Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browsers Being Redirected


  • This topic is locked This topic is locked
25 replies to this topic

#1 LJMac

LJMac

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:07 AM

Posted 18 December 2009 - 05:31 AM

Browsers Firefox and Google Chrome are being redirected with any search link clicked. I've run Malwarebytes and Super Spyware with no success in finding a virus or spyware. HijackThis log in this post. Please help! Thank you.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:06:15 AM, on 12/18/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\HDDSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Hard Drive Inspector\HDInspector.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\D-Link\D-Link USB Phone Adapter\DPH-50U Utility.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SlickRun\sr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\WordWeb\wweb32.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...o&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = >>> 'Full Speed' Enabled <<<
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.212.127.227 winwarepro.microsoft.com
O1 - Hosts: 91.212.127.227 winwarepro.com
O1 - Hosts: 91.212.127.227 www.winwarepro.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [HDInspector.exe] C:\Program Files\Hard Drive Inspector\HDInspector.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [TLinkAgent] C:\Program Files\D-Link\D-Link USB Phone Adapter\DPH-50U Utility.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SlickRun] "C:\Program Files\SlickRun\sr.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Valerie McKenney\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat\AdobeUpdateManager.exe" AcPro7_1_0
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: WordWeb Pro.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: America Online 8.0 Tray Icon.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=presario&pf=laptop
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1167927293296
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HDD Information Service (HDDSvc) - AltrixSoft (http://www.altrixsoft.com/) - C:\WINDOWS\system32\HDDSvc.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SureThing Labelflash service - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 12313 bytes

BC AdBot (Login to Remove)

 


#2 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 18 December 2009 - 08:41 AM

Hello, my name is fenzodahl512 and welcome to the forum.. Please do the following....


Please download The Comedian.exe by Rorschach112 to your desktop
  • Please disable all of your antivirus/firewall before doing this step. Please visit HERE if you don't know how..
  • Double click the program to run it. It will only take around several minutes to run.
  • It will do a series of tasks and tell you when each one is finished.
  • You will be prompted to press any key after each step
  • When it is done it will close and exit itself automatically.
  • You can delete The_Comedian.exe once it is finished
STOP! if you can't complete this step.. Tell me more about it..



NEXT


Please download OTL by OldTimer and save it to your desktop.

Under the Custom Scans/Fixes box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT

Don't change any setting... Just click on the Run Scan button.. Let it scan till finish..

Then a log will pop-up at your Desktop. Post the content of the log here



NEXT


We need to scan for Rootkits with GMER
  • Please download GMER from one of the following locations, and save it to your desktop:
    • Main Mirror
      This version will download a randomly named file (Recommended)
    • Zip Mirror
      This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Close any and all open programs, as this process may crash your computer.
  • Double click Posted Image or Posted Image on your desktop.
  • Allow the gmer.sys driver to load if asked.
  • You may see this window. If you do, click No.
    Posted Image
  • Click on Posted Image and wait for the scan to finish.
  • If you see a rootkit warning window, click OK.
  • Push Posted Image and save the logfile to your desktop.
  • Copy and Paste the contents of that file in your next post.


Post me these logs in your next reply.. Post each log in separate post..

1. OTL
2. GMER

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#3 LJMac

LJMac
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:07 AM

Posted 18 December 2009 - 10:08 AM

Hello fenzodahl512

I downloaded The Comedian but the program exe file simply opened up a black command type window with a flashing curser, it did not run and then a window popped up that it had encountered a problem and needed to close. Additionally whatever this infection is it has disabled AVG scanning or even opening up the user interface, Spybot will not scan either. Thanks for helping me with this wicked problem!

#4 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 18 December 2009 - 10:28 AM

Ok, Lets do this one first.. Then proceed with OTL and GMER step :(


Backing Up Your Registry
  • Go HERE and download ERUNT
    (ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
  • Install ERUNT by following the prompts
    (use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
  • Start ERUNT
    (either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
  • Choose a location for the backup
    (the default location is C:\WINDOWS\ERDNT which is acceptable).
  • Make sure that at least the first two check boxes are ticked
  • Press OK
  • Press YES to create the folder.
For detailed instruction on how to back-up registry via ERUNT, please visit HERE


After that, please create a Restore Point via System Restore.. Here's the link on how to do it..

http://www.bleepingcomputer.com/tutorials/...l56.html#manual

After you successfully do these steps, please proceed with OTL and GMER step as per above :(

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#5 LJMac

LJMac
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:07 AM

Posted 18 December 2009 - 11:59 AM

OK.........thanks here is OTL

OTL logfile created on: 12/18/2009 10:56:59 AM - Run 1
OTL by OldTimer - Version 3.1.18.0 Folder = C:\Documents and Settings\Valerie McKenney\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

478.54 Mb Total Physical Memory | 162.99 Mb Available Physical Memory | 34.06% Memory free
1.10 Gb Paging File | 0.37 Gb Available in Paging File | 33.74% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 62.03 Gb Total Space | 8.57 Gb Free Space | 13.82% Space Free | Partition Type: NTFS
Drive D: | 11.46 Gb Total Space | 1.25 Gb Free Space | 10.91% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 983.72 Mb Total Space | 575.00 Mb Free Space | 58.45% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DEFENDER-3
Current User Name: Valerie McKenney
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/12/18 10:55:25 | 00,564,736 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Valerie McKenney\Desktop\OTL.exe
PRC - [2009/12/14 07:15:52 | 00,472,112 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Pure Networks\Network Magic\nmapp.exe
PRC - [2009/12/11 11:16:30 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2009/12/11 11:16:30 | 00,503,576 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2009/12/09 18:22:33 | 00,921,072 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Valerie McKenney\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/11/07 12:26:29 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/11/07 12:26:27 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009/11/07 12:26:02 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2009/11/05 21:14:44 | 01,794,848 | ---- | M] (Apple Inc.) -- C:\Program Files\Safari\Safari.exe
PRC - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/07/07 14:48:44 | 00,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2009/05/07 06:16:50 | 00,601,976 | ---- | M] (VS Revo Group) -- C:\Program Files\VS Revo Group\Revo Uninstaller\revouninstaller.exe
PRC - [2008/12/08 15:50:04 | 00,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe
PRC - [2008/10/25 11:44:34 | 00,031,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2008/06/12 21:16:23 | 00,042,176 | ---- | M] (Antony Lewis) -- C:\Program Files\WordWeb\wweb32.exe
PRC - [2008/04/24 00:16:18 | 01,008,904 | ---- | M] (Altrixsoft) -- C:\Program Files\Hard Drive Inspector\HDInspector.exe
PRC - [2008/04/13 19:12:35 | 00,073,796 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\slserv.exe
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/26 22:50:08 | 00,189,704 | ---- | M] (AltrixSoft (http://www.altrixsoft.com/)) -- C:\WINDOWS\system32\HDDSvc.exe
PRC - [2006/10/23 07:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2006/08/18 03:00:00 | 00,143,426 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2006/07/11 23:55:34 | 00,102,400 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe
PRC - [2006/05/18 18:52:06 | 00,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2006/05/04 00:58:26 | 00,458,752 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
PRC - [2006/05/02 17:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
PRC - [2006/04/01 04:40:38 | 00,181,248 | ---- | M] (Bayden Systems) -- C:\Program Files\SlickRun\sr.exe
PRC - [2006/04/01 00:01:48 | 00,761,946 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006/03/08 09:56:50 | 00,425,984 | ---- | M] () -- C:\Program Files\D-Link\D-Link USB Phone Adapter\DPH-50U Utility.exe
PRC - [2005/11/23 07:58:04 | 00,765,952 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2005/08/11 18:30:30 | 00,081,920 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004/10/15 15:54:14 | 00,100,016 | ---- | M] (America Online, Inc) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
PRC - [2004/10/15 15:54:12 | 00,046,768 | ---- | M] (America Online Inc) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
PRC - [2003/03/27 10:42:08 | 00,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe


========== Modules (SafeList) ==========

MOD - [2009/12/18 10:55:25 | 00,564,736 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Valerie McKenney\Desktop\OTL.exe
MOD - [2006/03/15 23:00:00 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\serwvdrv.dll
MOD - [2006/03/15 23:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umdmxfrm.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/11/07 12:26:02 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/08/23 16:00:06 | 00,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/07/07 14:48:44 | 00,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/25 11:44:08 | 00,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008/06/18 17:23:14 | 00,074,384 | ---- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (SureThing Labelflash service)
SRV - [2008/04/13 19:12:35 | 00,073,796 | ---- | M] (Smart Link) [Auto | Running] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2008/04/13 19:12:27 | 00,117,248 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\mqtgsvc.exe -- (MSMQTriggers)
SRV - [2008/04/13 19:12:27 | 00,004,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\mqsvc.exe -- (MSMQ)
SRV - [2008/02/26 22:50:08 | 00,189,704 | ---- | M] (AltrixSoft (http://www.altrixsoft.com/)) [Auto | Running] -- C:\WINDOWS\system32\HDDSvc.exe -- (HDDSvc)
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/23 07:50:35 | 00,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2006/08/18 03:00:00 | 00,143,426 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2006/06/12 15:27:28 | 00,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr)
SRV - [2006/05/18 18:52:06 | 00,049,152 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006/05/02 17:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex)
SRV - [2005/11/23 07:58:04 | 00,765,952 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2005/10/06 20:12:30 | 00,855,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS)
SRV - [2005/04/04 02:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/10/15 15:54:14 | 00,100,016 | ---- | M] (America Online, Inc) [Auto | Running] -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe -- (AOL TopSpeedMonitor)
SRV - [2003/03/27 10:42:08 | 00,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)


========== Driver Services (SafeList) ==========

DRV - [2009/12/17 13:25:59 | 00,099,584 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2009/12/15 09:42:29 | 00,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/11/10 22:03:35 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009/11/07 12:26:50 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/11/07 12:26:47 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/07/07 14:48:44 | 00,026,672 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis)
DRV - [2009/07/07 14:48:44 | 00,025,392 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp)
DRV - [2009/05/18 18:41:16 | 00,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2009/05/11 06:15:48 | 00,047,360 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pcouffin.sys -- (pcouffin)
DRV - [2009/05/09 00:14:20 | 00,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2009/02/24 17:42:14 | 00,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/12/19 19:08:28 | 00,027,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\point32.sys -- (Point32)
DRV - [2008/06/17 08:59:14 | 00,099,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2008/05/08 09:02:52 | 00,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)
DRV - [2008/04/13 13:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 13:39:44 | 00,092,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2008/04/13 13:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 11:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/02/24 16:17:00 | 00,011,264 | ---- | M] (Superlogix) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\supermounter.sys -- (SuperMounter)
DRV - [2008/02/01 13:48:38 | 00,051,440 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/02/01 13:48:38 | 00,008,944 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/08/07 14:48:33 | 00,025,160 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2007/03/11 21:39:46 | 00,043,936 | ---- | M] (Alfa Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\AFPAnsi.sys -- (AFPAnsi)
DRV - [2007/02/15 19:57:04 | 00,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2007/02/15 19:56:49 | 00,011,984 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2006/08/29 13:12:28 | 00,990,592 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/08/29 13:11:08 | 00,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/08/29 13:10:56 | 00,728,576 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006/08/18 03:00:00 | 03,687,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/06/19 13:26:58 | 00,012,672 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2006/06/19 07:37:34 | 00,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/06/01 19:02:36 | 00,572,928 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2006/05/12 15:05:02 | 00,057,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/04/28 12:12:00 | 00,429,184 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2006/03/31 23:41:40 | 00,193,056 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/03/15 23:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2006/03/05 18:49:36 | 00,011,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006/03/02 19:31:04 | 00,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/02 19:31:02 | 00,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/03/01 01:31:36 | 00,043,248 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slvad.sys -- (SLVAD_simple)
DRV - [2006/03/01 01:31:26 | 00,546,120 | R--- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slusbvip.sys -- (slusbvip)
DRV - [2006/03/01 01:31:00 | 00,014,888 | R--- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\TLRecAgent.sys -- (TLRecAgent)
DRV - [2006/02/16 16:51:08 | 00,004,096 | R--- | M] (SuperAdBlocker, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2005/11/15 23:28:32 | 00,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/10/31 21:08:00 | 00,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/31 20:54:50 | 00,051,584 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/10/13 04:07:12 | 00,874,240 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2005/09/19 16:24:20 | 00,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2005/09/19 16:24:10 | 00,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005/09/19 16:23:52 | 00,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2005/06/20 19:05:58 | 00,020,640 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2005/04/07 16:18:34 | 00,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2004/08/04 01:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/08/03 21:41:46 | 00,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2004/08/03 21:41:46 | 00,013,240 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2004/08/03 21:41:42 | 00,129,535 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnt7554.sys -- (Slnt7554)
DRV - [2004/08/03 21:41:40 | 00,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2004/08/03 21:41:40 | 00,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2004/08/03 21:41:40 | 00,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent)
DRV - [2004/08/03 21:41:38 | 01,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2003/01/10 15:13:04 | 00,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/18 00:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/18 00:07:42 | 00,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/18 00:07:40 | 00,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/18 00:07:36 | 00,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/18 00:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 23:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 23:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 23:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 23:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 23:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 23:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 23:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 23:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 23:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 23:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 12:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2000/08/21 16:35:12 | 00,002,627 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\smport.sys -- (Smport)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/webhp?rls=org.mozilla:en-US:official&hl=en&sa=N&tab=fw"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.716
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {40a1f5d7-afc2-498f-b264-02668d616ff6}:1.1


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009/12/11 11:17:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/17 16:59:15 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/16 01:05:59 | 00,000,000 | ---D | M]

[2009/02/03 13:32:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Valerie McKenney\Application Data\Mozilla\Extensions
[2009/12/17 09:24:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Valerie McKenney\Application Data\Mozilla\Firefox\Profiles\jo72akdj.default\extensions
[2009/08/27 07:04:37 | 00,000,000 | ---D | M] (Mega Manager Integration) -- C:\Documents and Settings\Valerie McKenney\Application Data\Mozilla\Firefox\Profiles\jo72akdj.default\extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6}
[2009/12/17 09:24:03 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: (365936 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.212.127.227 winwarepro.microsoft.com
O1 - Hosts: 91.212.127.227 winwarepro.com
O1 - Hosts: 91.212.127.227 www.winwarepro.com
O1 - Hosts: 127.0.0.1 myomemo.com
O1 - Hosts: 127.0.0.1 www.myomemo.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 12618 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (AOL LLC)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HDInspector.exe] C:\Program Files\Hard Drive Inspector\HDInspector.exe (Altrixsoft)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)
O4 - HKLM..\Run: [nmapp] C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [QPService] C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [RecGuard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TLinkAgent] C:\Program Files\D-Link\D-Link USB Phone Adapter\DPH-50U Utility.exe ()
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Valerie McKenney\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [SlickRun] C:\Program Files\SlickRun\sr.exe (Bayden Systems)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\America Online 8.0 Tray Icon.lnk = File not found
O4 - Startup: C:\Documents and Settings\Valerie McKenney\Start Menu\Programs\StartUp\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Valerie McKenney\Start Menu\Programs\StartUp\WordWeb Pro.lnk = C:\Program Files\WordWeb\wweb32.exe (Antony Lewis)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1167927293296 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.26.88.31 204.215.43.3
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll ()
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/07/27 22:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 14:01:14 | 00,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{e695981b-9bfd-11db-ad60-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{e695981b-9bfd-11db-ad60-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2006/09/20 23:23:56 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (53765169410473984)

