Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Notebook wont boot after Combofix


  • This topic is locked This topic is locked
15 replies to this topic

#1 RyanDoherty18

RyanDoherty18

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:34 AM

Posted 11 July 2011 - 01:05 PM

My notebook is an HP Pavilion dv7t-4000 CT running Windows 7 x86 OS

I had the Google Redirect issue with Firefox so i installed and ran Combofix the way one forum instructed for fixing the google redirect issue. Then upon reboot all i get is the Recovery Manager and i cannot do system restore because i have no prior restore points. Upon booting up f8 and f11 do not work. I have tried several times with no success and there is no f lock key.
Any help on fixing my computer is greatly appreciated, its urgent that i get my notebook running properly again because my business is run directly from my pc.

Please help if you can, thank you.

EDIT: Please be patient. There are over 300 unanswered topics in this forum at present and the current average wait time to receive help is 10 days. ~Budapest

Edited by Budapest, 12 July 2011 - 05:18 PM.


BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:34 AM

Posted 14 July 2011 - 08:56 AM

Hi, :welcome:

Lets give it a try.

We will need to view the system status from an external environment. You will need a USB drive and a CD to burn. There will be several steps to follow.

Download GETxPUD.exe to the desktop of your clean computer
  • Run GETxPUD.exe
  • A new folder will appear on the desktop.
  • Open the GETxPUD folder and click on the get&burn.bat
  • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  • Click on Start and follow the prompts to burn the image to a CD.
  • Next download driver.sh to your USB drive
  • Also Download Query.exe to the USB drive. In your working computer, navigate to the USB drive and click on the Query.exe. A folder and a file, query.sh, will be extracted.
  • Remove the USB & CD and insert them in the sick computer
  • Boot the Sick computer with the CD you just burned
  • The computer must be set to boot from the CD
  • In some computers you need to tap F12 and choose to boot from the CD, in others is the Esc key. Please consult your computer's documentation.
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your USB drive (sdb1 ?)
  • Confirm that you see driver.sh that you downloaded there
  • Press Tool at the top
  • Choose Open Terminal
  • Type bash driver.sh
  • Press Enter
  • After it has finished a report will be located on your USB drive named report.txt
  • Then type bash driver.sh -af
  • Press Enter
  • You will be prompted to input a filename.
  • Type the following:

    Winlogon.exe

  • Press Enter
  • If successful, the script will search for this file.
  • After it has completed the search enter the next file to be searched
  • Type the following:

    volsnap.sys

  • Press Enter
  • If successful, the script will search for this file.
  • After it has completed the search enter the next file to be searched
  • Type the following:

    explorer.exe

  • Press Enter
  • After it has completed the search enter the next file to be searched
  • Type the following:

    Userinit.exe

  • Press Enter
  • After the search is completed type Exit and press Enter.
  • After it has finished a report will be located in the USB drive as filefind.txt
  • While still in the Open Terminal, type bash query.sh
  • Press Enter
  • After it has finished a report will be located in the USB drive as RegReport.txt
  • Then type dd if=/dev/sda of=mbr.bin bs=512 count=1


    Leave a space among the following Statements:

    dd is the executable application used to create the backup
    if=/dev/sda is the device the backup is created from - the hard drive when only one HDD exists
    of=mbr.bin is the backup file to create - note the lack of a path - it will be created in the directory currently open in the Terminal
    bs=512 is the number of bytes in the backup
    count=1 says to backup just 1 sector


    It is extremely important that the if and of statements are correctly entered.

  • Press Enter
  • After it has finished a report will be located in the USB drive as mbr.bin
  • Plug the USB back into the clean computer, zip the mbr.bin, and except for the mbr.bin zipped file, post the contents of the report.txt, filefind.txt and RegReport.txt in your next reply. The mbr.bin zipped file must be attached to your reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 RyanDoherty18

RyanDoherty18
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:34 AM

Posted 14 July 2011 - 11:22 AM

I followed all the instructions exactly but when i get to booting up my sick computer with the usb and cd in it, i boot it up from the cd, then it says xpud and i choose english..then quickly some writing comes up on the screen and then the screen goes blank. It stays at a gray lit screen, frozen, but i cant see anything on the screen. This happened every time, i've tried booting up several times and always after i click english it does this.

#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:34 AM

Posted 14 July 2011 - 01:23 PM

No error messages? Lets try a bootable USB instead.

Try this please. You will need a USB drive.

Download http://unetbootin.sourceforge.net/unetbootin-xpud-windows-latest.exe & http://noahdfear.net/downloads/bootable/xPUD/xpud-0.9.2.iso to the desktop of your clean computer
  • Insert your USB drive
  • Press Start > My Computer > right click your USB drive > choose Format > Quick format
  • Double click the unetbootin-xpud-windows-387.exe that you just downloaded
  • Press Run then OK
  • Select the DiskImage option then click the browse button located on the right side of the textbox field.
  • Browse to and select the xpud-0.9.2.iso file you downloaded
  • Verify the correct drive letter is selected for your USB device then click OK
  • It will install a little bootable OS on your USB device
  • Once the files have been written to the device you will be prompted to reboot ~ do not reboot and instead just Exit the UNetbootin interface
  • After it has completed do not choose to reboot the clean computer simply close the installer
  • Next download http://noahdfear.net/downloads/driver.sh to your USB
  • Also Download Query.exe to the USB drive. In your working computer, navigate to the USB drive and click on the Query.exe. A folder and a file, query.sh, will be extracted.
  • Remove the USB and insert it in the sick computer
  • Boot the Sick computer
  • The computer must be set to boot from the USB drive
  • In some computers you need to tap F12 and choose to boot from the USB, in others is the Esc key. Please consult your computer's documentation.
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your USB drive (sdb1 ?)
  • Confirm that you see driver.sh that you downloaded there
  • Press Tool at the top
  • Choose Open Terminal
  • Type bash driver.sh
  • Press Enter
  • After it has finished a report will be located on your USB drive named report.txt
  • Then type bash driver.sh -af
  • Press Enter
  • You will be prompted to input a filename.
  • Type the following:

    Winlogon.exe

  • Press Enter
  • If successful, the script will search for this file.
  • After it has completed the search enter the next file to be searched
  • Type the following:

    volsnap.sys

  • Press Enter
  • If successful, the script will search for this file.
  • After it has completed the search enter the next file to be searched
  • Type the following:

    explorer.exe

  • Press Enter
  • After it has completed the search enter the next file to be searched
  • Type the following:

    Userinit.exe

  • Press Enter
  • After the search is completed type Exit and press Enter.
  • After it has finished a report will be located in the USB drive as filefind.txt
  • While still in the Open Terminal, type bash query.sh
  • Press Enter
  • After it has finished a report will be located in the USB drive as RegReport.txt
  • Then type dd if=/dev/sda of=mbr.bin bs=512 count=1


    Leave a space among the following Statements:

    dd is the executable application used to create the backup
    if=/dev/sda is the device the backup is created from - the hard drive when only one HDD exists
    of=mbr.bin is the backup file to create - note the lack of a path - it will be created in the directory currently open in the Terminal
    bs=512 is the number of bytes in the backup
    count=1 says to backup just 1 sector


    It is extremely important that the if and of statements are correctly entered.

  • Press Enter
  • After it has finished a report will be located in the USB drive as mbr.bin
  • Plug the USB back into the clean computer, zip the mbr.bin, and except for the mbr.bin zipped file, post the contents of the report.txt, filefind.txt and RegReport.txt in your next reply. The mbr.bin zipped file must be attached to your reply.

Please note - all text entries are case sensitive

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 RyanDoherty18

RyanDoherty18
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:34 AM

Posted 14 July 2011 - 02:17 PM

I cannot boot from usb drive, my only options are boot from hard drive, Internal dvd/cd rom, or network adapter.

#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:34 AM

Posted 14 July 2011 - 02:54 PM

Do you have the installation or Recovery CD?

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#7 RyanDoherty18

RyanDoherty18
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:34 AM

Posted 14 July 2011 - 09:41 PM

No but i tried downloading my OS on a healthy comp, burning it to a dvd-r, and then booting from cd on my sick computer. But for some reason after i extract the win 7 ultime x86 32-bit download, and i put all the contents on the disc and burn. Then when i insert the disk into my sick comp and boot from cd, nothing happens it just boots up normally with problems.

#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:34 AM

Posted 14 July 2011 - 11:12 PM

What operating system is in the healthy computer? Do you have its installation CD?

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#9 RyanDoherty18

RyanDoherty18
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:34 AM

Posted 14 July 2011 - 11:27 PM

It is a windows 7 x86 32-bit OS. I have successfully burned another copy of win 7 ultimate x86 32-bit and installed it upon boot, my sick comp is now working again. Thank you for all your help. My one question is that I forgot to do a custom installation and now my c drive is loaded with folders and programs that i want to just get rid of completely. how can i clean my c drive now?

#10 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:34 AM

Posted 15 July 2011 - 12:04 AM

Lets take a look:

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • OTL should now start. Change the following settings
    • Change Drivers to All
    • Change Standard Registry to All
    • Under File Scans, change File age to 30
  • Under the Custom Scan box paste this in



    set /c
    %SYSTEMDRIVE%\*.*

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt (first run only). These are saved in the same location as OTL.
    • Please post the contents of the OTL.txt file and attach the Extras.Txt, if any, in your next reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#11 RyanDoherty18

RyanDoherty18
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:34 AM

Posted 15 July 2011 - 11:01 AM

Here is the contents of the OTL txt file:


OTL logfile created on: 7/15/2011 11:53:31 AM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Ryan\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.43 Gb Total Physical Memory | 1.41 Gb Available Physical Memory | 58.02% Memory free
4.86 Gb Paging File | 3.47 Gb Available in Paging File | 71.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 275.04 Gb Total Space | 189.28 Gb Free Space | 68.82% Space Free | Partition Type: NTFS
Drive D: | 22.75 Gb Total Space | 3.29 Gb Free Space | 14.45% Space Free | Partition Type: NTFS
Drive E: | 99.34 Mb Total Space | 84.25 Mb Free Space | 84.82% Space Free | Partition Type: FAT32
Drive F: | 3.29 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 1.89 Gb Total Space | 1.83 Gb Free Space | 96.61% Space Free | Partition Type: FAT32

