Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Uh-oh, I tried Combofix unsupervised


  • This topic is locked This topic is locked
45 replies to this topic

#1 CaptainW

CaptainW

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 17 October 2012 - 02:56 PM

Well, I thought I was doing the right thing to stop google search result hyperlinks from taking me to all types of sites, but my computer is now frozen at the part that says it should take ten minutes, maybe double if I'm really infected. My mouse doesn't work, and I don't want to turn it off manually w/o help. I printed out the instructions, and only now understand I shouldn't have run w/o help from someone. Can someone help? Dan

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:43 AM

Posted 17 October 2012 - 03:24 PM

Welcome Dan, I have asked someone that handles this situation to look here.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 CaptainW

CaptainW
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 17 October 2012 - 03:54 PM

Thank you. I need it for my work, too.

#4 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:43 AM

Posted 17 October 2012 - 05:48 PM

Hello CaptainW :)

  • I will be helping with your computer problems.
  • From this point on, it is very important that you refrain from doing anything else to your computer other than what I have requested of you.
  • I do not mind if you browse the web, do basic tasks, or even test to see if the problem(s) you are experiencing are still occurring with the computer while we are working together, but do not run any tools/fixes unless I or another helper from this thread has asked you to do so.
  • Remember that you came here for help, so allow us to help you :)
  • If something does not run, make a detailed note of what problems you encountered along the way (exact error messages are preferred), but continue onto the next steps until you reach the end of my post.
  • Always do the steps in the order they are listed in (left to right, top to bottom).
  • I prefer that you complete all the steps while you are in Normal Mode. However, I understand that sometimes this is not possible. If you are unsuccessful in getting a tool/fix to run from Normal Mode, but Safe Mode works, then use Safe Mode.
  • If you have a question about something, do not hesitate to ask.

Let's begin:

First, close ComboFix's window by clicking the X in the top right corner of the program.
If that didn't close ComboFix, let me know and I will post further instructions.

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:43 AM

Posted 17 October 2012 - 06:11 PM

Hello: Just letting you know I moved this to the Virus, Trojan, Spyware, and Malware Removal Logs forum,where it will stay.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 CaptainW

CaptainW
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 17 October 2012 - 08:30 PM

Thank you very much. My number is xxxxxxxx if that would help.

Edited by thisisu, 17 October 2012 - 08:41 PM.


#7 CaptainW

CaptainW
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 17 October 2012 - 08:33 PM

my mouse doesn't work, neither the mouse nor the pad mouse on the lap top

#8 CaptainW

CaptainW
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 17 October 2012 - 08:36 PM

so basically my computer is frozen at the spot I mentioned above and there's no indication the CPU is trying as that light is not blinking.

#9 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:43 AM

Posted 17 October 2012 - 08:40 PM

Force restart the computer and then follow the steps here: http://www.bleepingcomputer.com/forums/topic34773.html

Your phone number was removed. I am not going to call you...

Edited by thisisu, 17 October 2012 - 08:42 PM.


#10 CaptainW

CaptainW
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 18 October 2012 - 12:22 PM

Okay, I pulled up and followed the guidance.

- When trying to turn off Windows firewall, the following mesage: "Due to an unidentified problem, Windows cannot display Windows firewall settings.

- DDS scan--the "#"s only made it about 3/4 of the way across the screen and the computer fropze up. did a hard reboot to send this update. Computer is a little slow as well.

Thank you.

#11 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:43 AM

Posted 18 October 2012 - 12:45 PM

Hello,

Have you tried DDS from Safe Mode yet? If not, please try that.

#12 CaptainW

CaptainW
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 18 October 2012 - 01:16 PM

I just did, and it froze up at the same place.

#13 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:43 AM

Posted 18 October 2012 - 01:20 PM

Try this scan:
Remember to try it in Safe Mode too if Normal Mode does not work.

Posted Image Please download OTL.

  • Save it to your desktop.
  • Right mouse click on the OTL icon on your desktop and select Run as Administrator
  • Check the "Scan All Users" checkbox.
  • Check the "Standard Output".
  • Change the setting of "Drivers" and "Services" to "All"
  • Copy the text in the code box below and paste it into the Posted Image text-field.
    activex
    netsvcs
    %windir%\system32\drivers\*.sys /lockedfiles
    
  • Now click the Posted Image button.
  • Two reports will be created:
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Paste the contents of OTL.txt here for me to review but attach Extras.txt


#14 CaptainW

CaptainW
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 18 October 2012 - 02:33 PM

OTL logfile created on: 10/18/2012 3:08:28 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\dan\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19298)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 78.52% Memory free
4.21 Gb Paging File | 3.94 Gb Available in Paging File | 93.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 73.06 Gb Total Space | 19.94 Gb Free Space | 27.29% Space Free | Partition Type: NTFS

