XP Security 2012 leading to netbt.sys issues

Inactive
By 952SF
Dec 8, 2011
  1. I had the XP security 2012 virus. Thought it was cured with AVG. Next day it would not connect to internet (no IP address - unable to assign). Searching for answers led me to see problems with DHCP:
    "could not start the DHCP Client Service on Local Computer. Error 1075: The dependency Service does not exist or has been marked for deletion."

    netbt.sys was missing/corrupted. I think I got that fixed (at least to the point it is now connecting. So, all seems to be running well, but I want to make sure it is clean (I have doubts).

    I attempted 5 step process, but could not get dds to run. When I double click, Notepad opens up with "This program cannot be run in DOS mode." then many many lines of mostly jibberish. I will included the only text that is potentially meaningful from that window. I suspect the problem is a script protection...but I don't know what that would be, as I have disabled MS Security Essentials and AVG.

    Logs, as requested in following post

    Thanks! I appreciate any help to get this in order.

    (I will probably only be able to check back in the evenings...so I am not ignoring your help if my reply is slow!)
  2. 952SF

    952SF Newcomer, in training Topic Starter Posts: 34

    Malwarebytes Log
    Malwarebytes' Anti-Malware 1.51.2.1300
    www.malwarebytes.org

    Database version: 8331

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    12/7/2011 9:34:25 PM
    mbam-log-2011-12-07 (21-34-25).txt

    Scan type: Quick scan
    Objects scanned: 193149
    Time elapsed: 17 minute(s), 14 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 1
    Registry Data Items Infected: 3
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

    GMER log
    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2011-12-08 00:07:20
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST980825AS rev.8.02
    Running: okmhi35l.exe; Driver: C:\DOCUME~1\ADVANC~1\LOCALS~1\Temp\pxtdrpob.sys


    ---- System - GMER 1.0.15 ----

    SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF752187E]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xB9FFCF3C]
    SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF7521BFE]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xB9FFCFE4]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xB9FFD080]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xB9FFD11C]

    ---- Kernel code sections - GMER 1.0.15 ----

    init C:\WINDOWS\system32\drivers\monfilt.sys entry point in "init" section [0xF253B280]

    ---- User code sections - GMER 1.0.15 ----

    .text C:\program files\real\realplayer\update\realsched.exe[144] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
    AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
    AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

    Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
    Device B93F9D20
    Device B94008C1

    AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

    Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
    Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
    Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
    Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
    Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
    Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

    ---- Files - GMER 1.0.15 ----

    File C:\WINDOWS\$NtUninstallKB59304$\2474013918 0 bytes
    File C:\WINDOWS\$NtUninstallKB59304$\2474013918\@ 2048 bytes
    File C:\WINDOWS\$NtUninstallKB59304$\2474013918\bckfg.tmp 842 bytes
    File C:\WINDOWS\$NtUninstallKB59304$\2474013918\cfg.ini 198 bytes
    File C:\WINDOWS\$NtUninstallKB59304$\2474013918\Desktop.ini 4608 bytes
    File C:\WINDOWS\$NtUninstallKB59304$\2474013918\keywords 18 bytes
    File C:\WINDOWS\$NtUninstallKB59304$\2474013918\kwrd.dll 223744 bytes
    File C:\WINDOWS\$NtUninstallKB59304$\2474013918\L 0 bytes
    File C:\WINDOWS\$NtUninstallKB59304$\2474013918\L\pdmzmplg 162816 bytes
    File C:\WINDOWS\$NtUninstallKB59304$\2474013918\lsflt7.ver 5176 bytes
    File C:\WINDOWS\$NtUninstallKB59304$\2474013918\U 0 bytes
    File C:\WINDOWS\$NtUninstallKB59304$\2474013918\U\00000001.@ 2048 bytes
    File C:\WINDOWS\$NtUninstallKB59304$\2474013918\U\00000002.@ 224768 bytes
    File C:\WINDOWS\$NtUninstallKB59304$\2474013918\U\00000004.@ 1024 bytes
    File C:\WINDOWS\$NtUninstallKB59304$\2474013918\U\80000000.@ 1024 bytes
    File C:\WINDOWS\$NtUninstallKB59304$\2474013918\U\80000004.@ 12800 bytes
    File C:\WINDOWS\$NtUninstallKB59304$\2474013918\U\80000032.@ 98304 bytes
    File C:\WINDOWS\$NtUninstallKB59304$\995230332 0 bytes

    ---- EOF - GMER 1.0.15 ----

    From DDS

    Edit: Incorrect DDS log deleted by Bobbye.
  3. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    It is not necessary to include a logs such as the DDS incorrect one- just description would have done.

    Please uninstall the DDS program you now have and delete any logs from it.
    --------------------------------------
    This infection is classified as a rogue anti-spyware program because it uses false security alerts and fake scan results to try and trick you into thinking that your computer is infected so that you will then purchase it. It scans then goes on to display a variety of fake security alerts and warnings that are designed to make you think your computer has a serious security problem.
    ==============================================
    Please do the following to help you run other programs:It's important to follow the order I've set up. Best to print directions to help:

    Boot into Safe Mode
    • Restart your computer and start pressing the F8 key on your keyboard.
    • Select the Safe Mode with Networking option when the Windows Advanced Options menu appears, using your up/down arrows to reach it and then press ENTER.

    This infection may change your Windows settings to use a proxy server that will not allow you to browse any pages on the Internet with Internet Explorer or update security software, we will first need need to fix this: Launch Internet Explorer
    • Access Internet Options through Tools> Connections tab
    • Click on the Lan Settings at the bottom
    • Proxy Server section> uncheck the box labeled 'Use a proxy server for your LAN.
    • Then click on OK> and OK again to close Internet Options.
    ===============================
    This malware frequently comes with the TDSS rootkit, so do the following:
    • Download the file TDSSKiller.zip and save to the desktop.
      (If you are unable to download the file for some reason, then TDSS may be blocking it. You would then need to download it first to a clean computer and then transfer it to the infected one using an external drive or USB flash drive.)
    • Right-click the tdsskiller.zip file> Select Extract All into a folder on the infected (or potentially infected) PC.
    • Double click on TDSSKiller.exe. to run the scan
    • When the scan is over, the utility outputs a list of detected objects with description.
      The utility automatically selects an action (Cure or Delete) for malicious objects.
      The utility prompts the user to select an action to apply to suspicious objects (Skip, by default).
    • Select the action Quarantine to quarantine detected objects.
      The default quarantine folder is in the system disk root folder, e.g.: C:\TDSSKiller_Quarantine\23.07.2010_15.31.43
    • After clicking Next, the utility applies selected actions and outputs the result.
    • A reboot is required after disinfection.
    ====================================
    If TDSSKiller requires you to reboot, please allow it to do so. After you reboot, reboot back into Safe Mode with Networking again
    ====================================
    To end the processes that belong to the rogue program:
    Please download and run the tool below named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

    There are 3 different versions. If one of them won't run then download and try to run the other one. (Vista and Win7 users need to right click Rkill and choose Run as Administrator)

    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
    • Rkill.com
    • Rkill.scr
    • Rkill.exe
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
    Do not reboot until instructed. as it will start the malware again
    ==================================
    You will run another scan with Mbam, after it updates, but this time, on the Scanner tab, make sure the the Perform Full Scan option is selected and then click on the Scan button.

    When scan has finished, you will see this image:
    [​IMG]
    • Click on OK to close box and continue.
    • Click on the Show Results button.
    • Click on the Remove Selected button to remove all the listed malware.
    • At end of malware removal, the scan log opens and displays in Notepad. Be sure to click on Format> Uncheck Word Wrap before copying the log to paste in your next reply.
    ========================================
    Try to run DDS when you have completed all of the above. If it scans correctly, leave the 2 logs. Tell me if it does not and I will help you get it running.
    Logs to leave in next reply:
    TDSSKiller
    RKill
    New Malwarebytes
    2 logs from DDS.
    ========================================
    My Guidelines: please read and follow:
    • Be patient. Malware cleaning takes time and I am also working with other members while I am helping you.
    • Read my instructions carefully. If you don't understand or have a problem, ask me.
    • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
    • Follow the order of the tasks I give you. Order is crucial in cleaning process.
    • File sharing programs should be uninstalled or disabled during the cleaning process..
    • Observe these:
      [o] Don't use any other cleaning programs or scans while I'm helping you.
      [o] Don't use a Registry cleaner or make any changes in the Registry.
      [o] Don't download and install new programs- except those I give you.
    • Please let me know if there is any change in the system.