Computer Name: RYAN-PC | User Name: Ryan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/15 11:52:05 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Ryan\Downloads\OTL.exe
PRC - [2011/07/15 02:19:04 | 000,064,048 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe
PRC - [2011/07/15 02:17:18 | 000,043,936 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
PRC - [2011/07/15 02:15:30 | 001,451,928 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
PRC - [2011/07/15 02:14:26 | 002,090,016 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
PRC - [2011/07/15 00:14:25 | 000,632,792 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2011/07/15 00:14:22 | 000,112,600 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2011/07/15 00:04:58 | 000,403,320 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\BitTorrent.exe
PRC - [2011/06/17 15:41:44 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/06/06 12:28:30 | 000,671,552 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
PRC - [2011/06/06 12:26:36 | 001,524,544 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
PRC - [2011/04/05 21:59:04 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011/04/05 21:58:36 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/11/20 17:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/01/31 19:29:34 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2010/01/31 19:29:34 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_be0aa592be2f1430\stacsv.exe
PRC - [2010/01/13 15:24:48 | 000,509,320 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2009/03/02 20:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_be0aa592be2f1430\AEstSrv.exe


========== Modules (SafeList) ==========

MOD - [2011/07/15 11:52:05 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Ryan\Downloads\OTL.exe
MOD - [2011/07/15 01:53:59 | 000,276,992 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00093_002\plugin_nt.m32
MOD - [2011/03/14 20:36:16 | 000,166,912 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00093_002\plugin_extra.m32
MOD - [2011/03/14 20:35:18 | 000,089,600 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00093_002\plugin_net.m32
MOD - [2011/03/14 20:35:00 | 000,657,408 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00093_002\plugin_fragments.m32
MOD - [2011/03/14 20:34:32 | 000,120,832 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00093_002\plugin_registry.m32
MOD - [2011/03/14 20:34:16 | 000,136,704 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00093_002\plugin_base.m32
MOD - [2011/03/14 20:29:50 | 000,232,968 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00093_002\midas32.dll
MOD - [2010/11/20 17:29:06 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/07/15 02:17:18 | 000,043,936 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe -- (Updatesrv)
SRV - [2011/07/15 02:14:26 | 002,090,016 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- (VSSERV)
SRV - [2011/07/15 00:14:25 | 000,632,792 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2011/06/06 12:26:36 | 001,524,544 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/06/06 12:23:58 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/04/05 21:58:36 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011/03/24 14:17:36 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/11/30 07:19:06 | 000,307,544 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV - [2010/01/31 19:29:34 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_be0aa592be2f1430\stacsv.exe -- (STacSV)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/03/02 20:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_be0aa592be2f1430\AEstSrv.exe -- (AESTFilters)


