Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

WinVista - black screen at start up


  • This topic is locked This topic is locked
46 replies to this topic

#1 Neese

Neese

  • Members
  • 131 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Indiana, USA
  • Local time:06:54 PM

Posted 29 December 2010 - 04:58 PM

In the past I'd had been aided by a person here, more than once, by the name of "JSntgRvr" and had very good luck. Which leads my family to believe I'm such a whiz at repair, that a few of my neices have brought thier laptops to me.
One of the latest issues is in relation to an HP Pavilion DV2700. I've done some research, but haven't had any luck getting this pc up and running again.

This system has Win Vista installed, and upon start up, it runs through about 10 seconds, and stalls. The Win Vista start screen doesn't even load before it goes to a black screen. I do have the mouse arrow cursor. I had originally thought the HDD needed replaced, until today, when I finally got the self-test to run fully.

I have accessed the diagnostics, via f10, and tried to set the bios to default. I have tried 4-5 times to run a HDD self test, which froze up many times until finally today it ran all the way through, and all the tests on that "passed".

The memory test passed as well.

A few days ago I had tried to access Safe Mode several times, and in doing so trying to get to system restore, but it says "system restore wizard is already running, this window will now close"...or something of that nature, and I can get nowhere.

It seems like the case gets really warm, though I think I hear the fan come on. Not sure.

I know believe it's just probably riddled with virus/malware or the like.....blocking the boot up.

Any advice/help is greatly appreciated, before I pull my hair out!!

Many advance thanks,
Neese

BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,570 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:54 PM

Posted 02 January 2011 - 08:12 PM

Hi, Neese :)

:welcome: back.

Have you tried the Recovery Environment?

First, you must verify that you can access the Vista Recovery Environment.

To do so, restart your computer and begin tapping the F8 key to enable the Advanced Start menu. If the option 'Repair your computer' is available, select it.

If not available, you will need to insert your Vista installation dvd and restart, then press any key when prompted to boot from the cd. At the Install Windows screen, select Repair your computer. (image below)

Posted Image

You can start by selecting The Startup Repair Option, then System Restore. Here are some instructions:

http://www.bleepingcomputer.com/tutorials/system-restore-from-windows-vista-recovery-environment/

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 Neese

Neese
  • Topic Starter

  • Members
  • 131 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Indiana, USA
  • Local time:06:54 PM

Posted 03 January 2011 - 07:32 PM

In System Recovery Options - I chose "System Restore", and got the pop up again "The System Restore wizard is already running. This program will now exit". No option to bypass this, only an OK button.

I just tried again, in the off chance it had decided to work .......... but not to be.


Next option....recovery discs, which I don't have, and this laptop was purchased second hand, so most likely the current owner doesn't have it either.

What she does have is a teenage daughter that claims she was listening to vids on YOU TUBE when it rebooted on its own, then returned to just the black screen with cursor. Therefore, when the wizard wouldn't work, I kind of thought it may be virus. She said she ran her virus checker regularly, but I don't know.

Suggestions?

Thanks for your help...
Denise


Edit:
Also, when I attempt safe mode, in ends up just moving on to the black screen with cursor again. Can't get there.

Edited by Neese, 03 January 2011 - 07:36 PM.


#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,570 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:54 PM

Posted 03 January 2011 - 09:32 PM

Do you have a Windows XP we can use to create a bootable CD and run a scan from an external source?

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 Neese

Neese
  • Topic Starter

  • Members
  • 131 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Indiana, USA
  • Local time:06:54 PM

Posted 04 January 2011 - 07:43 PM

That is Vista on that laptop, and I have XP on my desktop, is that what you mean - do I have it elsewhere to create from? If so, then Yes. I have a flash drive also, for transporting to and from between the two.

#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,570 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:54 PM

Posted 04 January 2011 - 11:30 PM

Just as we did before, but we must create the CD as the Reatogo environment is no longer permitted in the forums. If you have a Windows XP installation CD, follow these steps:

Please print this guide for future reference and save it in the USB drive!

You will need a blank CD, your Windows XP install disc and a flash drive.

Please follow the steps below and let me know if you were successful. Please tell me what error messages you got and/or what steps you got hung up on.

1. Download the PE Builder to your desktop

http://www.nu2.nu/download.php?sFile=pebuilder3110a.exe
  • Double-Click on the PE Builder that you just downloaded to your desktop.
  • Follow all of the instructions/prompts that come up.
2. Insert your XP CD with SP1/SP2/SP3 into a CD Rom drive
  • Double-Click on PE Builder.exe located on your desktop.
  • Click NO to Search for Windows Installation Files
  • Make the following selections from the Main Screen that pops up:
  • Builder
  • Source: (path to Windows installation files)
  • Enter the path to the drive where your XP CD is located.
  • You can click on the "..." button on the right to navigate to the path as well.
[*]Custom: (include files and folders from this directory)
  • No information is necessary, leave blank.
[*]Output:
  • Keep the default
[/list][/list]
  • Media output
    • Choose Create ISO image
    • Do not choose Burn to CD/DVD
    • Download the RunScanner plugin and save it to your desktop
    http://www.paraglidernc.com/Files/RunScanner10025.cab

    Please note: You will be prompted for the folder that it shall be saved. By default it appears as runscanner10025. It should be modified to just runscanner <--- Important!!!


    • Press the Plugin button on the PE Builder interface
    • Press the Add button and navigate to the location of the RunScanner plugin to install
    • Please note: If you are using a Windows XP disc with sp2 then highlight RpcSS needs to launch DComLaunch and then press Enable
  • When your done press Close and the PE Builder interface will re-appear
3. Click on the "Build" button
  • You will see the Windows EULA message. Click on I Agree
  • You will now see the Build Screen. Let it run it's course
  • When the Build is finished you can click close, then exit
4. Burn your ISO file to CD
==========

Next........

From your clean computer..

