/04 20:40:53 | 000,082,072 | ---- | M] () -- C:\Documents and Settings\Guest\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/04/03 14:40:28 | 000,801,772 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\ediwatch.docx
[2010/04/03 14:37:13 | 000,000,426 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010/03/30 07:21:58 | 000,177,576 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[1 C:\Documents and Settings\sweetie\Application Data\*.tmp files -> C:\Documents and Settings\sweetie\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\JESSICA\*.tmp files -> C:\Documents and Settings\JESSICA\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/04/23 07:14:11 | 000,153,749 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\e01_23056097.jpg
[2010/04/20 19:03:17 | 001,313,574 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\attachments_2010_04_20.zip
[2010/04/20 17:45:09 | 000,009,906 | ---- | C] () -- C:\Documents and Settings\Guest\My Documents\Game 4 Renn Schmor stats.docx
[2010/04/20 17:37:27 | 000,011,923 | ---- | C] () -- C:\Documents and Settings\Guest\My Documents\Game 3 Renn Schmor stats.docx
[2010/04/19 22:29:33 | 000,095,301 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\EDIWatchTracker_04_17_10.xlsx
[2010/04/19 22:19:04 | 000,042,228 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\amenityhourtracker_04_17_10.xlsx
[2010/04/19 22:16:01 | 000,124,825 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\Jess_Co_tracker_04_24_10.xlsx
[2010/04/19 22:05:43 | 000,123,815 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\Jess_Co_tracker_04_17_10(1).xlsx
[2010/04/15 19:36:52 | 000,212,722 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\receipts.docx
[2010/04/08 23:24:55 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\Doc1[1].doc
[2010/04/03 14:40:27 | 000,801,772 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\ediwatch.docx
[2010/03/20 01:55:37 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Jessie II\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/08 08:39:36 | 000,177,576 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/02/28 15:31:58 | 000,003,644 | -HS- | C] () -- C:\Documents and Settings\Jessie II\Local Settings\Application Data\RYWytq56AV
[2010/02/26 21:08:38 | 000,000,967 | ---- | C] () -- C:\Documents and Settings\Jessie II\Application Data\BBMS_EXCEPTION.txt
[2010/02/26 21:02:59 | 003,407,872 | -H-- | C] () -- C:\Documents and Settings\Jessie II\NTUSER.DAT
[2010/02/26 21:02:59 | 000,020,480 | -H-- | C] () -- C:\Documents and Settings\Jessie II\ntuser.dat.LOG
[2010/02/26 21:02:59 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Jessie II\NTUSER.INI
[2010/02/23 19:19:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\ggward.sys
[2010/02/23 19:17:47 | 000,010,970 | -HS- | C] () -- C:\Documents and Settings\JESSICA\Local Settings\Application Data\iHFx3
[2010/02/21 22:08:46 | 000,000,426 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/02/21 18:18:51 | 000,013,556 | -HS- | C] () -- C:\Documents and Settings\JESSICA\Local Settings\Application Data\e1wnOl
[2010/02/20 18:53:21 | 007,077,888 | ---- | C] () -- C:\Documents and Settings\JESSICA\ntuser.dat
[2010/02/20 18:49:46 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2010/02/20 18:49:46 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2010/02/20 18:48:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2010/02/20 18:48:02 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2010/02/20 18:43:41 | 000,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009/12/16 23:11:08 | 000,008,610 | ---- | C] () -- C:\Documents and Settings\JESSICA\Application Data\BBMS_EXCEPTION.txt
[2009/11/22 23:38:30 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\sweetie\Local Settings\Application Data\d3d9caps.dat
[2009/05/13 21:44:24 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/04/01 07:49:02 | 000,003,774 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\A6D19C89-7F32-4A54-A401-B275DFAB6975.txt
[2009/04/01 06:35:21 | 000,004,610 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\A6D19C89-7F32-4A54-A401-B275DFAB6975.txt
[2009/04/01 01:56:26 | 000,002,494 | ---- | C] () -- C:\Documents and Settings\JESSICA\Local Settings\Application Data\A6D19C89-7F32-4A54-A401-B275DFAB6975.txt
[2009/02/25 22:40:35 | 000,072,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrSII1d.sys
[2008/08/29 15:00:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Roo Boy\jagex_runescape_preferences.dat
[2008/07/17 07:04:20 | 000,001,011 | ---- | C] () -- C:\Documents and Settings\JESSICA\.airappinstall.log
[2008/07/17 07:04:20 | 000,000,412 | ---- | C] () -- C:\Documents and Settings\JESSICA\.airinstall.log
[2008/06/19 20:43:03 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\Roo Boy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/13 08:44:18 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\Guest\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/07/17 13:09:38 | 001,099,004 | ---- | C] () -- C:\Documents and Settings\Roo Boy\Application Data\Install.dat
[2007/06/27 20:25:27 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\Roo Boy\ntuser.dat.LOG
[2007/06/27 20:25:27 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\Roo Boy\NTUSER.INI
[2007/06/27 20:25:26 | 003,145,728 | -H-- | C] () -- C:\Documents and Settings\Roo Boy\ntuser.dat
[2007/04/14 20:59:23 | 000,000,108 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2007/01/12 21:48:54 | 000,000,027 | ---- | C] () -- C:\WINDOWS\webica.ini
[2006/12/26 19:31:38 | 000,000,219 | ---- | C] () -- C:\WINDOWS\apoapp.INI
[2006/10/01 14:53:40 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2006/09/30 09:40:10 | 000,000,121 | ---- | C] () -- C:\Documents and Settings\JESSICA\Application Data\SQSDRVRM.SYS
[2006/09/30 09:37:11 | 000,000,069 | ---- | C] () -- C:\Documents and Settings\JESSICA\Application Data\RipEditBurn.ini
[2006/09/30 09:36:36 | 000,000,036 | ---- | C] () -- C:\WINDOWS\System32\drvlock.sys
[2006/09/30 09:36:36 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\symbios.sys
[2006/07/20 21:30:19 | 003,670,016 | -H-- | C] () -- C:\Documents and Settings\sweetie\ntuser.dat
[2006/07/20 21:30:19 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\sweetie\ntuser.dat.LOG
[2006/07/20 21:30:19 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\sweetie\NTUSER.INI
[2006/07/17 17:57:17 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/06/22 20:25:22 | 000,233,472 | ---- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat
[2006/05/31 06:23:24 | 000,049,465 | ---- | C] () -- C:\Program Files\moviepass Terms.html
[2006/05/09 21:23:39 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\JESSICA\usb3
[2006/01/30 08:42:22 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2005/12/12 14:17:27 | 002,235,201 | ---- | C] () -- C:\Documents and Settings\BRAD\Application Data\Install.dat
[2005/11/19 18:09:55 | 000,000,021 | ---- | C] () -- C:\WINDOWS\dvdsentry.ini._eac_qt_
[2005/04/01 03:06:57 | 000,003,894 | ---- | C] () -- C:\WINDOWS\aoetkc.dll
[2005/03/30 22:05:13 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/03/29 19:26:22 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2005/03/29 19:22:14 | 000,000,045 | ---- | C] () -- C:\WINDOWS\DGIMEOOM.ini
[2005/03/20 21:12:48 | 000,081,920 | -H-- | C] () -- C:\Documents and Settings\Administrator\ntuser.dat.LOG
[2005/03/20 21:12:48 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Administrator\NTUSER.INI
[2005/03/20 21:12:47 | 001,048,576 | -H-- | C] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2005/03/06 11:47:17 | 000,374,784 | ---- | C] () -- C:\WINDOWS\3dg32.dll
[2005/01/06 19:44:10 | 000,000,004 | ---- | C] () -- C:\WINDOWS\info147.sys
[2004/12/03 21:14:02 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\BRAD\Local Settings\Application Data\fusioncache.dat
[2004/05/30 17:15:46 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\JESSICA\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/05/15 15:21:36 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2004/05/15 15:21:36 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2004/05/15 15:21:36 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2004/05/08 21:15:19 | 000,000,112 | ---- | C] () -- C:\WINDOWS\WEBLINK.INI
[2004/04/20 02:24:57 | 000,004,056 | ---- | C] () -- C:\Program Files\asd.hta
[2004/04/17 02:50:34 | 000,000,002 | ---- | C] () -- C:\WINDOWS\System32\nthst32.dll
[2004/03/28 22:45:18 | 000,003,735 | ---- | C] () -- C:\WINDOWS\ISISAIHP.INI
[2004/03/28 22:45:18 | 000,000,988 | ---- | C] () -- C:\WINDOWS\ISISAIM.INI
[2004/02/22 11:55:32 | 000,000,401 | ---- | C] () -- C:\WINDOWS\CHEMDRAW.INI
[2004/02/05 22:50:36 | 000,000,048 | ---- | C] () -- C:\WINDOWS\PerWin.ini
[2004/01/29 23:47:37 | 000,002,397 | ---- | C] () -- C:\WINDOWS\System32\drivers\symlcbrd.sys
[2003/12/24 20:42:55 | 000,000,887 | ---- | C] () -- C:\WINDOWS\ACROREAD.INI
[2003/12/12 22:36:22 | 000,000,021 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2003/11/28 18:31:18 | 000,000,573 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2003/11/28 17:14:01 | 000,000,058 | ---- | C] () -- C:\WINDOWS\MADCCX.INI
[2003/11/28 17:10:44 | 000,000,047 | ---- | C] () -- C:\WINDOWS\STRINGS.INI
[2003/11/28 17:09:42 | 000,000,306 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2003/11/28 17:09:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MADCCS.INI
[2003/11/28 17:09:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MADCCF.INI
[2003/11/28 16:58:03 | 000,000,116 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2003/11/28 16:33:30 | 000,000,032 | ---- | C] () -- C:\WINDOWS\cdhome.ini
[2003/11/27 09:59:09 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\spkpsys.ini
[2003/10/06 15:16:00 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\nvcod.dll
[2003/09/23 19:24:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2003/07/31 17:32:07 | 000,000,298 | ---- | C] () -- C:\WINDOWS\atl_save.ini
[2003/06/26 01:18:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2003/06/10 09:32:46 | 000,188,644 | ---- | C] () -- C:\Documents and Settings\JESSICA\~
[2003/05/30 19:08:52 | 000,001,266 | ---- | C] () -- C:\WINDOWS\disney.ini
[2003/05/21 17:09:23 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\TTSServer.dll
[2003/03/27 21:38:16 | 003,145,728 | -H-- | C] () -- C:\Documents and Settings\Guest\ntuser.dat
[2003/03/27 21:38:16 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\Guest\ntuser.dat.LOG
[2003/03/27 21:38:16 | 000,000,180 | -HS- | C] () -- C:\Documents and Settings\Guest\NTUSER.INI
[2003/03/27 17:48:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2003/03/26 23:37:35 | 000,002,006 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2003/03/24 07:26:54 | 000,006,739 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2003/03/23 21:41:35 | 000,000,729 | ---- | C] () -- C:\WINDOWS\fantasy2.ini
[2003/03/23 21:41:35 | 000,000,525 | ---- | C] () -- C:\WINDOWS\photoprn.ini
[2003/03/23 21:41:35 | 000,000,428 | ---- | C] () -- C:\WINDOWS\pstudio.ini
[2003/03/23 21:41:10 | 000,000,021 | ---- | C] () -- C:\WINDOWS\ccam_suite.ini
[2003/03/23 00:54:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\BRAD\Application Data\dm.ini
[2003/03/21 09:14:31 | 000,002,970 | ---- | C] () -- C:\WINDOWS\VTruck1.ini
[2003/03/21 09:11:55 | 000,000,749 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2003/03/21 02:43:25 | 000,107,520 | ---- | C] () -- C:\Documents and Settings\BRAD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/03/20 17:54:17 | 000,020,480 | -H-- | C] () -- C:\Documents and Settings\BRAD\ntuser.dat.LOG
[2003/03/20 17:54:17 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\BRAD\NTUSER.INI
[2003/03/20 17:54:16 | 005,505,024 | ---- | C] () -- C:\Documents and Settings\BRAD\ntuser.dat
[2003/03/20 16:43:41 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\JESSICA\ntuser.dat.LOG
[2003/03/20 16:43:41 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\JESSICA\NTUSER.INI
[2003/03/18 14:36:34 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/03/18 14:26:00 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2003/03/18 14:25:46 | 000,039,936 | ---- | C] () -- C:\WINDOWS\System32\P16X.dll
[2003/03/18 14:25:46 | 000,002,092 | ---- | C] () -- C:\WINDOWS\System32\P16X.ini
[2003/03/18 14:25:46 | 000,000,026 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2003/03/18 14:25:45 | 000,006,175 | ---- | C] () -- C:\WINDOWS\MIXDEF.INI
[2003/03/18 14:25:45 | 000,005,917 | ---- | C] () -- C:\WINDOWS\SBMIXDEF.INI
[2003/03/18 14:25:45 | 000,000,064 | ---- | C] () -- C:\WINDOWS\P16x.ini
[2003/03/18 14:25:17 | 000,000,245 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2003/03/18 14:23:08 | 000,000,788 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/03/18 14:14:52 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[2003/03/18 14:14:52 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat.LOG
[2003/03/18 14:10:52 | 000,008,192 | -H-- | C] () -- C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\NTUSER.DAT.LOG
[2003/03/18 14:01:58 | 000,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2002/12/10 00:00:00 | 001,708,032 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[2002/12/10 00:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[2002/12/10 00:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[2002/12/10 00:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[2002/11/13 03:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2002/09/09 16:58:38 | 000,000,784 | ---- | C] () -- C:\WINDOWS\LRUN32.INI
[2002/09/09 16:54:34 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2002/09/03 11:05:20 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.INI
[2002/09/03 11:05:20 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\LocalService\NTUSER.INI
[2002/08/29 07:00:00 | 000,001,024 | ---- | C] () -- C:\WINDOWS\ONETW.DRV
[2002/02/06 11:04:14 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\NMSInst.dll
[2002/01/21 16:17:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PROInst.dll
[1980/01/01 08:00:00 | 000,237,568 | ---- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[1980/01/01 02:00:00 | 000,262,144 | ---- | C] () -- C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\ntuser.dat