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (VGPU)
DRV - [2011/07/15 02:19:05 | 000,122,552 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys -- (bdselfpr)
DRV - [2011/07/15 02:17:28 | 000,306,320 | ---- | M] (BitDefender S.R.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\trufos.sys -- (Trufos)
DRV - [2011/06/17 15:50:12 | 000,223,744 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV - [2011/06/17 15:50:12 | 000,123,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV - [2011/06/17 15:50:12 | 000,096,768 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV - [2011/06/17 15:49:56 | 000,311,808 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv2.sys -- (srv2)
DRV - [2011/06/17 15:49:56 | 000,311,808 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv.sys -- (srv)
DRV - [2011/06/17 15:49:56 | 000,114,688 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet)
DRV - [2011/06/17 15:49:06 | 000,028,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2011/06/17 15:46:45 | 000,164,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2011/06/17 15:46:04 | 000,133,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2011/06/17 15:45:13 | 000,296,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx)
DRV - [2011/06/17 15:44:40 | 000,077,184 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2011/06/17 15:43:17 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV - [2011/06/17 15:43:17 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wanarp.sys -- (WANARP)
DRV - [2011/06/17 15:40:19 | 000,131,968 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\mpio.sys -- (mpio)
DRV - [2011/06/17 15:39:50 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bowser.sys -- (bowser)
DRV - [2011/06/17 15:38:31 | 000,091,136 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hidbth.sys -- (HidBth)
DRV - [2011/06/17 15:37:04 | 000,274,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ACPI.sys -- (ACPI)
DRV - [2011/06/17 15:34:57 | 000,246,144 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\volsnap.sys -- (volsnap)
DRV - [2011/06/17 15:33:45 | 001,301,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tcpip.sys -- (TCPIP6)
DRV - [2011/06/17 15:33:45 | 001,301,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip)
DRV - [2011/06/17 15:33:45 | 000,338,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\afd.sys -- (AFD)
DRV - [2011/06/17 15:30:59 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2011/06/17 15:30:29 | 000,729,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV - [2011/06/17 15:30:10 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2011/06/17 15:29:27 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2011/06/17 15:28:55 | 000,066,048 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV - [2011/06/17 15:24:48 | 000,154,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\pci.sys -- (pci)
DRV - [2011/06/17 15:24:48 | 000,053,120 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\volmgr.sys -- (volmgr)
DRV - [2011/06/17 15:23:07 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbehci.sys -- (usbehci)
DRV - [2011/06/17 15:23:07 | 000,024,064 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2011/06/17 15:23:07 | 000,020,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\usbohci.sys -- (usbohci)
DRV - [2011/06/17 15:22:15 | 000,712,064 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ndis.sys -- (NDIS)
DRV - [2011/06/17 15:16:45 | 000,116,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\msdsm.sys -- (msdsm)
DRV - [2011/06/17 15:16:24 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbhub.sys -- (usbhub)
DRV - [2011/06/17 15:16:24 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2011/06/17 15:13:59 | 000,133,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (RDPDR)
DRV - [2011/06/17 15:13:43 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2011/06/17 15:12:02 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2011/06/17 15:09:47 | 000,242,688 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\rdbss.sys -- (rdbss)
DRV - [2011/06/17 15:08:13 | 001,211,264 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2011/05/13 18:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2011/05/13 18:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2011/04/10 14:44:57 | 010,783,744 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2011/04/06 00:10:38 | 007,774,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/04/05 21:21:22 | 000,242,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011/03/24 15:36:18 | 000,353,096 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\bdfsfltr.sys -- (bdfsfltr)
DRV - [2011/03/18 09:46:26 | 000,061,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2011/03/18 09:46:10 | 000,073,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2011/03/07 05:22:00 | 000,052,992 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\EtronXHCI.sys -- (EtronXHCI)
DRV - [2011/03/07 05:22:00 | 000,033,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\EtronHub3.sys -- (EtronHub3)
DRV - [2011/03/04 11:00:16 | 000,309,224 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\asmtxhci.sys -- (asmtxhci)
DRV - [2011/03/04 11:00:14 | 000,100,328 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\asmthub3.sys -- (asmthub3)
DRV - [2011/02/22 14:21:54 | 000,319,592 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2011/02/10 09:52:10 | 000,141,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2011/02/10 09:52:10 | 000,063,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2011/02/01 02:19:18 | 002,293,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\evbdx.sys -- (ebdrv)
DRV - [2011/01/18 21:28:12 | 007,087,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwNs32.sys -- (NETwNs32) ___ Intel®
DRV - [2011/01/14 12:39:10 | 000,129,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\Xeno7x86.sys -- (BFN7x86)
DRV - [2011/01/14 12:39:08 | 000,129,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\XenoVx86.sys -- (BFNVis32)
DRV - [2011/01/12 20:47:50 | 000,061,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ifP60X32.sys -- (IFCoEVB)
DRV - [2011/01/12 20:47:48 | 000,269,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ifM60x32.sys -- (IFCoEMP)
DRV - [2011/01/06 11:04:46 | 000,481,320 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\bxvbdx.sys -- (b06bdrv)
DRV - [2010/12/16 11:16:04 | 000,076,840 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\bxdiagx.sys -- (b06diag)
DRV - [2010/12/15 18:06:50 | 000,037,504 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2010/12/10 13:27:48 | 000,431,144 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\bxois.sys -- (BXOIS)
DRV - [2010/11/29 14:12:20 | 001,066,232 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\avckf.sys -- (avckf)
DRV - [2010/11/29 14:12:14 | 000,535,824 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\avc3.sys -- (avc3)
DRV - [2010/11/20 17:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 17:29:26 | 000,388,096 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\csc.sys -- (CSC)
DRV - [2010/11/20 17:29:26 | 000,194,800 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\DRIVERS\fvevol.sys -- (fvevol)
DRV - [2010/11/20 17:29:24 | 000,173,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2010/11/20 17:29:24 | 000,115,712 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2010/11/20 17:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 17:29:20 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel)
DRV - [2010/11/20 17:29:20 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2010/11/20 17:29:19 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2010/11/20 17:29:19 | 000,067,456 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecdd.sys -- (KSecDD)
DRV - [2010/11/20 17:29:13 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2010/11/20 17:29:13 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2010/11/20 17:29:12 | 000,513,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\http.sys -- (HTTP)
DRV - [2010/11/20 17:29:12 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV - [2010/11/20 17:29:11 | 000,078,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mountmgr.sys -- (mountmgr)
DRV - [2010/11/20 17:29:11 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV - [2010/11/20 17:29:08 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\netbt.sys -- (NetBT)
DRV - [2010/11/20 17:29:08 | 000,132,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WUDFRd.sys -- (WUDFRd)
DRV - [2010/11/20 17:29:08 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WUDFPf.sys -- (WudfPf)
DRV - [2010/11/20 17:29:08 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV - [2010/11/20 17:29:07 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2010/11/20 17:29:07 | 000,074,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tdx.sys -- (tdx)
DRV - [2010/11/20 17:29:07 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2010/11/20 17:29:06 | 000,183,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2010/11/20 17:29:06 | 000,056,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr)
DRV - [2010/11/20 17:29:04 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2010/11/20 17:29:04 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2010/11/20 17:29:03 | 000,332,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\iaStorV.sys -- (iaStorV)
DRV - [2010/11/20 17:29:03 | 000,233,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\msiscsi.sys -- (iScsiPrt)
DRV - [2010/11/20 17:29:03 | 000,175,360 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 17:29:03 | 000,160,128 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vhdmp.sys -- (vhdmp)
DRV - [2010/11/20 17:29:03 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV - [2010/11/20 17:29:03 | 000,143,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2010/11/20 17:29:03 | 000,117,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2010/11/20 17:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010/11/20 17:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2010/11/20 17:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2010/11/20 17:29:03 | 000,085,376 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2010/11/20 17:29:03 | 000,080,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\amdsata.sys -- (amdsata)
DRV - [2010/11/20 17:29:03 | 000,062,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 17:29:03 | 000,053,120 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\termdd.sys -- (TermDD)
DRV - [2010/11/20 17:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 17:29:03 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\umbus.sys -- (umbus)
DRV - [2010/11/20 17:29:03 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2010/11/20 17:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\msahci.sys -- (msahci)
DRV - [2010/11/20 17:29:03 | 000,028,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 17:29:03 | 000,027,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/20 17:29:03 | 000,025,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\terminpt.sys -- (terminpt)
DRV - [2010/11/20 17:29:03 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidusb.sys -- (HidUsb)
DRV - [2010/11/20 17:29:03 | 000,022,400 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\amdxata.sys -- (amdxata)
DRV - [2010/11/20 17:29:03 | 000,017,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 17:29:03 | 000,012,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\sffp_sd.sys -- (sffp_sd)
DRV - [2010/11/20 17:29:03 | 000,010,240 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\acpipmi.sys -- (AcpiPmi)
DRV - [2010/11/20 17:29:03 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/11/17 08:04:24 | 000,101,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010/10/07 13:34:32 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010/08/20 18:41:54 | 000,088,144 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV - [2010/08/20 15:41:58 | 000,072,784 | ---- | M] (BitDefender) [Kernel | System | Running] -- c:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfndisf6.sys -- (Bdfndisf)
DRV - [2010/05/13 16:52:04 | 000,152,528 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bdfm.sys -- (bdfm)
DRV - [2010/02/26 19:31:23 | 000,132,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2010/02/18 03:22:56 | 000,242,992 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2010/02/03 09:10:08 | 000,109,448 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ETD.sys -- (ETD)
DRV - [2010/01/31 19:29:34 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2010/01/19 19:32:40 | 000,085,128 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Windows\System32\drivers\bdvedisk.sys -- (Bdvedisk)
DRV - [2009/11/16 07:28:00 | 000,037,576 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\qd26032.sys -- (ioatdma2) Intel®
DRV - [2009/11/16 07:27:58 | 000,036,552 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\qd16032.sys -- (ioatdma1)
DRV - [2009/09/17 22:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2009/09/17 22:54:14 | 000,041,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\HECI.sys -- (MEI) Intel®
DRV - [2009/08/01 12:10:10 | 000,058,400 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\sisagpx.sys -- (uagp35)
DRV - [2009/08/01 12:10:10 | 000,058,400 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\SISAGPX.sys -- (sisagp)
DRV - [2009/07/16 20:51:52 | 000,024,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\NVAMACPI.sys -- (nvamacpi)
DRV - [2009/07/13 21:26:21 | 000,249,408 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Running] -- C:\Windows\System32\clfs.sys -- (CLFS) Common Log (CLFS)
DRV - [2009/07/13 21:26:21 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\compbatt.sys -- (Compbatt)
DRV - [2009/07/13 21:26:21 | 000,015,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2009/07/13 21:26:17 | 000,297,552 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2009/07/13 21:26:15 | 000,422,976 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2009/07/13 21:26:15 | 000,159,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\amdsbs.sys -- (amdsbs)
DRV - [2009/07/13 21:26:15 | 000,146,512 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2009/07/13 21:26:15 | 000,086,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2009/07/13 21:26:15 | 000,076,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2009/07/13 21:26:15 | 000,053,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\amdagp.sys -- (amdagp)
DRV - [2009/07/13 21:26:15 | 000,053,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\agp440.sys -- (agp440)
DRV - [2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\atapi.sys -- (atapi)