Please download OTLPE.zip and save it to a flash drive.
http://oldtimer.geekstogo.com/OTLPE.zip
http://www.itxassociates.com/OT-Tools/OTLPE.zip

Double click and unzip OTLPE.zip to its own folder on your flash drive. Name it OTLPE <-- Important!!

==========

Plug your flash drive into your sick computer now and do as instructed below..

==========

1. Restart Your sick Computer Using the PE Builder ISO CD That You Have Created
  • Insert the CD in to one of your CD/DVD drives.
  • Restart your computer.
    • The computer should choose to boot from the CD automatically. If it doesn't and you are asked if you want to boot from CD, then choose that option.
  • Once the desktop appears, you will receive a message asking: Do you want to start Network support?
    • Click on No
  • After it loads press the Go button in the lower left and do this....
    • Go
    • System
    • Display
    • Screen Resolution
    • 1024x768
    Next choose....
    • Go
    • Programs
    • A43 File Management Utility
==========

In A43File Management you should see your flash drive
Navigate to the OTLPE folder that you saved to your flash drive.

Open the OTLPE folder and double click Start.cmd.
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTLPE should now start

    Change the following settings
    • Change Services, Drivers, Standard and Extra Registry to All
    • Uncheck LOP and Purity check

    Please note: Stay with your computer during the course of the scan. If "Entry Point Errors" are encountered simply press "ok" and allow the program to continue. <-- Important!!

  • Copy and Paste the following code from your flash drive into the Posted Image textbox. Do not include the word "Code"

    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %SYSTEMDRIVE%\*.exe
    /md5start
    userinit.exe
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    ntldr
    /md5stop
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\drivers\*.sys /90

  • Push Posted Image
  • A report will open named "OTL.txt" (C:\OTL.txt) . Save this log's to your flash drive. Copy and Paste this in your next reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#7 Neese

Neese
  • Topic Starter

  • Members
  • 131 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Indiana, USA
  • Local time:06:54 PM

Posted 05 January 2011 - 12:05 PM

I still have the Reatogo on my flashdrive, and the OTPLE.iso from last time you helped me. Can I bypass alot of this and use that?

#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,570 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:54 PM

Posted 05 January 2011 - 01:48 PM

Let me consult this. Reatogo has a copyright issue. Do you have a Windows XP install disk?

Edited by JSntgRvr, 05 January 2011 - 02:02 PM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#9 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,570 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:54 PM

Posted 05 January 2011 - 02:11 PM

Go ahead, run OTLPE with the above settings and post the report.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#10 Neese

Neese
  • Topic Starter

  • Members
  • 131 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Indiana, USA
  • Local time:06:54 PM

Posted 09 January 2011 - 04:51 PM

It took some doing, but am finally running the scan now. It didn't want to cooperate. Will post results when I get them. Thanks for your patience.



Here it is:

%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
ntldr
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /90

Edited by Neese, 09 January 2011 - 05:32 PM.


#11 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,570 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:54 PM

Posted 09 January 2011 - 05:32 PM

:thumbup2:

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#12 Neese

Neese
  • Topic Starter

  • Members
  • 131 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Indiana, USA
  • Local time:06:54 PM

Posted 09 January 2011 - 11:12 PM

See email regarding received message about post edit, brought to my attention by AustrAlien tonight.


Thanks!!

#13 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,570 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:54 PM

Posted 10 January 2011 - 02:02 AM

Those are the instructions I gave you to include in the Custom Scan window. The log should appear in the C:\ folder of the sick computer as OTL.txt

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#14 Neese

Neese
  • Topic Starter

  • Members
  • 131 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Indiana, USA
  • Local time:06:54 PM

Posted 10 January 2011 - 06:03 AM

Sorry.


OTL logfile created on: 1/9/2011 4:49:11 PM - Run
OTLPE by OldTimer - Version 3.1.30.3 Folder = X:\Programs\OTLPE
Windows Vista ™ Home Premium Service Pack 1 (Version = 6.0.6001) - Type = System
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221.20 Gb Total Space | 150.56 Gb Free Space | 68.06% Space Free | Partition Type: NTFS
Drive D: | 11.68 Gb Total Space | 1.99 Gb Free Space | 17.04% Space Free | Partition Type: NTFS
Drive E: | 7.45 Gb Total Space | 6.43 Gb Free Space | 86.27% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 276.79 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet010