========== LOP Check ==========

[2008/10/07 17:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\eAcceleration
[2005/04/06 20:43:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\alta
[2008/03/16 01:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\eAcceleration
[2005/03/24 22:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\iemv
[2003/03/23 00:56:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\InterTrust
[2004/09/05 15:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\pixelStorm
[2009/04/27 17:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\Research In Motion
[2005/03/07 09:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\{12EE7A5E-0674-42f9-A76B-000000004D00}
[2008/06/06 19:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\eAcceleration
[2009/04/24 17:34:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\Research In Motion
[2006/07/22 11:57:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\acccore
[2005/04/07 17:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\alta
[2009/04/01 04:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\avvpvyms
[2005/02/12 17:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\Broderbund Software
[2010/02/08 23:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\Facebook
[2009/11/02 22:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\GetRightToGo
[2007/01/12 22:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\ICAClient
[2008/10/28 17:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\Juniper Networks
[2010/02/22 22:51:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\mjusbsp
[2009/05/10 15:40:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\Research In Motion
[2007/11/20 22:28:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\Viewpoint
[2005/03/30 07:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\WeatherBug
[2008/09/15 11:47:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\webex
[2005/03/06 22:50:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\{12EE7A5E-0674-42f9-A76B-000000004D00}
[2010/03/02 00:57:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jessie II\Application Data\mjusbsp
[2010/02/26 21:08:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jessie II\Application Data\Research In Motion
[2008/08/10 17:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roo Boy\Application Data\alot
[2008/06/08 10:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roo Boy\Application Data\eAcceleration
[2006/07/20 21:35:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sweetie\Application Data\acccore
[2008/03/16 11:53:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sweetie\Application Data\eAcceleration
[2008/11/21 18:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sweetie\Application Data\Viewpoint
[2006/07/23 19:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sweetie\Application Data\WeatherBug
[2010/04/20 18:41:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010/04/24 01:53:06 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2005/03/27 22:21:18 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\XoftSpy.job

========== Purity Check ==========


< End of report >



#12 Brad1973

Brad1973
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:23 PM

Posted 27 April 2010 - 03:28 PM

OK I replied to your previous post before I saw that you modified the OTL scan.

I ran it again, with the extra material in the "Custom Scan/Fixes" window.