DRV - [2009/07/13 21:26:15 | 000,014,912 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\amdide.sys -- (amdide)
DRV - [2009/07/13 21:26:15 | 000,014,400 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2009/07/13 21:20:45 | 000,012,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\pciide.sys -- (pciide)
DRV - [2009/07/13 21:20:44 | 000,162,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC)
DRV - [2009/07/13 21:20:44 | 000,105,024 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\nv_agp.sys -- (nv_agp)
DRV - [2009/07/13 21:20:44 | 000,049,728 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\mup.sys -- (Mup)
DRV - [2009/07/13 21:20:44 | 000,044,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2009/07/13 21:20:44 | 000,041,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mouclass.sys -- (mouclass)
DRV - [2009/07/13 21:20:44 | 000,028,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2009/07/13 21:20:43 | 000,013,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\msisadrv.sys -- (msisadrv)
DRV - [2009/07/13 21:20:37 | 000,089,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/13 21:20:36 | 000,235,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\MegaSR.sys -- (MegaSR)
DRV - [2009/07/13 21:20:36 | 000,096,848 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/13 21:20:36 | 000,095,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/13 21:20:36 | 000,054,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/13 21:20:36 | 000,046,656 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2009/07/13 21:20:36 | 000,042,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2009/07/13 21:20:36 | 000,041,040 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2009/07/13 21:20:36 | 000,030,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2009/07/13 21:20:36 | 000,015,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\intelide.sys -- (intelide)
DRV - [2009/07/13 21:20:28 | 000,453,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2009/07/13 21:20:28 | 000,198,208 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2009/07/13 21:20:28 | 000,070,720 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2009/07/13 21:20:28 | 000,067,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/13 21:20:28 | 000,058,448 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\fileinfo.sys -- (FileInfo)
DRV - [2009/07/13 21:20:28 | 000,057,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\gagp30kx.sys -- (gagp30kx)
DRV - [2009/07/13 21:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/13 21:20:28 | 000,022,096 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\crcdisk.sys -- (crcdisk)
DRV - [2009/07/13 21:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\disk.sys -- (Disk)
DRV - [2009/07/13 21:19:11 | 000,141,904 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2009/07/13 21:19:11 | 000,057,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\uliagpkx.sys -- (uliagpkx)
DRV - [2009/07/13 21:19:11 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\wd.sys -- (Wd)
DRV - [2009/07/13 21:19:10 | 000,445,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2009/07/13 21:19:10 | 000,053,328 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\viaagp.sys -- (viaagp)
DRV - [2009/07/13 21:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 21:19:10 | 000,016,976 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2009/07/13 21:19:10 | 000,012,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\swenum.sys -- (swenum)
DRV - [2009/07/13 21:19:04 | 001,383,488 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2009/07/13 21:19:04 | 000,106,064 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2009/07/13 21:19:04 | 000,077,888 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/13 21:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/13 21:19:04 | 000,040,016 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/13 21:19:04 | 000,021,072 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\stexstor.sys -- (stexstor)
DRV - [2009/07/13 21:19:03 | 000,180,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\pcmcia.sys -- (pcmcia)
DRV - [2009/07/13 21:19:03 | 000,017,472 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\spldr.sys -- (spldr)
DRV - [2009/07/13 21:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/13 20:57:25 | 000,272,128 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/13 20:41:15 | 000,586,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH)
DRV - [2009/07/13 20:17:06 | 000,019,968 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2009/07/13 20:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009/07/13 20:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/13 20:01:39 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV - [2009/07/13 19:55:24 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\modem.sys -- (Modem)
DRV - [2009/07/13 19:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2009/07/13 19:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/13 19:54:58 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp) WAN Miniport (SSTP)
DRV - [2009/07/13 19:54:48 | 000,073,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2009/07/13 19:54:46 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2009/07/13 19:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rasacd.sys -- (RasAcd)
DRV - [2009/07/13 19:54:34 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2009/07/13 19:54:29 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipnat.sys -- (IPNAT)
DRV - [2009/07/13 19:54:29 | 000,058,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2009/07/13 19:54:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2009/07/13 19:54:13 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV - [2009/07/13 19:53:58 | 000,104,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\pacer.sys -- (Psched)
DRV - [2009/07/13 19:53:54 | 000,036,352 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\netbios.sys -- (NetBIOS)
DRV - [2009/07/13 19:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/13 19:53:41 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smb.sys -- (Smb) Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)
DRV - [2009/07/13 19:53:27 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irenum.sys -- (IRENUM)
DRV - [2009/07/13 19:53:20 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr)
DRV - [2009/07/13 19:53:19 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio)
DRV - [2009/07/13 19:52:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV - [2009/07/13 19:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/13 19:52:03 | 000,267,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP)
DRV - [2009/07/13 19:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/13 19:51:35 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\umpass.sys -- (UmPass)
DRV - [2009/07/13 19:51:34 | 000,056,320 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2009/07/13 19:51:29 | 000,062,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ohci1394.sys -- (ohci1394) 1394 OHCI Compliant Host Controller (Legacy)
DRV - [2009/07/13 19:51:18 | 000,086,016 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV - [2009/07/13 19:51:17 | 000,037,888 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\circlass.sys -- (circlass)
DRV - [2009/07/13 19:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/13 19:51:05 | 000,037,888 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hidir.sys -- (HidIr)
DRV - [2009/07/13 19:50:57 | 000,005,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2009/07/13 19:46:55 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\MTConfig.sys -- (MTConfig)
DRV - [2009/07/13 19:46:53 | 000,021,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\wacompen.sys -- (WacomPen)
DRV - [2009/07/13 19:45:52 | 000,013,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2009/07/13 19:45:52 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV - [2009/07/13 19:45:52 | 000,011,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2009/07/13 19:45:45 | 000,025,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\fdc.sys -- (fdc)
DRV - [2009/07/13 19:45:45 | 000,019,968 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\flpydisk.sys -- (flpydisk)
DRV - [2009/07/13 19:45:35 | 000,079,360 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\parport.sys -- (Parport)
DRV - [2009/07/13 19:45:33 | 000,083,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\serial.sys -- (Serial)
DRV - [2009/07/13 19:45:29 | 000,008,704 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\system32\drivers\parvdm.sys -- (Parvdm)
DRV - [2009/07/13 19:45:28 | 000,017,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\serenum.sys -- (Serenum)
DRV - [2009/07/13 19:45:08 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mouhid.sys -- (mouhid)
DRV - [2009/07/13 19:45:08 | 000,019,968 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\sermouse.sys -- (sermouse)
DRV - [2009/07/13 19:45:08 | 000,008,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2009/07/13 19:45:08 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mstee.sys -- (MSTEE)
DRV - [2009/07/13 19:45:08 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2009/07/13 19:45:07 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspqm.sys -- (MSPQM)
DRV - [2009/07/13 19:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\beep.sys -- (Beep)
DRV - [2009/07/13 19:25:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\monitor.sys -- (monitor)
DRV - [2009/07/13 19:25:51 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)
DRV - [2009/07/13 19:25:49 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vgapnp.sys -- (vga)
DRV - [2009/07/13 19:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/13 19:23:04 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2009/07/13 19:19:21 | 000,021,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\HidBatt.sys -- (HidBatt)
DRV - [2009/07/13 19:19:19 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\errdev.sys -- (ErrDev)
DRV - [2009/07/13 19:19:18 | 000,014,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CmBatt.sys -- (CmBatt)
DRV - [2009/07/13 19:19:17 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2009/07/13 19:15:45 | 000,086,528 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\system32\drivers\luafv.sys -- (luafv)
DRV - [2009/07/13 19:15:29 | 000,028,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace)
DRV - [2009/07/13 19:14:03 | 000,142,336 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\exfat.sys -- (exfat)
DRV - [2009/07/13 19:14:02 | 000,148,480 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat)
DRV - [2009/07/13 19:12:08 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy)
DRV - [2009/07/13 19:11:32 | 000,035,328 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs)
DRV - [2009/07/13 19:11:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs)
DRV - [2009/07/13 19:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2009/07/13 19:11:15 | 000,070,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs)
DRV - [2009/07/13 19:11:12 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\null.sys -- (Null)
DRV - [2009/07/13 19:11:04 | 000,055,296 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\amdk8.sys -- (AmdK8)
DRV - [2009/07/13 19:11:04 | 000,053,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\intelppm.sys -- (intelppm)
DRV - [2009/07/13 19:11:04 | 000,052,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\viac7.sys -- (ViaC7)
DRV - [2009/07/13 19:11:04 | 000,052,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 19:11:04 | 000,052,224 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\processr.sys -- (Processor)
DRV - [2009/07/13 18:54:14 | 000,026,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 18:53:33 | 000,012,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 18:53:33 | 000,011,904 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 18:53:32 | 000,062,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 18:53:28 | 000,013,568 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 18:53:28 | 000,005,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 18:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 16:50:20 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2009/06/28 19:36:36 | 000,017,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009/02/24 14:42:14 | 000,116,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/09/29 08:51:18 | 000,053,376 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\HWA.sys -- (HWA) Intel®
DRV - [2008/09/15 06:50:46 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\usbuwbmini.sys -- (uwbusb)
DRV - [2008/09/11 12:56:06 | 000,500,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\DfuUWB.sys -- (dfuuwb)
DRV - [2007/11/03 10:15:02 | 000,011,008 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\cbaf.sys -- (cbaf)
DRV - [2005/11/09 12:29:08 | 000,012,928 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ttp7up.sys -- (TTP7)
DRV - [2005/11/02 06:54:44 | 000,011,596 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\copperhd.sys -- (UsbFltr)
DRV - [2004/08/13 05:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 42 3B 97 CA A3 42 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Ryan\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Ryan\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\ [2011/07/15 11:36:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdtbext\ [2011/07/15 01:41:50 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 17:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bitdefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/03/25 08:06:04 | 000,000,043 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/15 11:41:13 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\acccore
[2011/07/15 11:41:12 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\AOL
[2011/07/15 11:41:12 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\AIM
[2011/07/15 03:28:18 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011/07/15 03:06:25 | 000,000,000 | ---D | C] -- C:\Windows.old
[2011/07/15 02:32:21 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/07/15 02:32:01 | 000,380,928 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestecap.dll
[2011/07/15 02:32:01 | 000,172,032 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\HPToneCtrls32.dll
[2011/07/15 02:32:01 | 000,061,440 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestaren.dll
[2011/07/15 02:32:01 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2011/07/15 02:32:00 | 012,464,220 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtcpl.cpl
[2011/07/15 02:32:00 | 003,350,528 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stlang.dll