========== Win32 Services (All) ==========

SRV - [2010/09/07 10:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 10:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 10:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/09/06 11:24:40 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010/08/20 05:23:46 | 001,251,720 | ---- | M] () [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2010/08/17 08:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\spoolsv.exe -- (Spooler)
SRV - [2010/04/29 14:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/02 16:15:44 | 000,536,472 | ---- | M] (Affinegy, Inc.) [Auto] -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2010/02/18 09:11:41 | 000,190,464 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\iphlpsvc.dll -- (iphlpsvc)
SRV - [2009/08/24 07:16:12 | 000,378,368 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009/08/06 21:23:45 | 001,929,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\wuaueng.dll -- (wuauserv)
SRV - [2009/07/11 14:32:52 | 000,513,024 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/06/15 07:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\lsass.exe -- (SamSs)
SRV - [2009/06/15 07:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\lsass.exe -- (ProtectedStorage)
SRV - [2009/06/15 07:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\lsass.exe -- (Netlogon)
SRV - [2009/06/15 07:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\lsass.exe -- (KeyIso)
SRV - [2009/06/10 07:12:29 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\wkssvc.dll -- (LanmanWorkstation)
SRV - [2009/03/02 23:39:32 | 000,551,424 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\rpcss.dll -- (RpcSs)
SRV - [2009/03/02 23:39:32 | 000,551,424 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\rpcss.dll -- (DcomLaunch)
SRV - [2008/11/04 00:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/09/17 23:56:07 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\wersvc.dll -- (WerSvc)
SRV - [2008/07/27 13:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/06/25 22:29:02 | 000,565,248 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2008/06/19 20:14:44 | 000,046,104 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/06/19 20:14:31 | 000,881,664 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/06/19 20:14:31 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/06/18 22:31:48 | 000,361,984 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\IPSECSVC.DLL -- (PolicyAgent)
SRV - [2008/05/27 00:18:43 | 000,439,808 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\SearchIndexer.exe -- (WSearch)
SRV - [2008/04/18 00:48:39 | 000,269,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\es.dll -- (EventSystem)
SRV - [2008/01/20 21:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008/01/20 21:25:26 | 000,658,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\p2psvc.dll -- (PNRPsvc)
SRV - [2008/01/20 21:25:26 | 000,658,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\p2psvc.dll -- (PNRPAutoReg)
SRV - [2008/01/20 21:25:26 | 000,658,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\p2psvc.dll -- (p2psvc)
SRV - [2008/01/20 21:25:26 | 000,658,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\p2psvc.dll -- (p2pimsvc)
SRV - [2008/01/20 21:25:26 | 000,140,288 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\wpcsvc.dll -- (WPCSvc)
SRV - [2008/01/20 21:25:16 | 000,070,144 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\wpdbusenum.dll -- (WPDBusEnum)
SRV - [2008/01/20 21:25:11 | 000,053,760 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\System32\Mcx2Svc.dll -- (Mcx2Svc)
SRV - [2008/01/20 21:25:09 | 000,292,352 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2008/01/20 21:25:05 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\sstpsvc.dll -- (SstpSvc)
SRV - [2008/01/20 21:25:01 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\eapsvc.dll -- (EapHost)
SRV - [2008/01/20 21:25:00 | 002,623,488 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\SLsvc.exe -- (slsvc)
SRV - [2008/01/20 21:25:00 | 000,758,272 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\qmgr.dll -- (BITS)
SRV - [2008/01/20 21:25:00 | 000,382,976 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\vds.exe -- (vds)
SRV - [2008/01/20 21:25:00 | 000,188,928 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\lltdsvc.dll -- (lltdsvc)
SRV - [2008/01/20 21:24:59 | 000,161,792 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2008/01/20 21:24:59 | 000,055,296 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\WUDFSvc.dll -- (wudfsvc)
SRV - [2008/01/20 21:24:56 | 000,302,080 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\QAGENTRT.DLL -- (napagent)
SRV - [2008/01/20 21:24:55 | 000,574,464 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\gpsvc.dll -- (gpsvc)
SRV - [2008/01/20 21:24:55 | 000,084,992 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\SessEnv.dll -- (SessionEnv)
SRV - [2008/01/20 21:24:54 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\audiosrv.dll -- (Audiosrv)
SRV - [2008/01/20 21:24:54 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2008/01/20 21:24:54 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\tapisrv.dll -- (TapiSrv)
SRV - [2008/01/20 21:24:54 | 000,045,056 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\mmcss.dll -- (THREADORDER)
SRV - [2008/01/20 21:24:54 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\mmcss.dll -- (MMCSS)
SRV - [2008/01/20 21:24:53 | 000,574,976 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\sysmain.dll -- (SysMain)
SRV - [2008/01/20 21:24:49 | 000,155,648 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2008/01/20 21:24:47 | 000,393,216 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2008/01/20 21:24:47 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\nsisvc.dll -- (nsi)
SRV - [2008/01/20 21:24:44 | 000,047,104 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\Sens.dll -- (SENS)
SRV - [2008/01/20 21:24:44 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\uxsms.dll -- (UxSms)
SRV - [2008/01/20 21:24:43 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\SLUINotify.dll -- (SLUINotify)
SRV - [2008/01/20 21:24:40 | 000,745,472 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\WsmSvc.dll -- (WinRM)
SRV - [2008/01/20 21:24:37 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\wdi.dll -- (WdiSystemHost)
SRV - [2008/01/20 21:24:37 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\wdi.dll -- (WdiServiceHost)
SRV - [2008/01/20 21:24:36 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\rasmans.dll -- (RasMan)
SRV - [2008/01/20 21:24:36 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\browser.dll -- (Browser)
SRV - [2008/01/20 21:24:35 | 000,134,656 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\dps.dll -- (DPS)
SRV - [2008/01/20 21:24:35 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/01/20 21:24:35 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\seclogon.dll -- (seclogon)
SRV - [2008/01/20 21:24:31 | 000,596,992 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\schedsvc.dll -- (Schedule)
SRV - [2008/01/20 21:24:30 | 000,068,096 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\KMSVC.DLL -- (hkmsvc)
SRV - [2008/01/20 21:24:30 | 000,056,320 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\tbssvc.dll -- (TBS)
SRV - [2008/01/20 21:24:27 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\regsvc.dll -- (RemoteRegistry)
SRV - [2008/01/20 21:24:27 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2008/01/20 21:24:26 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2008/01/20 21:24:23 | 000,310,784 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\swprv.dll -- (swprv)
SRV - [2008/01/20 21:24:23 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\netprofm.dll -- (netprofm)
SRV - [2008/01/20 21:24:23 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\wecsvc.dll -- (Wecsvc)
SRV - [2008/01/20 21:24:22 | 000,175,104 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\dot3svc.dll -- (dot3svc)
SRV - [2008/01/20 21:24:21 | 000,282,624 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\w32time.dll -- (W32Time)
SRV - [2008/01/20 21:24:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\fdPHost.dll -- (fdPHost)
SRV - [2008/01/20 21:24:20 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\SCardSvr.dll -- (SCardSvr)
SRV - [2008/01/20 21:24:20 | 000,068,608 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\System32\mprdim.dll -- (RemoteAccess)
SRV - [2008/01/20 21:24:20 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\certprop.dll -- (SCPolicySvc)
SRV - [2008/01/20 21:24:20 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\certprop.dll -- (CertPropSvc)
SRV - [2008/01/20 21:24:19 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\rasauto.dll -- (RasAuto)
SRV - [2008/01/20 21:24:18 | 000,344,576 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\msdtckrm.dll -- (KtmRm)