    If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.
    =====================================
    Take you time- post when you can. I am frequently behind- even though I run very fast!
  4. 952SF

    952SF Newcomer, in training Topic Starter Posts: 34

    I 'think' I am in good shape, except for the inability to run DDS. All scans said they were clear - but I'll let the expert be the judge of that. Logs below:

    *TDSSKiller
    19:26:41.0218 0748 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06
    19:26:41.0421 0748 ============================================================
    19:26:41.0421 0748 Current date / time: 2011/12/08 19:26:41.0421
    19:26:41.0421 0748 SystemInfo:
    19:26:41.0421 0748
    19:26:41.0421 0748 OS Version: 5.1.2600 ServicePack: 3.0
    19:26:41.0421 0748 Product type: Workstation
    19:26:41.0421 0748 ComputerName: ATH
    19:26:41.0421 0748 UserName: Advanced Tree Health
    19:26:41.0421 0748 Windows directory: C:\WINDOWS
    19:26:41.0421 0748 System windows directory: C:\WINDOWS
    19:26:41.0421 0748 Processor architecture: Intel x86
    19:26:41.0421 0748 Number of processors: 2
    19:26:41.0421 0748 Page size: 0x1000
    19:26:41.0421 0748 Boot type: Safe boot with network
    19:26:41.0421 0748 ============================================================
    19:26:44.0421 0748 Initialize success
    19:26:56.0890 1868 ============================================================
    19:26:56.0890 1868 Scan started
    19:26:56.0890 1868 Mode: Manual;
    19:26:56.0890 1868 ============================================================
    19:26:58.0734 1868 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
    19:26:58.0734 1868 61883 - ok
    19:26:58.0828 1868 Abiosdsk - ok
    19:26:58.0890 1868 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
    19:26:58.0906 1868 abp480n5 - ok
    19:26:58.0953 1868 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    19:26:58.0953 1868 ACPI - ok
    19:26:58.0984 1868 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
    19:26:59.0000 1868 ACPIEC - ok
    19:26:59.0062 1868 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
    19:26:59.0062 1868 adpu160m - ok
    19:26:59.0109 1868 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    19:26:59.0125 1868 aec - ok
    19:26:59.0234 1868 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
    19:26:59.0234 1868 AFD - ok
    19:26:59.0296 1868 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
    19:26:59.0296 1868 agp440 - ok
    19:26:59.0343 1868 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
    19:26:59.0359 1868 agpCPQ - ok
    19:26:59.0437 1868 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
    19:26:59.0437 1868 Aha154x - ok
    19:26:59.0500 1868 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
    19:26:59.0500 1868 aic78u2 - ok
    19:26:59.0531 1868 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
    19:26:59.0531 1868 aic78xx - ok
    19:26:59.0656 1868 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
    19:26:59.0671 1868 AliIde - ok
    19:26:59.0718 1868 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
    19:26:59.0718 1868 alim1541 - ok
    19:26:59.0750 1868 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
    19:26:59.0750 1868 amdagp - ok
    19:26:59.0828 1868 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
    19:26:59.0828 1868 amsint - ok
    19:26:59.0906 1868 AngelUsb (b001ead648a3e8fa06af7c221a5c1a4e) C:\WINDOWS\system32\DRIVERS\AngelUsb.sys
    19:26:59.0906 1868 AngelUsb - ok
    19:27:00.0062 1868 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
    19:27:00.0062 1868 APPDRV - ok
    19:27:00.0125 1868 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    19:27:00.0140 1868 Arp1394 - ok
    19:27:00.0218 1868 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
    19:27:00.0218 1868 asc - ok
    19:27:00.0250 1868 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
    19:27:00.0250 1868 asc3350p - ok
    19:27:00.0406 1868 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
    19:27:00.0406 1868 asc3550 - ok
    19:27:00.0765 1868 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    19:27:00.0765 1868 AsyncMac - ok
    19:27:00.0796 1868 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    19:27:00.0796 1868 atapi - ok
    19:27:00.0828 1868 Atdisk - ok
    19:27:01.0000 1868 ati2mtag (bebeb471617782d138b6f92e7c3fab1c) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
    19:27:01.0140 1868 ati2mtag - ok
    19:27:01.0500 1868 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    19:27:01.0515 1868 Atmarpc - ok
    19:27:01.0625 1868 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    19:27:01.0640 1868 audstub - ok
    19:27:01.0718 1868 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
    19:27:01.0718 1868 Avc - ok
    19:27:01.0812 1868 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
    19:27:01.0812 1868 AVGIDSDriver - ok
    19:27:01.0843 1868 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
    19:27:01.0859 1868 AVGIDSEH - ok
    19:27:01.0906 1868 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
    19:27:01.0906 1868 AVGIDSFilter - ok
    19:27:01.0953 1868 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
    19:27:01.0953 1868 AVGIDSShim - ok
    19:27:02.0000 1868 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
    19:27:02.0015 1868 Avgldx86 - ok
    19:27:02.0046 1868 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
    19:27:02.0046 1868 Avgmfx86 - ok
    19:27:02.0093 1868 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
    19:27:02.0093 1868 Avgrkx86 - ok
    19:27:02.0156 1868 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
    19:27:02.0156 1868 Avgtdix - ok
    19:27:02.0234 1868 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
    19:27:02.0250 1868 BCM43XX - ok
    19:27:02.0296 1868 bcm4sbxp (c768c8a463d32c219ce291645a0621a4) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
    19:27:02.0296 1868 bcm4sbxp - ok
    19:27:02.0359 1868 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    19:27:02.0359 1868 Beep - ok
    19:27:02.0468 1868 btaudio (8893ae0b6b9b60e0521a60e8b2160216) C:\WINDOWS\system32\drivers\btaudio.sys
    19:27:02.0500 1868 btaudio - ok
    19:27:02.0562 1868 BTDriver (fde318e3569f57264af74b7e431f60ae) C:\WINDOWS\system32\DRIVERS\btport.sys
    19:27:02.0562 1868 BTDriver - ok
    19:27:02.0640 1868 BTKRNL (9c3c8b9e2eda516eb44b51dab81dbd68) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
    19:27:02.0703 1868 BTKRNL - ok
    19:27:02.0734 1868 BTSERIAL (089f7526ff41c17b0a43896d0553d5a2) C:\WINDOWS\system32\drivers\btserial.sys
    19:27:02.0734 1868 BTSERIAL - ok
    19:27:02.0812 1868 BTWDNDIS (28531ab3183f498e58d93d585e6a6b70) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
    19:27:02.0812 1868 BTWDNDIS - ok
    19:27:02.0875 1868 btwhid (c5c0e21c67089f053b964e0a8b8adbac) C:\WINDOWS\system32\DRIVERS\btwhid.sys
    19:27:02.0890 1868 btwhid - ok
    19:27:02.0921 1868 btwmodem (7d295223c172ab4d61dc256721b2f09e) C:\WINDOWS\system32\DRIVERS\btwmodem.sys
    19:27:02.0921 1868 btwmodem - ok
    19:27:02.0968 1868 BTWUSB (56c701580f2891952761362ba7594b3d) C:\WINDOWS\system32\Drivers\btwusb.sys
    19:27:02.0984 1868 BTWUSB - ok
    19:27:03.0015 1868 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
    19:27:03.0015 1868 cbidf - ok
    19:27:03.0031 1868 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    19:27:03.0031 1868 cbidf2k - ok
    19:27:03.0078 1868 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    19:27:03.0078 1868 CCDECODE - ok
    19:27:03.0109 1868 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
    19:27:03.0109 1868 cd20xrnt - ok
    19:27:03.0156 1868 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    19:27:03.0156 1868 Cdaudio - ok
    19:27:03.0187 1868 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    19:27:03.0187 1868 Cdfs - ok
    19:27:03.0218 1868 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    19:27:03.0218 1868 Cdrom - ok
    19:27:03.0234 1868 Changer - ok