Here's the new scan result:

OTL logfile created on: 4/27/2010 8:17:26 PM - Run
OTLPE by OldTimer - Version 3.1.38.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 264.00 Mb Available Physical Memory | 52.00% Memory free
459.00 Mb Paging File | 321.00 Mb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.75 Gb Total Space | 60.87 Gb Free Space | 54.47% Space Free | Partition Type: NTFS
Drive D: | 1.86 Gb Total Space | 1.86 Gb Free Space | 99.69% Space Free | Partition Type: FAT
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 276.80 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled] -- -- (sctywgbnhxvwgip)
SRV - File not found [Disabled] -- -- (eejsxalvmcwj)
SRV - File not found [Disabled] -- -- (DigiChat_4.0_Server)
SRV - [2009/12/09 19:02:38 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/09/29 10:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/09/21 20:04:22 | 001,028,432 | ---- | M] (Lavasoft) [Auto] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2007/03/07 10:51:52 | 000,049,152 | ---- | M] () [Auto] -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s)
SRV - [2005/12/19 21:41:49 | 000,151,616 | ---- | M] (ewido networks) [Disabled] -- C:\Program Files\ewido\security suite\ewidoguard.exe -- (ewido security suite guard)
SRV - [2005/11/30 05:47:52 | 000,013,888 | ---- | M] (ewido networks) [Disabled] -- C:\Program Files\ewido\security suite\ewidoctrl.exe -- (ewido security suite control)
SRV - [2005/04/05 11:17:22 | 000,206,552 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2004/11/02 17:59:50 | 000,316,544 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC)
SRV - [2004/01/29 23:47:37 | 000,585,728 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2003/06/24 19:23:10 | 000,066,784 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe -- (SBService)
SRV - [2002/10/10 06:18:36 | 001,118,208 | ---- | M] (Intel Corporation) [On_Demand] -- C:\WINDOWS\SYSTEM32\NMSSvc.Exe -- (NMSSvc) Intel®