========== Files/Folders - Created Within 30 Days ==========

[2009/12/18 10:55:25 | 00,564,736 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Valerie McKenney\Desktop\OTL.exe
[2009/12/18 10:51:24 | 00,425,472 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Valerie McKenney\Desktop\OTM.exe
[2009/12/18 10:42:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/12/18 10:41:12 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/12/18 10:40:39 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Valerie McKenney\Desktop\erunt-setup.exe
[2009/12/18 07:32:11 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/12/17 23:57:27 | 00,000,000 | -HSD | C] -- C:\found.000
[2009/12/17 14:07:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\1Click DVD Copy Pro
[2009/12/17 14:04:08 | 00,000,000 | ---D | C] -- C:\Program Files\LG Software Innovations
[2009/12/17 14:03:09 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Valerie McKenney\Recent
[2009/12/17 10:07:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/12/17 09:59:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Valerie McKenney\Application Data\SUPERAntiSpyware.com
[2009/12/17 09:59:22 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/12/17 09:58:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/12/15 23:11:16 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2009/12/15 23:11:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Recorded TV
[2009/12/15 18:07:39 | 00,000,000 | ---D | C] -- C:\Program Files\CCFile
[2009/12/15 15:48:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Valerie McKenney\Desktop\Downloads
[2009/12/15 11:09:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\DAEMON Tools Images
[2009/12/15 10:17:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2009/12/15 10:17:12 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Pro
[2009/12/15 09:42:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Valerie McKenney\Application Data\DAEMON Tools Pro
[2009/12/15 09:25:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Valerie McKenney\My Documents\OneNote Notebooks
[2009/12/14 15:52:19 | 00,032,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msonpmon.dll
[2009/12/14 15:40:57 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2009/12/14 13:54:09 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2009/12/14 13:51:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Valerie McKenney\Local Settings\Application Data\Microsoft Help
[2009/12/14 13:51:54 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2009/12/14 13:51:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2009/12/14 13:19:48 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2009/12/14 13:19:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2009/12/14 13:19:38 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\L&H
[2009/12/14 06:16:04 | 00,000,000 | ---D | C] -- C:\Program Files\Pure Networks
[2009/12/14 06:14:17 | 00,000,000 | ---D | C] -- C:\Program Files\WebEx
[2009/12/14 06:13:08 | 00,025,392 | ---- | C] (Cisco Systems, Inc.) -- C:\WINDOWS\System32\drivers\pnarp.sys
[2009/12/14 06:12:56 | 00,026,672 | ---- | C] (Cisco Systems, Inc.) -- C:\WINDOWS\System32\drivers\purendis.sys
[2009/12/14 06:12:39 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Pure Networks Shared
[2009/12/14 06:11:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Pure Networks
[2009/12/14 02:23:39 | 00,000,000 | ---D | C] -- C:\Driver Backup 12-14-2009-22318
[2009/12/14 02:07:21 | 01,686,016 | ---- | C] (Clever Components) -- C:\WINDOWS\System32\clinetsuitex6.ocx
[2009/12/14 02:07:21 | 00,427,864 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\WINDOWS\System32\XceedZip.dll
[2009/12/14 02:07:16 | 00,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
[2009/12/13 17:34:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Valerie McKenney\Desktop\N.VAS
[2009/12/13 15:57:56 | 00,204,288 | ---- | C] (cDc (file-transfer.sourceforge.net)) -- C:\Documents and Settings\Valerie McKenney\Desktop\FileTransfer.exe
[2009/12/13 14:12:39 | 00,000,000 | ---D | C] -- C:\Program Files\Safari
[2009/12/13 14:11:59 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2009/12/09 11:53:22 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/12/07 15:54:22 | 00,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2009/12/07 15:54:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Valerie McKenney\Application Data\Uniblue
[2009/12/07 10:33:50 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2009/12/03 13:27:22 | 00,044,000 | ---- | C] (Alfa Corporation) -- C:\WINDOWS\System32\drivers\AFPUni.sys
[2009/12/03 13:27:22 | 00,043,936 | ---- | C] (Alfa Corporation) -- C:\WINDOWS\System32\drivers\AFPAnsi.sys
[2009/12/03 13:27:22 | 00,011,264 | ---- | C] (Superlogix) -- C:\WINDOWS\System32\drivers\supermounter.sys
[2009/12/03 13:27:19 | 05,975,552 | ---- | C] (SuperLogix) -- C:\WINDOWS\System32\vbsbak.dat
[2009/12/03 13:27:18 | 00,073,728 | ---- | C] (SuperLogix) -- C:\WINDOWS\System32\smh.dat
[2009/12/03 13:27:17 | 01,473,536 | ---- | C] (SuperLogix) -- C:\WINDOWS\System32\context.dll
[2009/12/03 13:27:17 | 00,000,000 | ---D | C] -- C:\Program Files\SuperLogix
[2009/12/03 00:16:05 | 00,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2009/12/03 00:16:00 | 00,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2009/12/03 00:15:46 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2009/12/03 00:15:15 | 00,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2009/12/03 00:15:10 | 00,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2009/12/03 00:15:07 | 00,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2009/12/03 00:15:00 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2009/12/03 00:14:58 | 00,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2009/12/03 00:14:55 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2009/12/03 00:14:37 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2009/12/03 00:14:11 | 00,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2009/12/03 00:14:06 | 00,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2009/12/03 00:13:48 | 00,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2009/12/03 00:13:31 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2009/12/03 00:13:20 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2009/12/03 00:13:15 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2009/12/03 00:13:14 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2009/12/03 00:13:05 | 00,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2009/12/03 00:13:03 | 00,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2009/12/03 00:13:02 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2009/12/03 00:12:58 | 00,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2009/12/03 00:12:52 | 00,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2009/12/03 00:12:50 | 00,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2009/12/03 00:12:48 | 00,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2009/12/03 00:12:47 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2009/12/03 00:12:44 | 00,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2009/12/03 00:12:43 | 00,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2009/12/03 00:12:41 | 00,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2009/12/03 00:12:35 | 00,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2009/12/03 00:12:31 | 00,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2009/12/03 00:12:22 | 00,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2009/12/03 00:12:20 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2009/12/03 00:12:19 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2009/12/03 00:12:19 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2009/12/03 00:12:17 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2009/12/03 00:12:12 | 00,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2009/12/03 00:12:06 | 00,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2009/12/03 00:11:59 | 00,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2009/12/03 00:11:54 | 00,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2009/12/03 00:11:44 | 00,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2009/12/03 00:11:42 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2009/12/03 00:11:36 | 00,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2009/12/03 00:11:31 | 00,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2009/12/03 00:11:26 | 00,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2009/12/03 00:11:21 | 00,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2009/12/03 00:11:16 | 00,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2009/12/03 00:11:12 | 00,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2009/12/03 00:11:08 | 00,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2009/12/03 00:11:03 | 00,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2009/12/03 00:11:00 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2009/12/03 00:10:55 | 00,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2009/12/03 00:10:46 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2009/12/03 00:10:41 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2009/12/03 00:10:37 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2009/12/03 00:10:28 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2009/12/03 00:10:24 | 00,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2009/12/03 00:10:19 | 00,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2009/12/03 00:10:15 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2009/12/03 00:10:11 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2009/12/03 00:10:06 | 00,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2009/12/03 00:10:02 | 00,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2009/12/03 00:09:56 | 00,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2009/12/03 00:09:55 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/12/03 00:09:46 | 00,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2009/12/03 00:09:42 | 00,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2009/12/03 00:09:39 | 00,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2009/12/03 00:09:35 | 00,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2009/12/03 00:09:31 | 00,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2009/12/03 00:09:26 | 00,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2009/12/03 00:09:22 | 00,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2009/12/03 00:09:17 | 00,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2009/12/03 00:09:16 | 00,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2009/12/03 00:09:12 | 00,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2009/12/03 00:09:07 | 00,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2009/12/03 00:09:03 | 00,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2009/12/03 00:08:58 | 00,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2009/12/03 00:08:53 | 00,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2009/12/03 00:08:47 | 00,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2009/12/03 00:08:43 | 00,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2009/12/03 00:08:42 | 00,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2009/12/03 00:08:41 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2009/12/03 00:08:37 | 00,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2009/12/03 00:08:33 | 00,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2009/12/03 00:08:33 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2009/12/03 00:08:32 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2009/12/03 00:08:27 | 00,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2009/12/03 00:08:22 | 00,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2009/12/03 00:08:18 | 00,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2009/12/03 00:08:15 | 00,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2009/12/03 00:08:07 | 00,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2009/12/03 00:08:04 | 00,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2009/12/03 00:08:00 | 00,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2009/12/03 00:07:56 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2009/12/03 00:07:52 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2009/12/03 00:07:49 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2009/12/03 00:07:45 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2009/12/03 00:07:42 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2009/12/03 00:07:38 | 00,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2009/12/03 00:07:35 | 00,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2009/12/03 00:07:27 | 00,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2009/12/03 00:07:22 | 00,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2009/12/03 00:07:22 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2009/12/03 00:07:15 | 00,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2009/12/03 00:07:11 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2009/12/03 00:07:10 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2009/12/03 00:07:03 | 00,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2009/12/03 00:06:58 | 00,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2009/12/03 00:06:51 | 00,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2009/12/03 00:06:47 | 00,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2009/12/03 00:06:43 | 00,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2009/12/03 00:06:40 | 00,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2009/12/03 00:06:36 | 00,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2009/12/03 00:06:32 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2009/12/03 00:06:31 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2009/12/03 00:06:30 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2009/12/03 00:06:26 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2009/12/03 00:06:26 | 00,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2009/12/03 00:06:25 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2009/12/03 00:06:21 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2009/12/03 00:06:20 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2009/12/03 00:06:16 | 00,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2009/12/03 00:06:16 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2009/12/03 00:06:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2009/12/03 00:06:12 | 00,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2009/12/03 00:06:08 | 00,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2009/12/03 00:06:04 | 00,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2009/12/03 00:05:56 | 00,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2009/12/03 00:05:52 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2009/12/03 00:05:51 | 00,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2009/12/03 00:05:49 | 00,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2009/12/03 00:05:48 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2009/12/03 00:05:45 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2009/12/03 00:05:41 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2009/12/03 00:05:41 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2009/12/03 00:05:37 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2009/12/03 00:05:37 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2009/12/03 00:05:37 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2009/12/03 00:05:36 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2009/12/03 00:05:33 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2009/12/03 00:05:32 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2009/12/03 00:05:32 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2009/12/03 00:05:31 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2009/12/03 00:05:31 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2009/12/03 00:05:31 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2009/12/03 00:05:30 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2009/12/03 00:05:30 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2009/12/03 00:05:30 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2009/12/03 00:05:26 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2009/12/03 00:05:24 | 00,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2009/12/03 00:05:21 | 00,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2009/12/03 00:05:17 | 00,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2009/12/03 00:05:13 | 00,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2009/12/03 00:05:10 | 00,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2009/12/03 00:05:08 | 00,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2009/12/03 00:05:04 | 00,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll
[2009/12/03 00:05:00 | 00,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys
[2009/12/03 00:04:56 | 00,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2009/12/03 00:04:53 | 00,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2009/12/03 00:04:49 | 00,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2009/12/03 00:04:45 | 00,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2009/12/03 00:04:44 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2009/12/03 00:04:35 | 00,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2009/12/03 00:04:32 | 00,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2009/12/03 00:04:28 | 00,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2009/12/03 00:04:24 | 00,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2009/12/03 00:04:20 | 00,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2009/12/03 00:04:15 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2009/12/03 00:04:11 | 00,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2009/12/03 00:04:10 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2009/12/03 00:04:05 | 00,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2009/12/03 00:04:02 | 00,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2009/12/03 00:03:59 | 00,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2009/12/03 00:03:58 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2009/12/03 00:03:54 | 00,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2009/12/03 00:03:50 | 00,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2009/12/03 00:03:45 | 00,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2009/12/03 00:03:41 | 00,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2009/12/03 00:03:39 | 00,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2009/12/03 00:03:31 | 00,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2009/12/03 00:03:26 | 00,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2009/12/03 00:03:23 | 00,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2009/12/03 00:03:19 | 00,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2009/12/03 00:03:16 | 00,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2009/12/03 00:03:12 | 00,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2009/12/03 00:03:09 | 00,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2009/12/03 00:03:05 | 00,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2009/12/03 00:03:02 | 00,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2009/12/03 00:02:58 | 00,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2009/12/03 00:02:55 | 00,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2009/12/03 00:02:52 | 00,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2009/12/03 00:02:48 | 00,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2009/12/03 00:02:44 | 00,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2009/12/03 00:02:40 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2009/12/03 00:02:39 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2009/12/03 00:02:39 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2009/12/03 00:02:38 | 00,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2009/12/03 00:02:36 | 00,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2009/12/03 00:02:32 | 00,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2009/12/03 00:02:28 | 00,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2009/12/03 00:02:23 | 00,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2009/12/03 00:02:18 | 00,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2009/12/03 00:02:13 | 00,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2009/12/03 00:02:09 | 00,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2009/12/03 00:02:05 | 00,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2009/12/03 00:02:03 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/12/03 00:02:03 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/12/03 00:01:50 | 00,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2009/12/03 00:01:45 | 00,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2009/12/03 00:01:41 | 00,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2009/12/03 00:01:38 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2009/12/03 00:01:34 | 00,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2009/12/03 00:01:33 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/12/03 00:01:33 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/12/03 00:01:28 | 00,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2009/12/03 00:01:23 | 00,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2009/12/03 00:01:20 | 00,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2009/12/03 00:01:16 | 00,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2009/12/03 00:01:14 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2009/12/03 00:01:11 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2009/12/03 00:01:07 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2009/12/03 00:01:02 | 00,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2009/12/03 00:00:58 | 00,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2009/12/03 00:00:54 | 00,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2009/12/03 00:00:53 | 00,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2009/12/03 00:00:49 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2009/12/03 00:00:48 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2009/12/03 00:00:48 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2009/12/03 00:00:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2009/12/03 00:00:42 | 00,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2009/12/03 00:00:38 | 00,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2009/12/03 00:00:34 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2009/12/03 00:00:31 | 00,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2009/12/03 00:00:28 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2009/12/03 00:00:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2009/12/03 00:00:21 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2009/12/03 00:00:21 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2009/12/03 00:00:19 | 00,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2009/12/03 00:00:18 | 00,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2009/12/03 00:00:18 | 00,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2009/12/03 00:00:16 | 00,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2009/12/03 00:00:12 | 00,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2009/12/03 00:00:09 | 00,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2009/12/03 00:00:05 | 00,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2009/12/03 00:00:02 | 00,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2009/12/02 23:59:58 | 00,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2009/12/02 23:59:55 | 00,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2009/12/02 23:59:53 | 00,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2009/12/02 23:59:49 | 00,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2009/12/02 23:59:48 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2009/12/02 23:59:47 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2009/12/02 23:59:47 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2009/12/02 23:59:42 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2009/12/02 23:59:39 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2009/12/02 23:59:36 | 00,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2009/12/02 23:59:32 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2009/12/02 23:59:29 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2009/12/02 23:59:26 | 00,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2009/12/02 23:59:22 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2009/12/02 23:59:19 | 00,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2009/12/02 23:59:15 | 00,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2009/12/02 23:59:12 | 00,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2009/12/02 23:59:09 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2009/12/02 23:59:05 | 00,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2009/12/02 23:59:02 | 00,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2009/12/02 23:58:58 | 00,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2009/12/02 23:58:54 | 00,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2009/12/02 23:58:44 | 00,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2009/12/02 23:58:40 | 00,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2009/12/02 23:58:30 | 00,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2009/12/02 23:58:30 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2009/12/02 23:58:25 | 00,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2009/12/02 23:58:16 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2009/12/02 23:58:10 | 00,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2009/12/02 23:58:09 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2009/12/02 23:57:59 | 00,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2009/12/02 23:57:55 | 00,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2009/12/02 23:57:50 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2009/12/02 23:57:50 | 00,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2009/12/02 23:57:49 | 00,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2009/12/02 23:57:43 | 00,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2009/12/02 23:57:39 | 00,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2009/12/02 23:57:36 | 00,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2009/12/02 23:57:32 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2009/12/02 23:57:31 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2009/12/02 23:57:29 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2009/12/02 23:57:26 | 00,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2009/12/02 23:57:22 | 00,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2009/12/02 23:57:19 | 00,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2009/12/02 23:57:16 | 00,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2009/12/02 23:57:13 | 00,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2009/12/02 23:57:10 | 00,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2009/12/02 23:57:06 | 00,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2009/12/02 23:57:03 | 00,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2009/12/02 23:57:00 | 00,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2009/12/02 23:56:57 | 00,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2009/12/02 23:56:53 | 00,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2009/12/02 23:56:50 | 00,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2009/12/02 23:56:47 | 00,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2009/12/02 23:56:46 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2009/12/02 23:56:42 | 00,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2009/12/02 23:56:32 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2009/12/02 23:56:31 | 00,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2009/12/02 23:56:23 | 00,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2009/12/02 23:56:14 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys
[2009/12/02 23:56:11 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2009/12/02 23:56:11 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2009/12/02 23:56:10 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2009/12/02 23:56:01 | 00,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2009/12/02 23:55:56 | 00,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2009/12/02 23:55:55 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2009/12/02 23:55:45 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2009/12/02 23:55:36 | 00,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2009/12/02 23:55:35 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe
[2009/12/02 23:55:31 | 00,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2009/12/02 23:55:28 | 00,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2009/12/02 23:55:27 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2009/12/02 23:55:27 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2009/12/02 23:55:26 | 00,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2009/12/02 23:55:23 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2009/12/02 23:55:19 | 00,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2009/12/02 23:55:18 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2009/12/02 23:55:14 | 00,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2009/12/02 23:55:07 | 00,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2009/12/02 23:55:06 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2009/12/02 23:55:03 | 00,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2009/12/02 23:54:59 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2009/12/02 23:54:56 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2009/12/02 23:54:53 | 00,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2009/12/02 23:54:52 | 00,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2009/12/02 23:54:49 | 00,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2009/12/02 23:54:46 | 00,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2009/12/02 23:54:45 | 00,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2009/12/02 23:54:45 | 00,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2009/12/02 23:54:42 | 00,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2009/12/02 23:54:41 | 00,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2009/12/02 23:54:38 | 00,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2009/12/02 23:54:33 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2009/12/02 23:54:33 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2009/12/02 23:54:28 | 00,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2009/12/02 23:54:25 | 00,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2009/12/02 23:54:21 | 00,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2009/12/02 23:54:18 | 00,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2009/12/02 23:54:16 | 00,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2009/12/02 23:54:13 | 00,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2009/12/02 23:54:10 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2009/12/02 23:54:10 | 00,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2009/12/02 23:54:09 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2009/12/02 23:54:09 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2009/12/02 23:54:05 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2009/12/02 23:54:04 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2009/12/02 23:54:02 | 00,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2009/12/02 23:54:01 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2009/12/02 23:53:56 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2009/12/02 23:53:56 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2009/12/02 23:53:55 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2009/12/02 23:53:51 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2009/12/02 23:53:44 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2009/12/02 23:53:35 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2009/12/02 23:53:32 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2009/12/02 23:53:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2009/12/02 23:53:27 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2009/12/02 23:53:26 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2009/12/02 23:53:25 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2009/12/02 23:53:24 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2009/12/02 23:53:23 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2009/12/02 23:53:20 | 00,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2009/12/02 23:53:17 | 00,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2009/12/02 23:53:16 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2009/12/02 23:53:13 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2009/12/02 23:53:13 | 00,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2009/12/02 23:53:12 | 00,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2009/12/02 23:53:10 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2009/12/02 23:53:04 | 00,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2009/12/02 23:53:02 | 00,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2009/12/02 23:52:58 | 00,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2009/12/02 23:52:55 | 00,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2009/12/02 23:52:54 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2009/12/02 23:52:51 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2009/12/02 23:52:49 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2009/12/02 23:52:48 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2009/12/02 23:52:46 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2009/12/02 23:52:44 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2009/12/02 23:52:44 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2009/12/02 23:52:43 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2009/12/02 23:52:41 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2009/12/02 23:52:41 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2009/12/02 23:52:40 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2009/12/02 23:52:39 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2009/12/02 23:52:29 | 00,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2009/12/02 23:52:26 | 00,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2009/12/02 23:52:23 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2009/12/02 23:52:20 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2009/12/02 23:52:17 | 00,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2009/12/02 23:52:15 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2009/12/02 23:52:12 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2009/12/02 23:52:09 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2009/12/02 23:52:06 | 00,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2009/12/02 23:52:03 | 00,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2009/12/02 23:52:00 | 00,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2009/12/02 23:51:58 | 00,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2009/12/02 23:51:55 | 00,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2009/12/02 23:51:52 | 00,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2009/12/02 23:51:49 | 00,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2009/12/02 23:51:49 | 00,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2009/12/02 23:51:46 | 00,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2009/12/02 23:51:43 | 00,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2009/12/02 23:51:40 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2009/12/02 23:51:38 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2009/12/02 23:51:33 | 00,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2009/12/02 23:51:30 | 00,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2009/12/02 23:51:27 | 00,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2009/12/02 23:51:25 | 00,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2009/12/02 23:51:22 | 00,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2009/12/02 23:51:19 | 00,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2009/12/02 23:51:16 | 00,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2009/12/02 23:51:13 | 00,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2009/12/02 23:51:11 | 00,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2009/12/02 23:51:08 | 00,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2009/12/02 23:51:05 | 00,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2009/12/02 23:51:02 | 00,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2009/12/02 23:50:59 | 00,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2009/12/02 23:50:55 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2009/12/02 23:50:53 | 00,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2009/12/02 23:50:50 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2009/12/02 23:50:47 | 00,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2009/12/02 23:50:44 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2009/12/02 23:50:42 | 00,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2009/12/02 23:50:37 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2009/12/02 23:50:31 | 00,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2009/12/02 23:50:26 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2009/12/02 23:50:21 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2009/12/02 23:50:16 | 00,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2009/12/02 23:50:11 | 00,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2009/12/02 23:50:08 | 00,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2009/12/02 23:50:07 | 00,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2009/12/02 23:50:03 | 00,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2009/12/02 23:50:02 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2009/12/02 23:50:00 | 00,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2009/12/02 23:49:58 | 00,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2009/12/02 23:49:54 | 00,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2009/12/02 23:49:52 | 00,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2009/12/02 23:49:51 | 00,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2009/12/02 23:49:49 | 00,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2009/12/02 23:49:46 | 01,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2009/12/02 23:49:44 | 00,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2009/12/02 23:49:42 | 00,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2009/12/02 23:49:39 | 00,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2009/12/02 23:49:37 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/12/02 23:49:36 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2009/12/02 23:49:33 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2009/12/02 23:49:32 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2009/12/02 23:49:29 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2009/12/02 23:49:27 | 00,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2009/12/02 23:49:24 | 00,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2009/12/02 23:49:23 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2009/12/02 23:49:19 | 00,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2009/12/02 23:49:16 | 00,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2009/12/02 23:49:14 | 00,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2009/12/02 23:49:12 | 00,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2009/12/02 23:49:09 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2009/12/02 23:49:06 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/12/02 23:49:01 | 00,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2009/12/02 23:48:55 | 00,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2009/12/02 23:48:53 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2009/12/02 23:48:49 | 00,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2009/12/02 23:48:46 | 00,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2009/12/02 23:48:43 | 00,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2009/12/02 23:48:39 | 00,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2009/12/02 23:48:35 | 00,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2009/12/02 23:48:33 | 00,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2009/12/02 23:48:29 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2009/12/02 23:48:29 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2009/12/02 23:48:27 | 00,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2009/12/02 23:48:25 | 00,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2009/12/02 23:48:24 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2009/12/02 23:48:22 | 00,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2009/12/02 23:48:22 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2009/12/02 23:48:19 | 00,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2009/12/02 23:48:19 | 00,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2009/12/02 23:48:16 | 00,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2009/12/02 23:48:13 | 00,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2009/12/02 23:48:11 | 00,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2009/12/02 23:48:09 | 00,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2009/12/02 23:48:07 | 00,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2009/12/02 23:48:05 | 00,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2009/12/02 23:48:03 | 00,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2009/12/02 23:48:01 | 00,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2009/12/02 23:47:58 | 00,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2009/12/02 23:47:56 | 00,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2009/12/02 23:47:54 | 00,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2009/12/02 23:47:52 | 00,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2009/12/02 23:47:50 | 00,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2009/12/02 23:47:47 | 00,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2009/12/02 23:47:45 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2009/12/02 23:47:43 | 00,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2009/12/02 23:47:38 | 00,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2009/12/02 23:47:37 | 00,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2009/12/02 23:47:35 | 00,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2009/12/02 23:47:34 | 00,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2009/12/02 23:47:32 | 00,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2009/12/02 23:47:31 | 00,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2009/12/02 23:47:29 | 00,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2009/12/02 23:47:28 | 00,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2009/12/02 23:47:26 | 00,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2009/12/02 23:47:25 | 00,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2009/12/02 23:47:23 | 00,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2009/12/02 23:47:22 | 00,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2009/12/02 23:47:20 | 00,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2009/12/02 23:47:19 | 00,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2009/12/02 23:47:17 | 00,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2009/12/02 23:47:15 | 00,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2009/12/02 23:47:13 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2009/12/02 23:47:13 | 00,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2009/12/02 23:47:10 | 00,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2009/12/02 23:47:09 | 00,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100b325.sys
[2009/12/02 23:47:06 | 00,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2009/12/02 23:47:00 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2009/12/02 23:46:57 | 00,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2009/12/02 23:46:47 | 00,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2009/12/02 23:46:46 | 00,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2009/12/02 23:46:44 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2009/12/02 23:46:42 | 00,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2009/12/02 23:46:42 | 00,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2009/12/02 23:46:28 | 00,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2009/12/02 23:46:28 | 00,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2009/12/02 23:46:26 | 00,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2009/12/02 23:46:24 | 00,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2009/12/02 23:46:13 | 00,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2009/12/02 23:46:11 | 00,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2009/12/02 23:46:10 | 00,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2009/12/02 23:46:08 | 00,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2009/12/02 23:46:05 | 00,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2009/12/02 23:46:03 | 00,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2009/12/02 23:46:02 | 00,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2009/12/02 23:46:01 | 00,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2009/12/02 23:45:59 | 00,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2009/12/02 23:45:58 | 00,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2009/12/02 23:45:56 | 00,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2009/12/02 23:45:55 | 00,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2009/12/02 23:45:53 | 00,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2009/12/02 23:45:52 | 00,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2009/12/02 23:45:50 | 00,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2009/12/02 23:45:49 | 00,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2009/12/02 23:45:47 | 00,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2009/12/02 23:45:46 | 00,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2009/12/02 23:45:41 | 00,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2009/12/02 23:45:39 | 00,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2009/12/02 23:45:37 | 00,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2009/12/02 23:45:36 | 00,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2009/12/02 23:45:34 | 00,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2009/12/02 23:45:33 | 00,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2009/12/02 23:45:31 | 00,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2009/12/02 23:45:29 | 00,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2009/12/02 23:45:27 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2009/12/02 23:45:26 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2009/12/02 23:45:24 | 00,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2009/12/02 23:45:23 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2009/12/02 23:45:22 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2009/12/02 23:45:15 | 00,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2009/12/02 23:45:13 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2009/12/02 23:45:12 | 00,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2009/12/02 23:45:11 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2009/12/02 23:45:09 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2009/12/02 23:45:08 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2009/12/02 23:45:07 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2009/12/02 23:45:06 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2009/12/02 23:45:04 | 00,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2009/12/02 23:45:04 | 00,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2009/12/02 23:45:02 | 00,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2009/12/02 23:45:01 | 00,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2009/12/02 23:45:00 | 00,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2009/12/02 23:44:58 | 00,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2009/12/02 23:44:57 | 00,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2009/12/02 23:44:56 | 00,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2009/12/02 23:44:54 | 00,249,856 | ---- | C] (ComtrolŪ Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2009/12/02 23:44:54 | 00,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2009/12/02 23:44:52 | 00,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2009/12/02 23:44:51 | 00,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2009/12/02 23:44:50 | 00,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2009/12/02 23:44:48 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2009/12/02 23:44:46 | 00,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2009/12/02 23:44:45 | 00,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2009/12/02 23:44:44 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/12/02 23:44:43 | 00,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2009/12/02 23:44:42 | 00,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2009/12/02 23:44:40 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2009/12/02 23:44:40 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2009/12/02 23:44:39 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2009/12/02 23:44:33 | 00,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2009/12/02 23:44:31 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2009/12/02 23:44:27 | 00,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2009/12/02 23:44:24 | 00,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2009/12/02 23:44:23 | 00,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2009/12/02 23:44:22 | 00,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2009/12/02 23:44:20 | 00,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2009/12/02 23:44:19 | 00,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2009/12/02 23:44:16 | 00,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2009/12/02 23:44:14 | 00,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2009/12/02 23:44:12 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2009/12/02 23:44:11 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2009/12/02 23:44:10 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/12/02 23:44:10 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/12/02 23:44:09 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/12/02 23:44:08 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/12/02 23:44:08 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2009/12/02 23:44:06 | 00,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2009/12/02 23:44:05 | 00,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2009/12/02 23:44:04 | 00,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2009/12/02 23:44:03 | 00,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2009/12/02 23:44:03 | 00,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2009/12/02 23:44:00 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2009/12/02 23:43:59 | 00,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2009/12/02 23:43:58 | 00,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2009/12/02 23:43:57 | 00,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2009/12/02 23:43:56 | 00,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2009/12/02 23:43:54 | 00,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2009/12/02 23:43:53 | 00,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2009/12/02 23:43:52 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2009/12/02 23:43:51 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2009/12/02 23:43:50 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2009/12/02 23:43:49 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2009/12/02 23:43:49 | 00,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2009/12/02 23:43:48 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2009/12/02 23:43:47 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2009/12/02 23:43:46 | 00,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2009/12/02 23:43:45 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2009/12/02 23:43:44 | 00,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2009/12/02 23:43:42 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2009/12/02 23:43:20 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2009/12/02 23:43:18 | 00,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2009/12/02 23:43:17 | 00,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2009/12/02 23:43:16 | 00,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2009/12/02 23:43:15 | 00,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2009/12/02 23:43:14 | 00,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2009/12/02 23:43:13 | 00,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2009/12/02 23:43:12 | 00,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2009/12/02 23:43:11 | 00,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2009/12/02 23:43:10 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2009/12/02 23:43:09 | 00,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2009/12/02 23:43:08 | 00,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2009/12/02 23:43:07 | 00,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2009/12/02 23:43:06 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2009/12/02 23:43:05 | 00,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2009/12/02 23:43:04 | 00,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2009/12/02 23:43:03 | 00,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2009/12/02 23:43:03 | 00,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2009/12/02 23:43:02 | 00,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2009/12/02 23:43:01 | 00,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2009/12/02 23:43:00 | 00,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2009/12/02 23:42:56 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2009/12/02 23:42:55 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2009/12/02 23:42:55 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2009/12/02 23:42:54 | 00,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2009/12/02 23:42:53 | 00,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2009/12/02 23:42:52 | 00,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2009/12/02 23:42:51 | 00,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2009/12/02 23:42:49 | 00,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2009/12/02 23:42:48 | 00,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2009/12/02 23:42:48 | 00,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2009/12/02 23:42:47 | 00,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2009/12/02 23:42:46 | 00,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2009/12/02 23:42:45 | 00,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2009/12/02 23:42:45 | 00,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2009/12/02 23:42:44 | 00,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2009/12/02 23:42:42 | 