[2011/07/15 02:32:00 | 000,495,708 | ---- | C] (IDT, Inc.) -- C:\Windows\sttray.exe
[2011/07/15 02:32:00 | 000,139,776 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestacap.dll
[2011/07/15 02:32:00 | 000,086,016 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AESTCom.dll
[2011/07/15 02:31:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\SRSLabs
[2011/07/15 02:30:10 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011/07/15 02:17:28 | 000,306,320 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys
[2011/07/15 02:05:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/07/15 02:05:26 | 000,032,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2011/07/15 02:03:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011/07/15 02:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2011/07/15 02:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011/07/15 02:02:29 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/07/15 02:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011/07/15 02:01:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2011/07/15 02:00:23 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\Microsoft Help
[2011/07/15 02:00:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/07/15 02:00:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/07/15 01:47:08 | 000,000,000 | ---D | C] -- C:\ProgramData\AIM
[2011/07/15 01:47:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM
[2011/07/15 01:47:05 | 000,000,000 | ---D | C] -- C:\Program Files\AIM
[2011/07/15 01:46:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2011/07/15 01:46:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2011/07/15 01:41:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitDefender 2011
[2011/07/15 01:41:48 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\BitDefender
[2011/07/15 01:41:27 | 000,000,000 | ---D | C] -- C:\Program Files\MSSOAP
[2011/07/15 01:41:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2011/07/15 01:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender
[2011/07/15 01:37:12 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\QuickScan
[2011/07/15 01:37:05 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2011/07/15 01:36:35 | 000,353,096 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\bdfsfltr.sys
[2011/07/15 01:36:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2011/07/15 01:09:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Checker
[2011/07/15 01:09:52 | 000,081,408 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\devcon_x64.exe
[2011/07/15 01:09:51 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Checker
[2011/07/15 01:00:51 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\Skype
[2011/07/15 00:30:13 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\Macromedia
[2011/07/15 00:30:12 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\Adobe
[2011/07/15 00:29:06 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2011/07/15 00:29:01 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2011/07/15 00:29:01 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2011/07/15 00:28:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011
[2011/07/15 00:28:53 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\TuneUp Software
[2011/07/15 00:28:51 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2011
[2011/07/15 00:28:26 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2011/07/15 00:28:24 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011/07/15 00:28:15 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011/07/15 00:21:01 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/07/15 00:20:11 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\Apps
[2011/07/15 00:20:10 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\Deployment
[2011/07/15 00:16:56 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\Registry Mechanic
[2011/07/15 00:14:02 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011/07/15 00:12:34 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\System32\UniBox210.ocx
[2011/07/15 00:12:34 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL.OCX
[2011/07/15 00:12:34 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\System32\UniBox10.ocx
[2011/07/15 00:12:34 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX
[2011/07/15 00:12:34 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml.dll
[2011/07/15 00:12:34 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\System32\UniBoxVB12.ocx
[2011/07/15 00:12:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Mechanic
[2011/07/15 00:12:32 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/07/15 00:12:32 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Mechanic
[2011/07/15 00:12:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/07/15 00:11:03 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\WinRAR
[2011/07/15 00:10:48 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/07/15 00:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/07/15 00:10:35 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/07/15 00:05:09 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\Google
[2011/07/15 00:05:08 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2011/07/15 00:05:07 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine
[2011/07/15 00:05:07 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\Conduit
[2011/07/15 00:05:06 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrentBar
[2011/07/15 00:04:58 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrent
[2011/07/15 00:04:35 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\BitTorrent
[2011/07/14 23:53:44 | 000,000,000 | R--D | C] -- C:\Users\Ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/07/14 23:53:44 | 000,000,000 | R--D | C] -- C:\Users\Ryan\Searches
[2011/07/14 23:53:44 | 000,000,000 | R--D | C] -- C:\Users\Ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/07/14 23:53:44 | 000,000,000 | -H-D | C] -- C:\Users\Ryan\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/07/14 23:53:36 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\Identities
[2011/07/14 23:53:35 | 000,000,000 | R--D | C] -- C:\Users\Ryan\Contacts
[2011/07/14 23:53:06 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\VirtualStore
[2011/07/14 23:53:05 | 000,000,000 | --SD | C] -- C:\Users\Ryan\AppData\Roaming\Microsoft
[2011/07/14 23:53:05 | 000,000,000 | R--D | C] -- C:\Users\Ryan\Videos
[2011/07/14 23:53:05 | 000,000,000 | R--D | C] -- C:\Users\Ryan\Saved Games
[2011/07/14 23:53:05 | 000,000,000 | R--D | C] -- C:\Users\Ryan\Pictures
[2011/07/14 23:53:05 | 000,000,000 | R--D | C] -- C:\Users\Ryan\Music
[2011/07/14 23:53:05 | 000,000,000 | R--D | C] -- C:\Users\Ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/07/14 23:53:05 | 000,000,000 | R--D | C] -- C:\Users\Ryan\Links
[2011/07/14 23:53:05 | 000,000,000 | R--D | C] -- C:\Users\Ryan\Favorites
[2011/07/14 23:53:05 | 000,000,000 | R--D | C] -- C:\Users\Ryan\Downloads
[2011/07/14 23:53:05 | 000,000,000 | R--D | C] -- C:\Users\Ryan\Documents
[2011/07/14 23:53:05 | 000,000,000 | R--D | C] -- C:\Users\Ryan\Desktop
[2011/07/14 23:53:05 | 000,000,000 | R--D | C] -- C:\Users\Ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/07/14 23:53:05 | 000,000,000 | -HSD | C] -- C:\Users\Ryan\AppData\Local\Temporary Internet Files
[2011/07/14 23:53:05 | 000,000,000 | -HSD | C] -- C:\Users\Ryan\Templates
[2011/07/14 23:53:05 | 000,000,000 | -HSD | C] -- C:\Users\Ryan\Start Menu
[2011/07/14 23:53:05 | 000,000,000 | -HSD | C] -- C:\Users\Ryan\SendTo
[2011/07/14 23:53:05 | 000,000,000 | -HSD | C] -- C:\Users\Ryan\Recent
[2011/07/14 23:53:05 | 000,000,000 | -HSD | C] -- C:\Users\Ryan\PrintHood
[2011/07/14 23:53:05 | 000,000,000 | -HSD | C] -- C:\Users\Ryan\NetHood
[2011/07/14 23:53:05 | 000,000,000 | -HSD | C] -- C:\Users\Ryan\Documents\My Videos
[2011/07/14 23:53:05 | 000,000,000 | -HSD | C] -- C:\Users\Ryan\Documents\My Pictures
[2011/07/14 23:53:05 | 000,000,000 | -HSD | C] -- C:\Users\Ryan\Documents\My Music
[2011/07/14 23:53:05 | 000,000,000 | -HSD | C] -- C:\Users\Ryan\My Documents
[2011/07/14 23:53:05 | 000,000,000 | -HSD | C] -- C:\Users\Ryan\Local Settings
[2011/07/14 23:53:05 | 000,000,000 | -HSD | C] -- C:\Users\Ryan\AppData\Local\History
[2011/07/14 23:53:05 | 000,000,000 | -HSD | C] -- C:\Users\Ryan\Cookies
[2011/07/14 23:53:05 | 000,000,000 | -HSD | C] -- C:\Users\Ryan\Application Data
[2011/07/14 23:53:05 | 000,000,000 | -HSD | C] -- C:\Users\Ryan\AppData\Local\Application Data
[2011/07/14 23:53:05 | 000,000,000 | -H-D | C] -- C:\Users\Ryan\AppData
[2011/07/14 23:53:05 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\Temp
[2011/07/14 23:53:05 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\Microsoft
[2011/07/14 23:53:05 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\Media Center Programs
[2011/07/10 21:42:01 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/07/10 21:41:54 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2011/07/09 18:01:17 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/07/06 16:44:59 | 000,000,000 | ---D | C] -- C:\TuneUp Duplicates
[2011/06/17 17:39:29 | 000,074,088 | ---- | C] (deepxw) -- C:\Windows\System32\UTH.exe
[2011/06/17 17:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2011/06/17 16:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2011/06/17 15:48:51 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2011/06/17 15:48:51 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2011/06/17 15:48:51 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tspubwmi.dll
[2011/06/17 15:48:51 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpsign.exe
[2011/06/17 15:48:36 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2011/06/17 15:47:16 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys
[2011/06/17 15:46:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/06/17 15:46:04 | 001,038,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2011/06/17 15:45:48 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/06/17 15:45:31 | 000,412,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pcollab.dll
[2011/06/17 15:45:31 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2011/06/17 15:45:31 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2P.dll
[2011/06/17 15:45:31 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pnetsh.dll
[2011/06/17 15:44:58 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/06/17 15:44:25 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2011/06/17 15:42:39 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2011/06/17 15:42:18 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/06/17 15:42:18 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/06/17 15:42:00 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/06/17 15:41:44 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/06/17 15:41:28 | 000,585,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpprefcl.dll
[2011/06/17 15:40:58 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/06/17 15:40:58 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/06/17 15:40:58 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/06/17 15:40:58 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/06/17 15:40:05 | 000,149,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2011/06/17 15:39:19 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/06/17 15:36:50 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2011/06/17 15:36:35 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/06/17 15:36:35 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/06/17 15:36:05 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2011/06/17 15:35:32 | 002,333,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/06/17 15:35:16 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/06/17 15:35:16 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/06/17 15:34:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dtsh.dll
[2011/06/17 15:33:45 | 000,187,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2011/06/17 15:33:15 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2011/06/17 15:33:00 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2011/06/17 15:32:29 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
[2011/06/17 15:31:33 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAL.DLL
[2011/06/17 15:31:33 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINPUN.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINGUJ.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINEN.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINDEV.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBE2.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBE1.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINASA.DLL
[2011/06/17 15:30:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vwifimp.sys
[2011/06/17 15:30:29 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2011/06/17 15:29:56 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2011/06/17 15:29:42 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011/06/17 15:28:40 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2011/06/17 15:28:24 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2011/06/17 15:28:09 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2011/06/17 15:27:55 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clusapi.dll
[2011/06/17 15:27:40 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2011/06/17 15:27:11 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2011/06/17 15:26:56 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2011/06/17 15:25:47 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2011/06/17 15:23:47 | 000,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSXP32.dll
[2011/06/17 15:23:32 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2011/06/17 15:23:07 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2011/06/17 15:23:07 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2011/06/17 15:22:49 | 000,890,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2011/06/17 15:22:49 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2011/06/17 15:22:31 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2011/06/17 15:22:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\plasrv.exe
[2011/06/17 15:21:59 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpclnt.dll
[2011/06/17 15:21:28 | 003,405,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsrchvw.exe
[2011/06/17 15:20:28 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditcse.dll
[2011/06/17 15:20:13 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