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | Disabled] -- -- (Simbad)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (nenum13E)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand] -- -- (iAimTV2)
DRV - File not found [Kernel | On_Demand] -- -- (ComFiltr)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (bvrp_pci)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - File not found [Kernel | On_Demand] -- -- (ATWPKT2)
DRV - File not found [Kernel | Disabled] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled] -- -- (Abiosdsk)
DRV - [2010/02/24 09:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\mrxsmb.sys -- (MRxSmb)
DRV - [2009/12/31 12:50:03 | 000,353,792 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\srv.sys -- (Srv)
DRV - [2009/12/02 16:23:40 | 000,149,040 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\MpFilter.sys -- (MpFilter)
DRV - [2009/10/20 12:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\http.sys -- (HTTP)
DRV - [2009/06/24 07:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\ksecdd.sys -- (KSecDD)
DRV - [2009/06/05 11:42:38 | 000,039,424 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbaapl.sys -- (USBAAPL)
DRV - [2009/04/24 20:04:31 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2008/08/14 06:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\tcpip.sys -- (Tcpip)
DRV - [2008/05/20 19:33:50 | 000,022,784 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\RimUsb.sys -- (RimUsb)
DRV - [2008/04/13 20:13:22 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\rdpwd.sys -- (RDPWD)
DRV - [2008/04/13 20:13:21 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\tdtcp.sys -- (TDTCP)
DRV - [2008/04/13 20:13:20 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\termdd.sys -- (TermDD)
DRV - [2008/04/13 20:13:20 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/13 15:28:39 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\rdbss.sys -- (Rdbss)
DRV - [2008/04/13 15:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\netbt.sys -- (NetBT)
DRV - [2008/04/13 15:20:42 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ndiswan.sys -- (NdisWan)
DRV - [2008/04/13 15:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\ndis.sys -- (NDIS)
DRV - [2008/04/13 15:19:48 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2008/04/13 15:19:43 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2008/04/13 15:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\ipsec.sys -- (IPSec)
DRV - [2008/04/13 15:18:00 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\i8042prt.sys -- (i8042prt)
DRV - [2008/04/13 15:17:18 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wdmaud.sys -- (wdmaud)
DRV - [2008/04/13 15:17:05 | 000,105,344 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\mup.sys -- (Mup)
DRV - [2008/04/13 15:15:55 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\sysaudio.sys -- (sysaudio)
DRV - [2008/04/13 15:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 15:15:45 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\serial.sys -- (Serial)
DRV - [2008/04/13 15:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 15:14:21 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 15:00:19 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\modem.sys -- (Modem)
DRV - [2008/04/13 14:57:32 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/13 14:57:29 | 000,040,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ndproxy.sys -- (NDProxy)
DRV - [2008/04/13 14:57:27 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/13 14:57:27 | 000,010,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ndistapi.sys -- (NdisTapi)
DRV - [2008/04/13 14:57:21 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanarp.sys -- (Wanarp)
DRV - [2008/04/13 14:57:15 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ipnat.sys -- (IpNat)
DRV - [2008/04/13 14:57:07 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2008/04/13 14:56:38 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\psched.sys -- (PSched)
DRV - [2008/04/13 14:56:32 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\msgpc.sys -- (Gpc)
DRV - [2008/04/13 14:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\netbios.sys -- (NetBIOS)
DRV - [2008/04/13 14:55:58 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/13 14:54:28 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\irenum.sys -- (IRENUM)
DRV - [2008/04/13 14:53:34 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ip6fw.sys -- (ip6fw)
DRV - [2008/04/13 14:51:25 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/13 14:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbprint.sys -- (usbprint)
DRV - [2008/04/13 14:46:25 | 000,085,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\nabtsfec.sys -- (NABTSFEC)
DRV - [2008/04/13 14:46:24 | 000,019,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wstcodec.sys -- (WSTCODEC)
DRV - [2008/04/13 14:46:23 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ccdecode.sys -- (CCDECODE)
DRV - [2008/04/13 14:46:23 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\slip.sys -- (SLIP)
DRV - [2008/04/13 14:46:22 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\ndisip.sys -- (NdisIP)
DRV - [2008/04/13 14:46:21 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\streamip.sys -- (streamip)
DRV - [2008/04/13 14:45:39 | 000,032,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbccgp.sys -- (usbccgp)
DRV - [2008/04/13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbstor.sys -- (USBSTOR)
DRV - [2008/04/13 14:45:37 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbhub.sys -- (usbhub)
DRV - [2008/04/13 14:45:35 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbehci.sys -- (usbehci)
DRV - [2008/04/13 14:45:35 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbuhci.sys -- (usbuhci)
DRV - [2008/04/13 14:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbscan.sys -- (usbscan)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2008/04/13 14:45:27 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\hidusb.sys -- (HidUsb)
DRV - [2008/04/13 14:45:13 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\drmkaud.sys -- (drmkaud)
DRV - [2008/04/13 14:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 14:45:09 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\kmixer.sys -- (kmixer)
DRV - [2008/04/13 14:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\swmidi.sys -- (swmidi)
DRV - [2008/04/13 14:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\splitter.sys -- (splitter)
DRV - [2008/04/13 14:45:01 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\dmusic.sys -- (DMusic)
DRV - [2008/04/13 14:44:46 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\dmio.sys -- (dmio)
DRV - [2008/04/13 14:44:40 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/13 14:41:22 | 000,018,560 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\i2omp.sys -- (i2omp)
DRV - [2008/04/13 14:41:22 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\i2omgmt.sys -- (i2omgmt)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\volsnap.sys -- (VolSnap)
DRV - [2008/04/13 14:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\imapi.sys -- (Imapi)
DRV - [2008/04/13 14:40:49 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\partmgr.sys -- (PartMgr)
DRV - [2008/04/13 14:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\disk.sys -- (Disk)
DRV - [2008/04/13 14:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\cdrom.sys -- (Cdrom)
DRV - [2008/04/13 14:40:31 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\viaide.sys -- (ViaIde)
DRV - [2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys -- (atapi)
DRV - [2008/04/13 14:40:29 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\intelide.sys -- (IntelIde)
DRV - [2008/04/13 14:40:27 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\redbook.sys -- (redbook)
DRV - [2008/04/13 14:40:25 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\fdc.sys -- (Fdc)
DRV - [2008/04/13 14:40:25 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/13 14:40:12 | 000,015,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\serenum.sys -- (serenum)
DRV - [2008/04/13 14:40:10 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\parport.sys -- (Parport)
DRV - [2008/04/13 14:39:53 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\swenum.sys -- (swenum)
DRV - [2008/04/13 14:39:52 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mskssrv.sys -- (MSKSSRV)
DRV - [2008/04/13 14:39:51 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mspqm.sys -- (MSPQM)
DRV - [2008/04/13 14:39:50 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mstee.sys -- (MSTEE)
DRV - [2008/04/13 14:39:50 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mspclock.sys -- (MSPCLOCK)
DRV - [2008/04/13 14:39:48 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\kbdhid.sys -- (kbdhid)
DRV - [2008/04/13 14:39:47 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/13 14:39:47 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\mouclass.sys -- (Mouclass)
DRV - [2008/04/13 14:39:46 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\update.sys -- (Update)
DRV - [2008/04/13 14:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\mountmgr.sys -- (MountMgr)
DRV - [2008/04/13 14:36:52 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\sr.sys -- (sr)
DRV - [2008/04/13 14:36:46 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mssmbios.sys -- (mssmbios)
DRV - [2008/04/13 14:36:44 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\pci.sys -- (PCI)
DRV - [2008/04/13 14:36:43 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 14:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\isapnp.sys -- (isapnp)
DRV - [2008/04/13 14:36:40 | 000,042,240 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\viaagp.sys -- (viaagp)
DRV - [2008/04/13 14:36:39 | 000,044,928 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\agpCPQ.sys -- (agpCPQ)
DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 14:36:38 | 000,042,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\alim1541.sys -- (alim1541)
DRV - [2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\agp440.sys -- (agp440)
DRV - [2008/04/13 14:36:35 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\acpi.sys -- (ACPI)
DRV - [2008/04/13 14:33:28 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\fips.sys -- (Fips)
DRV - [2008/04/13 14:32:59 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\fltmgr.sys -- (FltMgr)
DRV - [2008/04/13 14:32:51 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\rdpdr.sys -- (rdpdr)
DRV - [2008/04/13 14:32:44 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/13 14:32:39 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\npfs.sys -- (Npfs)
DRV - [2008/04/13 14:32:39 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\msfs.sys -- (Msfs)
DRV - [2008/04/13 14:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\udfs.sys -- (Udfs)
DRV - [2008/04/13 14:31:32 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\intelppm.sys -- (intelppm)
DRV - [2008/04/13 14:31:31 | 000,042,752 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\p3.sys -- (P3)
DRV - [2008/04/13 14:31:30 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\processr.sys -- (Processor)
DRV - [2008/04/13 12:39:23 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\aec.sys -- (aec)
DRV - [2007/11/13 06:25:53 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\WINDOWS\SYSTEM32\DRIVERS\secdrv.sys -- (Secdrv)
DRV - [2007/03/07 10:51:52 | 000,072,672 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\SYSTEM32\DRIVERS\LxrSII1d.sys -- (LxrSII1d)
DRV - [2006/12/12 12:28:26 | 000,052,224 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\BrSerIf.sys -- (BrSerIf)
DRV - [2006/11/12 20:58:56 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\MxlW2k.sys -- (MxlW2k)
DRV - [2006/10/18 20:00:00 | 000,038,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV - [2006/09/28 19:00:34 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\WudfRd.sys -- (WudfRd)
DRV - [2006/09/28 18:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\WudfPf.sys -- (WudfPf)
DRV - [2006/09/19 14:44:04 | 000,015,664 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2006/09/03 10:53:54 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\BrUsbSer.sys -- (BrUsbSer)
DRV - [2005/04/05 11:17:02 | 000,267,192 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2005/04/05 11:17:00 | 000,017,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2004/12/20 19:58:18 | 000,110,352 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2004/11/22 10:15:15 | 000,003,072 | ---- | M] () [Kernel | System] -- C:\Program Files\ewido\security suite\guard.sys -- (ewido security suite driver)