SRV - [2008/01/20 21:24:18 | 000,105,984 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\msdtc.exe -- (MSDTC)
SRV - [2008/01/20 21:24:18 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\IPBusEnum.dll -- (IPBusEnum)
SRV - [2008/01/20 21:24:17 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\appinfo.dll -- (Appinfo)
SRV - [2008/01/20 21:24:14 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\alg.exe -- (ALG)
SRV - [2008/01/20 21:24:12 | 000,448,512 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\termsrv.dll -- (TermService)
SRV - [2008/01/20 21:24:11 | 000,274,432 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\netman.dll -- (Netman)
SRV - [2008/01/20 21:24:10 | 000,039,424 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2008/01/20 21:24:09 | 000,288,256 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/01/20 21:24:08 | 000,035,840 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\UI0Detect.exe -- (UI0Detect)
SRV - [2008/01/20 21:24:05 | 000,075,264 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\trkwks.dll -- (TrkWks)
SRV - [2008/01/20 21:24:04 | 000,259,072 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\upnphost.dll -- (upnphost)
SRV - [2008/01/20 21:24:04 | 000,153,600 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\profsvc.dll -- (ProfSvc)
SRV - [2008/01/20 21:24:03 | 001,502,208 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\pla.dll -- (pla)
SRV - [2008/01/20 21:24:02 | 000,221,696 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2008/01/20 21:24:02 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008/01/20 21:23:55 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\IKEEXT.DLL -- (IKEEXT)
SRV - [2008/01/20 21:23:54 | 000,328,704 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\BFE.DLL -- (BFE)
SRV - [2008/01/20 21:23:53 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\wercplsupport.dll -- (wercplsupport)
SRV - [2008/01/20 21:23:52 | 000,137,728 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV - [2008/01/20 21:23:51 | 000,247,296 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\shsvcs.dll -- (Themes)
SRV - [2008/01/20 21:23:51 | 000,247,296 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/01/20 21:23:50 | 001,054,720 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\VSSVC.exe -- (VSS)
SRV - [2008/01/20 21:23:49 | 001,013,760 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\wevtsvc.dll -- (Eventlog)
SRV - [2008/01/20 21:23:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\iscsiexe.dll -- (MSiSCSI)
SRV - [2008/01/20 21:23:44 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\nlasvc.dll -- (NlaSvc)
SRV - [2008/01/20 21:23:41 | 002,091,520 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\dfsr.exe -- (DFSR)
SRV - [2008/01/20 21:23:39 | 000,452,608 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\wiaservc.dll -- (stisvc)
SRV - [2008/01/20 21:23:39 | 000,412,672 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\wcncsvc.dll -- (wcncsvc)
SRV - [2008/01/20 21:23:39 | 000,196,608 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\WebClnt.dll -- (WebClient)
SRV - [2008/01/20 21:23:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\wscsvc.dll -- (wscsvc)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/20 21:23:31 | 000,243,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\qwave.dll -- (QWAVE)
SRV - [2008/01/20 21:23:29 | 000,037,888 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\pcasvc.dll -- (PcaSvc)
SRV - [2008/01/20 21:23:27 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2007/12/19 21:28:34 | 000,271,760 | ---- | M] () [Auto] -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe -- (QPCapSvc) QuickPlay Background Capture Service (QBCS)
SRV - [2007/12/19 21:28:34 | 000,112,016 | ---- | M] () [Auto] -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe -- (QPSched) QuickPlay Task Scheduler (QTS)
SRV - [2007/09/19 20:30:52 | 000,065,536 | ---- | M] (Hewlett-Packard) [Auto] -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service)
SRV - [2007/08/31 11:49:50 | 000,243,064 | ---- | M] (Symantec Corporation) [Auto] -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/23 19:40:48 | 000,079,136 | ---- | M] (Hewlett-Packard Company) [Auto] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2007/08/23 14:35:00 | 003,192,184 | ---- | M] (Symantec Corporation) [On_Demand] -- c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/22 01:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/07/23 18:33:06 | 000,181,800 | ---- | M] (WildTangent, Inc.) [On_Demand] -- C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/07/10 09:28:08 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto] -- C:\WINDOWS\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2007/03/05 12:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
SRV - [2007/01/09 05:25:30 | 000,272,024 | ---- | M] () [Auto] -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - [2006/11/02 07:35:29 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\ehome\ehsched.exe -- (ehSched)
SRV - [2006/11/02 07:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\ehome\ehstart.dll -- (ehstart)
SRV - [2006/11/02 07:35:24 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\TabSvc.dll -- (TabletInputService)
SRV - [2006/11/02 04:46:13 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2006/11/02 04:46:05 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\hidserv.dll -- (hidserv)
SRV - [2006/11/02 04:46:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\lmhsvc.dll -- (lmhosts)
SRV - [2006/11/02 04:46:04 | 000,027,648 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\FDResPub.dll -- (FDResPub)
SRV - [2006/11/02 04:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2006/11/02 04:45:46 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\snmptrap.exe -- (SNMPTRAP)
SRV - [2006/11/02 04:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\Locator.exe -- (RpcLocator)
SRV - [2006/11/02 04:45:02 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\dllhost.exe -- (COMSysApp)
SRV - [2006/10/26 17:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/05/02 18:41:28 | 000,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto] -- C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe -- (hpqwmiex)
SRV - [2005/04/04 02:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand] -- -- (SymIMMP)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (NAVEX15)
DRV - File not found [Kernel | On_Demand] -- -- (NAVENG)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - [2010/09/07 09:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 09:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 09:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 09:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/09/07 09:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/06 09:13:03 | 000,303,616 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\srv.sys -- (srv)
DRV - [2010/09/06 09:12:40 | 000,145,408 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\srv2.sys -- (srv2)
DRV - [2010/09/06 09:12:38 | 000,101,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\srvnet.sys -- (srvnet)
DRV - [2010/08/21 00:36:07 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/08/19 08:26:48 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/08/19 08:26:48 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/08/10 21:38:42 | 000,281,648 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20100826.001\IDSvix86.sys -- (IDSvix86)
DRV - [2010/06/16 10:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tcpip.sys -- (Tcpip6)
DRV - [2010/06/16 10:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\tcpip.sys -- (Tcpip)
DRV - [2010/04/29 14:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/02/23 06:32:36 | 000,212,992 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV - [2010/02/23 06:32:33 | 000,078,848 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV - [2010/02/23 06:32:31 | 000,105,984 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV - [2010/02/20 16:18:40 | 000,411,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\http.sys -- (HTTP)
DRV - [2010/02/18 06:52:00 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tunnel.sys -- (tunnel)
DRV - [2010/01/13 11:29:54 | 006,628,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel®
DRV - [2009/06/15 13:20:59 | 000,439,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009/03/17 12:56:58 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/02/19 13:31:42 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009/02/19 13:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2009/02/19 13:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 13:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 13:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 13:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2008/12/04 11:17:16 | 000,645,120 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\WUSB54GCv3.sys -- (WUSB54GCv3)