00,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2009/12/02 23:42:41 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2009/12/02 23:42:41 | 00,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2009/12/02 23:42:39 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2009/12/02 23:42:29 | 00,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2009/12/02 23:42:28 | 00,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2009/12/02 23:42:25 | 00,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2009/12/02 23:42:24 | 00,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2009/12/02 23:42:23 | 00,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2009/12/02 23:42:22 | 00,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2009/12/02 23:42:22 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2009/12/02 23:42:21 | 00,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2009/12/02 23:42:20 | 00,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2009/12/02 23:42:16 | 00,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2009/12/02 23:42:15 | 00,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2009/12/02 23:42:13 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2009/12/02 23:42:13 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2009/12/02 23:42:12 | 00,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2009/12/02 23:42:09 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2009/12/02 23:42:07 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2009/12/02 23:42:06 | 00,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2009/12/02 23:42:04 | 00,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2009/12/02 23:42:03 | 00,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2009/12/02 23:42:02 | 00,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2009/12/02 23:41:53 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2009/12/02 23:41:49 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2009/12/02 23:41:48 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2009/12/02 23:41:47 | 00,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2009/12/02 23:41:46 | 00,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2009/12/02 23:41:46 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2009/12/02 23:41:44 | 00,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2009/12/02 23:41:44 | 00,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2009/12/02 23:41:43 | 00,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2009/12/02 23:41:43 | 00,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2009/12/02 23:41:42 | 00,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2009/12/02 23:41:40 | 00,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2009/12/02 23:41:39 | 00,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2009/12/02 23:41:38 | 00,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2009/12/02 23:41:38 | 00,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2009/12/02 23:41:37 | 00,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2009/12/02 23:41:36 | 00,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2009/12/02 23:41:36 | 00,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2009/12/02 23:41:35 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2009/12/02 23:41:34 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2009/12/02 23:41:34 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2009/12/02 23:41:33 | 00,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2009/12/02 23:41:33 | 00,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2009/12/02 23:41:32 | 00,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2009/12/02 23:41:31 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2009/12/02 23:41:26 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2009/12/02 23:41:25 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2009/12/02 23:41:04 | 00,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009/12/02 23:39:07 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2009/12/02 23:38:52 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2009/12/02 23:38:35 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2009/12/02 23:38:34 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2009/12/02 23:38:33 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2009/12/02 23:38:32 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2009/12/02 23:38:32 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2009/12/02 23:38:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2009/12/02 23:38:17 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2009/12/02 09:07:29 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/12/02 05:53:01 | 00,000,000 | ---D | C] -- C:\VueScan
[2009/12/02 05:52:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Valerie McKenney\Local Settings\Application Data\kagkly
[2009/12/02 05:18:41 | 00,000,000 | ---D | C] -- C:\Program Files\DAMN NFO Viewer
[2009/12/02 04:57:10 | 00,000,000 | ---D | C] -- C:\Program Files\MSECache
[2009/11/25 09:55:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Valerie McKenney\Application Data\Sonic
[2009/11/23 11:04:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Valerie McKenney\Desktop\SlySoft Key
[2009/11/22 07:37:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Valerie McKenney\Application Data\HpUpdate
[2009/11/22 07:37:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Hewlett-Packard
[2009/11/07 12:23:59 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/11/07 12:23:59 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/11/07 12:23:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/11/07 12:23:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/10/17 23:28:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/05/11 06:15:48 | 00,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Valerie McKenney\Application Data\pcouffin.sys
[2009/04/03 12:04:36 | 00,546,120 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\slusbvip.sys
[2009/04/03 12:04:36 | 00,014,888 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\TLRecAgent.sys
[2008/04/26 09:19:43 | 06,039,048 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 2.0.0.14.exe
[2007/01/18 11:31:51 | 48,234,952 | ---- | C] (Diskeeper Corporation ) -- C:\Program Files\Diskeeper10_Professional_Premium_Edition_v10.0.593.exe
[2005/09/24 10:49:16 | 00,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\Fonts\RandFont.dll
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/12/18 11:40:23 | 00,001,022 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3904904116-4066034055-3140763687-1005UA.job
[2009/12/18 10:55:25 | 00,564,736 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Valerie McKenney\Desktop\OTL.exe
[2009/12/18 10:49:41 | 08,650,752 | -H-- | M] () -- C:\Documents and Settings\Valerie McKenney\NTUSER.DAT
[2009/12/18 10:41:21 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Desktop\NTREGOPT.lnk
[2009/12/18 10:41:21 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Desktop\ERUNT.lnk
[2009/12/18 10:40:39 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Valerie McKenney\Desktop\erunt-setup.exe
[2009/12/18 09:56:04 | 00,794,112 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Desktop\The_Comedian.exe
[2009/12/18 09:44:01 | 00,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2009/12/18 09:37:46 | 00,001,794 | ---- | M] () -- C:\hpqp.ini
[2009/12/18 09:36:30 | 00,000,039 | ---- | M] () -- C:\XP_TV.ini
[2009/12/18 09:36:14 | 00,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/12/18 09:34:30 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/18 09:33:54 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/18 09:33:37 | 50,185,4208 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/18 09:02:53 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Valerie McKenney\ntuser.ini
[2009/12/18 07:46:54 | 00,365,936 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/12/18 07:32:36 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Desktop\Spybot - Search & Destroy.lnk
[2009/12/18 07:05:42 | 46,776,417 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/12/18 07:04:49 | 00,127,269 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/12/18 06:28:41 | 00,000,656 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/18 04:13:55 | 00,000,243 | RHS- | M] () -- C:\boot.ini
[2009/12/18 00:40:20 | 00,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3904904116-4066034055-3140763687-1005Core.job
[2009/12/17 23:59:02 | 00,425,408 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/12/17 17:10:10 | 00,010,752 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/17 16:20:40 | 00,455,316 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/12/17 16:20:39 | 00,075,264 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/12/17 16:20:37 | 00,539,836 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/12/17 15:32:20 | 00,014,839 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\My Documents\nmpwspace-news-bc6501.mht
[2009/12/17 15:13:27 | 00,113,664 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Desktop\IB DL.doc
[2009/12/17 14:28:04 | 00,002,515 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Desktop\Microsoft Word 2007.lnk
[2009/12/17 14:07:57 | 00,001,025 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Desktop\1Click DVD Copy Pro.lnk
[2009/12/17 13:25:59 | 00,099,584 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvata.sys
[2009/12/17 11:18:30 | 00,000,668 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Application Data\vso_ts_preview.xml
[2009/12/17 11:07:45 | 00,000,086 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/12/17 10:24:41 | 00,000,792 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Desktop\SUPERAntiSpyware Professional.lnk
[2009/12/17 09:37:23 | 00,000,081 | ---- | M] () -- C:\WINDOWS\SuperUtil.ini
[2009/12/17 05:50:24 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/12/17 01:56:54 | 00,001,519 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Desktop\Notepad.lnk
[2009/12/17 01:41:48 | 00,091,908 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/12/16 13:41:24 | 00,002,365 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Desktop\Google Chrome.lnk
[2009/12/16 11:32:04 | 00,425,472 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Valerie McKenney\Desktop\OTM.exe
[2009/12/16 02:03:13 | 00,000,680 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Desktop\FileTransfer.cfg
[2009/12/16 00:22:20 | 00,376,805 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Desktop\ccfile.pdf
[2009/12/15 18:07:41 | 00,000,606 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCFile.lnk
[2009/12/15 10:50:55 | 00,000,731 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Desktop\DT Starter.lnk
[2009/12/15 09:42:29 | 00,722,416 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/12/15 09:25:55 | 00,000,947 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Start Menu\Programs\StartUp\OneNote 2007 Screen Clipper and Launcher.lnk
[2009/12/14 17:35:07 | 00,000,556 | ---- | M] () -- C:\WINDOWS\CDPLAYER.UNI
[2009/12/14 11:47:37 | 00,000,209 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091218-074654.backup
[2009/12/14 06:16:54 | 00,001,800 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Network Magic.lnk
[2009/12/14 06:14:04 | 08,892,928 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2009/12/14 02:07:25 | 00,000,776 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Desktop\Driver Genius Professional Edition.lnk
[2009/12/06 09:14:13 | 00,011,390 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Desktop\Tina Live.jpg
[2009/12/03 13:28:39 | 00,000,074 | R-S- | M] () -- C:\WINDOWS\System32\Allow-it-Keygen-Part-SnD.cmd
[2009/12/03 13:27:23 | 00,000,771 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Desktop\Super Utilities.lnk
[2009/12/02 09:07:46 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Desktop\HijackThis.lnk
[2009/12/02 06:04:07 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/02 05:59:39 | 00,000,708 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/02 05:53:10 | 00,000,636 | ---- | M] () -- C:\Documents and Settings\Valerie McKenney\Desktop\VueScan.lnk
[2009/11/25 06:28:21 | 00,000,766 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CloneCD.lnk
[2009/11/21 10:51:42 | 01,206,508 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/11/21 10:51:04 | 00,471,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/18 10:41:21 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Desktop\NTREGOPT.lnk
[2009/12/18 10:41:21 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Desktop\ERUNT.lnk
[2009/12/18 10:01:09 | 00,794,112 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Desktop\The_Comedian.exe
[2009/12/18 07:32:36 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Desktop\Spybot - Search & Destroy.lnk
[2009/12/18 00:06:50 | 00,014,839 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\My Documents\nmpwspace-news-bc6501.mht
[2009/12/17 14:40:35 | 00,113,664 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Desktop\IB DL.doc
[2009/12/17 14:27:24 | 00,002,515 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Desktop\Microsoft Word 2007.lnk
[2009/12/17 14:07:57 | 00,001,025 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Desktop\1Click DVD Copy Pro.lnk
[2009/12/17 10:24:41 | 00,000,792 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Desktop\SUPERAntiSpyware Professional.lnk
[2009/12/17 01:56:54 | 00,001,519 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Desktop\Notepad.lnk
[2009/12/17 01:41:48 | 00,091,908 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/12/16 00:22:10 | 00,376,805 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Desktop\ccfile.pdf
[2009/12/15 18:07:41 | 00,000,606 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCFile.lnk
[2009/12/15 10:50:55 | 00,000,731 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Desktop\DT Starter.lnk
[2009/12/15 09:42:27 | 00,722,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/12/15 09:25:55 | 00,000,947 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Start Menu\Programs\StartUp\OneNote 2007 Screen Clipper and Launcher.lnk
[2009/12/14 17:25:30 | 00,000,556 | ---- | C] () -- C:\WINDOWS\CDPLAYER.UNI
[2009/12/14 14:29:30 | 00,000,680 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Desktop\FileTransfer.cfg
[2009/12/14 06:16:54 | 00,001,800 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Network Magic.lnk
[2009/12/14 06:13:55 | 08,892,928 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2009/12/14 02:07:25 | 00,000,776 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Desktop\Driver Genius Professional Edition.lnk
[2009/12/13 14:12:55 | 00,002,187 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2009/12/07 17:53:13 | 00,433,872 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/12/06 09:14:12 | 00,011,390 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Desktop\Tina Live.jpg
[2009/12/03 13:51:54 | 00,000,081 | ---- | C] () -- C:\WINDOWS\SuperUtil.ini
[2009/12/03 13:28:39 | 00,000,074 | R-S- | C] () -- C:\WINDOWS\System32\Allow-it-Keygen-Part-SnD.cmd
[2009/12/03 13:27:23 | 00,000,771 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Desktop\Super Utilities.lnk
[2009/12/03 13:27:22 | 00,261,120 | ---- | C] () -- C:\WINDOWS\System32\baksm.dll
[2009/12/03 13:27:18 | 00,089,088 | ---- | C] () -- C:\WINDOWS\System32\Shreder.dll
[2009/12/03 13:27:18 | 00,006,144 | ---- | C] () -- C:\WINDOWS\System32\SuperRes.dll
[2009/12/03 13:27:18 | 00,000,056 | ---- | C] () -- C:\WINDOWS\System32\vb6sock.dll
[2009/12/03 00:38:17 | 00,002,365 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Desktop\Google Chrome.lnk
[2009/12/03 00:35:28 | 00,001,022 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3904904116-4066034055-3140763687-1005UA.job
[2009/12/03 00:35:27 | 00,000,970 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3904904116-4066034055-3140763687-1005Core.job
[2009/12/03 00:15:56 | 00,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2009/12/03 00:15:52 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2009/12/03 00:15:15 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2009/12/03 00:00:59 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2009/12/03 00:00:59 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2009/12/02 23:54:08 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2009/12/02 23:54:04 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009/12/02 23:52:42 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009/12/02 23:50:39 | 00,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2009/12/02 23:50:34 | 00,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2009/12/02 23:50:29 | 00,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2009/12/02 23:50:24 | 00,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2009/12/02 23:50:19 | 00,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2009/12/02 23:50:02 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009/12/02 23:46:23 | 00,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2009/12/02 23:46:20 | 00,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2009/12/02 23:46:14 | 00,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2009/12/02 23:43:41 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2009/12/02 23:43:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2009/12/02 23:43:40 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2009/12/02 23:43:39 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2009/12/02 23:43:39 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2009/12/02 23:43:39 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2009/12/02 23:43:38 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2009/12/02 23:43:38 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2009/12/02 23:43:37 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2009/12/02 23:43:37 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2009/12/02 23:43:37 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2009/12/02 23:43:36 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2009/12/02 23:43:36 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2009/12/02 23:43:36 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2009/12/02 23:43:35 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2009/12/02 23:43:35 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2009/12/02 23:43:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2009/12/02 23:43:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2009/12/02 23:43:34 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2009/12/02 23:43:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2009/12/02 23:43:33 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2009/12/02 23:43:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2009/12/02 23:43:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2009/12/02 23:43:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2009/12/02 23:43:31 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2009/12/02 23:43:31 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2009/12/02 23:43:30 | 00,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2009/12/02 23:43:30 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2009/12/02 23:43:30 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2009/12/02 23:43:29 | 00,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2009/12/02 23:43:29 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2009/12/02 23:43:29 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2009/12/02 23:43:28 | 00,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2009/12/02 23:43:28 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2009/12/02 23:43:27 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2009/12/02 23:43:27 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2009/12/02 23:43:26 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2009/12/02 23:43:26 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2009/12/02 23:43:26 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2009/12/02 23:43:25 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2009/12/02 23:43:25 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2009/12/02 23:43:25 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2009/12/02 23:43:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2009/12/02 23:43:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2009/12/02 23:43:23 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2009/12/02 23:43:23 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2009/12/02 23:43:22 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2009/12/02 23:43:22 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2009/12/02 23:43:21 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2009/12/02 23:43:21 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2009/12/02 23:42:59 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2009/12/02 23:42:56 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2009/12/02 23:42:35 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2009/12/02 23:42:34 | 00,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2009/12/02 23:42:34 | 00,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2009/12/02 23:42:33 | 00,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2009/12/02 23:42:32 | 00,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2009/12/02 23:42:31 | 00,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2009/12/02 23:42:30 | 00,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2009/12/02 23:42:30 | 00,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2009/12/02 23:42:27 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2009/12/02 23:42:20 | 00,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2009/12/02 09:07:44 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Desktop\HijackThis.lnk
[2009/12/02 05:59:39 | 00,000,708 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/02 05:53:09 | 00,000,636 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Desktop\VueScan.lnk
[2009/11/25 06:27:06 | 00,000,002 | -HS- | C] () -- C:\Documents and Settings\Valerie McKenney\Application Data\.zreglib
[2009/11/14 06:09:11 | 00,034,308 | ---- | C] () -- C:\WINDOWS\System32\Chip.dll
[2009/10/26 07:23:25 | 00,000,259 | ---- | C] () -- C:\WINDOWS\AudioDVD.INI
[2009/10/20 23:39:24 | 00,000,502 | ---- | C] () -- C:\WINDOWS\System32\CNCMFP34.INI
[2009/09/21 14:26:17 | 00,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2009/08/24 17:16:08 | 00,000,086 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/05/11 08:26:35 | 00,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo3.dll
[2009/05/11 06:35:25 | 00,000,668 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Application Data\vso_ts_preview.xml
[2009/05/11 06:16:11 | 00,000,033 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Application Data\pcouffin.log
[2009/05/11 06:15:48 | 00,087,608 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Application Data\inst.exe
[2009/05/11 06:15:48 | 00,007,887 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Application Data\pcouffin.cat
[2009/05/11 06:15:48 | 00,001,144 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Application Data\pcouffin.inf
[2009/04/03 12:05:07 | 00,081,920 | R--- | C] () -- C:\WINDOWS\System32\slvipco.dll
[2009/04/03 12:05:04 | 00,204,800 | R--- | C] () -- C:\WINDOWS\System32\slvipgx.dll
[2009/04/03 12:05:04 | 00,043,248 | R--- | C] () -- C:\WINDOWS\System32\drivers\slvad.sys
[2009/04/03 11:52:04 | 00,013,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2009/02/02 16:04:25 | 00,034,308 | ---- | C] () -- C:\WINDOWS\System32\bassmod.dll
[2007/03/24 12:06:40 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2007/01/09 13:41:07 | 00,000,051 | ---- | C] () -- C:\WINDOWS\System32\adoics.dll
[2007/01/05 16:12:39 | 00,002,627 | ---- | C] () -- C:\WINDOWS\System32\smport.sys
[2007/01/05 16:10:25 | 00,358,400 | ---- | C] () -- C:\WINDOWS\System32\MultimediaTimer_IF.dll
[2007/01/04 15:19:28 | 00,010,752 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/04 09:51:48 | 00,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2007/01/04 09:51:31 | 01,062,408 | ---- | C] () -- C:\Program Files\advisor.exe
[2007/01/04 09:41:32 | 00,006,656 | ---- | C] () -- C:\WINDOWS\System32\pndx5016.dll
[2007/01/04 09:31:42 | 00,000,139 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Local Settings\Application Data\fusioncache.dat
[2007/01/04 09:31:42 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Local Settings\Application Data\QSwitch.txt
[2007/01/04 09:31:42 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Local Settings\Application Data\DSwitch.txt
[2007/01/04 09:31:42 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Valerie McKenney\Local Settings\Application Data\AtStart.txt
[2006/09/21 01:20:37 | 00,000,031 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/09/21 01:15:52 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/09/21 01:01:36 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/21 00:49:44 | 00,028,836 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/08/18 03:00:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/08/18 03:00:00 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/08/18 03:00:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/08/18 03:00:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/08/18 03:00:00 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/07/11 17:35:42 | 00,503,808 | ---- | C] () -- C:\WINDOWS\System32\msvcp71.dll
[2006/06/29 14:18:14 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/29 13:49:18 | 00,000,368 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/06/29 13:46:56 | 00,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/06/29 13:43:40 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/03/15 23:00:00 | 00,691,712 | ---- | C] () -- C:\WINDOWS\System32\inetcomm.dll
[2006/03/15 23:00:00 | 00,275,456 | ---- | C] () -- C:\WINDOWS\System32\ulib.dll
[2006/03/15 23:00:00 | 00,156,160 | ---- | C] () -- C:\WINDOWS\System32\msls31.dll
[2006/03/15 23:00:00 | 00,105,984 | ---- | C] () -- C:\WINDOWS\System32\msoert2.dll
[2006/03/15 23:00:00 | 00,048,128 | ---- | C] () -- C:\WINDOWS\System32\inetres.dll
[2006/03/04 02:07:34 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/12/02 13:09:10 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/05/05 21:06:32 | 00,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2004/09/16 15:24:26 | 03,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 09:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 08:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2006/03/15 23:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: IASTOR.SYS >
[2005/10/13 04:07:12 | 00,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\SWSetup\HDD\iastor.sys
[2005/10/13 04:07:12 | 00,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\WINDOWS\system32\drivers\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2006/03/15 23:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NVATA.SYS >
[2009/12/13 18:21:32 | 00,099,584 | ---- | M] (NVIDIA Corporation) MD5=3AC5EEDD35B7437D53960F3998BFA462 -- C:\Driver Backup 12-14-2009-22318\NVIDIA nForce 430 410 Serial ATA Controller\nvata.sys
[2006/01/26 19:04:16 | 00,099,584 | ---- | M] (NVIDIA Corporation) MD5=3AC5EEDD35B7437D53960F3998BFA462 -- C:\SWSetup\Chipset\IDE\Win2K\sata_ide\nvata.sys
[2006/01/26 19:04:16 | 00,099,584 | ---- | M] (NVIDIA Corporation) MD5=3AC5EEDD35B7437D53960F3998BFA462 -- C:\SWSetup\Chipset\IDE\WinXP\sata_ide\nvata.sys
[2006/01/26 19:04:16 | 00,099,584 | ---- | M] (NVIDIA Corporation) MD5=3AC5EEDD35B7437D53960F3998BFA462 -- C:\SWSetup\Chipset\nvata.sys
[2009/12/17 13:25:59 | 00,099,584 | ---- | M] (NVIDIA Corporation) MD5=3AC5EEDD35B7437D53960F3998BFA462 -- C:\WINDOWS\system32\drivers\nvata.sys