Computer Name: DAN-PC | User Name: dan | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/18 14:41:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\dan\Desktop\OTL.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/05 04:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2011/06/22 11:46:12 | 000,434,016 | ---- | M] () -- C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
MOD - [2009/02/26 13:46:56 | 000,064,344 | ---- | M] () -- C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll


========== Services (All) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -- (RoxLiveShare9)
SRV - File not found [Auto | Stopped] -- C:\32788R22FWJFW\pev.3XE EXEC /i CSCRIPT.exe //NOLOGO //E:VBSCRIPT //B //T:15 C:\32788R22FWJFW\KNetSvcs.vbs -- (PEVSystemStart)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/06/02 18:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2012/04/23 12:00:53 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/01/16 18:22:02 | 000,821,608 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2011/11/16 12:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2011/11/16 10:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2011/11/16 10:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2011/11/16 10:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (Netlogon)
SRV - [2011/11/16 10:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2011/10/24 22:32:00 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/08/31 00:05:02 | 000,390,504 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/07/20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011/03/02 11:44:27 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2011/02/22 09:33:09 | 000,797,696 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2010/11/30 12:21:51 | 000,136,176 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdatem)
SRV - [2010/11/30 12:21:51 | 000,136,176 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate)
SRV - [2010/11/04 14:55:12 | 000,601,600 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010/09/21 15:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010/09/06 12:20:29 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/08/17 10:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2010/06/23 09:13:19 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/09 17:56:18 | 001,181,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WsmSvc.dll -- (WinRM)
SRV - [2009/10/09 17:55:52 | 000,146,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wecsvc.dll -- (Wecsvc)
SRV - [2009/09/30 21:01:54 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\wpdbusenum.dll -- (WPDBusEnum)
SRV - [2009/07/11 15:01:42 | 000,513,536 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/07/10 07:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\shsvcs.dll -- (Themes)
SRV - [2009/07/10 07:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/06/10 07:42:23 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
SRV - [2009/04/11 02:28:26 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2009/04/11 02:28:25 | 001,017,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (Eventlog)
SRV - [2009/04/11 02:28:25 | 000,453,120 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\wiaservc.dll -- (stisvc)
SRV - [2009/04/11 02:28:25 | 000,413,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wcncsvc.dll -- (wcncsvc)
SRV - [2009/04/11 02:28:25 | 000,282,624 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\w32time.dll -- (W32Time)
SRV - [2009/04/11 02:28:25 | 000,222,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2009/04/11 02:28:25 | 000,199,680 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\WebClnt.dll -- (WebClient)
SRV - [2009/04/11 02:28:25 | 000,162,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2009/04/11 02:28:25 | 000,140,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wpcsvc.dll -- (WPCSvc)
SRV - [2009/04/11 02:28:25 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\wersvc.dll -- (WerSvc)
SRV - [2009/04/11 02:28:25 | 000,029,184 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\uxsms.dll -- (UxSms)
SRV - [2009/04/11 02:28:24 | 000,558,080 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sysmain.dll -- (SysMain)
SRV - [2009/04/11 02:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2009/04/11 02:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2009/04/11 02:28:24 | 000,449,024 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\termsrv.dll -- (TermService)
SRV - [2009/04/11 02:28:24 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009/04/11 02:28:24 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009/04/11 02:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/04/11 02:28:24 | 000,107,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\regsvc.dll -- (RemoteRegistry)
SRV - [2009/04/11 02:28:24 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr)
SRV - [2009/04/11 02:28:24 | 000,060,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SLUINotify.dll -- (SLUINotify)
SRV - [2009/04/11 02:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2009/04/11 02:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\p2psvc.dll -- (PNRPsvc)
SRV - [2009/04/11 02:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\p2psvc.dll -- (PNRPAutoReg)
SRV - [2009/04/11 02:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\p2psvc.dll -- (p2psvc)
SRV - [2009/04/11 02:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\p2psvc.dll -- (p2pimsvc)
SRV - [2009/04/11 02:28:23 | 000,302,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\QAGENTRT.DLL -- (napagent)
SRV - [2009/04/11 02:28:23 | 000,153,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2009/04/11 02:28:20 | 000,438,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\IKEEXT.DLL -- (IKEEXT)
SRV - [2009/04/11 02:28:20 | 000,364,032 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
SRV - [2009/04/11 02:28:19 | 000,576,512 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\gpsvc.dll -- (gpsvc)
SRV - [2009/04/11 02:28:19 | 000,564,224 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2009/04/11 02:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2009/04/11 02:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009/04/11 02:28:18 | 000,334,848 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2009/04/11 02:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2009/04/11 02:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2009/04/11 02:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/11 02:28:18 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/04/11 02:28:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\certprop.dll -- (SCPolicySvc)
SRV - [2009/04/11 02:28:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\certprop.dll -- (CertPropSvc)
SRV - [2009/04/11 02:28:15 | 000,137,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV - [2009/04/11 02:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2009/04/11 02:28:09 | 000,385,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\vds.exe -- (vds)
SRV - [2009/04/11 02:28:07 | 000,039,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2009/04/11 02:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\SearchIndexer.exe -- (WSearch)
SRV - [2009/04/11 02:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\SLsvc.exe -- (slsvc)
SRV - [2009/04/11 02:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/04/11 02:27:31 | 002,092,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dfsr.exe -- (DFSR)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/26 18:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2009/02/18 14:39:20 | 000,043,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009/02/18 14:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009/02/18 14:38:42 | 000,879,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2009/02/11 11:06:36 | 000,210,216 | ---- | M] () [Auto | Stopped] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2008/07/18 13:13:20 | 000,053,760 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Windows\System32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2008/07/18 13:13:20 | 000,044,032 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Windows\System32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2008/03/25 21:27:36 | 000,135,168 | ---- | M] (Hewlett-Packard Co.) [Auto | Stopped] -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008/03/25 20:38:24 | 000,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Stopped] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 03:37:12 | 000,055,296 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\WUDFSvc.dll -- (wudfsvc)