DRV - [2008/08/01 20:01:23 | 000,625,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV - [2008/07/30 17:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/05/19 21:07:31 | 000,148,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\nwifi.sys -- (NativeWifiP)
DRV - [2008/05/09 20:33:10 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\rmcast.sys -- (RMCAST) RMCAST (Pgm)
DRV - [2008/04/04 20:21:42 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\pacer.sys -- (PSched)
DRV - [2008/03/04 02:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/01/20 21:25:05 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rassstp.sys -- (RasSstp)
DRV - [2008/01/20 21:25:02 | 000,136,192 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\exfat.sys -- (exfat)
DRV - [2008/01/20 21:25:00 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\smb.sys -- (Smb)
DRV - [2008/01/20 21:24:59 | 000,184,320 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\netbt.sys -- (netbt)
DRV - [2008/01/20 21:24:59 | 000,083,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\WUDFRd.sys -- (WUDFRd)
DRV - [2008/01/20 21:24:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV - [2008/01/20 21:24:57 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/01/20 21:24:55 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2008/01/20 21:24:55 | 000,075,264 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2008/01/20 21:24:55 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2008/01/20 21:24:55 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/01/20 21:24:53 | 000,071,680 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\tdx.sys -- (tdx)
DRV - [2008/01/20 21:24:51 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/01/20 21:24:51 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/01/20 21:24:50 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/01/20 21:24:50 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV - [2008/01/20 21:24:49 | 000,181,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2008/01/20 21:24:47 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV - [2008/01/20 21:24:47 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\nsiproxy.sys -- (nsiproxy)
DRV - [2008/01/20 21:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2008/01/20 21:24:45 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2008/01/20 21:24:44 | 000,056,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (partmgr)
DRV - [2008/01/20 21:24:37 | 000,084,480 | ---- | M] (Microsoft Corporation) [File_System | Auto] -- C:\Windows\system32\drivers\luafv.sys -- (luafv)
DRV - [2008/01/20 21:24:37 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\rspndr.sys -- (rspndr)
DRV - [2008/01/20 21:24:37 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\lltdio.sys -- (lltdio)
DRV - [2008/01/20 21:24:35 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/01/20 21:24:27 | 000,294,456 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volmgrx.sys -- (volmgrx)
DRV - [2008/01/20 21:24:26 | 000,163,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\msrpc.sys -- (MsRPC)
DRV - [2008/01/20 21:24:25 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ipnat.sys -- (IPNAT)
DRV - [2008/01/20 21:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV - [2008/01/20 21:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/01/20 21:24:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2008/01/20 21:24:25 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008/01/20 21:24:25 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\TUNMP.SYS -- (tunmp)
DRV - [2008/01/20 21:24:21 | 000,027,648 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\filetrace.sys -- (Filetrace)
DRV - [2008/01/20 21:24:20 | 000,035,840 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/01/20 21:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\rasacd.sys -- (RasAcd)
DRV - [2008/01/20 21:24:18 | 000,224,768 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\rdbss.sys -- (rdbss)
DRV - [2008/01/20 21:24:17 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\Windows\system32\drivers\afd.sys -- (AFD)
DRV - [2008/01/20 21:24:14 | 000,049,720 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2008/01/20 21:24:13 | 000,143,360 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (fastfat)
DRV - [2008/01/20 21:24:13 | 000,121,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/01/20 21:24:11 | 000,021,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\spldr.sys -- (spldr)
DRV - [2008/01/20 21:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/01/20 21:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/01/20 21:24:06 | 000,012,800 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2008/01/20 21:24:06 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV - [2008/01/20 21:24:04 | 000,058,936 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\fileinfo.sys -- (FileInfo)
DRV - [2008/01/20 21:24:04 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/01/20 21:24:01 | 000,192,056 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2008/01/20 21:23:54 | 000,247,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\clfs.sys -- (CLFS) Common Log (CLFS)
DRV - [2008/01/20 21:23:54 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/01/20 21:23:53 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\bowser.sys -- (bowser)
DRV - [2008/01/20 21:23:51 | 001,081,912 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/01/20 21:23:51 | 000,503,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2008/01/20 21:23:51 | 000,226,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (udfs)
DRV - [2008/01/20 21:23:51 | 000,070,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (cdfs)
DRV - [2008/01/20 21:23:51 | 000,034,816 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/01/20 21:23:51 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/01/20 21:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/01/20 21:23:50 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2008/01/20 21:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2008/01/20 21:23:43 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/01/20 21:23:43 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV - [2008/01/20 21:23:39 | 000,143,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ecache.sys -- (Ecache)
DRV - [2008/01/20 21:23:39 | 000,110,080 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/01/20 21:23:31 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV - [2008/01/20 21:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 21:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 21:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 21:23:26 | 000,134,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV - [2008/01/20 21:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 21:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 21:23:26 | 000,041,016 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2008/01/20 21:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 21:23:26 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\circlass.sys -- (circlass)
DRV - [2008/01/20 21:23:26 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\CmBatt.sys -- (CmBatt)
DRV - [2008/01/20 21:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 21:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 21:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 21:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/20 21:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 21:23:24 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2008/01/20 21:23:24 | 000,022,072 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\wd.sys -- (Wd)
DRV - [2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 21:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 21:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 21:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 21:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2008/01/20 21:23:23 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2008/01/20 21:23:23 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2008/01/20 21:23:23 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV - [2008/01/20 21:23:23 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sffp_sd.sys -- (sffp_sd)
DRV - [2008/01/20 21:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 21:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/20 21:23:22 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ipmidrv.sys -- (IPMIDRV)
DRV - [2008/01/20 21:23:22 | 000,061,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\gagp30kx.sys -- (gagp30kx)
DRV - [2008/01/20 21:23:22 | 000,059,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\uagp35.sys -- (uagp35)
DRV - [2008/01/20 21:23:22 | 000,053,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/01/20 21:23:22 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\monitor.sys -- (monitor)
DRV - [2008/01/20 21:23:22 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\umbus.sys -- (umbus)
DRV - [2008/01/20 21:23:22 | 000,024,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\crcdisk.sys -- (crcdisk)