    19:27:03.0328 1868 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
    19:27:03.0328 1868 CmBatt - ok
    19:27:03.0375 1868 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
    19:27:03.0390 1868 CmdIde - ok
    19:27:03.0421 1868 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
    19:27:03.0421 1868 Compbatt - ok
    19:27:03.0500 1868 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
    19:27:03.0500 1868 Cpqarray - ok
    19:27:03.0578 1868 ctsfm2k (8db84de3aab34a8b4c2f644eff41cd76) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
    19:27:03.0578 1868 ctsfm2k - ok
    19:27:03.0609 1868 CTUSFSYN (4ee8822adb764edd28ce44e808097995) C:\WINDOWS\system32\drivers\ctusfsyn.sys
    19:27:03.0609 1868 CTUSFSYN - ok
    19:27:03.0656 1868 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
    19:27:03.0656 1868 dac2w2k - ok
    19:27:03.0687 1868 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
    19:27:03.0687 1868 dac960nt - ok
    19:27:03.0750 1868 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    19:27:03.0750 1868 Disk - ok
    19:27:03.0843 1868 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
    19:27:03.0875 1868 dmboot - ok
    19:27:03.0906 1868 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
    19:27:03.0906 1868 dmio - ok
    19:27:03.0937 1868 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    19:27:03.0937 1868 dmload - ok
    19:27:04.0000 1868 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    19:27:04.0000 1868 DMusic - ok
    19:27:04.0062 1868 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
    19:27:04.0062 1868 dpti2o - ok
    19:27:04.0093 1868 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    19:27:04.0093 1868 drmkaud - ok
    19:27:04.0156 1868 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
    19:27:04.0156 1868 drvmcdb - ok
    19:27:04.0187 1868 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
    19:27:04.0187 1868 drvnddm - ok
    19:27:04.0234 1868 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
    19:27:04.0234 1868 E100B - ok
    19:27:04.0421 1868 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    19:27:04.0421 1868 Fastfat - ok
    19:27:04.0484 1868 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
    19:27:04.0484 1868 Fdc - ok
    19:27:04.0531 1868 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
    19:27:04.0531 1868 Fips - ok
    19:27:04.0562 1868 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    19:27:04.0562 1868 Flpydisk - ok
    19:27:04.0593 1868 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    19:27:04.0593 1868 FltMgr - ok
    19:27:04.0640 1868 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    19:27:04.0640 1868 Fs_Rec - ok
    19:27:04.0671 1868 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    19:27:04.0671 1868 Ftdisk - ok
    19:27:04.0718 1868 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    19:27:04.0718 1868 Gpc - ok
    19:27:04.0859 1868 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    19:27:04.0859 1868 HDAudBus - ok
    19:27:04.0906 1868 HidIr (bb1a6fb7d35a91e599973fa74a619056) C:\WINDOWS\system32\DRIVERS\hidir.sys
    19:27:04.0921 1868 HidIr - ok
    19:27:04.0984 1868 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    19:27:04.0984 1868 HidUsb - ok
    19:27:05.0078 1868 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
    19:27:05.0078 1868 hpn - ok
    19:27:05.0140 1868 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
    19:27:05.0140 1868 HPZid412 - ok
    19:27:05.0171 1868 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
    19:27:05.0187 1868 HPZipr12 - ok
    19:27:05.0234 1868 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
    19:27:05.0234 1868 HPZius12 - ok
    19:27:05.0281 1868 HSFHWAZL (1c8caa80e91fb71864e9426f9eed048d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
    19:27:05.0281 1868 HSFHWAZL - ok
    19:27:05.0343 1868 HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
    19:27:05.0390 1868 HSF_DPV - ok
    19:27:05.0437 1868 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    19:27:05.0437 1868 HTTP - ok
    19:27:05.0484 1868 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
    19:27:05.0500 1868 i2omgmt - ok
    19:27:05.0531 1868 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
    19:27:05.0531 1868 i2omp - ok
    19:27:05.0562 1868 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    19:27:05.0562 1868 i8042prt - ok
    19:27:05.0625 1868 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    19:27:05.0625 1868 Imapi - ok
    19:27:05.0687 1868 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
    19:27:05.0687 1868 ini910u - ok
    19:27:05.0750 1868 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
    19:27:05.0765 1868 IntelIde - ok
    19:27:05.0781 1868 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    19:27:05.0781 1868 intelppm - ok
    19:27:05.0828 1868 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    19:27:05.0828 1868 Ip6Fw - ok
    19:27:05.0875 1868 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    19:27:05.0890 1868 IpFilterDriver - ok
    19:27:05.0921 1868 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    19:27:05.0921 1868 IpInIp - ok
    19:27:05.0953 1868 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    19:27:05.0968 1868 IpNat - ok
    19:27:05.0984 1868 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    19:27:05.0984 1868 IPSec - ok
    19:27:06.0031 1868 IrBus (b43b36b382aea10861f7c7a37f9d4ae2) C:\WINDOWS\system32\DRIVERS\IrBus.sys
    19:27:06.0031 1868 IrBus - ok
    19:27:06.0062 1868 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    19:27:06.0062 1868 IRENUM - ok
    19:27:06.0109 1868 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    19:27:06.0109 1868 isapnp - ok
    19:27:06.0171 1868 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    19:27:06.0171 1868 Kbdclass - ok
    19:27:06.0203 1868 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    19:27:06.0203 1868 kbdhid - ok
    19:27:06.0250 1868 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    19:27:06.0250 1868 kmixer - ok
    19:27:06.0281 1868 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    19:27:06.0296 1868 KSecDD - ok
    19:27:06.0359 1868 Lavasoft Kernexplorer - ok
    19:27:06.0546 1868 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\WINDOWS\system32\DRIVERS\Lbd.sys
    19:27:06.0546 1868 Lbd - ok
    19:27:06.0562 1868 lbrtfdc - ok
    19:27:06.0640 1868 MBAMSwissArmy - ok
    19:27:06.0734 1868 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
    19:27:06.0734 1868 mdmxsdk - ok
    19:27:06.0796 1868 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
    19:27:06.0796 1868 MHNDRV - ok
    19:27:06.0843 1868 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    19:27:06.0843 1868 mnmdd - ok
    19:27:06.0890 1868 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
    19:27:06.0890 1868 Modem - ok
    19:27:07.0015 1868 monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\monfilt.sys
    19:27:07.0062 1868 monfilt - ok
    19:27:07.0140 1868 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    19:27:07.0140 1868 Mouclass - ok
    19:27:07.0187 1868 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    19:27:07.0187 1868 mouhid - ok
    19:27:07.0218 1868 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    19:27:07.0218 1868 MountMgr - ok
    19:27:07.0281 1868 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
    19:27:07.0281 1868 MpFilter - ok
    19:27:07.0421 1868 MpKsl13773142 - ok
    19:27:07.0453 1868 MpKsl149e08a1 - ok
    19:27:07.0484 1868 MpKsl2e820922 - ok
    19:27:07.0515 1868 MpKsl4b46963f - ok
    19:27:07.0546 1868 MpKsl5598c58f - ok
    19:27:07.0578 1868 MpKsl66473ea3 - ok
    19:27:07.0609 1868 MpKsl7964368f - ok
    19:27:07.0640 1868 MpKsl7f0bdac6 - ok
    19:27:07.0671 1868 MpKsl8c8586b4 - ok
    19:27:07.0703 1868 MpKsl92f478ed - ok
    19:27:07.0734 1868 MpKsl94aabdc9 - ok
    19:27:07.0781 1868 MpKsl9a0dbf41 - ok
    19:27:07.0812 1868 MpKsla7ed37c2 - ok