DRV - [2004/10/15 13:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004/08/04 01:29:49 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 01:29:47 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 01:29:45 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 01:29:43 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 01:29:42 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 01:29:41 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 01:29:37 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 01:29:37 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 01:29:37 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 01:29:36 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004/01/29 23:47:37 | 000,002,397 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\SYSTEM32\DRIVERS\symlcbrd.sys -- (symlcbrd)
DRV - [2003/10/06 15:16:00 | 001,550,043 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys -- (nv)
DRV - [2003/08/29 04:59:24 | 001,101,696 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\BCMSM.sys -- (BCMModem)
DRV - [2003/03/25 00:14:57 | 000,241,152 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\cdudf_xp.sys -- (cdudf_xp)
DRV - [2003/03/25 00:14:57 | 000,206,464 | ---- | M] (Roxio) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\udfreadr_xp.sys -- (UdfReadr_xp)
DRV - [2003/03/25 00:14:57 | 000,139,674 | ---- | M] (Roxio) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\pwd_2K.sys -- (pwd_2k)
DRV - [2003/03/25 00:14:57 | 000,030,630 | ---- | M] (Roxio) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\Mmc_2k.sys -- (mmc_2K)
DRV - [2003/03/25 00:14:57 | 000,025,930 | ---- | M] (Roxio) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\Dvd_2k.sys -- (dvd_2K)
DRV - [2003/03/25 00:14:55 | 000,061,424 | ---- | M] (Roxio) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2003/03/25 00:14:55 | 000,023,436 | ---- | M] (Roxio) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\cdralw2k.sys -- (Cdralw2k)
DRV - [2002/11/28 04:26:38 | 000,609,792 | R--- | M] (Intersil Americas Inc.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\EXPSUSB.sys -- (PRISM_USB)
DRV - [2002/10/10 06:18:58 | 000,009,868 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\NMSCFG.SYS -- (NMSCFG)
DRV - [2002/09/19 16:59:50 | 000,139,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\e100b325.sys -- (E100B) Intel®
DRV - [2002/08/30 18:29:02 | 001,293,440 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\P16X.sys -- (P16X) Creative SB Live! Series (WDM)
DRV - [2002/08/29 07:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS -- (IpFilterDriver)
DRV - [2002/08/29 07:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFWD.SYS -- (NwlnkFwd)
DRV - [2002/08/29 07:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\CDAUDIO.SYS -- (Cdaudio)
DRV - [2002/08/29 07:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS -- (Ptilink)
DRV - [2002/08/29 07:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS -- (Raspti)
DRV - [2002/08/29 07:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKFLT.SYS -- (NwlnkFlt)
DRV - [2002/08/29 07:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - [2002/08/29 07:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\ACPIEC.SYS -- (ACPIEC)
DRV - [2002/08/29 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS -- (RasAcd)
DRV - [2002/08/29 07:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\FS_REC.SYS -- (Fs_Rec)
DRV - [2002/08/29 07:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\SYSTEM32\DRIVERS\PARVDM.SYS -- (ParVdm)
DRV - [2002/08/29 07:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS -- (dmload)
DRV - [2002/08/29 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS -- (RDPCDD)
DRV - [2002/08/29 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\MNMDD.SYS -- (mnmdd)
DRV - [2002/08/29 07:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\NULL.SYS -- (Null)
DRV - [2002/08/29 07:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\SYSTEM32\WINSOCK.DLL -- (Winsock)
DRV - [2002/07/19 12:22:08 | 000,017,153 | ---- | M] (Dell Computer Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/05/03 15:56:24 | 000,024,528 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\sqcaptur.sys -- (DCamUSBSQTECH)
DRV - [2001/08/17 16:07:44 | 000,025,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\hpn.sys -- (hpn)
DRV - [2001/08/17 16:07:44 | 000,020,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\dpti2o.sys -- (dpti2o)
DRV - [2001/08/17 16:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 16:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 16:07:42 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\perc2hib.sys -- (perc2hib)
DRV - [2001/08/17 16:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 16:07:40 | 000,027,296 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\perc2.sys -- (perc2)
DRV - [2001/08/17 16:07:38 | 000,056,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aic78xx.sys -- (aic78xx)
DRV - [2001/08/17 16:07:36 | 000,055,168 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aic78u2.sys -- (aic78u2)
DRV - [2001/08/17 16:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 16:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 16:07:32 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\adpu160m.sys -- (adpu160m)
DRV - [2001/08/17 15:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS -- (audstub)
DRV - [2001/08/17 15:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 15:52:50 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\FTDISK.SYS -- (Ftdisk)
DRV - [2001/08/17 15:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 15:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 15:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 15:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 15:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 15:52:16 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql1240.sys -- (ql1240)
DRV - [2001/08/17 15:52:16 | 000,033,152 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql10wnt.sys -- (Ql10wnt)
DRV - [2001/08/17 15:52:16 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\dac960nt.sys -- (dac960nt)
DRV - [2001/08/17 15:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 15:52:08 | 000,016,000 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ini910u.sys -- (ini910u)
DRV - [2001/08/17 15:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\SYSTEM32\DRIVERS\CBIDF2K.SYS -- (cbidf2k)
DRV - [2001/08/17 15:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cbidf2k.sys -- (cbidf)
DRV - [2001/08/17 15:52:06 | 000,014,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cpqarray.sys -- (Cpqarray)
DRV - [2001/08/17 15:52:06 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys -- (cd20xrnt)
DRV - [2001/08/17 15:52:04 | 000,022,400 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\asc3350p.sys -- (asc3350p)
DRV - [2001/08/17 15:52:04 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\amsint.sys -- (amsint)
DRV - [2001/08/17 15:52:02 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aha154x.sys -- (Aha154x)
DRV - [2001/08/17 15:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 15:52:00 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS -- (abp480n5)
DRV - [2001/08/17 15:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 15:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 15:51:56 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\toside.sys -- (TosIde)
DRV - [2001/08/17 15:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 15:51:52 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDE.SYS -- (PCIIde)
DRV - [2001/08/17 15:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mouhid.sys -- (mouhid)
DRV - [2001/08/17 14:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)
DRV - [2000/01/21 03:16:26 | 000,004,416 | ---- | M] (FreeAmp Open Source Development Effort) [Kernel | On_Demand] -- C:\Documents and Settings\BRAD\Desktop\Win95\WINDOWS95 (F)\Program Files\FreeAmp\portio.sys -- (portio)
DRV - [1999/12/17 03:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto] -- C:\WINDOWS\SYSTEM32\PFMODNT.SYS -- (PfModNT)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_Url = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Local Page = http://www.008i.com/
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dellnet.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System32\blank.htm
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&fr=yie7c
IE - HKU\BRAD_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\BRAD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTe...-8&fr=b1ie7
IE - HKU\Guest_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Guest_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Guest_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&fr=yie7c
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://freshvideogals.com/search/
IE - HKU\JESSICA_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\JESSICA_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
IE - HKU\JESSICA_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\JESSICA_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\Jessie_II_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
IE - HKU\Jessie_II_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Jessie_II_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\Jessie_II_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jessie_II_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Roo_Boy_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
IE - HKU\Roo_Boy_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Roo_Boy_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\Roo_Boy_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
IE - HKU\Roo_Boy_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\sweetie_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\sweetie_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\sweetie_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\sweetie_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://news.yahoo.com [binary data]
IE - HKU\sweetie_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKU\sweetie_ON_C\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKU\sweetie_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\sweetie_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
IE - HKU\sweetie_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\sweetie_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/07/30 23:35:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 03:00:55 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010/04/27 15:25:23 | 000,000,098 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O3 - HKU\BRAD_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O3 - HKU\BRAD_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O3 - HKU\BRAD_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKU\BRAD_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O3 - HKU\Guest_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O3 - HKU\Guest_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKU\JESSICA_ON_C\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKU\JESSICA_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O3 - HKU\JESSICA_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O3 - HKU\JESSICA_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKU\JESSICA_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O3 - HKU\Roo_Boy_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKU\sweetie_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O3 - HKU\sweetie_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O3 - HKU\sweetie_ON_C\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll File not found
O3 - HKU\sweetie_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn10\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe (Roxio)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [BCMSMMSG] C:\WINDOWS\BCMSMMSG.exe (Broadcom Corporation)
O4 - HKLM..\Run: [diagent] C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DVDSentry] C:\WINDOWS\SYSTEM32\DSentry.exe (Dell - Advanced Desktop Engineering)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.)
O4 - HKLM..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe (TODO: <Company name>)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [Run StartupMonitor] C:\WINDOWS\StartupMonitor.exe ()
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\.DEFAULT..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE (Symantec Corporation)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\BRAD_ON_C..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\Guest_ON_C..\Run: [msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe File not found
O4 - HKU\JESSICA_ON_C..\Run: [asg984jgkfmgasi8ug98jgkfgfb] C:\DOCUME~1\JESSICA\LOCALS~1\Temp\win32.exe File not found
O4 - HKU\JESSICA_ON_C..\Run: [Bjqctllf] C:\WINDOWS\System32\ѕсanregw.exe File not found
O4 - HKU\JESSICA_ON_C..\Run: [cdloader] C:\Documents and Settings\JESSICA\Application Data\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\JESSICA_ON_C..\Run: [License Manager] C:\Program Files\License_Manager\license_manager.exe File not found