DRV - [2008/01/20 21:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 21:23:21 | 000,227,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2008/01/20 21:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 21:23:21 | 000,094,776 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\msdsm.sys -- (msdsm)
DRV - [2008/01/20 21:23:21 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\sdbus.sys -- (sdbus)
DRV - [2008/01/20 21:23:21 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 21:23:21 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV - [2008/01/20 21:23:21 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/01/20 21:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 21:23:20 | 000,105,016 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mpio.sys -- (mpio)
DRV - [2008/01/20 21:23:20 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/01/20 21:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\disk.sys -- (disk)
DRV - [2008/01/20 21:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/01/20 21:23:20 | 000,034,360 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\mouclass.sys -- (mouclass)
DRV - [2008/01/20 21:23:20 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\fdc.sys -- (fdc)
DRV - [2008/01/20 21:23:20 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (flpydisk)
DRV - [2008/01/20 21:23:20 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sermouse.sys -- (sermouse)
DRV - [2008/01/20 21:23:20 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2008/01/20 21:23:03 | 000,194,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/01/20 21:23:03 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/01/20 21:23:03 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008/01/20 21:23:03 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\usbohci.sys -- (usbohci)
DRV - [2008/01/20 21:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2008/01/20 21:23:02 | 000,030,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\i2omp.sys -- (i2omp)
DRV - [2008/01/20 21:23:02 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\vgapnp.sys -- (vga)
DRV - [2008/01/20 21:23:01 | 000,248,832 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/01/20 21:23:01 | 000,181,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\msiscsi.sys -- (iScsiPrt)
DRV - [2008/01/20 21:23:01 | 000,151,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\pci.sys -- (pci)
DRV - [2008/01/20 21:23:01 | 000,109,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\nv_agp.sys -- (nv_agp)
DRV - [2008/01/20 21:23:01 | 000,060,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\uliagpkx.sys -- (uliagpkx)
DRV - [2008/01/20 21:23:01 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\amdagp.sys -- (amdagp)
DRV - [2008/01/20 21:23:01 | 000,056,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\viaagp.sys -- (viaagp)
DRV - [2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\agp440.sys -- (agp440)
DRV - [2008/01/20 21:23:01 | 000,055,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sisagp.sys -- (sisagp)
DRV - [2008/01/20 21:23:01 | 000,054,328 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\termdd.sys -- (TermDD)
DRV - [2008/01/20 21:23:01 | 000,052,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volmgr.sys -- (volmgr)
DRV - [2008/01/20 21:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/01/20 21:23:01 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2008/01/20 21:23:01 | 000,031,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/01/20 21:23:01 | 000,016,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\msisadrv.sys -- (msisadrv)
DRV - [2008/01/20 21:23:01 | 000,015,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\swenum.sys -- (swenum)
DRV - [2008/01/20 21:23:00 | 000,266,808 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\acpi.sys -- (ACPI)
DRV - [2008/01/20 21:23:00 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\amdk8.sys -- (AmdK8)
DRV - [2008/01/20 21:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\viac7.sys -- (ViaC7)
DRV - [2008/01/20 21:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/01/20 21:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\amdk7.sys -- (AmdK7)
DRV - [2008/01/20 21:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\processr.sys -- (Processor)
DRV - [2008/01/20 21:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\crusoe.sys -- (Crusoe)
DRV - [2008/01/20 21:23:00 | 000,028,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\msahci.sys -- (msahci)
DRV - [2008/01/20 21:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\atapi.sys -- (atapi)
DRV - [2008/01/20 21:23:00 | 000,020,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\compbatt.sys -- (Compbatt)
DRV - [2008/01/20 21:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 21:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 21:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\intelide.sys -- (intelide)
DRV - [2008/01/20 21:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\amdide.sys -- (amdide)
DRV - [2008/01/20 21:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/20 21:23:00 | 000,016,440 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\pciide.sys -- (pciide)
DRV - [2008/01/20 21:23:00 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2008/01/20 21:23:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\errdev.sys -- (ErrDev)
DRV - [2007/11/30 23:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/11/30 23:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/11/30 23:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/10/01 10:35:52 | 000,183,352 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/09/13 10:23:50 | 001,925,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/08/15 03:22:00 | 000,278,528 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/08/08 22:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/08/08 17:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/07/30 13:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 12:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/07/13 00:35:02 | 000,305,176 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\iaStor.sys -- (iaStor)
DRV - [2007/07/11 12:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007/07/10 09:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/28 10:09:56 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/06/20 06:29:56 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/06/20 06:28:34 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/06/20 06:28:22 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/06/18 19:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/04/18 07:03:26 | 000,141,312 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006/11/02 04:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\pcmcia.sys -- (pcmcia)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2006/11/02 04:04:35 | 000,878,080 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\PEAuth.sys -- (PEAUTH)
DRV - [2006/11/02 03:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2006/11/02 03:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\hidbth.sys -- (HidBth)
DRV - [2006/11/02 03:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV - [2006/11/02 03:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\hidir.sys -- (HidIr)
DRV - [2006/11/02 03:55:01 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\hidusb.sys -- (HidUsb)
DRV - [2006/11/02 03:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\wacompen.sys -- (WacomPen)
DRV - [2006/11/02 03:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2006/11/02 03:51:30 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\serial.sys -- (Serial)
DRV - [2006/11/02 03:51:30 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\parport.sys -- (Parport)
DRV - [2006/11/02 03:51:25 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\serenum.sys -- (Serenum)
DRV - [2006/11/02 03:51:23 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\Windows\system32\drivers\parvdm.sys -- (Parvdm)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/11/02 02:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/11/02 02:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\System32\WINSOCK.DLL -- (Winsock)
DRV - [2006/11/02 01:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/06/18 18:26:58 | 000,012,672 | ---- | M] (Conexant) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\mdmxsdk.sys -- (mdmxsdk)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Chely_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
IE - HKU\Chely_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\Chely_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\Chely_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\Chely_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Chely_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LocalService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\NetworkService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/