SRV - [2008/01/19 03:36:52 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wercplsupport.dll -- (wercplsupport)
SRV - [2008/01/19 03:36:50 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wdi.dll -- (WdiSystemHost)
SRV - [2008/01/19 03:36:50 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wdi.dll -- (WdiServiceHost)
SRV - [2008/01/19 03:36:46 | 000,259,072 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\upnphost.dll -- (upnphost)
SRV - [2008/01/19 03:36:42 | 000,075,264 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\trkwks.dll -- (TrkWks)
SRV - [2008/01/19 03:36:39 | 000,056,320 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\tbssvc.dll -- (TBS)
SRV - [2008/01/19 03:36:36 | 000,155,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2008/01/19 03:36:36 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sstpsvc.dll -- (SstpSvc)
SRV - [2008/01/19 03:36:21 | 000,084,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SessEnv.dll -- (SessionEnv)
SRV - [2008/01/19 03:36:21 | 000,047,104 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\Sens.dll -- (SENS)
SRV - [2008/01/19 03:36:20 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2008/01/19 03:36:20 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2008/01/19 03:36:15 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2008/01/19 03:36:14 | 000,243,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\qwave.dll -- (QWAVE)
SRV - [2008/01/19 03:36:06 | 001,502,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pla.dll -- (pla)
SRV - [2008/01/19 03:36:03 | 000,037,888 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\pcasvc.dll -- (PcaSvc)
SRV - [2008/01/19 03:35:57 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2008/01/19 03:35:38 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2008/01/19 03:35:36 | 000,274,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2008/01/19 03:35:36 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2008/01/19 03:34:56 | 000,344,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\msdtckrm.dll -- (KtmRm)
SRV - [2008/01/19 03:34:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess)
SRV - [2008/01/19 03:34:49 | 000,045,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\mmcss.dll -- (THREADORDER)
SRV - [2008/01/19 03:34:49 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2008/01/19 03:34:42 | 000,188,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lltdsvc.dll -- (lltdsvc)
SRV - [2008/01/19 03:34:36 | 000,068,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\KMSVC.DLL -- (hkmsvc)
SRV - [2008/01/19 03:34:35 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\iscsiexe.dll -- (MSiSCSI)
SRV - [2008/01/19 03:34:34 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPBusEnum.dll -- (IPBusEnum)
SRV - [2008/01/19 03:34:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fdPHost.dll -- (fdPHost)
SRV - [2008/01/19 03:34:08 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2008/01/19 03:34:06 | 000,134,656 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\dps.dll -- (DPS)
SRV - [2008/01/19 03:33:49 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2008/01/19 03:33:43 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2008/01/19 03:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008/01/19 03:33:33 | 000,035,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect)
SRV - [2008/01/19 03:33:16 | 000,105,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msdtc.exe -- (MSDTC)
SRV - [2008/01/19 03:33:01 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2007/05/23 21:25:11 | 000,138,168 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2007/01/25 20:50:26 | 000,063,096 | ---- | M] () [Auto | Stopped] -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2007/01/25 20:47:50 | 000,136,816 | ---- | M] () [Auto | Stopped] -- C:\TOSHIBA\IVP\ISM\pinger.exe -- (pinger)
SRV - [2006/12/20 02:15:44 | 000,428,152 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2006/11/14 23:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006/11/02 08:34:40 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\TabSvc.dll -- (TabletInputService)
SRV - [2006/11/02 05:46:13 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2006/11/02 05:46:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\lmhsvc.dll -- (lmhosts)
SRV - [2006/11/02 05:46:04 | 000,027,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\FDResPub.dll -- (FDResPub)
SRV - [2006/11/02 05:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2006/11/02 05:45:46 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP)
SRV - [2006/11/02 05:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Locator.exe -- (RpcLocator)
SRV - [2006/11/02 05:45:02 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dllhost.exe -- (COMSysApp)
SRV - [2006/11/01 01:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/09/12 11:03:20 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/05/25 21:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/06/04 11:26:04 | 000,440,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2012/05/01 10:03:49 | 000,180,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2012/03/30 08:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip6)
DRV - [2012/03/30 08:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip)
DRV - [2012/03/29 09:39:19 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV - [2012/03/20 20:44:12 | 000,171,064 | ---- | M] (Microsoft Corporation) [File_System | Boot | Stopped] -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/03/20 19:28:50 | 000,053,120 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr)
DRV - [2012/02/29 09:32:37 | 000,012,800 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2011/07/06 11:31:47 | 000,214,016 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV - [2011/05/10 08:06:08 | 000,042,496 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2011/04/29 09:25:10 | 000,146,432 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\srv2.sys -- (srv2)
DRV - [2011/04/29 09:25:09 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet)
DRV - [2011/04/29 09:24:42 | 000,079,872 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV - [2011/04/29 09:24:40 | 000,106,496 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV - [2011/04/21 09:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\afd.sys -- (AFD)
DRV - [2011/04/14 10:59:03 | 000,075,264 | ---- | M] (Microsoft Corporation) [File_System | System | Stopped] -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2011/02/22 09:23:55 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\bowser.sys -- (bowser)
DRV - [2011/02/18 10:03:32 | 000,305,152 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\srv.sys -- (srv)
DRV - [2011/01/20 12:37:37 | 000,638,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV - [2010/02/18 07:28:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel)
DRV - [2009/11/03 15:41:44 | 000,411,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\http.sys -- (HTTP)
DRV - [2009/09/30 21:01:54 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV - [2009/06/19 21:44:14 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2009/05/18 13:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/05/09 01:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2009/04/11 02:33:03 | 000,292,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx)
DRV - [2009/04/11 02:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2009/04/11 02:32:55 | 000,177,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcmcia.sys -- (pcmcia)
DRV - [2009/04/11 02:32:55 | 000,149,480 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pci.sys -- (pci)
DRV - [2009/04/11 02:32:52 | 000,053,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\termdd.sys -- (TermDD)