O4 - HKU\JESSICA_ON_C..\Run: [LxrAutorun] C:\Documents and Settings\JESSICA\Local Settings\Application Data\Lexar Media\LxrAutorun.exe ()
O4 - HKU\JESSICA_ON_C..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\JESSICA_ON_C..\Run: [Remote System Protection] C:\WINDOWS\System32\j0ojz.DLL File not found
O4 - HKU\JESSICA_ON_C..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\JESSICA_ON_C..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\JESSICA_ON_C..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\Jessie_II_ON_C..\Run: [cdloader] C:\Documents and Settings\Jessie II\Application Data\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\Jessie_II_ON_C..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\sweetie_ON_C..\Run: [Aim6] C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe File not found
O4 - HKU\sweetie_ON_C..\Run: [DW4] C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe File not found
O4 - HKU\sweetie_ON_C..\Run: [MySpaceIM] C:\Documents and Settings\sweetie\Application Data\MySpace\IM\bin\MySpaceIM.exe ()
O4 - HKU\sweetie_ON_C..\Run: [sysav] C:\Documents and Settings\sweetie\Application Data\pcdefender.exe File not found
O4 - HKU\Administrator_ON_C..\RunOnce: [SpybotDeletingB4583] C:\WINDOWS\System32\COMMAND.COM ()
O4 - HKU\Administrator_ON_C..\RunOnce: [SpybotDeletingB8401] C:\WINDOWS\System32\COMMAND.COM ()
O4 - HKU\Administrator_ON_C..\RunOnce: [SpybotDeletingD1752] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\Administrator_ON_C..\RunOnce: [SpybotDeletingD4762] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = _ [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: Wallpaper =
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\BRAD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\Guest_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\JESSICA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\JESSICA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\JESSICA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\JESSICA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\Jessie_II_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Roo_Boy_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\sweetie_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\SYSTEM32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\SYSTEM32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\SYSTEM32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {00000075-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/voxacm.CAB (Reg Error: Key error.)
O16 - DPF: {00000161-0000-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/msaudio.cab (Reg Error: Key error.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shock...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/3/9...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} http://download.microsoft.com/download/0/5...b?1093178266312 (MSSecurityAdvisor Class)
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} https://wavenet2.sentara.com/cabs/wficat4.cab (Citrix ICA Client)
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab (Yahoo! Audio Conferencing)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/0/A...01F/wmvadvd.cab (Reg Error: Key error.)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1135615252062 (MUWebControl Class)
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} http://chat.yahoo.com/cab/yacsui.cab (Yahoo! Audio UI1)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab (ZoneIntro Class)
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} http://www.wickedgarden.com/Uploader/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://navlink.uk.navigantconsulting.com/d...perSetupSP1.cab (JuniperSetupSP1 Control)
O16 - DPF: ConferenceRoom Java Client http://www.streamchat.com:8000/java/cr.cab (Reg Error: Key error.)
O16 - DPF: DigiChat Applet http://palatka.digi-net.com/DigiChat/DigiC..._IE_5_1_0_1.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O16 - DPF: Web-Based Email Tools http://email.secureserver.net/Download.CAB (Reg Error: Key error.)
O16 - DPF: Yahoo! Backgammon http://download.games.yahoo.com/games/clients/y/at1_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Blackjack http://download.games.yahoo.com/games/clients/y/jt0_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Chat http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Checkers http://download.games.yahoo.com/games/clients/y/kt4_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Chess http://download.games.yahoo.com/games/clients/y/ct2_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Chinese Checkers http://download.games.yahoo.com/games/clients/y/cct0_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Euchre http://download.games.yahoo.com/games/clients/y/et3_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Go Fish http://download.games.yahoo.com/games/clients/y/zt3_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! MahJong http://download.games.yahoo.com/games/clients/y/ot0_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! MahJong Solitaire http://download.games.yahoo.com/games/clients/y/mjst4_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Poker http://download.games.yahoo.com/games/clients/y/pt3_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Pool 2 http://download.games.yahoo.com/games/clients/y/pote_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Pyramids http://download.games.yahoo.com/games/clients/y/pyt1_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Reversi http://download.games.yahoo.com/games/clients/y/rt0_x.cab (Reg Error: Key error.)
O16 - DPF: Yahoo! Towers 2.0 http://download.games.yahoo.com/games/clients/y/ywt0_x.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\SYSTEM32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\SYSTEM32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\SYSTEM32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\SYSTEM32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\SYSTEM32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\SYSTEM32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\SYSTEM32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\System32\WPDShServiceObj.dll File not found
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\F\Shell\phone\command - "" = F:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/04/27 15:19:36 | 000,552,448 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2010/04/27 15:16:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/04/24 04:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jessie II\Local Settings\Application Data\Google
[2010/04/15 19:24:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jessie II\Local Settings\Application Data\ABBYY
[2010/04/13 07:17:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sweetie\My Documents\Downloads
[2010/04/12 15:24:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jessie II\Local Settings\Application Data\Apple
[2010/04/04 20:41:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Guest\Application Data\skypePM
[2010/04/03 14:37:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Jessie II\Application Data\Brother
[2004/02/21 12:58:44 | 000,103,936 | ---- | C] (Soeperman Enterprises Ltd.) -- C:\Program Files\CWShredder.exe
[2003/03/18 14:25:45 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[1 C:\Documents and Settings\sweetie\Application Data\*.tmp files -> C:\Documents and Settings\sweetie\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\JESSICA\*.tmp files -> C:\Documents and Settings\JESSICA\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/04/27 17:46:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2010/04/24 06:56:44 | 000,237,568 | ---- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010/04/24 06:56:44 | 000,233,472 | ---- | M] () -- C:\Documents and Settings\LocalService\ntuser.dat
[2010/04/24 06:56:33 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/24 06:56:18 | 005,505,024 | ---- | M] () -- C:\Documents and Settings\BRAD\ntuser.dat
[2010/04/24 06:56:18 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\BRAD\NTUSER.INI
[2010/04/24 06:56:13 | 006,479,892 | -H-- | M] () -- C:\Documents and Settings\BRAD\Local Settings\Application Data\IconCache.db
[2010/04/24 06:56:02 | 003,407,872 | -H-- | M] () -- C:\Documents and Settings\Jessie II\NTUSER.DAT
[2010/04/24 06:56:02 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Jessie II\NTUSER.INI
[2010/04/24 06:55:01 | 007,010,904 | -H-- | M] () -- C:\Documents and Settings\Jessie II\Local Settings\Application Data\IconCache.db
[2010/04/24 06:53:54 | 007,077,888 | ---- | M] () -- C:\Documents and Settings\JESSICA\ntuser.dat
[2010/04/24 06:53:45 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\sweetie\ntuser.dat
[2010/04/24 06:53:39 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\Roo Boy\ntuser.dat
[2010/04/24 06:53:35 | 001,048,576 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/04/24 06:53:34 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\Guest\ntuser.dat
[2010/04/24 06:52:03 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/24 05:59:29 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2010/04/24 04:52:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/24 04:30:15 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2010/04/24 01:53:06 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/04/23 22:36:07 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\JESSICA\NTUSER.INI
[2010/04/23 22:36:02 | 007,547,994 | -H-- | M] () -- C:\Documents and Settings\JESSICA\Local Settings\Application Data\IconCache.db
[2010/04/23 22:34:45 | 002,637,740 | -H-- | M] () -- C:\Documents and Settings\Guest\Local Settings\Application Data\IconCache.db
[2010/04/23 21:07:15 | 000,000,088 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2010/04/23 17:31:58 | 000,083,968 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\money calendar.xls
[2010/04/23 09:30:39 | 000,552,448 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe
[2010/04/23 07:07:12 | 000,153,749 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\e01_23056097.jpg
[2010/04/20 19:03:23 | 001,313,574 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\attachments_2010_04_20.zip
[2010/04/20 18:41:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/04/20 17:45:09 | 000,009,906 | ---- | M] () -- C:\Documents and Settings\Guest\My Documents\Game 4 Renn Schmor stats.docx
[2010/04/20 17:37:28 | 000,011,923 | ---- | M] () -- C:\Documents and Settings\Guest\My Documents\Game 3 Renn Schmor stats.docx
[2010/04/20 06:21:18 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/04/19 22:37:22 | 000,042,228 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\amenityhourtracker_04_17_10.xlsx
[2010/04/19 22:29:33 | 000,095,301 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\EDIWatchTracker_04_17_10.xlsx
[2010/04/19 22:16:02 | 000,124,825 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\Jess_Co_tracker_04_24_10.xlsx
[2010/04/19 22:05:43 | 000,123,815 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\Jess_Co_tracker_04_17_10(1).xlsx
[2010/04/19 15:24:46 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/04/15 19:36:55 | 000,212,722 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\receipts.docx
[2010/04/14 04:22:49 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/04/13 07:18:16 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\sweetie\NTUSER.INI
[2010/04/13 07:18:07 | 010,206,880 | -H-- | M] () -- C:\Documents and Settings\sweetie\Local Settings\Application Data\IconCache.db
[2010/04/08 23:24:56 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\Doc1[1].doc
[2010/04/04 20:40:53 | 000,082,072 | ---- | M] () -- C:\Documents and Settings\Guest\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/04/03 14:40:28 | 000,801,772 | ---- | M] () -- C:\Documents and Settings\Jessie II\Desktop\ediwatch.docx
[2010/04/03 14:37:13 | 000,000,426 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010/03/30 07:21:58 | 000,177,576 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[1 C:\Documents and Settings\sweetie\Application Data\*.tmp files -> C:\Documents and Settings\sweetie\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\JESSICA\*.tmp files -> C:\Documents and Settings\JESSICA\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/04/23 07:14:11 | 000,153,749 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\e01_23056097.jpg
[2010/04/20 19:03:17 | 001,313,574 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\attachments_2010_04_20.zip
[2010/04/20 17:45:09 | 000,009,906 | ---- | C] () -- C:\Documents and Settings\Guest\My Documents\Game 4 Renn Schmor stats.docx
[2010/04/20 17:37:27 | 000,011,923 | ---- | C] () -- C:\Documents and Settings\Guest\My Documents\Game 3 Renn Schmor stats.docx
[2010/04/19 22:29:33 | 000,095,301 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\EDIWatchTracker_04_17_10.xlsx