IE - HKU\USER1_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
IE - HKU\USER1_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\USER1_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\USER1_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\USER1_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\USER1_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKU\USER1_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\USER1_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\USER1_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/25 15:59:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/07/31 03:01:56 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\Chely_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-18\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O3 - HKU\USER1_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] File not found
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QlbCtrl] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QPService] C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\Chely_ON_C..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
O4 - HKU\Chely_ON_C..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\Chely_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\Chely_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Chely_ON_C..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\USER1_ON_C..\Run: [ehTray.exe] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKU\USER1_ON_C..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
O4 - HKU\USER1_ON_C..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\USER1_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\USER1_ON_C..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [*Restore] C:\Windows\System32\rstrui.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SetVisualStyle = %SystemRoot%\Resources\Themes\Luna.theme File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.1.66.0.cab (SysInfo Class)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Application Data\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Application Data\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/02/23 04:42:35 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 10:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{3a7bf45c-66d1-11df-a195-001d72607c08}\Shell\AutoRun\command - "" = G:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\WINDOWS\System32\ias [2008/01/20 21:34:27 | 000,000,000 | ---D | M]
NetSvcs: Irmon - C:\WINDOWS\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

========== Files/Folders - Created Within 30 Days ==========

[2011/01/09 16:36:59 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft
[2011/01/09 16:35:41 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Local Settings\Application Data\Temp
[2011/01/09 16:35:40 | 000,000,000 | --SD | C] -- B:\Documents and Settings\Default User\Cookies
[2011/01/09 16:35:40 | 000,000,000 | R--D | C] -- B:\Documents and Settings\Default User\Recent
[2011/01/09 16:35:40 | 000,000,000 | R--D | C] -- B:\Documents and Settings\Default User\My Documents\My Pictures
[2011/01/09 16:35:40 | 000,000,000 | R--D | C] -- B:\Documents and Settings\Default User\My Documents\My Music
[2011/01/09 16:35:40 | 000,000,000 | R--D | C] -- B:\Documents and Settings\Default User\My Documents
[2011/01/09 16:35:40 | 000,000,000 | R--D | C] -- B:\Documents and Settings\Default User\Favorites
[2011/01/09 16:35:40 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Templates
[2011/01/09 16:35:40 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Start Menu
[2011/01/09 16:35:40 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\SendTo
[2011/01/09 16:35:40 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\PrintHood
[2011/01/09 16:35:40 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\NetHood
[2011/01/09 16:35:40 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\My Documents\My Videos
[2011/01/09 16:35:40 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Application Data\Microsoft
[2011/01/09 16:35:40 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Local Settings
[2011/01/09 16:35:40 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Desktop
[2011/01/09 16:35:40 | 000,000,000 | ---D | C] -- B:\Documents and Settings\Default User\Application Data
[2010/12/15 18:32:03 | 000,000,000 | ---D | C] -- C:\Users\USER1\AppData\Roaming\MSNInstaller
[2010/12/15 18:31:28 | 000,000,000 | ---D | C] -- C:\Program Files\MSN

========== Files - Modified Within 30 Days ==========

[2011/01/09 16:43:10 | 000,001,348 | ---- | M] () -- B:\Documents and Settings\Default User\Desktop\A43 File Management Utility.lnk
[2011/01/09 16:38:51 | 000,001,332 | ---- | M] () -- B:\Documents and Settings\Default User\Desktop\OTLPE.lnk
[2011/01/09 15:57:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/29 17:07:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{AD6A5563-DE43-4934-82B3-384578773D56}.job
[2010/12/29 17:06:39 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/29 17:06:39 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/29 17:06:39 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/12/19 22:28:12 | 000,703,388 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/12/19 22:28:12 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/12/19 22:28:12 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/12/15 18:38:23 | 006,291,456 | -H-- | M] () -- C:\Users\USER1\AppData\Local\IconCache.db