    19:27:07.0843 1868 MpKslc7ac387a - ok
    19:27:07.0875 1868 MpKsle3eb0a8d - ok
    19:27:08.0031 1868 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
    19:27:08.0031 1868 mraid35x - ok
    19:27:08.0093 1868 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    19:27:08.0093 1868 MRxDAV - ok
    19:27:08.0156 1868 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    19:27:08.0156 1868 MRxSmb - ok
    19:27:08.0312 1868 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys
    19:27:08.0312 1868 MSDV - ok
    19:27:08.0343 1868 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    19:27:08.0343 1868 Msfs - ok
    19:27:08.0390 1868 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    19:27:08.0390 1868 MSKSSRV - ok
    19:27:08.0437 1868 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    19:27:08.0437 1868 MSPCLOCK - ok
    19:27:08.0468 1868 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    19:27:08.0468 1868 MSPQM - ok
    19:27:08.0515 1868 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    19:27:08.0515 1868 mssmbios - ok
    19:27:08.0546 1868 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
    19:27:08.0546 1868 MSTEE - ok
    19:27:08.0593 1868 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
    19:27:08.0593 1868 Mup - ok
    19:27:08.0640 1868 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    19:27:08.0640 1868 NABTSFEC - ok
    19:27:08.0687 1868 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    19:27:08.0687 1868 NDIS - ok
    19:27:08.0718 1868 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    19:27:08.0718 1868 NdisIP - ok
    19:27:08.0750 1868 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    19:27:08.0750 1868 NdisTapi - ok
    19:27:08.0781 1868 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    19:27:08.0781 1868 Ndisuio - ok
    19:27:08.0828 1868 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    19:27:08.0828 1868 NdisWan - ok
    19:27:08.0890 1868 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    19:27:08.0890 1868 NDProxy - ok
    19:27:08.0937 1868 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    19:27:08.0937 1868 NetBIOS - ok
    19:27:09.0000 1868 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    19:27:09.0015 1868 NetBT - ok
    19:27:09.0109 1868 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
    19:27:09.0109 1868 NIC1394 - ok
    19:27:09.0187 1868 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    19:27:09.0187 1868 Npfs - ok
    19:27:09.0250 1868 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    19:27:09.0265 1868 Ntfs - ok
    19:27:09.0343 1868 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    19:27:09.0343 1868 Null - ok
    19:27:09.0437 1868 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
    19:27:09.0500 1868 nv - ok
    19:27:09.0531 1868 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    19:27:09.0546 1868 NwlnkFlt - ok
    19:27:09.0562 1868 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    19:27:09.0562 1868 NwlnkFwd - ok
    19:27:09.0625 1868 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
    19:27:09.0640 1868 NwlnkIpx - ok
    19:27:09.0656 1868 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
    19:27:09.0656 1868 NwlnkNb - ok
    19:27:09.0687 1868 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
    19:27:09.0687 1868 NwlnkSpx - ok
    19:27:09.0734 1868 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    19:27:09.0734 1868 ohci1394 - ok
    19:27:09.0796 1868 omci (b17228142cec9b3c222239fd935a37ca) C:\WINDOWS\system32\DRIVERS\omci.sys
    19:27:09.0796 1868 omci - ok
    19:27:09.0859 1868 ossrv (103a9b117a7d9903111955cdafe65ac6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
    19:27:09.0859 1868 ossrv - ok
    19:27:09.0921 1868 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
    19:27:09.0921 1868 Parport - ok
    19:27:09.0953 1868 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    19:27:09.0953 1868 PartMgr - ok
    19:27:10.0000 1868 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
    19:27:10.0000 1868 ParVdm - ok
    19:27:10.0046 1868 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
    19:27:10.0046 1868 PCI - ok
    19:27:10.0062 1868 PCIDump - ok
    19:27:10.0109 1868 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
    19:27:10.0109 1868 PCIIde - ok
    19:27:10.0156 1868 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
    19:27:10.0171 1868 Pcmcia - ok
    19:27:10.0187 1868 PDCOMP - ok
    19:27:10.0218 1868 PDFRAME - ok
    19:27:10.0250 1868 PDRELI - ok
    19:27:10.0281 1868 PDRFRAME - ok
    19:27:10.0312 1868 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
    19:27:10.0312 1868 perc2 - ok
    19:27:10.0359 1868 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
    19:27:10.0359 1868 perc2hib - ok
    19:27:10.0515 1868 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    19:27:10.0515 1868 PptpMiniport - ok
    19:27:10.0562 1868 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    19:27:10.0562 1868 PSched - ok
    19:27:10.0593 1868 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    19:27:10.0593 1868 Ptilink - ok
    19:27:10.0656 1868 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
    19:27:10.0656 1868 PxHelp20 - ok
    19:27:10.0687 1868 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
    19:27:10.0687 1868 ql1080 - ok
    19:27:10.0718 1868 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
    19:27:10.0718 1868 Ql10wnt - ok
    19:27:10.0750 1868 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
    19:27:10.0750 1868 ql12160 - ok
    19:27:10.0781 1868 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
    19:27:10.0781 1868 ql1240 - ok
    19:27:10.0812 1868 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
    19:27:10.0812 1868 ql1280 - ok
    19:27:10.0859 1868 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    19:27:10.0859 1868 RasAcd - ok
    19:27:10.0906 1868 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    19:27:10.0906 1868 Rasl2tp - ok
    19:27:10.0968 1868 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    19:27:10.0968 1868 RasPppoe - ok
    19:27:10.0984 1868 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    19:27:10.0984 1868 Raspti - ok
    19:27:11.0031 1868 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    19:27:11.0031 1868 Rdbss - ok
    19:27:11.0046 1868 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    19:27:11.0046 1868 RDPCDD - ok
    19:27:11.0109 1868 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    19:27:11.0109 1868 rdpdr - ok
    19:27:11.0187 1868 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
    19:27:11.0187 1868 RDPWD - ok
    19:27:11.0234 1868 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
    19:27:11.0234 1868 redbook - ok
    19:27:11.0312 1868 rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
    19:27:11.0312 1868 rimmptsk - ok
    19:27:11.0359 1868 rimsptsk (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
    19:27:11.0359 1868 rimsptsk - ok
    19:27:11.0390 1868 rismxdp (f774ecd11a064f0debb2d4395418153c) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
    19:27:11.0406 1868 rismxdp - ok
    19:27:11.0546 1868 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
    19:27:11.0546 1868 sdbus - ok
    19:27:11.0593 1868 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    19:27:11.0593 1868 Secdrv - ok
    19:27:11.0656 1868 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
    19:27:11.0656 1868 serenum - ok
    19:27:11.0687 1868 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
    19:27:11.0687 1868 Serial - ok
    19:27:11.0875 1868 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
    19:27:11.0875 1868 sffdisk - ok
    19:27:11.0906 1868 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
    19:27:11.0906 1868 sffp_sd - ok
    19:27:11.0968 1868 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    19:27:11.0968 1868 Sfloppy - ok
    19:27:12.0015 1868 Simbad - ok
    19:27:12.0078 1868 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