< MD5 for: NVATABUS.SYS >
[2006/01/26 19:04:16 | 00,099,584 | ---- | M] (NVIDIA Corporation) MD5=3AC5EEDD35B7437D53960F3998BFA462 -- C:\SWSetup\Chipset\IDE\Win2K\sataraid\nvatabus.sys
[2006/01/26 19:04:16 | 00,099,584 | ---- | M] (NVIDIA Corporation) MD5=3AC5EEDD35B7437D53960F3998BFA462 -- C:\SWSetup\Chipset\IDE\WinXP\sataraid\nvatabus.sys
[2006/01/26 19:04:16 | 00,099,584 | ---- | M] (NVIDIA Corporation) MD5=3AC5EEDD35B7437D53960F3998BFA462 -- C:\SWSetup\Chipset\nvatabus.sys

< MD5 for: SCECLI.DLL >
[2006/03/15 23:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:59756FA4
< End of report >

#6 LJMac

LJMac
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:07 AM

Posted 18 December 2009 - 12:01 PM

And.... GMER
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2009-12-18 11:54:01
Windows 5.1.2600 Service Pack 3
Running: mf159dj4.exe; Driver: C:\DOCUME~1\VALERI~1\LOCALS~1\Temp\awldqkow.sys


---- System - GMER 1.0.15 ----

SSDT spgq.sys ZwEnumerateKey [0xF72A4DA4]
SSDT spgq.sys ZwEnumerateValueKey [0xF72A5132]

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 85A911F8

AttachedDevice \FileSystem\Ntfs \Ntfs AFPAnsi.sys (Windows NT File System Protector Network Edition/Alfa Corporation)

Device \FileSystem\Fastfat \Fat 8562C408

AttachedDevice \FileSystem\Fastfat \Fat AFPAnsi.sys (Windows NT File System Protector Network Edition/Alfa Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- EOF - GMER 1.0.15 ----

#7 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 18 December 2009 - 09:12 PM

Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before running our fixes.. Please visit HERE if you don't know how.. Please re-enable them back after performing all steps given..

Please download this program by sUBs and save it to your Desktop. Then after you disable all security programs, simply run it (double-click it)

If the program asked you to install Recovery Console, please do so.. It will be your best interest..

When finished, it shall produce a log for you. Post that log and a fresh HijackThis log in your next reply..

Note: DON'T do anything with your computer while the program is running.. Just let it finishes..

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#8 LJMac

LJMac
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:07 AM

Posted 19 December 2009 - 12:43 AM

Wan,

I cannot bring up the AVG interface to stop the service as I described earlier whatever this infection is prevents me from doing so. Even stopping it it in the Task Manager does not end it from immediately starting & running again, it restarts these processes: avgchsvx.exe., avgsrvx.exe.,avgnsx.exe., avgsx.exe.,avgwdsvc.exe. What are the other options to stop this and move forward with the fix you described? Thanks!

#9 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 19 December 2009 - 01:41 AM

Simply run the program that you downloaded (KittyFix).. and then post the log here :(

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#10 LJMac

LJMac
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:07 AM

Posted 19 December 2009 - 03:19 AM

Wan, here is Kitty Fix log:

ComboFix 09-12-18.02 - Valerie McKenney 12/19/2009 2:15.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.479.95 [GMT -5:00]
Running from: c:\documents and settings\Valerie McKenney\Desktop\KittyFix.exe
AV: AVG *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Valerie McKenney\Application Data\inst.exe
c:\windows\Fonts\RandFont.dll
c:\windows\kb913800.exe
D:\Autorun.inf

Infected copy of c:\windows\msagent\agentsvr.exe was found and disinfected
Restored copy from - c:\windows\system32\dllcache\agentsvr.exe

.
((((((((((((((((((((((((( Files Created from 2009-11-19 to 2009-12-19 )))))))))))))))))))))))))))))))
.