[2011/06/17 15:19:58 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2011/06/17 15:19:36 | 000,657,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2011/06/17 15:19:36 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2011/06/17 15:19:36 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2011/06/17 15:19:36 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2011/06/17 15:19:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2011/06/17 15:19:36 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2011/06/17 15:19:36 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2011/06/17 15:19:36 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2011/06/17 15:19:35 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2011/06/17 15:19:35 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2011/06/17 15:18:51 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\glu32.dll
[2011/06/17 15:16:10 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/06/17 15:15:26 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2011/06/17 15:14:44 | 000,543,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fvewiz.dll
[2011/06/17 15:14:44 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2011/06/17 15:14:44 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapibase.dll
[2011/06/17 15:14:30 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2011/06/17 15:13:28 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2011/06/17 15:13:02 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2011/06/17 15:12:17 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsecedit.dll
[2011/06/17 15:12:17 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2011/06/17 15:11:47 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2011/06/17 15:10:01 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2011/06/17 15:08:30 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmonui.dll
[2011/06/17 15:08:30 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmib.dll
[2011/06/17 15:07:30 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2011/05/16 06:56:31 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/15 11:44:50 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/15 11:44:50 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/15 11:42:06 | 000,615,360 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/07/15 11:42:06 | 000,103,702 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/07/15 11:36:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/15 11:36:50 | 000,412,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/07/15 11:36:26 | 1954,959,360 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/15 02:34:00 | 000,116,385 | ---- | M] () -- C:\Windows\System32\license.rtf
[2011/07/15 02:32:39 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2011/07/15 02:32:34 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2011/07/15 02:31:33 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/07/15 02:17:28 | 000,306,320 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys
[2011/07/15 02:05:49 | 000,002,693 | ---- | M] () -- C:\Users\Ryan\Desktop\Microsoft Office Word 2007.lnk
[2011/07/15 02:05:49 | 000,002,655 | ---- | M] () -- C:\Users\Ryan\Documents\Microsoft Office Excel 2007.lnk
[2011/07/15 02:05:49 | 000,002,645 | ---- | M] () -- C:\Users\Ryan\Desktop\Microsoft Office PowerPoint 2007.lnk
[2011/07/15 01:54:09 | 000,106,422 | ---- | M] () -- C:\ProgramData\bdinstall.bin
[2011/07/15 01:47:12 | 000,000,746 | -H-- | M] () -- C:\IPH.PH
[2011/07/15 01:47:08 | 000,001,881 | ---- | M] () -- C:\Users\Ryan\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/07/15 01:47:08 | 000,001,857 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/07/15 01:43:32 | 000,000,415 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
[2011/07/15 01:41:57 | 000,002,102 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Total Security 2011.lnk
[2011/07/15 01:25:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2164686028-3464759792-211699639-1000UA.job
[2011/07/15 01:09:54 | 000,000,992 | ---- | M] () -- C:\Users\Ryan\Application Data\Microsoft\Internet Explorer\Quick Launch\Driver Checker.lnk
[2011/07/15 01:09:54 | 000,000,968 | ---- | M] () -- C:\Users\Ryan\Desktop\Driver Checker.lnk
[2011/07/15 00:29:00 | 000,002,155 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2011/07/15 00:29:00 | 000,002,137 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk
[2011/07/15 00:25:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2164686028-3464759792-211699639-1000Core.job
[2011/07/15 00:21:02 | 000,002,269 | ---- | M] () -- C:\Users\Ryan\Desktop\Google Chrome.lnk
[2011/07/15 00:12:34 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\Registry Mechanic.lnk
[2011/07/15 00:04:58 | 000,000,957 | ---- | M] () -- C:\Users\Ryan\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2011/07/15 00:04:58 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2011/07/15 00:00:50 | 000,001,407 | ---- | M] () -- C:\Users\Ryan\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/17 17:39:29 | 000,074,088 | ---- | M] (deepxw) -- C:\Windows\System32\UTH.exe
[2011/06/17 15:49:06 | 000,028,160 | ---- | M] () -- C:\Windows\System32\drivers\kbdhid.sys
[2011/06/17 15:48:51 | 000,826,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2011/06/17 15:48:51 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2011/06/17 15:48:51 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tspubwmi.dll
[2011/06/17 15:48:51 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rdpsign.exe
[2011/06/17 15:48:36 | 000,769,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2011/06/17 15:47:16 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys
[2011/06/17 15:46:45 | 000,164,864 | ---- | M] () -- C:\Windows\System32\drivers\1394ohci.sys
[2011/06/17 15:46:28 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/06/17 15:46:04 | 001,038,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2011/06/17 15:45:48 | 000,870,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/06/17 15:45:31 | 000,412,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2pcollab.dll
[2011/06/17 15:45:31 | 000,334,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2011/06/17 15:45:31 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\P2P.dll
[2011/06/17 15:45:31 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2pnetsh.dll
[2011/06/17 15:44:58 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/06/17 15:44:40 | 000,077,184 | ---- | M] () -- C:\Windows\System32\drivers\Synth3dVsc.sys
[2011/06/17 15:44:25 | 002,134,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2011/06/17 15:42:39 | 000,270,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2011/06/17 15:42:18 | 003,967,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/06/17 15:42:18 | 003,912,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/06/17 15:42:00 | 003,207,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/06/17 15:41:44 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/06/17 15:41:28 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpprefcl.dll
[2011/06/17 15:40:58 | 000,248,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/06/17 15:40:58 | 000,214,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/06/17 15:40:58 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/06/17 15:40:58 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/06/17 15:40:19 | 000,131,968 | ---- | M] () -- C:\Windows\System32\drivers\mpio.sys
[2011/06/17 15:40:05 | 000,149,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2011/06/17 15:39:19 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/06/17 15:38:31 | 000,091,136 | ---- | M] () -- C:\Windows\System32\drivers\hidbth.sys
[2011/06/17 15:36:50 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2011/06/17 15:36:35 | 000,294,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/06/17 15:36:35 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/06/17 15:36:05 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2011/06/17 15:35:32 | 002,333,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/06/17 15:35:16 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/06/17 15:35:16 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/06/17 15:34:01 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dtsh.dll
[2011/06/17 15:33:45 | 000,187,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2011/06/17 15:33:15 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2011/06/17 15:33:00 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2011/06/17 15:32:29 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
[2011/06/17 15:31:33 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAL.DLL
[2011/06/17 15:31:33 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KBDINPUN.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KBDINGUJ.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KBDINEN.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KBDINDEV.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KBDINBE2.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KBDINBE1.DLL
[2011/06/17 15:31:33 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KBDINASA.DLL
[2011/06/17 15:30:59 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vwifimp.sys
[2011/06/17 15:30:29 | 000,219,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2011/06/17 15:29:56 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2011/06/17 15:29:42 | 000,027,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011/06/17 15:28:55 | 000,066,048 | ---- | M] () -- C:\Windows\System32\drivers\IPMIDrv.sys
[2011/06/17 15:28:40 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2011/06/17 15:28:24 | 000,372,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2011/06/17 15:28:09 | 000,564,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2011/06/17 15:27:55 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clusapi.dll
[2011/06/17 15:27:40 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2011/06/17 15:27:11 | 000,386,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2011/06/17 15:26:56 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2011/06/17 15:25:47 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2011/06/17 15:23:47 | 000,458,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSXP32.dll
[2011/06/17 15:23:32 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2011/06/17 15:23:07 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2011/06/17 15:23:07 | 000,024,064 | ---- | M] () -- C:\Windows\System32\drivers\usbuhci.sys
[2011/06/17 15:23:07 | 000,020,480 | ---- | M] () -- C:\Windows\System32\drivers\usbohci.sys
[2011/06/17 15:23:07 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2011/06/17 15:22:49 | 000,890,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2011/06/17 15:22:49 | 000,342,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2011/06/17 15:22:31 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2011/06/17 15:22:31 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\plasrv.exe
[2011/06/17 15:21:59 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dot3gpclnt.dll
[2011/06/17 15:21:28 | 003,405,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xpsrchvw.exe
[2011/06/17 15:20:28 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\auditcse.dll
[2011/06/17 15:20:13 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
[2011/06/17 15:19:58 | 000,782,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2011/06/17 15:19:36 | 000,657,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2011/06/17 15:19:36 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2011/06/17 15:19:36 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2011/06/17 15:19:36 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2011/06/17 15:19:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\bfe.dll.mui
[2011/06/17 15:19:36 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2011/06/17 15:19:36 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2011/06/17 15:19:36 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2011/06/17 15:19:36 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2011/06/17 15:19:36 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2011/06/17 15:19:35 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2011/06/17 15:18:51 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\glu32.dll
[2011/06/17 15:16:45 | 000,116,096 | ---- | M] () -- C:\Windows\System32\drivers\msdsm.sys
[2011/06/17 15:16:10 | 000,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/06/17 15:15:26 | 000,762,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2011/06/17 15:14:44 | 000,543,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fvewiz.dll
[2011/06/17 15:14:44 | 000,271,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2011/06/17 15:14:44 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fveapibase.dll
[2011/06/17 15:14:30 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2011/06/17 15:13:28 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2011/06/17 15:13:02 | 000,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2011/06/17 15:12:17 | 001,294,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsecedit.dll
[2011/06/17 15:12:17 | 000,307,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2011/06/17 15:11:47 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2011/06/17 15:10:01 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2011/06/17 15:08:30 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tcpmonui.dll
[2011/06/17 15:08:30 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tcpmib.dll
[2011/06/17 15:07:30 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/15 02:33:35 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011/07/15 02:33:29 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/07/15 02:32:39 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2011/07/15 02:32:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/07/15 02:31:33 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/07/15 02:29:18 | 1954,959,360 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/15 02:12:12 | 000,002,655 | ---- | C] () -- C:\Users\Ryan\Documents\Microsoft Office Excel 2007.lnk
[2011/07/15 02:05:49 | 000,002,693 | ---- | C] () -- C:\Users\Ryan\Desktop\Microsoft Office Word 2007.lnk
[2011/07/15 02:05:49 | 000,002,645 | ---- | C] () -- C:\Users\Ryan\Desktop\Microsoft Office PowerPoint 2007.lnk
[2011/07/15 01:47:08 | 000,001,881 | ---- | C] () -- C:\Users\Ryan\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/07/15 01:47:08 | 000,001,857 | ---- | C] () -- C:\Users\Public\Desktop\AIM.lnk
[2011/07/15 01:43:32 | 000,000,415 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
[2011/07/15 01:41:57 | 000,002,102 | ---- | C] () -- C:\Users\Public\Desktop\BitDefender Total Security 2011.lnk
[2011/07/15 01:36:23 | 000,106,422 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2011/07/15 01:09:54 | 000,000,992 | ---- | C] () -- C:\Users\Ryan\Application Data\Microsoft\Internet Explorer\Quick Launch\Driver Checker.lnk