    19:27:12.0078 1868 sisagp - ok
    19:27:12.0109 1868 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    19:27:12.0109 1868 SLIP - ok
    19:27:12.0546 1868 SNPSTD3 (11bb0e11d42cc3a43d741d9b30839be1) C:\WINDOWS\system32\DRIVERS\snpstd3.sys
    19:27:12.0875 1868 SNPSTD3 - ok
    19:27:12.0968 1868 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
    19:27:12.0968 1868 Sparrow - ok
    19:27:13.0031 1868 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    19:27:13.0031 1868 splitter - ok
    19:27:13.0140 1868 spotJ (26feb04babd26efecd7b3d132fcbe354) C:\WINDOWS\system32\Drivers\spotJ.sys
    19:27:13.0140 1868 spotJ - ok
    19:27:13.0187 1868 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
    19:27:13.0203 1868 sr - ok
    19:27:13.0250 1868 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
    19:27:13.0265 1868 Srv - ok
    19:27:13.0296 1868 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
    19:27:13.0296 1868 sscdbhk5 - ok
    19:27:13.0343 1868 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
    19:27:13.0343 1868 ssrtln - ok
    19:27:13.0437 1868 STHDA (3ad78e22210d3fbd9f76de84a8df19b5) C:\WINDOWS\system32\drivers\sthda.sys
    19:27:13.0468 1868 STHDA - ok
    19:27:13.0578 1868 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    19:27:13.0578 1868 streamip - ok
    19:27:13.0609 1868 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    19:27:13.0609 1868 swenum - ok
    19:27:13.0640 1868 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    19:27:13.0640 1868 swmidi - ok
    19:27:13.0718 1868 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
    19:27:13.0718 1868 symc810 - ok
    19:27:13.0734 1868 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
    19:27:13.0734 1868 symc8xx - ok
    19:27:13.0781 1868 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
    19:27:13.0781 1868 sym_hi - ok
    19:27:13.0796 1868 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
    19:27:13.0796 1868 sym_u3 - ok
    19:27:13.0875 1868 SynTP (fa2daa32bed908023272a0f77d625dae) C:\WINDOWS\system32\DRIVERS\SynTP.sys
    19:27:13.0890 1868 SynTP - ok
    19:27:13.0937 1868 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    19:27:13.0937 1868 sysaudio - ok
    19:27:14.0015 1868 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    19:27:14.0031 1868 Tcpip - ok
    19:27:14.0062 1868 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    19:27:14.0062 1868 TDPIPE - ok
    19:27:14.0093 1868 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    19:27:14.0093 1868 TDTCP - ok
    19:27:14.0125 1868 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    19:27:14.0125 1868 TermDD - ok
    19:27:14.0234 1868 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
    19:27:14.0234 1868 tfsnboio - ok
    19:27:14.0250 1868 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
    19:27:14.0265 1868 tfsncofs - ok
    19:27:14.0281 1868 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
    19:27:14.0296 1868 tfsndrct - ok
    19:27:14.0312 1868 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
    19:27:14.0312 1868 tfsndres - ok
    19:27:14.0359 1868 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
    19:27:14.0359 1868 tfsnifs - ok
    19:27:14.0390 1868 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
    19:27:14.0390 1868 tfsnopio - ok
    19:27:14.0406 1868 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
    19:27:14.0406 1868 tfsnpool - ok
    19:27:14.0453 1868 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
    19:27:14.0453 1868 tfsnudf - ok
    19:27:14.0484 1868 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
    19:27:14.0484 1868 tfsnudfa - ok
    19:27:14.0562 1868 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
    19:27:14.0562 1868 TosIde - ok
    19:27:14.0656 1868 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    19:27:14.0656 1868 Udfs - ok
    19:27:14.0687 1868 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
    19:27:14.0687 1868 ultra - ok
    19:27:14.0734 1868 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    19:27:14.0750 1868 Update - ok
    19:27:14.0843 1868 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
    19:27:14.0859 1868 usbaudio - ok
    19:27:14.0906 1868 usbbus (d9f3bb7c292f194f3b053ce295754eb8) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
    19:27:14.0906 1868 usbbus - ok
    19:27:14.0937 1868 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    19:27:14.0937 1868 usbccgp - ok
    19:27:14.0968 1868 UsbDiag (c4f77da649f99fad116ea585376fc164) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
    19:27:14.0968 1868 UsbDiag - ok
    19:27:15.0015 1868 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    19:27:15.0015 1868 usbehci - ok
    19:27:15.0046 1868 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    19:27:15.0046 1868 usbhub - ok
    19:27:15.0109 1868 USBModem (c0613ce45e617bc671de8ebb1b30d175) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
    19:27:15.0109 1868 USBModem - ok
    19:27:15.0187 1868 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    19:27:15.0187 1868 usbprint - ok
    19:27:15.0250 1868 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    19:27:15.0250 1868 usbscan - ok
    19:27:15.0281 1868 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    19:27:15.0281 1868 USBSTOR - ok
    19:27:15.0312 1868 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    19:27:15.0312 1868 usbuhci - ok
    19:27:15.0359 1868 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
    19:27:15.0359 1868 usbvideo - ok
    19:27:15.0421 1868 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    19:27:15.0421 1868 VgaSave - ok
    19:27:15.0453 1868 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
    19:27:15.0468 1868 viaagp - ok
    19:27:15.0500 1868 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
    19:27:15.0500 1868 ViaIde - ok
    19:27:15.0546 1868 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
    19:27:15.0546 1868 VolSnap - ok
    19:27:15.0640 1868 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    19:27:15.0640 1868 Wanarp - ok
    19:27:15.0656 1868 wanatw - ok
    19:27:15.0687 1868 WDICA - ok
    19:27:15.0734 1868 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    19:27:15.0734 1868 wdmaud - ok
    19:27:15.0812 1868 winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
    19:27:15.0859 1868 winachsf - ok
    19:27:16.0062 1868 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
    19:27:16.0062 1868 WmiAcpi - ok
    19:27:16.0156 1868 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
    19:27:16.0156 1868 WpdUsb - ok
    19:27:16.0203 1868 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
    19:27:16.0203 1868 WS2IFSL - ok
    19:27:16.0265 1868 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    19:27:16.0265 1868 WSTCODEC - ok
    19:27:16.0296 1868 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    19:27:16.0296 1868 WudfPf - ok
    19:27:16.0343 1868 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    19:27:16.0343 1868 WudfRd - ok
    19:27:16.0515 1868 MBR (0x1B8) (dea9e81f0228b68c9adaf84c9b0cf931) \Device\Harddisk0\DR0
    19:27:16.0531 1868 \Device\Harddisk0\DR0 - ok
    19:27:16.0546 1868 Boot (0x1200) (4ffc8d15fe39a69b971b4e3f6fb11efb) \Device\Harddisk0\DR0\Partition0
    19:27:16.0546 1868 \Device\Harddisk0\DR0\Partition0 - ok
    19:27:16.0593 1868 Boot (0x1200) (f2883008c82bee2f9c4e6de68bef697a) \Device\Harddisk0\DR0\Partition1
    19:27:16.0593 1868 \Device\Harddisk0\DR0\Partition1 - ok
    19:27:16.0593 1868 ============================================================
    19:27:16.0593 1868 Scan finished
    19:27:16.0593 1868 ============================================================
    19:27:16.0640 0740 Detected object count: 0
    19:27:16.0640 0740 Actual detected object count: 0
    19:30:42.0734 0568 ============================================================
    19:30:42.0734 0568 Scan started
    19:30:42.0734 0568 Mode: Manual;
    19:30:42.0734 0568