DRV - [2009/04/11 02:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2009/04/11 02:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ndis.sys -- (NDIS)
DRV - [2009/04/11 02:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\acpi.sys -- (ACPI)
DRV - [2009/04/11 02:32:46 | 000,245,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\clfs.sys -- (CLFS)
DRV - [2009/04/11 02:32:46 | 000,190,424 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2009/04/11 02:32:46 | 000,180,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt)
DRV - [2009/04/11 02:32:46 | 000,161,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC)
DRV - [2009/04/11 02:32:43 | 000,141,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ecache.sys -- (Ecache)
DRV - [2009/04/11 02:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\disk.sys -- (disk)
DRV - [2009/04/11 02:32:31 | 000,048,104 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\mup.sys -- (Mup)
DRV - [2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\atapi.sys -- (atapi)
DRV - [2009/04/11 00:46:40 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp)
DRV - [2009/04/11 00:46:32 | 000,121,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2009/04/11 00:46:30 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2009/04/11 00:45:56 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tdx.sys -- (tdx)
DRV - [2009/04/11 00:45:51 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\pacer.sys -- (PSched)
DRV - [2009/04/11 00:45:37 | 000,185,856 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\netbt.sys -- (netbt)
DRV - [2009/04/11 00:45:22 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\smb.sys -- (Smb)
DRV - [2009/04/11 00:43:28 | 000,148,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP)
DRV - [2009/04/11 00:43:16 | 000,196,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbhub.sys -- (usbhub)
DRV - [2009/04/11 00:43:04 | 000,062,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2009/04/11 00:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2009/04/11 00:42:52 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbehci.sys -- (usbehci)
DRV - [2009/04/11 00:42:48 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidusb.sys -- (HidUsb)
DRV - [2009/04/11 00:42:42 | 000,561,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2009/04/11 00:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2009/04/11 00:38:40 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2009/04/11 00:19:14 | 000,089,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus)
DRV - [2009/04/11 00:14:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2009/04/11 00:14:29 | 000,225,280 | ---- | M] (Microsoft Corporation) [File_System | System | Stopped] -- C:\Windows\System32\drivers\rdbss.sys -- (rdbss)
DRV - [2009/04/11 00:14:01 | 000,035,328 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs)
DRV - [2009/04/11 00:13:59 | 000,226,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2009/04/11 00:13:53 | 000,136,704 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\exfat.sys -- (exfat)
DRV - [2009/04/11 00:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat)
DRV - [2009/04/02 08:39:10 | 000,054,784 | ---- | M] (ASIX Electronics Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ax88772.sys -- (AX88772)
DRV - [2009/03/20 07:37:42 | 000,208,688 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2009/01/09 18:18:02 | 000,027,136 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RimSerial.sys -- (RimVSerPort)
DRV - [2008/11/10 12:26:00 | 000,135,680 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/07/29 05:05:04 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/05/20 19:33:50 | 000,022,784 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RimUsb.sys -- (RimUsb)
DRV - [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2008/01/19 03:43:27 | 000,503,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2008/01/19 03:42:31 | 000,058,936 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo)
DRV - [2008/01/19 03:42:28 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/01/19 03:42:18 | 000,052,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr)
DRV - [2008/01/19 03:41:52 | 000,035,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2008/01/19 03:41:52 | 000,034,360 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\mouclass.sys -- (mouclass)
DRV - [2008/01/19 03:41:49 | 000,031,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/01/19 03:41:30 | 000,021,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\spldr.sys -- (spldr)
DRV - [2008/01/19 03:41:25 | 000,020,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\compbatt.sys -- (Compbatt)
DRV - [2008/01/19 03:41:20 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\intelide.sys -- (intelide)
DRV - [2008/01/19 03:41:14 | 000,016,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv)
DRV - [2008/01/19 03:41:14 | 000,015,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\swenum.sys -- (swenum)
DRV - [2008/01/19 02:14:40 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/01/19 02:01:15 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV - [2008/01/19 02:01:09 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV - [2008/01/19 02:01:08 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/01/19 02:01:08 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV - [2008/01/19 02:01:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/01/19 01:57:16 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\modem.sys -- (Modem)
DRV - [2008/01/19 01:57:15 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2008/01/19 01:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2008/01/19 01:56:34 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2008/01/19 01:56:34 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2008/01/19 01:56:31 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV - [2008/01/19 01:56:31 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/01/19 01:56:31 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\rasacd.sys -- (RasAcd)
DRV - [2008/01/19 01:56:29 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/01/19 01:56:28 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipnat.sys -- (IPNAT)
DRV - [2008/01/19 01:56:28 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2008/01/19 01:56:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008/01/19 01:56:23 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2008/01/19 01:56:07 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV - [2008/01/19 01:55:50 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy)
DRV - [2008/01/19 01:55:45 | 000,035,840 | ---- | M] (Microsoft Corporation) [File_System | System | Stopped] -- C:\Windows\System32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/01/19 01:55:41 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp)
DRV - [2008/01/19 01:55:40 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/01/19 01:55:19 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/01/19 01:55:03 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr)
DRV - [2008/01/19 01:55:03 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio)
DRV - [2008/01/19 01:54:46 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV - [2008/01/19 01:53:40 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\umbus.sys -- (umbus)
DRV - [2008/01/19 01:53:29 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/01/19 01:53:20 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008/01/19 01:53:16 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/01/19 01:53:04 | 000,083,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WUDFRd.sys -- (WUDFRd)
DRV - [2008/01/19 01:52:19 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\monitor.sys -- (monitor)
DRV - [2008/01/19 01:52:06 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/01/19 01:49:20 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/01/19 01:49:19 | 000,006,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mstee.sys -- (MSTEE)
DRV - [2008/01/19 01:49:18 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/01/19 01:49:18 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/01/19 01:49:18 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/01/19 01:49:16 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse)