2009-12-18 15:41 . 2009-12-18 15:42 -------- d-----w- c:\program files\ERUNT
2009-12-18 12:32 . 2009-12-18 12:32 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-12-18 04:57 . 2009-12-18 04:57 -------- d-sh--w- C:\found.000
2009-12-17 19:07 . 2009-12-17 19:11 -------- d-----w- c:\documents and settings\All Users\Application Data\1Click DVD Copy Pro
2009-12-17 19:04 . 2009-12-17 19:04 -------- d-----w- c:\program files\LG Software Innovations
2009-12-17 15:07 . 2009-12-17 15:07 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-12-17 14:59 . 2009-12-17 15:27 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-12-17 14:59 . 2009-12-17 14:59 -------- d-----w- c:\documents and settings\Valerie McKenney\Application Data\SUPERAntiSpyware.com
2009-12-17 14:58 . 2009-12-17 14:58 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-17 06:41 . 2009-12-17 06:41 91908 ---ha-w- c:\windows\system32\mlfcache.dat
2009-12-15 23:07 . 2009-12-16 18:19 -------- d-----w- c:\program files\CCFile
2009-12-15 15:17 . 2009-12-15 15:17 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Pro
2009-12-15 15:17 . 2009-12-15 15:37 -------- d-----w- c:\program files\DAEMON Tools Pro
2009-12-15 14:42 . 2009-12-15 14:42 722416 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-12-15 14:42 . 2009-12-15 15:52 -------- d-----w- c:\documents and settings\Valerie McKenney\Application Data\DAEMON Tools Pro
2009-12-14 20:52 . 2006-10-27 00:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2009-12-14 20:52 . 2008-11-10 16:41 32656 ----a-w- c:\windows\system32\msonpmon.dll
2009-12-14 20:40 . 2009-12-14 20:40 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-12-14 18:54 . 2009-12-14 18:54 -------- d-----w- c:\program files\Microsoft.NET
2009-12-14 18:51 . 2009-12-14 18:51 -------- d-----w- c:\documents and settings\Valerie McKenney\Local Settings\Application Data\Microsoft Help
2009-12-14 18:51 . 2009-12-17 23:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-12-14 18:19 . 2009-12-14 18:20 -------- d-----w- c:\program files\Common Files\L&H
2009-12-14 11:16 . 2009-12-14 11:16 -------- d-----w- c:\program files\Pure Networks
2009-12-14 11:14 . 2009-12-14 11:14 -------- d-----w- c:\program files\WebEx
2009-12-14 11:13 . 2009-07-07 19:48 25392 ----a-w- c:\windows\system32\drivers\pnarp.sys
2009-12-14 11:12 . 2009-07-07 19:48 26672 ----a-w- c:\windows\system32\drivers\purendis.sys
2009-12-14 11:12 . 2009-12-14 11:12 -------- d-----w- c:\program files\Common Files\Pure Networks Shared
2009-12-14 11:11 . 2009-12-14 11:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Pure Networks
2009-12-14 07:23 . 2009-12-14 07:28 -------- d-----w- C:\Driver Backup 12-14-2009-22318
2009-12-14 07:07 . 2004-06-14 19:56 427864 ----a-w- c:\windows\system32\XceedZip.dll
2009-12-14 07:07 . 2009-12-14 07:07 -------- d-----w- c:\program files\Driver-Soft
2009-12-13 19:12 . 2009-12-13 19:12 -------- d-----w- c:\program files\Safari
2009-12-13 19:11 . 2009-12-13 19:11 -------- d-----w- c:\program files\Common Files\Apple
2009-12-07 22:53 . 2009-12-07 22:53 433872 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-12-07 20:54 . 2009-12-08 03:35 -------- d-----w- c:\program files\Uniblue
2009-12-07 20:54 . 2009-12-08 03:31 -------- d-----w- c:\documents and settings\Valerie McKenney\Application Data\Uniblue
2009-12-07 15:33 . 2009-12-07 15:33 -------- d-----w- c:\program files\Microsoft Silverlight
2009-12-03 18:28 . 2009-12-03 18:28 74 --s-a-r- c:\windows\system32\Allow-it-Keygen-Part-SnD.cmd
2009-12-03 18:27 . 2008-12-18 03:09 261120 ----a-w- c:\windows\system32\baksm.dll
2009-12-03 18:27 . 2008-02-24 21:17 11264 ----a-w- c:\windows\system32\drivers\supermounter.sys
2009-12-03 18:27 . 2007-03-12 02:39 44000 ----a-w- c:\windows\system32\drivers\AFPUni.sys
2009-12-03 18:27 . 2007-03-12 02:39 43936 ----a-w- c:\windows\system32\drivers\AFPAnsi.sys
2009-12-03 18:27 . 2009-11-16 12:06 5975552 ----a-w- c:\windows\system32\vbsbak.dat
2009-12-03 18:27 . 2008-02-28 14:43 56 ----a-w- c:\windows\system32\vb6sock.dll
2009-12-03 18:27 . 2003-10-17 03:56 6144 ----a-w- c:\windows\system32\SuperRes.dll
2009-12-03 18:27 . 2003-10-11 15:24 89088 ----a-w- c:\windows\system32\Shreder.dll
2009-12-03 18:27 . 2003-09-07 03:32 73728 ----a-w- c:\windows\system32\smh.dat
2009-12-03 18:27 . 2009-12-03 18:27 -------- d-----w- c:\program files\SuperLogix
2009-12-03 18:27 . 2008-08-08 04:13 1473536 ----a-w- c:\windows\system32\context.dll
2009-12-03 05:16 . 2008-04-14 01:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2009-12-03 05:16 . 2001-08-18 03:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2009-12-03 05:15 . 2008-04-14 01:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2009-12-03 05:15 . 2001-08-18 03:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2009-12-03 05:15 . 2001-08-18 03:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2009-12-03 05:15 . 2001-08-18 03:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2009-12-03 05:15 . 2001-08-17 17:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
2009-12-03 05:15 . 2004-08-04 03:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
2009-12-03 05:15 . 2008-04-13 19:46 19200 ----a-w- c:\windows\system32\dllcache\wstcodec.sys
2009-12-03 05:14 . 2004-08-04 03:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
2009-12-03 05:14 . 2008-04-14 01:12 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll
2009-12-03 05:14 . 2008-04-14 11:42 221184 ----a-w- c:\windows\system32\dllcache\wmpns.dll
2009-12-03 05:14 . 2004-08-04 03:31 154624 ----a-w- c:\windows\system32\dllcache\wlluc48.sys
2009-12-03 05:14 . 2001-08-17 17:12 34890 ----a-w- c:\windows\system32\dllcache\wlandrv2.sys
2009-12-03 05:13 . 2001-08-17 18:28 771581 ----a-w- c:\windows\system32\dllcache\winacisa.sys
2009-12-03 05:13 . 2001-08-18 03:36 53760 ----a-w- c:\windows\system32\dllcache\wiamsmud.dll
2009-12-03 05:13 . 2001-08-18 03:36 87040 ----a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2009-12-03 05:13 . 2006-03-15 20:00 31232 ----a-w- c:\windows\system32\dllcache\weitekp9.sys
2009-12-03 05:13 . 2006-03-15 20:00 41600 ----a-w- c:\windows\system32\dllcache\weitekp9.dll
2009-12-03 05:13 . 2001-08-17 18:28 701386 ----a-w- c:\windows\system32\dllcache\wdhaalba.sys
2009-12-03 05:13 . 2004-08-04 03:29 23615 ----a-w- c:\windows\system32\dllcache\wch7xxnt.sys
2009-12-03 05:13 . 2008-04-13 19:45 31744 ----a-w- c:\windows\system32\dllcache\wceusbsh.sys
2009-12-03 05:11 . 2001-08-17 18:28 604253 ----a-w- c:\windows\system32\dllcache\vmodem.sys
2009-12-03 05:11 . 2001-08-17 17:14 249402 ----a-w- c:\windows\system32\dllcache\vinwm.sys
2009-12-03 05:11 . 2001-08-17 18:49 24576 ----a-w- c:\windows\system32\dllcache\viairda.sys
2009-12-03 05:11 . 2008-04-14 01:12 53760 ----a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2009-12-03 05:11 . 2001-08-17 18:28 687999 ----a-w- c:\windows\system32\dllcache\usrwdxjs.sys
2009-12-03 05:11 . 2001-08-17 18:28 765884 ----a-w- c:\windows\system32\dllcache\usrti.sys
2009-12-03 05:11 . 2001-08-17 18:28 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys
2009-12-03 05:11 . 2001-08-17 18:28 7556 ----a-w- c:\windows\system32\dllcache\usroslba.sys
2009-12-03 05:11 . 2001-08-17 18:28 224802 ----a-w- c:\windows\system32\dllcache\usr1807a.sys
2009-12-03 05:11 . 2001-08-17 18:28 794399 ----a-w- c:\windows\system32\dllcache\usr1806v.sys
2009-12-03 05:11 . 2001-08-17 18:28 793598 ----a-w- c:\windows\system32\dllcache\usr1806.sys
2009-12-03 05:11 . 2001-08-17 18:28 794654 ----a-w- c:\windows\system32\dllcache\usr1801.sys
2009-12-03 05:11 . 2008-04-13 19:45 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys
2009-12-03 05:10 . 2004-08-04 03:31 32384 ----a-w- c:\windows\system32\dllcache\usb101et.sys
2009-12-03 05:10 . 2001-08-18 03:36 94720 ----a-w- c:\windows\system32\dllcache\umaxud32.dll
2009-12-03 05:10 . 2001-08-18 03:36 28160 ----a-w- c:\windows\system32\dllcache\umaxu40.dll
2009-12-03 05:10 . 2001-08-18 03:36 26624 ----a-w- c:\windows\system32\dllcache\umaxu22.dll
2009-12-03 05:10 . 2001-08-18 03:36 69632 ----a-w- c:\windows\system32\dllcache\umaxu12.dll
2009-12-03 05:10 . 2001-08-18 03:36 50688 ----a-w- c:\windows\system32\dllcache\umaxscan.dll
2009-12-03 05:10 . 2001-08-17 18:58 22912 ----a-w- c:\windows\system32\dllcache\umaxpcls.sys
2009-12-03 05:10 . 2001-08-18 03:36 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll
2009-12-03 05:10 . 2001-08-18 03:36 47616 ----a-w- c:\windows\system32\dllcache\umaxcam.dll
2009-12-03 05:10 . 2001-08-18 03:36 211968 ----a-w- c:\windows\system32\dllcache\um54scan.dll
2009-12-03 05:10 . 2001-08-18 03:36 216064 ----a-w- c:\windows\system32\dllcache\um34scan.dll
2009-12-03 05:08 . 2001-08-17 17:10 28232 ----a-w- c:\windows\system32\dllcache\tos4mo.sys
2009-12-03 05:07 . 2001-08-18 03:36 10240 ----a-w- c:\windows\system32\dllcache\swpidflt.dll
2009-12-03 05:06 . 2001-08-17 18:51 61824 ----a-w- c:\windows\system32\dllcache\speed.sys
2009-12-03 05:05 . 2001-08-17 17:12 24576 ----a-w- c:\windows\system32\dllcache\smc8000n.sys
2009-12-03 05:04 . 2001-08-17 19:56 150144 ----a-w- c:\windows\system32\dllcache\sis6306v.dll
2009-12-03 05:03 . 2001-08-17 18:52 11648 ----a-w- c:\windows\system32\dllcache\scsiprnt.sys
2009-12-03 05:02 . 2001-08-17 17:50 41216 ----a-w- c:\windows\system32\dllcache\s3mt3d.sys
2009-12-03 05:01 . 2001-08-17 18:51 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys
2009-12-03 05:00 . 2008-04-13 19:41 17664 ----a-w- c:\windows\system32\dllcache\ppa3.sys
2009-12-03 04:59 . 2001-08-17 17:11 30282 ----a-w- c:\windows\system32\dllcache\pcntn5hl.sys
2009-12-03 04:58 . 2001-08-17 17:12 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys
2009-12-03 04:58 . 2001-08-17 17:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys
2009-12-03 04:58 . 2001-08-17 17:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
2009-12-03 04:58 . 2001-08-18 03:36 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll
2009-12-03 04:58 . 2001-08-18 03:36 38912 ----a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2009-12-03 04:58 . 2001-08-17 17:49 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2009-12-03 04:58 . 2001-08-17 18:47 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
2009-12-03 04:58 . 2001-08-17 18:53 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys
2009-12-03 04:58 . 2008-04-13 19:54 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys
2009-12-03 04:58 . 2008-04-14 11:42 226816 ----a-w- c:\windows\system32\dllcache\npdrmv2.dll
2009-12-03 04:56 . 2001-08-18 03:36 7168 ----a-w- c:\windows\system32\dllcache\mxport.dll
2009-12-03 04:56 . 2001-08-17 18:49 19968 ----a-w- c:\windows\system32\dllcache\mxnic.sys
2009-12-03 04:56 . 2001-08-18 03:36 19968 ----a-w- c:\windows\system32\dllcache\mxicfg.dll
2009-12-03 04:56 . 2001-08-17 18:50 21888 ----a-w- c:\windows\system32\dllcache\mxcard.sys
2009-12-03 04:56 . 2006-03-15 20:00 229439 ----a-w- c:\windows\system32\dllcache\multibox.dll
2009-12-03 04:56 . 2001-08-17 17:50 103296 ----a-w- c:\windows\system32\dllcache\mtxvideo.sys
2009-12-03 04:56 . 2008-04-13 19:39 5504 ----a-w- c:\windows\system32\dllcache\mstee.sys
2009-12-03 04:56 . 2008-04-13 19:46 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys
2009-12-03 04:56 . 2001-08-17 18:48 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys
2009-12-03 04:56 . 2001-08-17 19:00 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-19 07:41 . 2007-01-05 19:25 -------- d-----w- c:\documents and settings\Valerie McKenney\Application Data\AdobeUM
2009-12-19 06:44 . 2009-02-02 22:48 -------- d-----w- c:\documents and settings\Valerie McKenney\Application Data\Skype
2009-12-19 06:02 . 2006-09-21 05:30 122376 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-18 23:14 . 2009-02-11 23:01 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-18 12:41 . 2007-07-18 20:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-12-18 11:28 . 2009-05-18 23:40 -------- d-----w- c:\program files\America Online 8.0
2009-12-17 23:26 . 2006-09-21 05:58 -------- d-----w- c:\program files\Microsoft Works
2009-12-17 21:30 . 2009-12-17 20:23 54744008 ----a-w- c:\documents and settings\Valerie McKenney\Application Data\Adobe\Acrobat\7.0\Updater\AcroProUpd710_all_cum.exe
2009-12-17 19:04 . 2009-05-11 11:15 -------- d-----w- c:\documents and settings\Valerie McKenney\Application Data\Vso
2009-12-17 18:25 . 2006-01-27 00:04 99584 ----a-w- c:\windows\system32\drivers\nvata.sys
2009-12-17 17:48 . 2009-07-21 01:12 -------- d-----w- c:\documents and settings\Valerie McKenney\Application Data\vlc
2009-12-17 16:49 . 2009-02-09 22:39 -------- d-----w- c:\documents and settings\Valerie McKenney\Application Data\uTorrent
2009-12-15 13:53 . 2009-03-28 18:58 -------- d-----w- c:\documents and settings\Valerie McKenney\Application Data\foobar2000
2009-12-14 20:48 . 2009-05-15 22:01 -------- d-----w- c:\program files\MSBuild
2009-12-14 19:52 . 2006-09-21 06:19 -------- d-----w- c:\program files\DivX
2009-12-14 11:14 . 2009-12-14 11:13 8892928 ----a-w- c:\documents and settings\All Users\Application Data\atscie.msi
2009-12-13 19:13 . 2009-04-04 18:29 -------- d-----w- c:\documents and settings\Valerie McKenney\Application Data\Apple Computer
2009-12-12 12:34 . 2009-12-14 11:11 34226736 ----a-w- c:\documents and settings\All Users\Application Data\Pure Networks\Setup\nmsetup.exe
2009-12-06 14:44 . 2009-05-11 12:33 -------- d-----w- c:\program files\IZArc
2009-12-02 11:04 . 2009-02-02 21:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-22 12:38 . 2006-09-21 04:23 -------- d-----w- c:\program files\HP
2009-11-21 15:51 . 2006-03-16 04:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-14 17:39 . 2009-11-14 11:09 34308 ----a-w- c:\windows\system32\Chip.dll
2009-11-14 11:11 . 2009-11-14 11:09 -------- d-----w- c:\program files\MagicDVDRipper
2009-11-14 09:37 . 2009-10-26 13:44 -------- d-----w- c:\documents and settings\Valerie McKenney\Application Data\dvdcss
2009-11-12 10:14 . 2009-11-12 10:14 -------- d-----w- c:\documents and settings\Valerie McKenney\Application Data\Canon
2009-11-11 03:03 . 2009-11-07 17:26 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-11-07 17:27 . 2009-11-07 17:27 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-11-07 17:26 . 2009-11-07 17:26 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-11-07 17:26 . 2009-11-07 17:26 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-11-07 17:25 . 2009-11-07 17:25 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2009-11-07 17:25 . 2008-05-17 17:37 -------- d-----w- c:\program files\AVG
2009-11-07 04:42 . 2009-02-02 21:31 4045527 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-11-06 02:16 . 2009-11-06 02:16 73728 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe
2009-11-03 23:37 . 2006-09-21 04:23 -------- d-----w- c:\program files\Java
2009-11-03 23:35 . 2009-11-03 23:35 152576 ----a-w- c:\documents and settings\Valerie McKenney\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-10-31 02:03 . 2009-10-31 01:35 -------- d-----w- c:\program files\Acoustica CD Label Maker
2009-10-31 01:35 . 2009-10-31 01:35 -------- d-----w- c:\documents and settings\Valerie McKenney\Application Data\Acoustica
2009-10-30 20:31 . 2009-10-30 20:30 -------- d-----w- c:\program files\SureThing CD Labeler 5
2009-10-30 20:30 . 2006-09-21 04:23 -------- d-----w- c:\program files\Common Files\SureThing Shared
2009-10-30 00:29 . 2009-10-30 00:29 2146304 ----a-w- c:\windows\system32\GPhotos.scr
2009-10-29 07:45 . 2006-03-16 04:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-26 12:58 . 2009-10-26 12:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Goland
2009-10-26 12:22 . 2009-10-26 12:22 -------- d-----w- c:\program files\Goland
2009-10-25 09:41 . 2009-10-25 09:41 -------- d-----w- c:\program files\Microsoft IntelliPoint
2009-10-21 05:38 . 2006-03-16 04:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38 . 2006-03-16 04:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-21 04:27 . 2009-10-21 04:27 -------- d-----w- c:\program files\Canon
2009-10-20 16:20 . 2006-03-16 04:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:30 . 2006-03-16 04:00 270336 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:38 . 2006-03-16 04:00 149504 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:38 . 2006-03-16 04:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-11 09:17 . 2009-02-02 20:28 411368 ----a-w- c:\windows\system32\deploytk.dll
2008-04-26 14:20 . 2008-04-26 14:19 6039048 ----a-w- c:\program files\Firefox Setup 2.0.0.14.exe
2007-01-04 14:51 . 2007-01-04 14:51 1062408 ----a-w- c:\program files\advisor.exe
2006-07-12 08:58 . 2007-01-18 16:31 48234952 ----a-w- c:\program files\Diskeeper10_Professional_Premium_Edition_v10.0.593.exe
2009-05-11 14:35 . 2009-02-05 21:54 72 --sh--w- c:\windows\SA23509F7.tmp
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

c:\documents and settings\Valerie McKenney\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
WordWeb Pro.lnk - c:\program files\WordWeb\wweb32.exe [2009-5-15 42176]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 17:41 294912 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-11-07 17:27 12464 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)

SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\mqsvc.exe"=
"c:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"c:\\Program Files\\Common Files\\AOL\\1167921636\\EE\\AOLServiceHost.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"=
"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"=
"c:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"=
"c:\\Program Files\\Grisoft\\AVG Free\\avginet.exe"=
"c:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe"=
"c:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\explorer.exe"=
"c:\\WINDOWS\\system32\\logonui.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Documents and Settings\\Valerie McKenney\\My Documents\\Downloads\\hfs.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Documents and Settings\\Valerie McKenney\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\VS Revo Group\\Revo Uninstaller\\revouninstaller.exe"=
"c:\\Program Files\\CCleaner\\CCleaner.exe"=
"c:\\Documents and Settings\\Valerie McKenney\\My Documents\\Downloads\\File Transfer\\FileTransfer.exe"=
"c:\\Documents and Settings\\Valerie McKenney\\Desktop\\FileTransfer.exe"=
"c:\\Program Files\\Safari\\Safari.exe"=
"c:\\Program Files\\Acoustica CD Label Maker\\cdlabel.exe"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=
"c:\\Program Files\\SuperLogix\\Super Utilities\\SuperUtil.exe"=
"c:\\Program Files\\Driver-Soft\\DriverGenius\\DriverGenius.exe"=
"c:\\Program Files\\WordWeb\\wweb32.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\CCFile\\ccfile.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe"= c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet,0.0.0.0/255.255.255.255:Enabled:Pure Networks Platform Service

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"14567:TCP"= 14567:TCP:File Transfer
"80:UDP"= 80:UDP:Cfile
"80:TCP"= 80:TCP:ccfile