    (CONTINUED BELOW)
  5. 952SF

    952SF Newcomer, in training Topic Starter Posts: 34

    Picking up second portion of TDSS Killer

    ============================================================
    19:30:44.0140 0568 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
    19:30:44.0140 0568 61883 - ok
    19:30:44.0187 0568 Abiosdsk - ok
    19:30:44.0234 0568 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
    19:30:44.0234 0568 abp480n5 - ok
    19:30:44.0281 0568 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    19:30:44.0281 0568 ACPI - ok
    19:30:44.0312 0568 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
    19:30:44.0312 0568 ACPIEC - ok
    19:30:44.0359 0568 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
    19:30:44.0359 0568 adpu160m - ok
    19:30:44.0390 0568 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    19:30:44.0390 0568 aec - ok
    19:30:44.0437 0568 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
    19:30:44.0437 0568 AFD - ok
    19:30:44.0468 0568 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
    19:30:44.0468 0568 agp440 - ok
    19:30:44.0484 0568 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
    19:30:44.0500 0568 agpCPQ - ok
    19:30:44.0531 0568 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
    19:30:44.0531 0568 Aha154x - ok
    19:30:44.0562 0568 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
    19:30:44.0562 0568 aic78u2 - ok
    19:30:44.0593 0568 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
    19:30:44.0593 0568 aic78xx - ok
    19:30:44.0656 0568 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
    19:30:44.0656 0568 AliIde - ok
    19:30:44.0687 0568 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
    19:30:44.0703 0568 alim1541 - ok
    19:30:44.0734 0568 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
    19:30:44.0734 0568 amdagp - ok
    19:30:44.0765 0568 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
    19:30:44.0765 0568 amsint - ok
    19:30:44.0812 0568 AngelUsb (b001ead648a3e8fa06af7c221a5c1a4e) C:\WINDOWS\system32\DRIVERS\AngelUsb.sys
    19:30:44.0812 0568 AngelUsb - ok
    19:30:44.0843 0568 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
    19:30:44.0843 0568 APPDRV - ok
    19:30:44.0890 0568 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    19:30:44.0890 0568 Arp1394 - ok
    19:30:44.0937 0568 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
    19:30:44.0937 0568 asc - ok
    19:30:44.0953 0568 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
    19:30:44.0953 0568 asc3350p - ok
    19:30:44.0984 0568 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
    19:30:44.0984 0568 asc3550 - ok
    19:30:45.0109 0568 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    19:30:45.0109 0568 AsyncMac - ok
    19:30:45.0140 0568 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    19:30:45.0140 0568 atapi - ok
    19:30:45.0156 0568 Atdisk - ok
    19:30:45.0281 0568 ati2mtag (bebeb471617782d138b6f92e7c3fab1c) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
    19:30:45.0296 0568 ati2mtag - ok
    19:30:45.0343 0568 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    19:30:45.0343 0568 Atmarpc - ok
    19:30:45.0390 0568 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    19:30:45.0390 0568 audstub - ok
    19:30:45.0421 0568 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
    19:30:45.0421 0568 Avc - ok
    19:30:45.0515 0568 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
    19:30:45.0515 0568 AVGIDSDriver - ok
    19:30:45.0546 0568 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
    19:30:45.0546 0568 AVGIDSEH - ok
    19:30:45.0593 0568 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
    19:30:45.0593 0568 AVGIDSFilter - ok
    19:30:45.0640 0568 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
    19:30:45.0640 0568 AVGIDSShim - ok
    19:30:45.0671 0568 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
    19:30:45.0671 0568 Avgldx86 - ok
    19:30:45.0703 0568 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
    19:30:45.0703 0568 Avgmfx86 - ok
    19:30:45.0734 0568 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
    19:30:45.0734 0568 Avgrkx86 - ok
    19:30:45.0781 0568 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
    19:30:45.0781 0568 Avgtdix - ok
    19:30:45.0875 0568 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
    19:30:45.0875 0568 BCM43XX - ok
    19:30:45.0921 0568 bcm4sbxp (c768c8a463d32c219ce291645a0621a4) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
    19:30:45.0921 0568 bcm4sbxp - ok
    19:30:45.0968 0568 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    19:30:45.0968 0568 Beep - ok
    19:30:46.0062 0568 btaudio (8893ae0b6b9b60e0521a60e8b2160216) C:\WINDOWS\system32\drivers\btaudio.sys
    19:30:46.0062 0568 btaudio - ok
    19:30:46.0093 0568 BTDriver (fde318e3569f57264af74b7e431f60ae) C:\WINDOWS\system32\DRIVERS\btport.sys
    19:30:46.0093 0568 BTDriver - ok
    19:30:46.0156 0568 BTKRNL (9c3c8b9e2eda516eb44b51dab81dbd68) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
    19:30:46.0171 0568 BTKRNL - ok
    19:30:46.0187 0568 BTSERIAL (089f7526ff41c17b0a43896d0553d5a2) C:\WINDOWS\system32\drivers\btserial.sys
    19:30:46.0187 0568 BTSERIAL - ok
    19:30:46.0234 0568 BTWDNDIS (28531ab3183f498e58d93d585e6a6b70) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
    19:30:46.0234 0568 BTWDNDIS - ok
    19:30:46.0281 0568 btwhid (c5c0e21c67089f053b964e0a8b8adbac) C:\WINDOWS\system32\DRIVERS\btwhid.sys
    19:30:46.0281 0568 btwhid - ok
    19:30:46.0296 0568 btwmodem (7d295223c172ab4d61dc256721b2f09e) C:\WINDOWS\system32\DRIVERS\btwmodem.sys
    19:30:46.0296 0568 btwmodem - ok
    19:30:46.0359 0568 BTWUSB (56c701580f2891952761362ba7594b3d) C:\WINDOWS\system32\Drivers\btwusb.sys
    19:30:46.0359 0568 BTWUSB - ok
    19:30:46.0390 0568 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
    19:30:46.0390 0568 cbidf - ok
    19:30:46.0421 0568 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    19:30:46.0421 0568 cbidf2k - ok
    19:30:46.0468 0568 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    19:30:46.0468 0568 CCDECODE - ok
    19:30:46.0484 0568 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
    19:30:46.0484 0568 cd20xrnt - ok
    19:30:46.0531 0568 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    19:30:46.0531 0568 Cdaudio - ok
    19:30:46.0562 0568 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    19:30:46.0562 0568 Cdfs - ok
    19:30:46.0593 0568 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    19:30:46.0593 0568 Cdrom - ok
    19:30:46.0609 0568 Changer - ok
    19:30:46.0703 0568 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
    19:30:46.0703 0568 CmBatt - ok
    19:30:46.0765 0568 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
    19:30:46.0765 0568 CmdIde - ok
    19:30:46.0796 0568 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
    19:30:46.0796 0568 Compbatt - ok
    19:30:46.0875 0568 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
    19:30:46.0875 0568 Cpqarray - ok
    19:30:46.0953 0568 ctsfm2k (8db84de3aab34a8b4c2f644eff41cd76) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
    19:30:46.0953 0568 ctsfm2k - ok
    19:30:46.0984 0568 CTUSFSYN (4ee8822adb764edd28ce44e808097995) C:\WINDOWS\system32\drivers\ctusfsyn.sys
    19:30:46.0984 0568 CTUSFSYN - ok
    19:30:47.0031 0568 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
    19:30:47.0031 0568 dac2w2k - ok
    19:30:47.0046 0568 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
    19:30:47.0046 0568 dac960nt - ok
    19:30:47.0125 0568 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    19:30:47.0125 0568 Disk - ok
    19:30:47.0203 0568 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
    19:30:47.0203 0568 dmboot - ok
    19:30:47.0250 0568 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
    19:30:47.0250 0568 dmio - ok
    19:30:47.0281 0568 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    19:30:47.0281 0568 dmload - ok
    19:30:47.0328 0568 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    19:30:47.0328 0568 DMusic - ok
    19:30:47.0406 0568 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
    19:30:47.0406 0568 dpti2o - ok
    19:30:47.0437 0568 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    19:30:47.0437 0568 drmkaud - ok
    19:30:47.0500 0568 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
    19:30:47.0500 0568 drvmcdb - ok
    19:30:47.0531 0568 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
    19:30:47.0531 0568 drvnddm - ok
    19:30:47.0578 0568 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
    19:30:47.0578 0568 E100B - ok
    19:30:47.0703 0568 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    19:30:47.0703 0568 Fastfat - ok
    19:30:47.0765 0568 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
    19:30:47.0765 0568 Fdc - ok
    19:30:47.0796 0568 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
    19:30:47.0796 0568 Fips - ok
    19:30:47.0843 0568 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    19:30:47.0843 0568 Flpydisk - ok
    19:30:47.0875 0568 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    19:30:47.0875 0568 FltMgr - ok