DRV - [2008/01/19 01:49:16 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mouhid.sys -- (mouhid)
DRV - [2008/01/19 01:49:12 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Dot4.sys -- (Dot4)
DRV - [2008/01/19 01:49:12 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\null.sys -- (Null)
DRV - [2008/01/19 01:49:10 | 000,036,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Dot4usb.sys -- (dot4usb)
DRV - [2008/01/19 01:49:10 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\beep.sys -- (Beep)
DRV - [2008/01/19 01:49:09 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Dot4Prt.sys -- (Dot4Print)
DRV - [2008/01/19 01:32:47 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CmBatt.sys -- (CmBatt)
DRV - [2008/01/19 01:30:36 | 000,084,480 | ---- | M] (Microsoft Corporation) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\luafv.sys -- (luafv)
DRV - [2008/01/19 01:30:23 | 000,027,648 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace)
DRV - [2008/01/19 01:28:09 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/01/19 01:28:02 | 000,070,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs)
DRV - [2008/01/19 01:27:21 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/01/04 14:49:24 | 001,396,736 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cm108.sys -- (USBPNPA)
DRV - [2007/11/09 05:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/07/31 19:45:50 | 000,076,800 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2007/05/01 03:00:00 | 000,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pxhelp20.sys -- (PxHelp20)
DRV - [2006/11/09 17:32:28 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\KR10I.sys -- (KR10I)
DRV - [2006/11/09 17:31:46 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\KR10N.sys -- (KR10N)
DRV - [2006/11/08 22:09:24 | 001,647,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService)
DRV - [2006/11/02 05:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 05:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 05:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 05:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 05:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV)
DRV - [2006/11/02 05:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 05:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 05:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 05:50:40 | 000,106,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 05:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 05:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\isapnp.sys -- (isapnp)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,080,488 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:16 | 000,078,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\mpio.sys -- (mpio)
DRV - [2006/11/02 05:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2006/11/02 05:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 05:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 05:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 05:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs)
DRV - [2006/11/02 05:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 05:50:04 | 000,058,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx)
DRV - [2006/11/02 05:50:04 | 000,058,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,056,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35)
DRV - [2006/11/02 05:49:59 | 000,054,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 05:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 05:49:52 | 000,054,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VIAAGP.SYS -- (viaagp)
DRV - [2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGP440.sys -- (agp440)
DRV - [2006/11/02 05:49:51 | 000,053,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp)
DRV - [2006/11/02 05:49:49 | 000,027,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\i2omp.sys -- (i2omp)
DRV - [2006/11/02 05:49:44 | 000,023,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msahci.sys -- (msahci)
DRV - [2006/11/02 05:49:43 | 000,022,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk)
DRV - [2006/11/02 05:49:38 | 000,019,560 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wd.sys -- (Wd)
DRV - [2006/11/02 05:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 05:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 05:49:26 | 000,015,464 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2006/11/02 05:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 05:49:20 | 000,013,416 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\pciide.sys -- (pciide)
DRV - [2006/11/02 05:04:35 | 000,878,080 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH)
DRV - [2006/11/02 05:03:00 | 000,242,688 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2006/11/02 04:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2006/11/02 04:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth)
DRV - [2006/11/02 04:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir)
DRV - [2006/11/02 04:55:08 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\circlass.sys -- (circlass)
DRV - [2006/11/02 04:55:05 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbohci.sys -- (usbohci)
DRV - [2006/11/02 04:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidir.sys -- (HidIr)
DRV - [2006/11/02 04:53:56 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vgapnp.sys -- (vga)
DRV - [2006/11/02 04:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen)
DRV - [2006/11/02 04:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2006/11/02 04:51:40 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd)
DRV - [2006/11/02 04:51:40 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV - [2006/11/02 04:51:38 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2006/11/02 04:51:33 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\fdc.sys -- (fdc)
DRV - [2006/11/02 04:51:32 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\flpydisk.sys -- (flpydisk)
DRV - [2006/11/02 04:51:30 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2006/11/02 04:51:30 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\parport.sys -- (Parport)
DRV - [2006/11/02 04:51:25 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serenum.sys -- (Serenum)
DRV - [2006/11/02 04:51:23 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\parvdm.sys -- (Parvdm)
DRV - [2006/11/02 04:42:03 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV - [2006/11/02 04:35:03 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2006/11/02 04:30:19 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7)
DRV - [2006/11/02 04:30:18 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8)
DRV - [2006/11/02 04:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe)
DRV - [2006/11/02 04:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7)
DRV - [2006/11/02 04:30:18 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\processr.sys -- (Processor)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 03:36:49 | 000,235,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService)
DRV - [2006/11/02 03:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2006/11/02 03:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60)
DRV - [2006/11/02 03:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\Windows\System32\WINSOCK.DLL -- (Winsock)
DRV - [2006/11/02 02:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/10/18 14:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/09/27 23:06:56 | 000,479,488 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\kr3npxp.sys -- (KR3NPXP)
DRV - [2006/08/31 09:53:00 | 001,161,152 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/07/28 19:25:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)
DRV - [2005/08/01 19:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2004/04/27 00:31:04 | 000,474,304 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvcd.sys -- (QCDonner)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
IE - HKLM\..\SearchScopes,DefaultScope = {AB5CC990-9F39-46E0-B3E3-118C2E575289}
IE - HKLM\..\SearchScopes\{AB5CC990-9F39-46E0-B3E3-118C2E575289}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage};