R0 AFPAnsi;Alfa File Protector Ansi;c:\windows\system32\drivers\AFPAnsi.sys [12/3/2009 1:27 PM 43936]
R0 TLRecAgent;TLRecAgent;c:\windows\system32\drivers\TLRecAgent.sys [4/3/2009 12:04 PM 14888]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [11/7/2009 12:26 PM 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [11/7/2009 12:26 PM 360584]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/1/2008 1:48 PM 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2/1/2008 1:48 PM 51440]
R1 SuperMounter;SuperMounter;c:\windows\system32\drivers\supermounter.sys [12/3/2009 1:27 PM 11264]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2/16/2006 4:51 PM 4096]
S3 Slnt7554;USB Soft Modem Driver;c:\windows\system32\drivers\slnt7554.sys [4/3/2009 11:52 AM 129535]
S3 slusbvip;SmartLink USB Driver;c:\windows\system32\drivers\slusbvip.sys [4/3/2009 12:04 PM 546120]
S3 SLVAD_simple;D-Link Virtual Audio Device;c:\windows\system32\drivers\slvad.sys [4/3/2009 12:05 PM 43248]
S3 Smport;Smport;c:\windows\system32\smport.sys [1/5/2007 4:12 PM 2627]
S3 SureThing Labelflash service;SureThing Labelflash service;c:\program files\Common Files\SureThing Shared\stllssvr.exe [10/30/2009 3:30 PM 74384]
S4 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [11/7/2009 12:26 PM 285392]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12/15/2009 9:42 AM 722416]
.
------- Supplementary Scan -------
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uWindow Title = >>> 'Full Speed' Enabled <<<
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=presario&pf=laptop
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Valerie McKenney\Application Data\Mozilla\Firefox\Profiles\jo72akdj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/webhp?rls=org.mozilla:en-US:official&hl=en&sa=N&tab=fw
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\Valerie McKenney\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-19 02:41
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????????<?@? ????d??????Y?@?????<?@

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: error reading MBR
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x859DD618]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf74ebf28
\Driver\ACPI -> ACPI.sys @ 0xf735ecb8
\Driver\atapi -> atapi.sys @ 0xf72d2852
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->NDIS: NVIDIA nForce Networking Controller -> SendCompleteHandler -> NDIS.sys @ 0xf71c5bb0
PacketIndicateHandler -> NDIS.sys @ 0xf71b4a0d
SendHandler -> NDIS.sys @ 0xf71c8b40

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET CLR Data]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET CLR Networking]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET Data Provider for Oracle]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET Data Provider for SqlServer]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NETFramework]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Abiosdsk]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\abp480n5]
"ImagePath"="\SystemRoot\system32\DRIVERS\ABP480N5.SYS"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ACPI]
"ImagePath"="system32\DRIVERS\ACPI.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ACPIEC]
"ImagePath"="system32\DRIVERS\ACPIEC.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AddFiltr]
"ImagePath"="\"c:\program files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\adpu160m]
"ImagePath"="\SystemRoot\system32\DRIVERS\adpu160m.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aec]
"ImagePath"="system32\drivers\aec.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AFD]
"ImagePath"="\SystemRoot\System32\drivers\afd.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AFPAnsi]
"ImagePath"="System32\Drivers\AFPAnsi.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\agp440]
"ImagePath"="\SystemRoot\system32\DRIVERS\agp440.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\agpCPQ]
"ImagePath"="\SystemRoot\system32\DRIVERS\agpCPQ.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Aha154x]
"ImagePath"="\SystemRoot\system32\DRIVERS\aha154x.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aic78u2]
"ImagePath"="\SystemRoot\system32\DRIVERS\aic78u2.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aic78xx]
"ImagePath"="\SystemRoot\system32\DRIVERS\aic78xx.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Alerter]
"ServiceDll"="%SystemRoot%\system32\alrsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AliIde]
"ImagePath"="system32\DRIVERS\aliide.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\alim1541]
"ImagePath"="\SystemRoot\system32\DRIVERS\alim1541.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\amdagp]
"ImagePath"="\SystemRoot\system32\DRIVERS\amdagp.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AmdK8]
"ImagePath"="system32\DRIVERS\AmdK8.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\amsint]
"ImagePath"="\SystemRoot\system32\DRIVERS\amsint.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AnyDVD]
"ImagePath"="System32\Drivers\AnyDVD.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AOL ACS]
"ImagePath"="\"c:\program files\Common Files\AOL\ACS\AOLAcsd.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AOL TopSpeedMonitor]
"ImagePath"="c:\program files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Arp1394]
"ImagePath"="system32\DRIVERS\arp1394.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc]
"ImagePath"="\SystemRoot\system32\DRIVERS\asc.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc3350p]
"ImagePath"="\SystemRoot\system32\DRIVERS\asc3350p.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc3550]
"ImagePath"="\SystemRoot\system32\DRIVERS\asc3550.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASCTRM]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASP.NET]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASP.NET_1.1.4322]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASP.NET_2.0.50727]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aspnet_state]
"ImagePath"="%SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AsyncMac]
"ImagePath"="system32\DRIVERS\asyncmac.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\atapi]
"ImagePath"="System32\Drivers\atapi.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Atdisk]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Atmarpc]
"ImagePath"="system32\DRIVERS\atmarpc.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AudioSrv]
"ServiceDll"="%SystemRoot%\System32\audiosrv.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\audstub]
"ImagePath"="system32\DRIVERS\audstub.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AVG]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\avg9wd]
"ImagePath"="\"c:\program files\AVG\AVG9\avgwdsvc.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AvgLdx86]
"ImagePath"="\SystemRoot\System32\Drivers\avgldx86.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AvgMfx86]
"ImagePath"="\SystemRoot\System32\Drivers\avgmfx86.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AvgTdiX]
"ImagePath"="\SystemRoot\System32\Drivers\avgtdix.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BANTExt]
"ImagePath"="\SystemRoot\System32\Drivers\BANTExt.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BattC]
"MofImagePath"="System32\Drivers\battc.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BCM43XX]
"ImagePath"="system32\DRIVERS\bcmwl5.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Beep]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BITS]
"ServiceDll"="c:\windows\system32\qmgr.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BTWUSB]
"ImagePath"="System32\Drivers\btwusb.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme]
"ImagePath"="\??\c:\docume~1\VALERI~1\LOCALS~1\Temp\catchme.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cbidf]
"ImagePath"="\SystemRoot\system32\DRIVERS\cbidf2k.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cbidf2k]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cd20xrnt]
"ImagePath"="\SystemRoot\system32\DRIVERS\cd20xrnt.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdaudio]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdfs]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdrom]
"ImagePath"="system32\DRIVERS\cdrom.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Changer]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CiSvc]
"ImagePath"="%SystemRoot%\system32\cisvc.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ClipSrv]
"ImagePath"="%SystemRoot%\system32\clipsrv.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\clr_optimization_v2.0.50727_32]
"ImagePath"="c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CmBatt]
"ImagePath"="system32\DRIVERS\CmBatt.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CmdIde]
"ImagePath"="\SystemRoot\system32\DRIVERS\cmdide.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Compbatt]
"ImagePath"="system32\DRIVERS\compbatt.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\COMSysApp]
"ImagePath"="c:\windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ContentFilter]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ContentIndex]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cpqarray]
"ImagePath"="\SystemRoot\system32\DRIVERS\cpqarray.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CryptSvc]
"ServiceDll"="%SystemRoot%\System32\cryptsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dac2w2k]
"ImagePath"="\SystemRoot\system32\DRIVERS\dac2w2k.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dac960nt]
"ImagePath"="\SystemRoot\system32\DRIVERS\dac960nt.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dhcp]
"ServiceDll"="%SystemRoot%\System32\dhcpcsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Disk]
"ImagePath"="system32\DRIVERS\disk.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Diskeeper]
"ImagePath"="\"c:\program files\Diskeeper Corporation\Diskeeper\DkService.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmadmin]
"ImagePath"="%SystemRoot%\System32\dmadmin.exe /com"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmboot]
"ImagePath"="System32\drivers\dmboot.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmio]
"ImagePath"="System32\drivers\dmio.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmload]
"ImagePath"="System32\drivers\dmload.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmserver]
"ServiceDll"="%SystemRoot%\System32\dmserver.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DMusic]
"ImagePath"="system32\drivers\DMusic.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dot3svc]
"ServiceDll"="%SystemRoot%\System32\dot3svc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dpti2o]
"ImagePath"="\SystemRoot\system32\DRIVERS\dpti2o.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\drmkaud]
"ImagePath"="system32\drivers\drmkaud.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\eabfiltr]
"ImagePath"="system32\DRIVERS\eabfiltr.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\eabusb]
"ImagePath"="system32\DRIVERS\eabusb.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EapHost]
"ServiceDll"="%SystemRoot%\System32\eapsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ehRecvr]
"ImagePath"="c:\windows\eHome\ehRecvr.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ehSched]
"ImagePath"="c:\windows\eHome\ehSched.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ElbyCDFL]
"ImagePath"="System32\Drivers\ElbyCDFL.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ElbyCDIO]
"ImagePath"="System32\Drivers\ElbyCDIO.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ElbyDelay]
"ImagePath"="System32\Drivers\ElbyDelay.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ERSvc]
"ServiceDll"="%SystemRoot%\System32\ersvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog]
"ImagePath"="%SystemRoot%\system32\services.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EventSystem]
"ServiceDll"="c:\windows\system32\es.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fastfat]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FastUserSwitchingCompatibility]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fdc]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fips]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Flpydisk]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FltMgr]
"ImagePath"="system32\drivers\fltmgr.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FontCache3.0.0.0]
"ImagePath"="c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fs_Rec]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ftdisk]
"ImagePath"="system32\DRIVERS\ftdisk.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Gpc]
"ImagePath"="system32\DRIVERS\msgpc.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\gusvc]
"ImagePath"="\"c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HBtnKey]
"ImagePath"="system32\DRIVERS\cpqbttn.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HdAudAddService]
"ImagePath"="system32\drivers\CHDAud.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HDAudBus]
"ImagePath"="system32\DRIVERS\HDAudBus.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HDDSvc]
"ImagePath"="c:\windows\system32\HDDSvc.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\helpsvc]
"ServiceDll"="%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HidServ]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HidUsb]
"ImagePath"="system32\DRIVERS\hidusb.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hkmsvc]
"ServiceDll"="%SystemRoot%\System32\kmsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hpn]
"ImagePath"="\SystemRoot\system32\DRIVERS\hpn.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hpqwmiex]
"ImagePath"="c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HSFHWAZL]
"ImagePath"="system32\DRIVERS\HSFHWAZL.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HSF_DPV]
"ImagePath"="system32\DRIVERS\HSF_DPV.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HTTP]
"ImagePath"="System32\Drivers\HTTP.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HTTPFilter]
"ServiceDll"="%SystemRoot%\System32\w3ssl.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i2omgmt]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i2omp]
"ImagePath"="\SystemRoot\system32\DRIVERS\i2omp.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i8042prt]
"ImagePath"="system32\DRIVERS\i8042prt.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iaStor]
"ImagePath"="\SystemRoot\system32\DRIVERS\iaStor.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IDriverT]
"ImagePath"="\"c:\program files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\idsvc]
"ImagePath"="\"c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Imapi]
"ImagePath"="system32\DRIVERS\imapi.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ImapiService]
"ImagePath"="%systemroot%\system32\imapi.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\inetaccs]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ini910u]
"ImagePath"="\SystemRoot\system32\DRIVERS\ini910u.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Inport]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IntelIde]
"ImagePath"="system32\DRIVERS\intelide.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ip6Fw]
"ImagePath"="system32\drivers\ip6fw.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpFilterDriver]
"ImagePath"="system32\DRIVERS\ipfltdrv.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpInIp]
"ImagePath"="system32\DRIVERS\ipinip.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpNat]
"ImagePath"="system32\DRIVERS\ipnat.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IPSec]
"ImagePath"="system32\DRIVERS\ipsec.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IRENUM]
"ImagePath"="system32\DRIVERS\irenum.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ISAPISearch]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\isapnp]
"ImagePath"="system32\DRIVERS\isapnp.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\JavaQuickStarterService]
"ImagePath"="\"c:\program files\Java\jre6\bin\jqs.exe\" -service -config \"c:\program files\Java\jre6\lib\deploy\jqs\jqs.conf\""

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Kbdclass]
"ImagePath"="system32\DRIVERS\kbdclass.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\kbdhid]
"ImagePath"="system32\DRIVERS\kbdhid.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\kmixer]
"ImagePath"="system32\drivers\kmixer.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\KSecDD]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lanmanserver]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lanmanworkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lbrtfdc]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ldap]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LicenseService]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LightScribeService]
"ImagePath"="\"c:\program files\Common Files\LightScribe\LSSrvc.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LmHosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mcdbus]
"ImagePath"="system32\DRIVERS\mcdbus.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\McrdSvc]
"ImagePath"="c:\windows\ehome\mcrdsvc.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MDM]
"ImagePath"="\"c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mdmxsdk]
"ImagePath"="system32\DRIVERS\mdmxsdk.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Messenger]
"ServiceDll"="%SystemRoot%\System32\msgsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MHN]
"ServiceDll"="%SystemRoot%\System32\mhn.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MHNDRV]
"ImagePath"="system32\DRIVERS\mhndrv.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Microsoft Office Groove Audit Service]
"ImagePath"="\"c:\program files\Microsoft Office\Office12\GrooveAuditService.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mnmdd]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mnmsrvc]
"ImagePath"="c:\windows\system32\mnmsrvc.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Modem]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MODEMCSA]
"ImagePath"="system32\drivers\MODEMCSA.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Mouclass]
"ImagePath"="system32\DRIVERS\mouclass.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mouhid]
"ImagePath"="system32\DRIVERS\mouhid.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MountMgr]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MQAC]
"ImagePath"="\??\c:\windows\system32\drivers\mqac.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mraid35x]
"ImagePath"="\SystemRoot\system32\DRIVERS\mraid35x.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MRxDAV]
"ImagePath"="system32\DRIVERS\mrxdav.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MRxSmb]
"ImagePath"="system32\DRIVERS\mrxsmb.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSDTC]
"ImagePath"="c:\windows\system32\msdtc.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSDTC Bridge 3.0.0.0]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Msfs]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSIServer]
"ImagePath"="c:\windows\system32\msiexec.exe /V"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSKSSRV]
"ImagePath"="system32\drivers\MSKSSRV.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSMQ]
"ImagePath"="c:\windows\system32\mqsvc.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSMQTriggers]
"ImagePath"="c:\windows\system32\mqtgsvc.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSPCLOCK]
"ImagePath"="system32\drivers\MSPCLOCK.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSPQM]
"ImagePath"="system32\drivers\MSPQM.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mssmbios]
"ImagePath"="system32\DRIVERS\mssmbios.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Mtlmnt5]
"ImagePath"="system32\DRIVERS\Mtlmnt5.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Mtlstrm]
"ImagePath"="system32\DRIVERS\Mtlstrm.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Mup]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\napagent]
"ServiceDll"="%SystemRoot%\System32\qagentrt.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NDIS]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisTapi]
"ImagePath"="system32\DRIVERS\ndistapi.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ndisuio]
"ImagePath"="system32\DRIVERS\ndisuio.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisWan]
"ImagePath"="system32\DRIVERS\ndiswan.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NDProxy]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetBIOS]
"ImagePath"="system32\DRIVERS\netbios.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetBT]
"ImagePath"="system32\DRIVERS\netbt.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetDDE]
"ImagePath"="%SystemRoot%\system32\netdde.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetDDEdsdm]
"ImagePath"="%SystemRoot%\system32\netdde.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Netlogon]
"ImagePath"="%SystemRoot%\system32\lsass.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetTcpPortSharing]
"ImagePath"="\"c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIC1394]
"ImagePath"="system32\DRIVERS\nic1394.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Nla]
"ServiceDll"="%SystemRoot%\System32\mswsock.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\nmservice]
"ImagePath"="\"c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Npfs]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ntfs]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtLmSsp]
"ImagePath"="%SystemRoot%\system32\lsass.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc]
"ServiceDll"="%SystemRoot%\system32\ntmssvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtMtlFax]
"ImagePath"="system32\DRIVERS\NtMtlFax.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NuidFltr]
"ImagePath"="system32\DRIVERS\NuidFltr.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Null]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\nv]
"ImagePath"="system32\DRIVERS\nv4_mini.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\nvata]
"ImagePath"="system32\DRIVERS\nvata.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NVENETFD]
"ImagePath"="system32\DRIVERS\NVENETFD.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\nvnetbus]
"ImagePath"="system32\DRIVERS\nvnetbus.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\nvsmu]
"ImagePath"="system32\DRIVERS\nvsmu.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NVSvc]
"ImagePath"="%SystemRoot%\system32\nvsvc32.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NwlnkFlt]
"ImagePath"="system32\DRIVERS\nwlnkflt.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NwlnkFwd]
"ImagePath"="system32\DRIVERS\nwlnkfwd.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\odserv]
"ImagePath"="\"c:\program files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE\""