    19:30:47.0937 0568 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    19:30:47.0937 0568 Fs_Rec - ok
    19:30:47.0953 0568 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    19:30:47.0953 0568 Ftdisk - ok
    19:30:48.0015 0568 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    19:30:48.0015 0568 Gpc - ok
    19:30:48.0078 0568 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    19:30:48.0078 0568 HDAudBus - ok
    19:30:48.0140 0568 HidIr (bb1a6fb7d35a91e599973fa74a619056) C:\WINDOWS\system32\DRIVERS\hidir.sys
    19:30:48.0140 0568 HidIr - ok
    19:30:48.0187 0568 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    19:30:48.0187 0568 HidUsb - ok
    19:30:48.0250 0568 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
    19:30:48.0250 0568 hpn - ok
    19:30:48.0312 0568 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
    19:30:48.0312 0568 HPZid412 - ok
    19:30:48.0343 0568 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
    19:30:48.0343 0568 HPZipr12 - ok
    19:30:48.0390 0568 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
    19:30:48.0390 0568 HPZius12 - ok
    19:30:48.0437 0568 HSFHWAZL (1c8caa80e91fb71864e9426f9eed048d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
    19:30:48.0437 0568 HSFHWAZL - ok
    19:30:48.0484 0568 HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
    19:30:48.0484 0568 HSF_DPV - ok
    19:30:48.0531 0568 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    19:30:48.0531 0568 HTTP - ok
    19:30:48.0593 0568 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
    19:30:48.0593 0568 i2omgmt - ok
    19:30:48.0625 0568 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
    19:30:48.0625 0568 i2omp - ok
    19:30:48.0656 0568 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    19:30:48.0656 0568 i8042prt - ok
    19:30:48.0703 0568 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    19:30:48.0703 0568 Imapi - ok
    19:30:48.0781 0568 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
    19:30:48.0781 0568 ini910u - ok
    19:30:48.0828 0568 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
    19:30:48.0828 0568 IntelIde - ok
    19:30:48.0859 0568 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    19:30:48.0859 0568 intelppm - ok
    19:30:48.0906 0568 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    19:30:48.0906 0568 Ip6Fw - ok
    19:30:48.0937 0568 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    19:30:48.0937 0568 IpFilterDriver - ok
    19:30:48.0984 0568 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    19:30:48.0984 0568 IpInIp - ok
    19:30:49.0031 0568 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    19:30:49.0031 0568 IpNat - ok
    19:30:49.0046 0568 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    19:30:49.0062 0568 IPSec - ok
    19:30:49.0093 0568 IrBus (b43b36b382aea10861f7c7a37f9d4ae2) C:\WINDOWS\system32\DRIVERS\IrBus.sys
    19:30:49.0093 0568 IrBus - ok
    19:30:49.0140 0568 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    19:30:49.0140 0568 IRENUM - ok
    19:30:49.0187 0568 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    19:30:49.0187 0568 isapnp - ok
    19:30:49.0218 0568 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    19:30:49.0218 0568 Kbdclass - ok
    19:30:49.0265 0568 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    19:30:49.0265 0568 kbdhid - ok
    19:30:49.0296 0568 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    19:30:49.0296 0568 kmixer - ok
    19:30:49.0328 0568 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    19:30:49.0328 0568 KSecDD - ok
    19:30:49.0390 0568 Lavasoft Kernexplorer - ok
    19:30:49.0484 0568 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\WINDOWS\system32\DRIVERS\Lbd.sys
    19:30:49.0484 0568 Lbd - ok
    19:30:49.0515 0568 lbrtfdc - ok
    19:30:49.0578 0568 MBAMSwissArmy - ok
    19:30:49.0656 0568 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
    19:30:49.0656 0568 mdmxsdk - ok
    19:30:49.0734 0568 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
    19:30:49.0734 0568 MHNDRV - ok
    19:30:49.0781 0568 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    19:30:49.0781 0568 mnmdd - ok
    19:30:49.0828 0568 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
    19:30:49.0828 0568 Modem - ok
    19:30:49.0921 0568 monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\monfilt.sys
    19:30:49.0937 0568 monfilt - ok
    19:30:49.0953 0568 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    19:30:49.0953 0568 Mouclass - ok
    19:30:50.0000 0568 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    19:30:50.0000 0568 mouhid - ok
    19:30:50.0046 0568 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    19:30:50.0046 0568 MountMgr - ok
    19:30:50.0078 0568 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
    19:30:50.0078 0568 MpFilter - ok
    19:30:50.0203 0568 MpKsl13773142 - ok
    19:30:50.0234 0568 MpKsl149e08a1 - ok
    19:30:50.0265 0568 MpKsl2e820922 - ok
    19:30:50.0296 0568 MpKsl4b46963f - ok
    19:30:50.0328 0568 MpKsl5598c58f - ok
    19:30:50.0359 0568 MpKsl66473ea3 - ok
    19:30:50.0390 0568 MpKsl7964368f - ok
    19:30:50.0421 0568 MpKsl7f0bdac6 - ok
    19:30:50.0437 0568 MpKsl8c8586b4 - ok
    19:30:50.0468 0568 MpKsl92f478ed - ok
    19:30:50.0500 0568 MpKsl94aabdc9 - ok
    19:30:50.0531 0568 MpKsl9a0dbf41 - ok
    19:30:50.0562 0568 MpKsla7ed37c2 - ok
    19:30:50.0593 0568 MpKslc7ac387a - ok
    19:30:50.0625 0568 MpKsle3eb0a8d - ok
    19:30:50.0671 0568 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
    19:30:50.0671 0568 mraid35x - ok
    19:30:50.0718 0568 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    19:30:50.0718 0568 MRxDAV - ok
    19:30:50.0781 0568 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    19:30:50.0781 0568 MRxSmb - ok
    19:30:50.0859 0568 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys
    19:30:50.0859 0568 MSDV - ok
    19:30:50.0890 0568 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    19:30:50.0890 0568 Msfs - ok
    19:30:50.0937 0568 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    19:30:50.0937 0568 MSKSSRV - ok
    19:30:50.0984 0568 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    19:30:50.0984 0568 MSPCLOCK - ok
    19:30:51.0015 0568 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    19:30:51.0015 0568 MSPQM - ok
    19:30:51.0062 0568 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    19:30:51.0062 0568 mssmbios - ok
    19:30:51.0109 0568 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
    19:30:51.0109 0568 MSTEE - ok
    19:30:51.0140 0568 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
    19:30:51.0140 0568 Mup - ok
    19:30:51.0171 0568 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    19:30:51.0171 0568 NABTSFEC - ok
    19:30:51.0234 0568 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    19:30:51.0234 0568 NDIS - ok
    19:30:51.0281 0568 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    19:30:51.0281 0568 NdisIP - ok
    19:30:51.0312 0568 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    19:30:51.0312 0568 NdisTapi - ok
    19:30:51.0359 0568 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    19:30:51.0359 0568 Ndisuio - ok
    19:30:51.0375 0568 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    19:30:51.0375 0568 NdisWan - ok
    19:30:51.0421 0568 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    19:30:51.0437 0568 NDProxy - ok
    19:30:51.0468 0568 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    19:30:51.0468 0568 NetBIOS - ok
    19:30:51.0531 0568 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    19:30:51.0531 0568 NetBT - ok
    19:30:51.0625 0568 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
    19:30:51.0625 0568 NIC1394 - ok
    19:30:51.0671 0568 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    19:30:51.0687 0568 Npfs - ok
    19:30:51.0750 0568 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    19:30:51.0750 0568 Ntfs - ok
    19:30:51.0812 0568 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    19:30:51.0812 0568 Null - ok
    19:30:51.0921 0568 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
    19:30:51.0921 0568 nv - ok
    19:30:51.0953 0568 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    19:30:51.0953 0568 NwlnkFlt - ok
    19:30:51.0984 0568 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    19:30:51.0984 0568 NwlnkFwd - ok
    19:30:52.0031 0568 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
    19:30:52.0031 0568 NwlnkIpx - ok
    19:30:52.0046 0568 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
    19:30:52.0062 0568 NwlnkNb - ok
    19:30:52.0093 0568 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
    19:30:52.0093 0568 NwlnkSpx - ok
    19:30:52.0140 0568 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    19:30:52.0140 0568 ohci1394 - ok
    19:30:52.0187 0568 omci (b17228142cec9b3c222239fd935a37ca) C:\WINDOWS\system32\DRIVERS\omci.sys
    19:30:52.0187 0568 omci - ok
    19:30:52.0250 0568 ossrv (103a9b117a7d9903111955cdafe65ac6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
    19:30:52.0265 0568 ossrv - ok