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.drudgereport.com/
IE - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\..\SearchScopes,DefaultScope = {AB5CC990-9F39-46E0-B3E3-118C2E575289}
IE - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\..\SearchScopes\{5774D5C3-9164-44E1-8AC3-FD61A5B66963}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000031&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=TV&apn_dtid=OSJ000YYUS&apn_uid=CE80A390-6721-4C63-8073-3C80215AC907&apn_sauid=B23E1CBA-63B9-4C61-9E92-318887BA1352
IE - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\..\SearchScopes\{5A2CE7F1-7C82-4A68-9C0A-277F2B313413}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE8SRC&src=IE-SearchBox
IE - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=IQyVYSNBS_aY67f5a4YqmgHU1zE?q={searchTerms}
IE - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\..\SearchScopes\{9E39CFF0-29C9-4405-B713-DF23BBF2BF58}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\..\SearchScopes\{AB5CC990-9F39-46E0-B3E3-118C2E575289}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TSHB
IE - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={searchTerms}
IE - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.0.1:80


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/03/03 01:58:33 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Cm108Sound] RunDll32 CM108.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files\Toshiba\Utilities\KeNotify.exe ()
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab (PCPitstop Utility)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} http://www.facebook.com/controls/contactx.dll (ContactExtractor Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://webcams.mtu.edu/webcam7/AxisCamControl.ocx (CamImage Class)
O16 - DPF: {B80CD4E6-5B02-4B6C-99BE-68F1511E9549} http://plugin.slingbox.com/downloads/pc/1.4.0.90/WebSlingPlayer.cab (WebSlingPlayer)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.252.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0F49D553-2166-43E1-82F0-EBA13A9DCB6F}: DhcpNameServer = 192.168.1.1 71.252.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19347F24-EA07-482E-9971-7351F0883E73}: DhcpNameServer = 192.168.1.1 71.252.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4D7FA28E-014F-41F9-91B4-7C0BB37EECA7}: DhcpNameServer = 192.168.1.1 71.252.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4DFE287-BDD1-4878-8213-056EA247454C}: DhcpNameServer = 4.2.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7AA249F-5CE1-426A-A9F7-A3E49F7D6A07}: DhcpNameServer = 192.168.1.1 71.252.0.12
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\dan\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\dan\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.1.4
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.1.4
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {38539595-3E29-410d-ABBD-3D6A75BC9A73} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Sharedaccess - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