[2011/07/15 01:09:54 | 000,000,968 | ---- | C] () -- C:\Users\Ryan\Desktop\Driver Checker.lnk
[2011/07/15 00:29:00 | 000,002,155 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2011/07/15 00:29:00 | 000,002,137 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk
[2011/07/15 00:28:59 | 000,002,149 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk
[2011/07/15 00:21:02 | 000,002,269 | ---- | C] () -- C:\Users\Ryan\Desktop\Google Chrome.lnk
[2011/07/15 00:20:25 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2164686028-3464759792-211699639-1000UA.job
[2011/07/15 00:20:24 | 000,000,852 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2164686028-3464759792-211699639-1000Core.job
[2011/07/15 00:12:34 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2011/07/15 00:12:34 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\Registry Mechanic.lnk
[2011/07/15 00:04:58 | 000,000,957 | ---- | C] () -- C:\Users\Ryan\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2011/07/15 00:04:58 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2011/07/15 00:00:50 | 000,001,407 | ---- | C] () -- C:\Users\Ryan\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/07/14 23:53:45 | 000,001,413 | ---- | C] () -- C:\Users\Ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/07/14 23:53:05 | 000,000,290 | ---- | C] () -- C:\Users\Ryan\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/07/14 23:53:05 | 000,000,272 | ---- | C] () -- C:\Users\Ryan\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/07/07 13:25:44 | 000,000,746 | -H-- | C] () -- C:\IPH.PH
[2011/06/17 15:49:06 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\kbdhid.sys
[2011/06/17 15:46:45 | 000,164,864 | ---- | C] () -- C:\Windows\System32\drivers\1394ohci.sys
[2011/06/17 15:44:40 | 000,077,184 | ---- | C] () -- C:\Windows\System32\drivers\Synth3dVsc.sys
[2011/06/17 15:40:19 | 000,131,968 | ---- | C] () -- C:\Windows\System32\drivers\mpio.sys
[2011/06/17 15:38:31 | 000,091,136 | ---- | C] () -- C:\Windows\System32\drivers\hidbth.sys
[2011/06/17 15:28:55 | 000,066,048 | ---- | C] () -- C:\Windows\System32\drivers\IPMIDrv.sys
[2011/06/17 15:23:07 | 000,024,064 | ---- | C] () -- C:\Windows\System32\drivers\usbuhci.sys
[2011/06/17 15:23:07 | 000,020,480 | ---- | C] () -- C:\Windows\System32\drivers\usbohci.sys
[2011/06/17 15:16:45 | 000,116,096 | ---- | C] () -- C:\Windows\System32\drivers\msdsm.sys
[2011/05/18 16:56:37 | 000,116,736 | ---- | C] () -- C:\Windows\System32\drivers\mcdbus.sys
[2011/05/18 16:56:35 | 000,011,596 | ---- | C] () -- C:\Windows\System32\drivers\copperhd.sys
[2011/05/18 16:56:35 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2011/05/16 07:16:00 | 000,012,928 | ---- | C] () -- C:\Windows\System32\drivers\ttp7up.sys
[2011/05/16 06:56:35 | 000,058,400 | ---- | C] () -- C:\Windows\System32\drivers\SISAGPX.SYS
[2011/05/16 06:56:30 | 013,356,032 | ---- | C] () -- C:\Windows\System32\ig4icd32.dll
[2011/05/16 06:56:30 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2011/05/16 06:56:12 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2011/05/16 06:56:11 | 000,867,020 | ---- | C] () -- C:\Windows\System32\igkrng575.bin
[2011/05/16 06:56:11 | 000,128,204 | ---- | C] () -- C:\Windows\System32\igcompkrng575.bin
[2011/05/16 06:56:11 | 000,105,608 | ---- | C] () -- C:\Windows\System32\igfcg575m.bin
[2011/05/16 06:48:53 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2011/05/16 06:48:52 | 000,233,012 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/05/16 06:48:52 | 000,003,949 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011/05/16 06:48:26 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2011/05/16 06:48:26 | 000,109,448 | ---- | C] () -- C:\Windows\System32\drivers\ETD.sys
[2011/05/16 06:48:04 | 000,269,584 | ---- | C] () -- C:\Windows\System32\drivers\ifM60x32.sys
[2011/05/16 06:48:04 | 000,129,640 | ---- | C] () -- C:\Windows\System32\drivers\XenoVx86.sys
[2011/05/16 06:48:04 | 000,129,640 | ---- | C] () -- C:\Windows\System32\drivers\Xeno7x86.sys
[2011/05/16 06:48:04 | 000,061,712 | ---- | C] () -- C:\Windows\System32\drivers\ifP60x32.sys
[2011/05/16 06:48:04 | 000,037,576 | ---- | C] () -- C:\Windows\System32\drivers\qd26032.sys
[2011/05/16 06:48:04 | 000,036,552 | ---- | C] () -- C:\Windows\System32\drivers\qd16032.sys
[2011/05/16 06:48:03 | 002,293,640 | ---- | C] () -- C:\Windows\System32\drivers\evbdx.sys
[2011/05/16 06:48:02 | 000,481,320 | ---- | C] () -- C:\Windows\System32\drivers\bxvbdx.sys
[2011/05/16 06:48:02 | 000,431,144 | ---- | C] () -- C:\Windows\System32\drivers\bxois.sys
[2011/05/16 06:48:02 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/05/16 06:48:02 | 000,076,840 | ---- | C] () -- C:\Windows\System32\drivers\bxdiagx.sys
[2011/05/16 06:47:55 | 000,037,504 | ---- | C] () -- C:\Windows\System32\drivers\usbfilter.sys
[2011/05/16 06:47:55 | 000,009,600 | ---- | C] () -- C:\Windows\System32\drivers\usbuwbmini.sys
[2011/05/16 06:47:54 | 000,500,736 | ---- | C] () -- C:\Windows\System32\drivers\DfuUWB.sys
[2011/05/16 06:47:54 | 000,309,224 | ---- | C] () -- C:\Windows\System32\drivers\asmtxhci.sys
[2011/05/16 06:47:54 | 000,141,952 | ---- | C] () -- C:\Windows\System32\drivers\nusb3xhc.sys
[2011/05/16 06:47:54 | 000,100,328 | ---- | C] () -- C:\Windows\System32\drivers\asmthub3.sys
[2011/05/16 06:47:54 | 000,073,096 | ---- | C] () -- C:\Windows\System32\drivers\ftser2k.sys
[2011/05/16 06:47:54 | 000,063,872 | ---- | C] () -- C:\Windows\System32\drivers\nusb3hub.sys
[2011/05/16 06:47:54 | 000,061,704 | ---- | C] () -- C:\Windows\System32\drivers\ftdibus.sys
[2011/05/16 06:47:54 | 000,053,376 | ---- | C] () -- C:\Windows\System32\drivers\HWA.sys
[2011/05/16 06:47:54 | 000,052,992 | ---- | C] () -- C:\Windows\System32\drivers\EtronXHCI.sys
[2011/05/16 06:47:54 | 000,041,088 | ---- | C] () -- C:\Windows\System32\drivers\HECI.sys
[2011/05/16 06:47:54 | 000,033,152 | ---- | C] () -- C:\Windows\System32\drivers\EtronHub3.sys
[2011/05/16 06:47:54 | 000,024,608 | ---- | C] () -- C:\Windows\System32\drivers\nvamacpi.sys
[2011/05/16 06:47:54 | 000,017,920 | ---- | C] () -- C:\Windows\System32\drivers\nvsmu.sys
[2011/05/16 06:47:54 | 000,011,008 | ---- | C] () -- C:\Windows\System32\drivers\cbaf.sys
[2010/11/20 20:46:37 | 000,175,360 | ---- | C] () -- C:\Windows\System32\drivers\vmbus.sys
[2010/11/20 20:46:37 | 000,062,464 | ---- | C] () -- C:\Windows\System32\drivers\dmvsc.sys
[2010/11/20 20:46:37 | 000,028,032 | ---- | C] () -- C:\Windows\System32\drivers\storvsc.sys
[2010/11/20 20:46:37 | 000,025,600 | ---- | C] () -- C:\Windows\System32\drivers\terminpt.sys
[2010/11/20 20:46:37 | 000,017,920 | ---- | C] () -- C:\Windows\System32\drivers\VMBusHID.sys
[2010/11/20 20:46:36 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\vms3cap.sys
[2010/11/20 17:29:34 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2010/11/20 17:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2010/11/20 17:29:03 | 000,332,160 | ---- | C] () -- C:\Windows\System32\drivers\iaStorV.sys
[2010/11/20 17:29:03 | 000,233,344 | ---- | C] () -- C:\Windows\System32\drivers\msiscsi.sys
[2010/11/20 17:29:03 | 000,160,128 | ---- | C] () -- C:\Windows\System32\drivers\vhdmp.sys
[2010/11/20 17:29:03 | 000,143,744 | ---- | C] () -- C:\Windows\System32\drivers\nvstor.sys
[2010/11/20 17:29:03 | 000,117,120 | ---- | C] () -- C:\Windows\System32\drivers\nvraid.sys
[2010/11/20 17:29:03 | 000,085,376 | ---- | C] () -- C:\Windows\System32\drivers\sbp2port.sys
[2010/11/20 17:29:03 | 000,080,256 | ---- | C] () -- C:\Windows\System32\drivers\amdsata.sys
[2010/11/20 17:29:03 | 000,027,264 | ---- | C] () -- C:\Windows\System32\drivers\TsUsbGD.sys
[2010/11/20 17:29:03 | 000,012,800 | ---- | C] () -- C:\Windows\System32\drivers\sffp_sd.sys
[2010/11/20 17:29:03 | 000,010,240 | ---- | C] () -- C:\Windows\System32\drivers\acpipmi.sys
[2010/07/08 10:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,412,432 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,615,360 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,103,702 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 20:59:16 | 000,013,568 | ---- | C] () -- C:\Windows\System32\drivers\BrFiltLo.sys
[2009/07/13 20:59:02 | 000,062,336 | ---- | C] () -- C:\Windows\System32\drivers\BrSerWdm.sys
[2009/07/13 20:58:59 | 000,005,248 | ---- | C] () -- C:\Windows\System32\drivers\BrFiltUp.sys
[2009/07/13 20:58:35 | 000,011,904 | ---- | C] () -- C:\Windows\System32\drivers\BrUsbSer.sys
[2009/07/13 20:58:27 | 000,012,160 | ---- | C] () -- C:\Windows\System32\drivers\BrUsbMdm.sys
[2009/07/13 20:57:25 | 000,272,128 | ---- | C] () -- C:\Windows\System32\drivers\BrSerId.sys
[2009/07/13 20:17:06 | 000,019,968 | ---- | C] () -- C:\Windows\System32\drivers\usbprint.sys
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:51:35 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\umpass.sys
[2009/07/13 19:51:34 | 000,056,320 | ---- | C] () -- C:\Windows\System32\drivers\bthmodem.sys
[2009/07/13 19:51:29 | 000,062,464 | ---- | C] () -- C:\Windows\System32\drivers\ohci1394.sys
[2009/07/13 19:51:18 | 000,086,016 | ---- | C] () -- C:\Windows\System32\drivers\usbcir.sys
[2009/07/13 19:51:17 | 000,037,888 | ---- | C] () -- C:\Windows\System32\drivers\circlass.sys
[2009/07/13 19:51:05 | 000,037,888 | ---- | C] () -- C:\Windows\System32\drivers\hidir.sys
[2009/07/13 19:46:55 | 000,012,288 | ---- | C] () -- C:\Windows\System32\drivers\MTConfig.sys
[2009/07/13 19:46:53 | 000,021,632 | ---- | C] () -- C:\Windows\System32\drivers\wacompen.sys
[2009/07/13 19:46:05 | 000,022,096 | ---- | C] () -- C:\Windows\System32\drivers\crcdisk.sys
[2009/07/13 19:45:52 | 000,013,824 | ---- | C] () -- C:\Windows\System32\drivers\sfloppy.sys
[2009/07/13 19:45:52 | 000,012,288 | ---- | C] () -- C:\Windows\System32\drivers\sffp_mmc.sys
[2009/07/13 19:45:52 | 000,011,264 | ---- | C] () -- C:\Windows\System32\drivers\sffdisk.sys
[2009/07/13 19:45:45 | 000,025,088 | ---- | C] () -- C:\Windows\System32\drivers\fdc.sys
[2009/07/13 19:45:45 | 000,019,968 | ---- | C] () -- C:\Windows\System32\drivers\flpydisk.sys
[2009/07/13 19:45:35 | 000,079,360 | ---- | C] () -- C:\Windows\System32\drivers\parport.sys
[2009/07/13 19:45:33 | 000,083,456 | ---- | C] () -- C:\Windows\System32\drivers\serial.sys
[2009/07/13 19:45:29 | 000,008,704 | ---- | C] () -- C:\Windows\System32\drivers\parvdm.sys
[2009/07/13 19:45:28 | 000,017,920 | ---- | C] () -- C:\Windows\System32\drivers\serenum.sys
[2009/07/13 19:45:08 | 000,019,968 | ---- | C] () -- C:\Windows\System32\drivers\sermouse.sys
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/13 19:25:51 | 000,105,024 | ---- | C] () -- C:\Windows\System32\drivers\NV_AGP.SYS
[2009/07/13 19:25:48 | 000,057,424 | ---- | C] () -- C:\Windows\System32\drivers\ULIAGPKX.SYS
[2009/07/13 19:25:42 | 000,057,936 | ---- | C] () -- C:\Windows\System32\drivers\GAGP30KX.SYS
[2009/07/13 19:25:40 | 000,053,328 | ---- | C] () -- C:\Windows\System32\drivers\VIAAGP.SYS
[2009/07/13 19:25:37 | 000,053,312 | ---- | C] () -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/13 19:25:36 | 000,053,312 | ---- | C] () -- C:\Windows\System32\drivers\AMDAGP.SYS
[2009/07/13 19:19:30 | 000,180,288 | ---- | C] () -- C:\Windows\System32\drivers\pcmcia.sys
[2009/07/13 19:19:29 | 000,046,656 | ---- | C] () -- C:\Windows\System32\drivers\isapnp.sys
[2009/07/13 19:19:21 | 000,021,504 | ---- | C] () -- C:\Windows\System32\drivers\hidbatt.sys
[2009/07/13 19:19:19 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\errdev.sys
[2009/07/13 19:11:20 | 000,016,976 | ---- | C] () -- C:\Windows\System32\drivers\viaide.sys
[2009/07/13 19:11:20 | 000,012,368 | ---- | C] () -- C:\Windows\System32\drivers\pciide.sys
[2009/07/13 19:11:19 | 000,015,424 | ---- | C] () -- C:\Windows\System32\drivers\intelide.sys
[2009/07/13 19:11:19 | 000,014,912 | ---- | C] () -- C:\Windows\System32\drivers\amdide.sys
[2009/07/13 19:11:18 | 000,015,952 | ---- | C] () -- C:\Windows\System32\drivers\cmdide.sys
[2009/07/13 19:11:17 | 000,014,400 | ---- | C] () -- C:\Windows\System32\drivers\aliide.sys
[2009/07/13 19:11:04 | 000,055,296 | ---- | C] () -- C:\Windows\System32\drivers\amdk8.sys
[2009/07/13 19:11:04 | 000,052,736 | ---- | C] () -- C:\Windows\System32\drivers\viac7.sys
[2009/07/13 19:11:04 | 000,052,736 | ---- | C] () -- C:\Windows\System32\drivers\amdppm.sys
[2009/07/13 19:11:04 | 000,052,224 | ---- | C] () -- C:\Windows\System32\drivers\processr.sys
[2009/07/13 18:54:14 | 000,026,624 | ---- | C] () -- C:\Windows\System32\drivers\hcw85cir.sys
[2009/07/13 18:09:19 | 000,095,824 | ---- | C] () -- C:\Windows\System32\drivers\lsi_fc.sys
[2009/07/13 18:09:18 | 000,106,064 | ---- | C] () -- C:\Windows\System32\drivers\ql40xx.sys
[2009/07/13 18:09:18 | 000,096,848 | ---- | C] () -- C:\Windows\System32\drivers\lsi_scsi.sys
[2009/07/13 18:09:18 | 000,089,168 | ---- | C] () -- C:\Windows\System32\drivers\lsi_sas.sys
[2009/07/13 18:09:18 | 000,077,888 | ---- | C] () -- C:\Windows\System32\drivers\sisraid4.sys
[2009/07/13 18:09:18 | 000,054,864 | ---- | C] () -- C:\Windows\System32\drivers\lsi_sas2.sys
[2009/07/13 18:09:18 | 000,021,072 | ---- | C] () -- C:\Windows\System32\drivers\stexstor.sys
[2009/07/13 18:09:17 | 000,235,584 | ---- | C] () -- C:\Windows\System32\drivers\MegaSR.sys
[2009/07/13 18:09:17 | 000,086,608 | ---- | C] () -- C:\Windows\System32\drivers\arcsas.sys
[2009/07/13 18:09:17 | 000,076,368 | ---- | C] () -- C:\Windows\System32\drivers\arc.sys
[2009/07/13 18:09:17 | 000,067,152 | ---- | C] () -- C:\Windows\System32\drivers\HpSAMD.sys
[2009/07/13 18:09:17 | 000,044,624 | ---- | C] () -- C:\Windows\System32\drivers\nfrd960.sys
[2009/07/13 18:09:17 | 000,041,040 | ---- | C] () -- C:\Windows\System32\drivers\iirsp.sys
[2009/07/13 18:09:16 | 000,297,552 | ---- | C] () -- C:\Windows\System32\drivers\adpahci.sys
[2009/07/13 18:09:16 | 000,146,512 | ---- | C] () -- C:\Windows\System32\drivers\adpu320.sys
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/06/10 17:20:26 | 000,070,720 | ---- | C] () -- C:\Windows\System32\drivers\djsvs.sys
[2009/06/10 17:20:24 | 000,141,904 | ---- | C] () -- C:\Windows\System32\drivers\vsmraid.sys
[2009/06/10 17:20:08 | 000,040,016 | ---- | C] () -- C:\Windows\System32\drivers\sisraid2.sys
[2009/06/10 17:20:06 | 001,383,488 | ---- | C] () -- C:\Windows\System32\drivers\ql2300.sys
[2009/06/10 17:20:03 | 000,159,312 | ---- | C] () -- C:\Windows\System32\drivers\amdsbs.sys
[2009/06/10 17:19:35 | 000,030,800 | ---- | C] () -- C:\Windows\System32\drivers\megasas.sys
[2009/06/10 17:19:19 | 000,453,712 | ---- | C] () -- C:\Windows\System32\drivers\elxstor.sys
[2009/06/10 17:19:05 | 000,422,976 | ---- | C] () -- C:\Windows\System32\drivers\adp94xx.sys
[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll

========== Custom Scans ==========


< set /c >
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Ryan\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=RYAN-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Ryan
LOCALAPPDATA=C:\Users\Ryan\AppData\Local
LOGONSERVER=\\RYAN-PC
NUMBER_OF_PROCESSORS=4
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 37 Stepping 2, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=2502
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PSModulePath=C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
PUBLIC=C:\Users\Public
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\Ryan\AppData\Local\Temp
TMP=C:\Users\Ryan\AppData\Local\Temp
USERDOMAIN=Ryan-PC
USERNAME=Ryan
USERPROFILE=C:\Users\Ryan
windir=C:\Windows
windows_tracing_flags=3
windows_tracing_logfile=C:\BVTBin\Tests\installpackage\csilogfile.log

< %SYSTEMDRIVE%\*.* >
[2009/06/10 17:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2011/07/15 02:23:31 | 000,000,825 | ---- | M] () -- C:\bdlog.txt
[2009/07/13 21:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2009/06/10 17:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2011/07/15 11:36:26 | 1954,959,360 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/15 01:47:12 | 000,000,746 | -H-- | M] () -- C:\IPH.PH
[2011/07/15 11:36:35 | 2606,612,480 | -HS- | M] () -- C:\pagefile.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 167 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

#12 RyanDoherty18

RyanDoherty18
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:34 AM

Posted 15 July 2011 - 11:03 AM

Here is the contents of the Extras.txt:

OTL Extras logfile created on: 7/15/2011 11:53:32 AM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Ryan\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.43 Gb Total Physical Memory | 1.41 Gb Available Physical Memory | 58.02% Memory free
4.86 Gb Paging File | 3.47 Gb Available in Paging File | 71.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 275.04 Gb Total Space | 189.28 Gb Free Space | 68.82% Space Free | Partition Type: NTFS
Drive D: | 22.75 Gb Total Space | 3.29 Gb Free Space | 14.45% Space Free | Partition Type: NTFS
Drive E: | 99.34 Mb Total Space | 84.25 Mb Free Space | 84.82% Space Free | Partition Type: FAT32
Drive F: | 3.29 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 1.89 Gb Total Space | 1.83 Gb Free Space | 96.61% Space Free | Partition Type: FAT32

Computer Name: RYAN-PC | User Name: Ryan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd \"%V\" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [TakeOwn] -- cmd.exe /c takeown /f \"%1\" /r /d y && icacls \"%1\" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{B6CA7A3C-35FD-401F-9335-FFFD2BCD5FF3}" = BitDefender Total Security 2011
"{BCB4C18A-ACA6-4383-8688-E19933A705DD}" = Microsoft SOAP Toolkit 3.0
"AIM_7" = AIM 7
"BitDefender" = BitDefender Total Security 2011
"BitTorrent" = BitTorrent
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"conduitEngine" = Conduit Engine
"Driver Checker_is1" = Driver Checker v2.7.5
"Elantech" = ETDWare PS/2-x86 7.0.6.4_WHQL
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Registry Mechanic_is1" = Registry Mechanic 10.0
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"WinRAR archiver" = WinRAR 4.00 (32-bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/14/2011 11:56:03 PM | Computer Name = Ryan-PC | Source = ATIeRecord | ID = 16397
Description = ATI EEU initialization of PX failed

Error - 7/14/2011 11:57:18 PM | Computer Name = Ryan-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/15/2011 1:05:26 AM | Computer Name = Ryan-PC | Source = Application Error | ID = 1000
Description = Faulting application name: setupdownloader.exe, version: 1.0.5.7,
time stamp: 0x4cc7e8d3 Faulting module name: setupdownloader.exe, version: 1.0.5.7,
time stamp: 0x4cc7e8d3 Exception code: 0xc0000417 Fault offset: 0x0000cf79 Faulting
process id: 0x8b4 Faulting application start time: 0x01cc42a92a4443d3 Faulting application
path: C:\Users\Ryan\AppData\Local\Temp\RarSFX0\setupdownloader.exe Faulting module
path: C:\Users\Ryan\AppData\Local\Temp\RarSFX0\setupdownloader.exe Report Id: 0cd7da86-aea0-11e0-855d-c80aa99a8581

Error - 7/15/2011 1:09:14 AM | Computer Name = Ryan-PC | Source = Application Error | ID = 1000
Description = Faulting application name: setupdownloader.exe, version: 1.0.5.7,
time stamp: 0x4cc7e8d3 Faulting module name: setupdownloader.exe, version: 1.0.5.7,
time stamp: 0x4cc7e8d3 Exception code: 0xc0000417 Fault offset: 0x0000cf79 Faulting
process id: 0xaa0 Faulting application start time: 0x01cc42ad4a0e6a90 Faulting application
path: C:\Users\Ryan\AppData\Local\Temp\RarSFX0\setupdownloader.exe Faulting module
path: C:\Users\Ryan\AppData\Local\Temp\RarSFX0\setupdownloader.exe Report Id: 94af66f8-aea0-11e0-855d-c80aa99a8581

Error - 7/15/2011 1:16:37 AM | Computer Name = Ryan-PC | Source = ATIeRecord | ID = 16397
Description = ATI EEU initialization of PX failed

Error - 7/15/2011 1:17:57 AM | Computer Name = Ryan-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/15/2011 1:21:47 AM | Computer Name = Ryan-PC | Source = Application Error | ID = 1000
Description = Faulting application name: setupdownloader.exe, version: 1.0.5.7,
time stamp: 0x4cc7e8d3 Faulting module name: setupdownloader.exe, version: 1.0.5.7,
time stamp: 0x4cc7e8d3 Exception code: 0xc0000417 Fault offset: 0x0000cf79 Faulting
process id: 0xaf8 Faulting application start time: 0x01cc42ae7707b1a0 Faulting application
path: C:\Users\Ryan\AppData\Local\Temp\RarSFX0\setupdownloader.exe Faulting module
path: C:\Users\Ryan\AppData\Local\Temp\RarSFX0\setupdownloader.exe Report Id: 555c3cd8-aea2-11e0-b059-c80aa99a8581

Error - 7/15/2011 1:59:17 AM | Computer Name = Ryan-PC | Source = VSS | ID = 8194
Description =

Error - 7/15/2011 11:37:13 AM | Computer Name = Ryan-PC | Source = ATIeRecord | ID = 16397
Description = ATI EEU initialization of PX failed

Error - 7/15/2011 11:38:13 AM | Computer Name = Ryan-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 7/15/2011 1:14:37 AM | Computer Name = Ryan-PC | Source = DCOM | ID = 10005
Description =

Error - 7/15/2011 1:14:36 AM | Computer Name = Ryan-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 7/15/2011 1:14:37 AM | Computer Name = Ryan-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 7/15/2011 1:14:38 AM | Computer Name = Ryan-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 7/15/2011 1:14:38 AM | Computer Name = Ryan-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 7/15/2011 1:14:38 AM | Computer Name = Ryan-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 7/15/2011 1:14:38 AM | Computer Name = Ryan-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 7/15/2011 1:14:38 AM | Computer Name = Ryan-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 7/15/2011 1:14:38 AM | Computer Name = Ryan-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 7/15/2011 2:23:24 AM | Computer Name = Ryan-PC | Source = DCOM | ID = 10010
Description =


< End of report >

#13 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:34 AM

Posted 15 July 2011 - 12:19 PM

I can only see the files that are consistent with an installation. Can you list those that you want to get rid of?

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#14 RyanDoherty18

RyanDoherty18
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:34 AM

Posted 15 July 2011 - 01:07 PM

Well maybe that is because i manually deleted a lot of program files from my c drive before running that. I think it'll be a lot easier to just do that for the rest of the files and folders i want gone. Thank you again for all your help sir.

#15 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:34 AM

Posted 15 July 2011 - 06:49 PM

You are welcome. Be safe.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users