[2010/04/19 22:19:04 | 000,042,228 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\amenityhourtracker_04_17_10.xlsx
[2010/04/19 22:16:01 | 000,124,825 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\Jess_Co_tracker_04_24_10.xlsx
[2010/04/19 22:05:43 | 000,123,815 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\Jess_Co_tracker_04_17_10(1).xlsx
[2010/04/15 19:36:52 | 000,212,722 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\receipts.docx
[2010/04/08 23:24:55 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\Doc1[1].doc
[2010/04/03 14:40:27 | 000,801,772 | ---- | C] () -- C:\Documents and Settings\Jessie II\Desktop\ediwatch.docx
[2010/03/20 01:55:37 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Jessie II\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/08 08:39:36 | 000,177,576 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/02/28 15:31:58 | 000,003,644 | -HS- | C] () -- C:\Documents and Settings\Jessie II\Local Settings\Application Data\RYWytq56AV
[2010/02/26 21:08:38 | 000,000,967 | ---- | C] () -- C:\Documents and Settings\Jessie II\Application Data\BBMS_EXCEPTION.txt
[2010/02/26 21:02:59 | 003,407,872 | -H-- | C] () -- C:\Documents and Settings\Jessie II\NTUSER.DAT
[2010/02/26 21:02:59 | 000,020,480 | -H-- | C] () -- C:\Documents and Settings\Jessie II\ntuser.dat.LOG
[2010/02/26 21:02:59 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Jessie II\NTUSER.INI
[2010/02/23 19:19:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\ggward.sys
[2010/02/23 19:17:47 | 000,010,970 | -HS- | C] () -- C:\Documents and Settings\JESSICA\Local Settings\Application Data\iHFx3
[2010/02/21 22:08:46 | 000,000,426 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/02/21 18:18:51 | 000,013,556 | -HS- | C] () -- C:\Documents and Settings\JESSICA\Local Settings\Application Data\e1wnOl
[2010/02/20 18:53:21 | 007,077,888 | ---- | C] () -- C:\Documents and Settings\JESSICA\ntuser.dat
[2010/02/20 18:49:46 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2010/02/20 18:49:46 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2010/02/20 18:48:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2010/02/20 18:48:02 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2010/02/20 18:43:41 | 000,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009/12/16 23:11:08 | 000,008,610 | ---- | C] () -- C:\Documents and Settings\JESSICA\Application Data\BBMS_EXCEPTION.txt
[2009/11/22 23:38:30 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\sweetie\Local Settings\Application Data\d3d9caps.dat
[2009/05/13 21:44:24 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/04/01 07:49:02 | 000,003,774 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\A6D19C89-7F32-4A54-A401-B275DFAB6975.txt
[2009/04/01 06:35:21 | 000,004,610 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\A6D19C89-7F32-4A54-A401-B275DFAB6975.txt
[2009/04/01 01:56:26 | 000,002,494 | ---- | C] () -- C:\Documents and Settings\JESSICA\Local Settings\Application Data\A6D19C89-7F32-4A54-A401-B275DFAB6975.txt
[2009/02/25 22:40:35 | 000,072,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrSII1d.sys
[2008/08/29 15:00:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Roo Boy\jagex_runescape_preferences.dat
[2008/07/17 07:04:20 | 000,001,011 | ---- | C] () -- C:\Documents and Settings\JESSICA\.airappinstall.log
[2008/07/17 07:04:20 | 000,000,412 | ---- | C] () -- C:\Documents and Settings\JESSICA\.airinstall.log
[2008/06/19 20:43:03 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\Roo Boy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/13 08:44:18 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\Guest\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/07/17 13:09:38 | 001,099,004 | ---- | C] () -- C:\Documents and Settings\Roo Boy\Application Data\Install.dat
[2007/06/27 20:25:27 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\Roo Boy\ntuser.dat.LOG
[2007/06/27 20:25:27 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\Roo Boy\NTUSER.INI
[2007/06/27 20:25:26 | 003,145,728 | -H-- | C] () -- C:\Documents and Settings\Roo Boy\ntuser.dat
[2007/04/14 20:59:23 | 000,000,108 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2007/01/12 21:48:54 | 000,000,027 | ---- | C] () -- C:\WINDOWS\webica.ini
[2006/12/26 19:31:38 | 000,000,219 | ---- | C] () -- C:\WINDOWS\apoapp.INI
[2006/10/01 14:53:40 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2006/09/30 09:40:10 | 000,000,121 | ---- | C] () -- C:\Documents and Settings\JESSICA\Application Data\SQSDRVRM.SYS
[2006/09/30 09:37:11 | 000,000,069 | ---- | C] () -- C:\Documents and Settings\JESSICA\Application Data\RipEditBurn.ini
[2006/09/30 09:36:36 | 000,000,036 | ---- | C] () -- C:\WINDOWS\System32\drvlock.sys
[2006/09/30 09:36:36 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\symbios.sys
[2006/07/20 21:30:19 | 003,670,016 | -H-- | C] () -- C:\Documents and Settings\sweetie\ntuser.dat
[2006/07/20 21:30:19 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\sweetie\ntuser.dat.LOG
[2006/07/20 21:30:19 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\sweetie\NTUSER.INI
[2006/07/17 17:57:17 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/06/22 20:25:22 | 000,233,472 | ---- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat
[2006/05/31 06:23:24 | 000,049,465 | ---- | C] () -- C:\Program Files\moviepass Terms.html
[2006/05/09 21:23:39 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\JESSICA\usb3
[2006/01/30 08:42:22 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2005/12/12 14:17:27 | 002,235,201 | ---- | C] () -- C:\Documents and Settings\BRAD\Application Data\Install.dat
[2005/11/19 18:09:55 | 000,000,021 | ---- | C] () -- C:\WINDOWS\dvdsentry.ini._eac_qt_
[2005/04/01 03:06:57 | 000,003,894 | ---- | C] () -- C:\WINDOWS\aoetkc.dll
[2005/03/30 22:05:13 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/03/29 19:26:22 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2005/03/29 19:22:14 | 000,000,045 | ---- | C] () -- C:\WINDOWS\DGIMEOOM.ini
[2005/03/20 21:12:48 | 000,081,920 | -H-- | C] () -- C:\Documents and Settings\Administrator\ntuser.dat.LOG
[2005/03/20 21:12:48 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Administrator\NTUSER.INI
[2005/03/20 21:12:47 | 001,048,576 | -H-- | C] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2005/03/06 11:47:17 | 000,374,784 | ---- | C] () -- C:\WINDOWS\3dg32.dll
[2005/01/06 19:44:10 | 000,000,004 | ---- | C] () -- C:\WINDOWS\info147.sys
[2004/12/03 21:14:02 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\BRAD\Local Settings\Application Data\fusioncache.dat
[2004/05/30 17:15:46 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\JESSICA\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/05/15 15:21:36 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2004/05/15 15:21:36 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2004/05/15 15:21:36 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2004/05/08 21:15:19 | 000,000,112 | ---- | C] () -- C:\WINDOWS\WEBLINK.INI
[2004/04/20 02:24:57 | 000,004,056 | ---- | C] () -- C:\Program Files\asd.hta
[2004/04/17 02:50:34 | 000,000,002 | ---- | C] () -- C:\WINDOWS\System32\nthst32.dll
[2004/03/28 22:45:18 | 000,003,735 | ---- | C] () -- C:\WINDOWS\ISISAIHP.INI
[2004/03/28 22:45:18 | 000,000,988 | ---- | C] () -- C:\WINDOWS\ISISAIM.INI
[2004/02/22 11:55:32 | 000,000,401 | ---- | C] () -- C:\WINDOWS\CHEMDRAW.INI
[2004/02/05 22:50:36 | 000,000,048 | ---- | C] () -- C:\WINDOWS\PerWin.ini
[2004/01/29 23:47:37 | 000,002,397 | ---- | C] () -- C:\WINDOWS\System32\drivers\symlcbrd.sys
[2003/12/24 20:42:55 | 000,000,887 | ---- | C] () -- C:\WINDOWS\ACROREAD.INI
[2003/12/12 22:36:22 | 000,000,021 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2003/11/28 18:31:18 | 000,000,573 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2003/11/28 17:14:01 | 000,000,058 | ---- | C] () -- C:\WINDOWS\MADCCX.INI
[2003/11/28 17:10:44 | 000,000,047 | ---- | C] () -- C:\WINDOWS\STRINGS.INI
[2003/11/28 17:09:42 | 000,000,306 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2003/11/28 17:09:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MADCCS.INI
[2003/11/28 17:09:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MADCCF.INI
[2003/11/28 16:58:03 | 000,000,116 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2003/11/28 16:33:30 | 000,000,032 | ---- | C] () -- C:\WINDOWS\cdhome.ini
[2003/11/27 09:59:09 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\spkpsys.ini
[2003/10/06 15:16:00 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\nvcod.dll
[2003/09/23 19:24:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2003/07/31 17:32:07 | 000,000,298 | ---- | C] () -- C:\WINDOWS\atl_save.ini
[2003/06/26 01:18:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2003/06/10 09:32:46 | 000,188,644 | ---- | C] () -- C:\Documents and Settings\JESSICA\~
[2003/05/30 19:08:52 | 000,001,266 | ---- | C] () -- C:\WINDOWS\disney.ini
[2003/05/21 17:09:23 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\TTSServer.dll
[2003/03/27 21:38:16 | 003,145,728 | -H-- | C] () -- C:\Documents and Settings\Guest\ntuser.dat
[2003/03/27 21:38:16 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\Guest\ntuser.dat.LOG
[2003/03/27 21:38:16 | 000,000,180 | -HS- | C] () -- C:\Documents and Settings\Guest\NTUSER.INI
[2003/03/27 17:48:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2003/03/26 23:37:35 | 000,002,006 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2003/03/24 07:26:54 | 000,006,739 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2003/03/23 21:41:35 | 000,000,729 | ---- | C] () -- C:\WINDOWS\fantasy2.ini
[2003/03/23 21:41:35 | 000,000,525 | ---- | C] () -- C:\WINDOWS\photoprn.ini
[2003/03/23 21:41:35 | 000,000,428 | ---- | C] () -- C:\WINDOWS\pstudio.ini
[2003/03/23 21:41:10 | 000,000,021 | ---- | C] () -- C:\WINDOWS\ccam_suite.ini
[2003/03/23 00:54:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\BRAD\Application Data\dm.ini
[2003/03/21 09:14:31 | 000,002,970 | ---- | C] () -- C:\WINDOWS\VTruck1.ini
[2003/03/21 09:11:55 | 000,000,749 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2003/03/21 02:43:25 | 000,107,520 | ---- | C] () -- C:\Documents and Settings\BRAD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/03/20 17:54:17 | 000,020,480 | -H-- | C] () -- C:\Documents and Settings\BRAD\ntuser.dat.LOG
[2003/03/20 17:54:17 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\BRAD\NTUSER.INI
[2003/03/20 17:54:16 | 005,505,024 | ---- | C] () -- C:\Documents and Settings\BRAD\ntuser.dat
[2003/03/20 16:43:41 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\JESSICA\ntuser.dat.LOG
[2003/03/20 16:43:41 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\JESSICA\NTUSER.INI
[2003/03/18 14:36:34 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/03/18 14:26:00 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2003/03/18 14:25:46 | 000,039,936 | ---- | C] () -- C:\WINDOWS\System32\P16X.dll
[2003/03/18 14:25:46 | 000,002,092 | ---- | C] () -- C:\WINDOWS\System32\P16X.ini
[2003/03/18 14:25:46 | 000,000,026 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2003/03/18 14:25:45 | 000,006,175 | ---- | C] () -- C:\WINDOWS\MIXDEF.INI
[2003/03/18 14:25:45 | 000,005,917 | ---- | C] () -- C:\WINDOWS\SBMIXDEF.INI
[2003/03/18 14:25:45 | 000,000,064 | ---- | C] () -- C:\WINDOWS\P16x.ini
[2003/03/18 14:25:17 | 000,000,245 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2003/03/18 14:23:08 | 000,000,788 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/03/18 14:14:52 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[2003/03/18 14:14:52 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat.LOG
[2003/03/18 14:10:52 | 000,008,192 | -H-- | C] () -- C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\NTUSER.DAT.LOG
[2003/03/18 14:01:58 | 000,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2002/12/10 00:00:00 | 001,708,032 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[2002/12/10 00:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[2002/12/10 00:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[2002/12/10 00:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[2002/11/13 03:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2002/09/09 16:58:38 | 000,000,784 | ---- | C] () -- C:\WINDOWS\LRUN32.INI
[2002/09/09 16:54:34 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2002/09/03 11:05:20 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.INI
[2002/09/03 11:05:20 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\LocalService\NTUSER.INI
[2002/08/29 07:00:00 | 000,001,024 | ---- | C] () -- C:\WINDOWS\ONETW.DRV
[2002/02/06 11:04:14 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\NMSInst.dll
[2002/01/21 16:17:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PROInst.dll
[1980/01/01 08:00:00 | 000,237,568 | ---- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[1980/01/01 02:00:00 | 000,262,144 | ---- | C] () -- C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\ntuser.dat