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ohci1394]
"ImagePath"="system32\DRIVERS\ohci1394.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ose]
"ImagePath"="\"c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE\""

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Outlook]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Parport]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PartMgr]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ParVdm]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCI]
"ImagePath"="system32\DRIVERS\pci.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCIDump]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCIIde]
"ImagePath"="system32\DRIVERS\pciide.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Pcmcia]
"ImagePath"="system32\DRIVERS\pcmcia.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pcouffin]
"ImagePath"="System32\Drivers\pcouffin.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDCOMP]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDFRAME]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDRELI]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDRFRAME]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\perc2]
"ImagePath"="\SystemRoot\system32\DRIVERS\perc2.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\perc2hib]
"ImagePath"="\SystemRoot\system32\DRIVERS\perc2hib.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfDisk]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfNet]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfOS]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfProc]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PlugPlay]
"ImagePath"="%SystemRoot%\system32\services.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pnarp]
"ImagePath"="system32\DRIVERS\pnarp.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Point32]
"ImagePath"="system32\DRIVERS\point32.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PolicyAgent]
"ImagePath"="%SystemRoot%\system32\lsass.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PptpMiniport]
"ImagePath"="system32\DRIVERS\raspptp.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ProtectedStorage]
"ImagePath"="%SystemRoot%\system32\lsass.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PSched]
"ImagePath"="system32\DRIVERS\psched.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ptilink]
"ImagePath"="system32\DRIVERS\ptilink.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\purendis]
"ImagePath"="system32\DRIVERS\purendis.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PxHelp20]
"ImagePath"="System32\Drivers\PxHelp20.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1080]
"ImagePath"="\SystemRoot\system32\DRIVERS\ql1080.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ql10wnt]
"ImagePath"="\SystemRoot\system32\DRIVERS\ql10wnt.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql12160]
"ImagePath"="\SystemRoot\system32\DRIVERS\ql12160.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1240]
"ImagePath"="\SystemRoot\system32\DRIVERS\ql1240.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1280]
"ImagePath"="\SystemRoot\system32\DRIVERS\ql1280.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasAcd]
"ImagePath"="system32\DRIVERS\rasacd.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Rasl2tp]
"ImagePath"="system32\DRIVERS\rasl2tp.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasPppoe]
"ImagePath"="system32\DRIVERS\raspppoe.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Raspti]
"ImagePath"="system32\DRIVERS\raspti.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Rdbss]
"ImagePath"="system32\DRIVERS\rdbss.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPCDD]
"ImagePath"="System32\DRIVERS\RDPCDD.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPDD]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rdpdr]
"ImagePath"="system32\DRIVERS\rdpdr.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPNP]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPWD]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDSessMgr]
"ImagePath"="c:\windows\system32\sessmgr.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RecAgent]
"ImagePath"="system32\DRIVERS\RecAgent.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\redbook]
"ImagePath"="system32\DRIVERS\redbook.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RemoteAccess]
"ServiceDll"="%SystemRoot%\System32\mprdim.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RemoteRegistry]
"ServiceDll"="%SystemRoot%\system32\regsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rimmptsk]
"ImagePath"="system32\DRIVERS\rimmptsk.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rimsptsk]
"ImagePath"="system32\DRIVERS\rimsptsk.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rismxdp]
"ImagePath"="system32\DRIVERS\rixdptsk.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RMCAST]
"ImagePath"="\??\c:\windows\system32\drivers\RMCast.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RpcLocator]
"ImagePath"="%SystemRoot%\system32\locator.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RpcSs]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RSVP]
"ImagePath"="%SystemRoot%\system32\rsvp.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rtl8139]
"ImagePath"="system32\DRIVERS\RTL8139.SYS"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SASDIFSV]
"ImagePath"="\??\c:\program files\SUPERAntiSpyware\SASDIFSV.SYS"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SASENUM]
"ImagePath"="\??\c:\program files\SUPERAntiSpyware\SASENUM.SYS"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SASKUTIL]
"ImagePath"="\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SCardSvr]
"ImagePath"="%SystemRoot%\System32\SCardSvr.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Schedule]
"ServiceDll"="%SystemRoot%\system32\schedsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ScsiPort]
"ImagePath"="%SystemRoot%\system32\drivers\scsiport.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sdbus]
"ImagePath"="system32\DRIVERS\sdbus.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Secdrv]
"ImagePath"="system32\DRIVERS\secdrv.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\seclogon]
"ServiceDll"="%SystemRoot%\System32\seclogon.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SENS]
"ServiceDll"="%SystemRoot%\system32\sens.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Serial]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ServiceModelEndpoint 3.0.0.0]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ServiceModelOperation 3.0.0.0]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ServiceModelService 3.0.0.0]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Sfloppy]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Simbad]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sisagp]
"ImagePath"="\SystemRoot\system32\DRIVERS\sisagp.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Slnt7554]
"ImagePath"="system32\DRIVERS\slnt7554.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SlNtHal]
"ImagePath"="system32\DRIVERS\Slnthal.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SLService]
"ImagePath"="slserv.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\slusbvip]
"ImagePath"="system32\DRIVERS\slusbvip.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SLVAD_simple]
"ImagePath"="system32\drivers\slvad.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SlWdmSup]
"ImagePath"="system32\DRIVERS\SlWdmSup.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Smport]
"ImagePath"="\??\c:\windows\system32\Smport.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SMSvcHost 3.0.0.0]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Sparrow]
"ImagePath"="\SystemRoot\system32\DRIVERS\sparrow.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\splitter]
"ImagePath"="system32\drivers\splitter.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Spooler]
"ImagePath"="%SystemRoot%\system32\spoolsv.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sptd]
"ImagePath"="System32\Drivers\sptd.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sr]
"ImagePath"="system32\DRIVERS\sr.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\srservice]
"ServiceDll"="%SystemRoot%\system32\srsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Srv]
"ImagePath"="system32\DRIVERS\srv.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\stisvc]
"ServiceDll"="%SystemRoot%\system32\wiaservc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SuperMounter]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SureThing Labelflash service]
"ImagePath"="c:\program files\Common Files\SureThing Shared\stllssvr.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\swenum]
"ImagePath"="system32\DRIVERS\swenum.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\swmidi]
"ImagePath"="system32\drivers\swmidi.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SwPrv]
"ImagePath"="c:\windows\system32\dllhost.exe /Processid:{FC5F0743-11B5-43E8-96A2-9DEFB0340AF2}"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\swwd]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\symc810]
"ImagePath"="\SystemRoot\system32\DRIVERS\symc810.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\symc8xx]
"ImagePath"="\SystemRoot\system32\DRIVERS\symc8xx.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sym_hi]
"ImagePath"="\SystemRoot\system32\DRIVERS\sym_hi.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sym_u3]
"ImagePath"="\SystemRoot\system32\DRIVERS\sym_u3.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SynTP]
"ImagePath"="system32\DRIVERS\SynTP.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sysaudio]
"ImagePath"="system32\drivers\sysaudio.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SysmonLog]
"ImagePath"="%SystemRoot%\system32\smlogsvc.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip]
"ImagePath"="system32\DRIVERS\tcpip.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TDPIPE]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TDTCP]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TermDD]
"ImagePath"="system32\DRIVERS\termdd.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Themes]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TlntSvr]
"ImagePath"="c:\windows\system32\tlntsvr.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TLRecAgent]
"ImagePath"="system32\DRIVERS\TLRecAgent.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TosIde]
"ImagePath"="\SystemRoot\system32\DRIVERS\toside.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TrkWks]
"ServiceDll"="%SystemRoot%\system32\trkwks.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TSDDD]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Udfs]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\UIUSys]
"ImagePath"="system32\DRIVERS\UIUSYS.SYS"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ultra]
"ImagePath"="\SystemRoot\system32\DRIVERS\ultra.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\UMWdf]
"ImagePath"="c:\windows\system32\wdfmgr.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Update]
"ImagePath"="system32\DRIVERS\update.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\UPS]
"ImagePath"="%SystemRoot%\System32\ups.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbaudio]
"ImagePath"="system32\drivers\usbaudio.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbccgp]
"ImagePath"="system32\DRIVERS\usbccgp.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbehci]
"ImagePath"="system32\DRIVERS\usbehci.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbhub]
"ImagePath"="system32\DRIVERS\usbhub.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbohci]
"ImagePath"="system32\DRIVERS\usbohci.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbprint]
"ImagePath"="system32\DRIVERS\usbprint.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbscan]
"ImagePath"="system32\DRIVERS\usbscan.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\USBSTOR]
"ImagePath"="system32\DRIVERS\USBSTOR.SYS"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbuhci]
"ImagePath"="system32\DRIVERS\usbuhci.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\viaagp]
"ImagePath"="\SystemRoot\system32\DRIVERS\viaagp.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ViaIde]
"ImagePath"="system32\DRIVERS\viaide.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VolSnap]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VSS]
"ImagePath"="%SystemRoot%\System32\vssvc.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\W32Time]
"ServiceDll"="%systemroot%\system32\w32time.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\W3SVC]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Wanarp]
"ImagePath"="system32\DRIVERS\wanarp.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wanatw]
"ImagePath"="system32\DRIVERS\wanatw4.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WANMiniportService]
"ImagePath"="\"c:\windows\wanmpsvc.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Wdf01000]
"ImagePath"="system32\DRIVERS\Wdf01000.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WDICA]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wdmaud]
"ImagePath"="system32\drivers\wdmaud.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\winachsf]
"ImagePath"="system32\DRIVERS\HSF_CNXT.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Windows Workflow Foundation 3.0.0.0]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Winsock]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WinSock2]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WinTrust]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WMConnectCDS]
"ImagePath"="c:\program files\Windows Media Connect 2\wmccds.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmdmPmSN]
"ServiceDll"="c:\windows\system32\MsPMSNSv.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Wmi]
"ServiceDll"="%SystemRoot%\System32\advapi32.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmiAcpi]
"ImagePath"="system32\DRIVERS\wmiacpi.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmiApRpl]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmiApSrv]
"ImagePath"="c:\windows\system32\wbem\wmiapsrv.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WS2IFSL]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wscsvc]
"ServiceDll"="%SYSTEMROOT%\system32\wscsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wuauserv]
"ServiceDll"="c:\windows\system32\wuauserv.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WZCSVC]
"ServiceDll"="%SystemRoot%\System32\wzcsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\xmlprov]
"ServiceDll"="%SystemRoot%\System32\xmlprov.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{0CF944DA-15B9-4D02-8BEE-DD17D6E0906F}]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{2BDA8AFF-C3F1-430E-A895-84B065CA10C0}]
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(932)
c:\windows\system32\WININET.dll
c:\program files\SUPERAntiSpyware\SASWINLO.dll

- - - - - - - > 'lsass.exe'(992)
c:\windows\system32\WININET.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Common Files\AOL\ACS\AOLAcsd.exe
c:\program files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
c:\program files\Diskeeper Corporation\Diskeeper\DkService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\nvsvc32.exe
c:\windows\wanmpsvc.exe
c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
c:\windows\system32\dllhost.exe
c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\program files\HP\QuickPlay\QPService.exe
c:\program files\Common Files\InstallShield\UpdateService\issch.exe
c:\program files\Hard Drive Inspector\HDInspector.exe
c:\program files\D-Link\D-Link USB Phone Adapter\DPH-50U Utility.exe
c:\program files\Hp\HP Software Update\HPWuSchd2.exe
c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
c:\program files\SlickRun\sr.exe
c:\program files\Diskeeper Corporation\Diskeeper\DfrgNTFS.exe
.
**************************************************************************
.
Completion time: 2009-12-19 03:13:17 - machine was rebooted
ComboFix-quarantined-files.txt 2009-12-19 08:13

Pre-Run: 9,732,300,800 bytes free
Post-Run: 9,500,819,456 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

[spybotsd]
timeout.old=30


- - End Of File - - 841A5741568BDD0ED5363306D40AF674

#11 LJMac

LJMac
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:07 AM

Posted 19 December 2009 - 03:21 AM

And HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:16:27 AM, on 12/19/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\HDDSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Hard Drive Inspector\HDInspector.exe
C:\Program Files\D-Link\D-Link USB Phone Adapter\DPH-50U Utility.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SlickRun\sr.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DfrgNTFS.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...o&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = >>> 'Full Speed' Enabled <<<
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [HDInspector.exe] C:\Program Files\Hard Drive Inspector\HDInspector.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [TLinkAgent] C:\Program Files\D-Link\D-Link USB Phone Adapter\DPH-50U Utility.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SlickRun] "C:\Program Files\SlickRun\sr.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Valerie McKenney\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat\AdobeUpdateManager.exe" AcPro7_1_0
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: WordWeb Pro.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: America Online 8.0 Tray Icon.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=presario&pf=laptop
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1167927293296
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HDD Information Service (HDDSvc) - AltrixSoft (http://www.altrixsoft.com/) - C:\WINDOWS\system32\HDDSvc.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SureThing Labelflash service - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 11709 bytes

#12 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 19 December 2009 - 04:09 AM

Please download SafeBootKeyRepair.exe by sUBs and save to your desktop.

* Double-click on it and follow the instructions.
* When finished, see if you can access safe mode.


Then re-run KittyFix once again and post the log here :(

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#13 LJMac

LJMac
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:07 AM

Posted 19 December 2009 - 05:16 AM

Wan,
I ran Safe Boot Key Repair then attempted to boot up in safe mode. Not only can I not boot up in safe mode I can't boot up in any mode. The blue screen of death pops up instantaneously after boot selection (can't even read error codes) but then the pc stops and stars up again automatically over and over.I stopped this by using the sop/start button. I then attempted to boot from UBCD to get online with that system but it would not load. What next?? Thanks, L J Mac

#14 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 19 December 2009 - 07:26 AM

Uh.. That's bad.. Cannot boot even with UBCD? Do you have Windows CD? Thinking of do a "Repair Install"..

Anyway, can you get the error from BSOD? :(

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#15 LJMac

LJMac
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:07 AM

Posted 19 December 2009 - 09:41 AM

Wan,

Sorry, had to be AFK for a while. Now I'm up and running with UBCD (looks as if the disc only needed cleaning) and I do have a WindowsXP Pro disc although i'ts not SP3. BSOD is on only a nanosecond then the start up and boot process process begins again. Any other way to get the error code? Repair install? Ive not done one but I'm eager to attempt anything you recommend. Thanks for staying with me on this!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users