========== Files Created - No Company Name ==========

[2011/01/09 16:35:41 | 000,001,547 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\MSKeyViewer Plus.lnk
[2011/01/09 16:35:41 | 000,001,535 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\RegistryEditorPE.lnk
[2011/01/09 16:35:41 | 000,001,483 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\HandyRecovery 1.lnk
[2011/01/09 16:35:41 | 000,001,479 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\Undelete Plus.lnk
[2011/01/09 16:35:41 | 000,001,475 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\Magical Jelly Bean Keyfinder.lnk
[2011/01/09 16:35:41 | 000,001,469 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\DiskPartitioner.lnk
[2011/01/09 16:35:41 | 000,001,465 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\Agent Ransack.lnk
[2011/01/09 16:35:41 | 000,001,437 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\notepad++.lnk
[2011/01/09 16:35:41 | 000,001,427 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\2xExplorer.lnk
[2011/01/09 16:35:41 | 000,001,371 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\ImgBurn.lnk
[2011/01/09 16:35:41 | 000,001,353 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\DriveImage XML.lnk
[2011/01/09 16:35:41 | 000,001,348 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\A43 File Management Utility.lnk
[2011/01/09 16:35:41 | 000,001,347 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\7-Zip File Manager.lnk
[2011/01/09 16:35:41 | 000,001,343 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\Windows Registry Recovery.lnk
[2011/01/09 16:35:41 | 000,001,332 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\OTLPE.lnk
[2011/01/09 16:35:41 | 000,001,313 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\Disk Investigator.lnk
[2011/01/09 16:35:41 | 000,001,261 | ---- | C] () -- B:\Documents and Settings\Default User\Desktop\Internet Explorer.lnk
[2010/12/15 18:05:34 | 001,689,726 | ---- | C] () -- C:\Users\USER1\Documents\march pics 013.jpg
[2010/08/29 01:36:19 | 000,000,140 | ---- | C] () -- C:\Users\USER1\AppData\Roaming\wklnhst.dat
[2010/07/03 01:43:50 | 000,029,970 | ---- | C] () -- C:\Users\USER1\AppData\Roaming\UserTile.png
[2010/05/19 21:49:03 | 000,003,584 | ---- | C] () -- C:\Users\Chely\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/19 21:47:51 | 000,000,680 | ---- | C] () -- C:\Users\Chely\AppData\Local\d3d9caps.dat
[2010/05/19 08:28:05 | 000,000,000 | ---- | C] () -- C:\Users\Chely\AppData\Local\QSwitch.txt
[2010/05/19 08:28:05 | 000,000,000 | ---- | C] () -- C:\Users\Chely\AppData\Local\DSwitch.txt
[2010/05/19 08:28:05 | 000,000,000 | ---- | C] () -- C:\Users\Chely\AppData\Local\AtStart.txt
[2010/05/08 17:58:00 | 000,007,168 | ---- | C] () -- C:\Users\USER1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/07 04:27:14 | 000,000,680 | ---- | C] () -- C:\Users\USER1\AppData\Local\d3d9caps.dat
[2010/05/07 03:43:51 | 000,000,000 | ---- | C] () -- C:\Users\USER1\AppData\Local\QSwitch.txt
[2010/05/07 03:43:51 | 000,000,000 | ---- | C] () -- C:\Users\USER1\AppData\Local\DSwitch.txt
[2010/05/07 03:43:51 | 000,000,000 | ---- | C] () -- C:\Users\USER1\AppData\Local\AtStart.txt
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2008/06/19 09:47:18 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2008/06/19 09:47:18 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2008/06/19 09:47:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1329.dll
[2008/06/19 09:47:18 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== Custom Scans ==========




Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.

Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe

Invalid Environment Variable: %APPDATA%\*.

Invalid Environment Variable: %APPDATA%\*.exe

< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\drivers\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 21:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\System32\drivers\atapi.sys
[2008/01/20 21:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 21:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\System32\cngaudit.dll
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: EVENTLOG.DLL >
[2007/01/13 01:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll

< MD5 for: IASTOR.SYS >
[2007/07/13 00:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\iastor.sys
[2007/07/13 00:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\SwSetup\Drivers\TurboMEM\Winall\Driver\iastor.sys
[2007/07/13 00:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\WINDOWS\System32\drivers\iaStor.sys
[2007/07/13 00:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\WINDOWS\System32\DriverStore\FileRepository\iaahci.inf_cfa1dde4\iaStor.sys
[2007/07/13 00:35:44 | 000,381,976 | ---- | M] (Intel Corporation) MD5=CEB53BB804B41C52AB0782505C8E2994 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\iastor.sys
[2007/07/13 00:35:44 | 000,381,976 | ---- | M] (Intel Corporation) MD5=CEB53BB804B41C52AB0782505C8E2994 -- C:\SwSetup\Drivers\TurboMEM\Winall\Driver64\iastor.sys

< MD5 for: IASTORV.SYS >
[2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\System32\drivers\iaStorV.sys
[2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/04/11 01:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\WINDOWS\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/20 21:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\WINDOWS\System32\netlogon.dll
[2008/01/20 21:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\System32\drivers\nvstor.sys
[2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/20 21:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\WINDOWS\System32\scecli.dll
[2008/01/20 21:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 01:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\WINDOWS\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: USERINIT.EXE >
[2008/01/20 21:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\System32\userinit.exe
[2008/01/20 21:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/01/20 22:14:18 | 016,846,848 | ---- | M] () -- C:\WINDOWS\System32\config\COMPONENTS.SAV
[2008/01/20 22:14:08 | 000,106,496 | ---- | M] () -- C:\WINDOWS\System32\config\DEFAULT.SAV
[2008/01/20 22:14:18 | 000,020,480 | ---- | M] () -- C:\WINDOWS\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\WINDOWS\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\WINDOWS\System32\config\SYSTEM.SAV

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/01/20 21:24:58 | 000,142,336 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\fontext.dll
[2010/07/26 11:55:26 | 011,581,440 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\shell32.dll

< %systemroot%\system32\drivers\*.sys /90 >




< End of report >

#15 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,570 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:54 PM

Posted 10 January 2011 - 10:30 AM

  • Boot to the OTLPE CD
  • Please double-click OTLPE.exe to run it as you did before.
  • Copy the lines in the quote below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    :Reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "*Restore"=-

  • Return to OTLPE, right click in the "Custom Scans/Fixes" window and choose Paste.
  • Click the red Run Fix button.
  • A report will be produced and saved in the C:\_OTL\MovedFiles folder in the form of Date_Time.log. Open that report and post its contents in a reply.

Restart the computer back to the OTLPE CD.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings
    • Change Drivers to All
    • Change Standard Registry to All
    • Under the Custom Scan box paste this in

      /md5start
      fontext.dll
      shell32.dll
      rstrui.exe
      /md5stop

  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive.
  • Please post the contents of the C:\OTL.txt file in your reply also.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users