========== LOP Check ==========

[2008/10/07 17:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\eAcceleration
[2005/04/06 20:43:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\alta
[2008/03/16 01:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\eAcceleration
[2005/03/24 22:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\iemv
[2003/03/23 00:56:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\InterTrust
[2004/09/05 15:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\pixelStorm
[2009/04/27 17:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\Research In Motion
[2005/03/07 09:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\BRAD\Application Data\{12EE7A5E-0674-42f9-A76B-000000004D00}
[2008/06/06 19:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\eAcceleration
[2009/04/24 17:34:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Application Data\Research In Motion
[2006/07/22 11:57:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\acccore
[2005/04/07 17:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\alta
[2009/04/01 04:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\avvpvyms
[2005/02/12 17:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\Broderbund Software
[2010/02/08 23:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\Facebook
[2009/11/02 22:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\GetRightToGo
[2007/01/12 22:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\ICAClient
[2008/10/28 17:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\Juniper Networks
[2010/02/22 22:51:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\mjusbsp
[2009/05/10 15:40:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\Research In Motion
[2007/11/20 22:28:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\Viewpoint
[2005/03/30 07:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\WeatherBug
[2008/09/15 11:47:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\webex
[2005/03/06 22:50:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JESSICA\Application Data\{12EE7A5E-0674-42f9-A76B-000000004D00}
[2010/03/02 00:57:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jessie II\Application Data\mjusbsp
[2010/02/26 21:08:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jessie II\Application Data\Research In Motion
[2008/08/10 17:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roo Boy\Application Data\alot
[2008/06/08 10:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roo Boy\Application Data\eAcceleration
[2006/07/20 21:35:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sweetie\Application Data\acccore
[2008/03/16 11:53:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sweetie\Application Data\eAcceleration
[2008/11/21 18:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sweetie\Application Data\Viewpoint
[2006/07/23 19:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sweetie\Application Data\WeatherBug
[2010/04/20 18:41:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010/04/24 01:53:06 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2005/03/27 22:21:18 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\XoftSpy.job

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: CSRSS.EXE >
[2008/04/13 20:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008/04/13 20:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\SYSTEM32\csrss.exe
[2002/08/29 07:00:00 | 000,004,096 | ---- | M] (Microsoft Corporation) MD5=B82CD0AD8B605F64EAD6C46D70A2C993 -- C:\I386\CSRSS.EXE
[2004/08/04 03:56:48 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F12B178B1678D778CFD3FF1FC38C71FB -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 03:56:57 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SYSTEM32\winlogon.exe
< End of report >


#13 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,561 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:23 PM

Posted 27 April 2010 - 05:57 PM

Restart the computer back to the OTLPE CD.

Browse to the C:\Windows folder. See if there is a folder named minidumps. If so, open that folder. If any, minidumps files will be present and labeled based on the date and time were produced. Create a new folder and move some of the latest minidump files to that folder. Right click on this folder and select Send to -> zipped folder. That will create a zippe folder that you can attach to a reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#14 Brad1973

Brad1973
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:23 PM

Posted 27 April 2010 - 07:19 PM

There are some, but the newest are from July 2009.

Here's the last few.



Attached Files



#15 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,561 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:23 PM

Posted 27 April 2010 - 07:39 PM

That wont help. I can't identify the file or hardware that is causing this issue. I would like to check for two other files.

Restart the computer back to the OTLPE CD.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings
    • Change Drivers to All
    • Change Standard Registry to All
    • Under the Custom Scan box paste this in
      /md5start
      win32k.sys
      Gina.dll
      /md5stop
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive.
  • Please post the contents of the C:\OTL.txt file in your reply also.

In addition, I would like to now if there are restore points available. If we cannot identify the file or hardware, perhaps restoring the registry to a previous date may work.
  • Copy the entire contents of the Quote Box below to Notepad.
  • Name the file as Query.bat
  • Change the Save as Type to All Files
  • and Save it in the Flash drive. For Safety reasons, please do not save or run this file in a working computer, but rather save it directly to the flash drive.
QUOTE
Dir C:\WINDOWS\System32\config\*.* >C:\Log.txt
Ren C:\WINDOWS\System32\config\System System.000
Dir "C:\System Volume Information" /s >>C:\Log.txt
Ren C:\WINDOWS\System32\config\System.000 System
If exist C:\WINDOWS\ERDNT Dir C:\WINDOWS\ERDNT\*.* /s >>C:\Log.txt
If exist C:\WINDOWS\ERDNT\hiv-backup Type C:\WINDOWS\ERDNT\hiv-backup\ERDNT.con >>C:\Log.txt
Dir C:\Windows\NTLDR /s >>C:\Log.txt
Del %0


While in the Reatogo desktop, navigate to the Flash drive and double click on the Query.bat. If all goes well the batch file will disappear and a Log.txt will be saved in the C:\ folder. Copy that file to the flash drive and post its contents in your next reply

Meanwhile, remove all peripherals from the computer, including any internal components such as PCI cards and connection to routers and modems. Only the keyboard, mouse and monitor should be connected. this error may be caused by peripherals.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users