========== Files/Folders - Created Within 30 Days ==========

[2012/10/18 14:41:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\dan\Desktop\OTL.exe
[2012/10/18 08:46:49 | 000,706,431 | R--- | C] (Swearware) -- C:\Users\dan\Desktop\dds.com
[2012/10/17 14:11:57 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/10/17 14:11:57 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/10/17 14:11:57 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/10/17 14:11:41 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/10/17 14:08:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/10/17 14:08:23 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/10/17 13:59:05 | 004,982,045 | R--- | C] (Swearware) -- C:\Users\dan\Desktop\ComboFix.exe
[2012/01/09 21:22:25 | 000,955,776 | ---- | C] (PC Pitstop LLC ) -- C:\Users\dan\pcmatic-setup.exe
[2008/12/16 18:06:13 | 027,288,880 | ---- | C] (Apple Inc.) -- C:\Users\dan\QuickTimeInstaller.exe

========== Files - Modified Within 30 Days ==========

[2012/10/18 14:50:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/18 14:49:18 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/18 14:49:18 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/18 14:41:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\dan\Desktop\OTL.exe
[2012/10/18 14:36:01 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/18 14:33:09 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/18 10:09:36 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/18 09:57:49 | 000,000,000 | ---- | M] () -- C:\Users\dan\defogger_reenable
[2012/10/18 09:56:52 | 000,050,477 | ---- | M] () -- C:\Users\dan\Desktop\Defogger.exe
[2012/10/18 08:46:51 | 000,706,431 | R--- | M] (Swearware) -- C:\Users\dan\Desktop\dds.com
[2012/10/17 13:59:08 | 004,982,045 | R--- | M] (Swearware) -- C:\Users\dan\Desktop\ComboFix.exe
[2012/10/17 13:02:07 | 000,609,506 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/10/17 13:02:07 | 000,106,014 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/27 11:11:04 | 000,002,627 | ---- | M] () -- C:\Users\dan\Desktop\Microsoft Office Word 2007.lnk
[2012/09/20 14:23:10 | 002,130,557 | ---- | M] () -- C:\Users\dan\Documents\Driving Directions from 1532 Godfrey Ln, Virginia Beach, Virginia 23454 to Point Plaza Suites and Conference Hotel in Newport News, Virginia 23601 MapQuest.mht

========== Files Created - No Company Name ==========

[2012/10/18 09:57:49 | 000,000,000 | ---- | C] () -- C:\Users\dan\defogger_reenable
[2012/10/18 09:56:50 | 000,050,477 | ---- | C] () -- C:\Users\dan\Desktop\Defogger.exe
[2012/10/17 14:11:57 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/10/17 14:11:57 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/10/17 14:11:57 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/10/17 14:11:57 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/10/17 14:11:57 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/09/20 14:23:08 | 002,130,557 | ---- | C] () -- C:\Users\dan\Documents\Driving Directions from 1532 Godfrey Ln, Virginia Beach, Virginia 23454 to Point Plaza Suites and Conference Hotel in Newport News, Virginia 23601 MapQuest.mht
[2012/06/06 22:01:06 | 000,060,604 | ---- | C] () -- C:\Users\dan\554270_3756738889886_1907667354_n.jpg
[2012/06/06 21:55:25 | 000,037,466 | ---- | C] () -- C:\Users\dan\408823_2242300596409_320264287_n.jpg
[2012/04/02 17:40:22 | 000,000,043 | ---- | C] () -- C:\Users\dan\jagex_cl_runescape_LIVE1.dat
[2012/03/31 21:01:39 | 000,000,024 | ---- | C] () -- C:\Users\dan\random.dat
[2012/03/31 20:08:12 | 000,000,040 | ---- | C] () -- C:\Users\dan\jagex_cl_runescape_LIVE.dat
[2012/01/10 16:33:34 | 000,000,451 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/03/23 17:27:51 | 000,000,129 | ---- | C] () -- C:\Users\dan\jagex_runescape_preferences2.dat
[2011/01/05 18:09:18 | 000,000,680 | ---- | C] () -- C:\Users\dan\AppData\Local\d3d9caps.dat
[2011/01/05 12:15:03 | 001,187,766 | ---- | C] () -- C:\Users\dan\RFP - Challenge Course[1].pdf
[2010/09/25 10:13:58 | 000,019,663 | ---- | C] () -- C:\Users\dan\Backup of RESUME Whalen DHS 2010.wbk
[2010/03/16 08:58:50 | 000,019,963 | ---- | C] () -- C:\Users\dan\Backup of RESUME Whalen 2010.wbk
[2010/01/25 12:34:39 | 000,072,080 | ---- | C] () -- C:\Users\dan\g2mdlhlpx.exe
[2010/01/18 19:18:23 | 000,019,406 | ---- | C] () -- C:\Users\dan\RESUME Whalen OWLS 2010
[2010/01/18 15:35:54 | 000,261,188 | ---- | C] () -- C:\Users\dan\w9.pdf
[2010/01/05 16:33:43 | 000,965,566 | ---- | C] () -- C:\Users\dan\whalen dd214bmp (2).bmp
[2010/01/05 16:33:21 | 000,965,566 | ---- | C] () -- C:\Users\dan\whalen dd214bmp.bmp
[2009/12/16 18:12:01 | 000,004,705 | ---- | C] () -- C:\Users\dan\USPS - Hold Mail - Create Confirmation - Printer Friendly.htm
[2009/10/12 21:09:18 | 000,051,712 | ---- | C] () -- C:\Users\dan\Backup of Whalen Bio Oct 09.wbk
[2009/09/10 13:00:18 | 000,063,730 | ---- | C] () -- C:\Program Files\viewsonicinstruct_xp.pdf
[2009/08/31 15:25:36 | 005,336,128 | ---- | C] () -- C:\Users\dan\AutoBackup-(2009-08-31).ipd
[2009/06/27 11:29:35 | 000,017,016 | ---- | C] () -- C:\Users\dan\Backup of RESUME Whalen PM.wbk
[2009/05/09 22:44:18 | 000,000,034 | ---- | C] () -- C:\Users\dan\jagex_runescape_preferences.dat
[2009/05/04 14:14:23 | 000,046,073 | ---- | C] () -- C:\Users\dan\VA Education Benefits Application.htm
[2009/04/20 20:37:23 | 000,153,215 | ---- | C] () -- C:\Users\dan\whalen dd214png.png
[2009/02/10 10:57:25 | 000,160,173 | ---- | C] () -- C:\Users\dan\RFP_Security_Consulting_2-06-09_(2).pdf
[2009/01/12 16:16:52 | 000,036,864 | ---- | C] () -- C:\Users\dan\Backup of Whalen CPPD Resume 2009.wbk
[2008/12/11 17:06:10 | 000,085,148 | ---- | C] () -- C:\Users\dan\WHALEN.pdf
[2008/11/08 23:48:10 | 000,033,792 | ---- | C] () -- C:\Users\dan\Backup of Whalen DOT Resume 9-08.wbk
[2008/11/05 01:33:57 | 000,031,232 | ---- | C] () -- C:\Users\dan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/05 00:41:00 | 000,025,600 | ---- | C] () -- C:\Users\dan\Backup of Whalen Navy Bio.wbk
[2008/10/29 22:09:31 | 000,103,720 | ---- | C] () -- C:\Users\dan\GoToAssistDownloadHelper.exe
[2008/09/23 17:55:13 | 000,057,569 | ---- | C] () -- C:\Users\dan\01_gauley[1].jpg
[2008/09/23 17:55:07 | 000,046,100 | ---- | C] () -- C:\Users\dan\02_gauley[1].jpg

========== ZeroAccess Check ==========

[2012/10/17 14:08:42 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$522957ca8c2ee38b796ebb70ae92ed99\U
[2006/11/02 08:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< %windir%\system32\drivers\*.sys /lockedfiles >

< End of report >

Attached Files



#15 CaptainW

CaptainW
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 18 October 2012 - 02:37 PM

additional info: it didn't work in regular mode, got hung up at Scanning Driver: NisDrv




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users