    19:30:52.0312 0568 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
    19:30:52.0312 0568 Parport - ok
    19:30:52.0343 0568 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    19:30:52.0343 0568 PartMgr - ok
    19:30:52.0375 0568 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
    19:30:52.0375 0568 ParVdm - ok
    19:30:52.0437 0568 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
    19:30:52.0437 0568 PCI - ok
    19:30:52.0453 0568 PCIDump - ok
    19:30:52.0515 0568 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
    19:30:52.0515 0568 PCIIde - ok
    19:30:52.0546 0568 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
    19:30:52.0546 0568 Pcmcia - ok
    19:30:52.0562 0568 PDCOMP - ok
    19:30:52.0593 0568 PDFRAME - ok
    19:30:52.0625 0568 PDRELI - ok
    19:30:52.0656 0568 PDRFRAME - ok
    19:30:52.0703 0568 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
    19:30:52.0703 0568 perc2 - ok
    19:30:52.0734 0568 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
    19:30:52.0734 0568 perc2hib - ok
    19:30:52.0875 0568 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    19:30:52.0875 0568 PptpMiniport - ok
    19:30:52.0921 0568 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    19:30:52.0921 0568 PSched - ok
    19:30:52.0953 0568 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    19:30:52.0953 0568 Ptilink - ok
    19:30:53.0000 0568 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
    19:30:53.0000 0568 PxHelp20 - ok
    19:30:53.0046 0568 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
    19:30:53.0046 0568 ql1080 - ok
    19:30:53.0078 0568 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
    19:30:53.0078 0568 Ql10wnt - ok
    19:30:53.0109 0568 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
    19:30:53.0109 0568 ql12160 - ok
    19:30:53.0140 0568 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
    19:30:53.0140 0568 ql1240 - ok
    19:30:53.0171 0568 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
    19:30:53.0171 0568 ql1280 - ok
    19:30:53.0203 0568 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    19:30:53.0203 0568 RasAcd - ok
    19:30:53.0250 0568 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    19:30:53.0250 0568 Rasl2tp - ok
    19:30:53.0312 0568 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    19:30:53.0312 0568 RasPppoe - ok
    19:30:53.0328 0568 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    19:30:53.0328 0568 Raspti - ok
    19:30:53.0359 0568 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    19:30:53.0359 0568 Rdbss - ok
    19:30:53.0390 0568 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    19:30:53.0390 0568 RDPCDD - ok
    19:30:53.0453 0568 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    19:30:53.0453 0568 rdpdr - ok
    19:30:53.0515 0568 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
    19:30:53.0515 0568 RDPWD - ok
    19:30:53.0562 0568 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
    19:30:53.0578 0568 redbook - ok
    19:30:53.0656 0568 rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
    19:30:53.0656 0568 rimmptsk - ok
    19:30:53.0671 0568 rimsptsk (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
    19:30:53.0671 0568 rimsptsk - ok
    19:30:53.0703 0568 rismxdp (f774ecd11a064f0debb2d4395418153c) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
    19:30:53.0703 0568 rismxdp - ok
    19:30:54.0031 0568 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
    19:30:54.0031 0568 sdbus - ok
    19:30:54.0062 0568 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    19:30:54.0062 0568 Secdrv - ok
    19:30:54.0125 0568 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
    19:30:54.0125 0568 serenum - ok
    19:30:54.0156 0568 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
    19:30:54.0156 0568 Serial - ok
    19:30:54.0281 0568 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
    19:30:54.0281 0568 sffdisk - ok
    19:30:54.0312 0568 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
    19:30:54.0312 0568 sffp_sd - ok
    19:30:54.0328 0568 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    19:30:54.0328 0568 Sfloppy - ok
    19:30:54.0390 0568 Simbad - ok
    19:30:54.0437 0568 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
    19:30:54.0437 0568 sisagp - ok
    19:30:54.0468 0568 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    19:30:54.0468 0568 SLIP - ok
    19:30:54.0875 0568 SNPSTD3 (11bb0e11d42cc3a43d741d9b30839be1) C:\WINDOWS\system32\DRIVERS\snpstd3.sys
    19:30:54.0953 0568 SNPSTD3 - ok
    19:30:55.0062 0568 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
    19:30:55.0062 0568 Sparrow - ok
    19:30:55.0093 0568 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    19:30:55.0093 0568 splitter - ok
    19:30:55.0171 0568 spotJ (26feb04babd26efecd7b3d132fcbe354) C:\WINDOWS\system32\Drivers\spotJ.sys
    19:30:55.0171 0568 spotJ - ok
    19:30:55.0203 0568 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
    19:30:55.0203 0568 sr - ok
    19:30:55.0250 0568 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
    19:30:55.0250 0568 Srv - ok
    19:30:55.0296 0568 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
    19:30:55.0296 0568 sscdbhk5 - ok
    19:30:55.0328 0568 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
    19:30:55.0328 0568 ssrtln - ok
    19:30:55.0421 0568 STHDA (3ad78e22210d3fbd9f76de84a8df19b5) C:\WINDOWS\system32\drivers\sthda.sys
    19:30:55.0437 0568 STHDA - ok
    19:30:55.0500 0568 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    19:30:55.0500 0568 streamip - ok
    19:30:55.0531 0568 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    19:30:55.0531 0568 swenum - ok
    19:30:55.0546 0568 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    19:30:55.0546 0568 swmidi - ok
    19:30:55.0625 0568 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
    19:30:55.0625 0568 symc810 - ok
    19:30:55.0656 0568 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
    19:30:55.0656 0568 symc8xx - ok
    19:30:55.0687 0568 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
    19:30:55.0687 0568 sym_hi - ok
    19:30:55.0718 0568 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
    19:30:55.0718 0568 sym_u3 - ok
    19:30:55.0781 0568 SynTP (fa2daa32bed908023272a0f77d625dae) C:\WINDOWS\system32\DRIVERS\SynTP.sys
    19:30:55.0781 0568 SynTP - ok
    19:30:55.0828 0568 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    19:30:55.0828 0568 sysaudio - ok
    19:30:55.0906 0568 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    19:30:55.0906 0568 Tcpip - ok
    19:30:55.0937 0568 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    19:30:55.0937 0568 TDPIPE - ok
    19:30:55.0968 0568 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    19:30:55.0968 0568 TDTCP - ok
    19:30:56.0015 0568 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    19:30:56.0015 0568 TermDD - ok
    19:30:56.0093 0568 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
    19:30:56.0093 0568 tfsnboio - ok
    19:30:56.0125 0568 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
    19:30:56.0125 0568 tfsncofs - ok
    19:30:56.0156 0568 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
    19:30:56.0156 0568 tfsndrct - ok
    19:30:56.0187 0568 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
    19:30:56.0187 0568 tfsndres - ok
    19:30:56.0234 0568 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
    19:30:56.0234 0568 tfsnifs - ok
    19:30:56.0265 0568 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
    19:30:56.0265 0568 tfsnopio - ok
    19:30:56.0281 0568 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
    19:30:56.0296 0568 tfsnpool - ok
    19:30:56.0328 0568 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
    19:30:56.0328 0568 tfsnudf - ok
    19:30:56.0359 0568 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
    19:30:56.0359 0568 tfsnudfa - ok
    19:30:56.0484 0568 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
    19:30:56.0484 0568 TosIde - ok
    19:30:56.0578 0568 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    19:30:56.0578 0568 Udfs - ok
    19:30:56.0625 0568 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
    19:30:56.0625 0568 ultra - ok
    19:30:56.0671 0568 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    19:30:56.0687 0568 Update - ok
    19:30:56.0750 0568 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
    19:30:56.0750 0568 usbaudio - ok
    19:30:56.0796 0568 usbbus (d9f3bb7c292f194f3b053ce295754eb8) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
    19:30:56.0796 0568 usbbus - ok
    19:30:56.0828 0568 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    19:30:56.0828 0568 usbccgp - ok
    19:30:56.0859 0568 UsbDiag (c4f77da649f99fad116ea585376fc164) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
    19:30:56.0859 0568 UsbDiag - ok
    19:30:56.0906 0568 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    19:30:56.0906 0568 usbehci - ok
    19:30:56.0953 0568 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    19:30:56.0953 0568 usbhub - ok
    19:30:56.0984 0568 USBModem (c0613ce45e617bc671de8ebb1b30d175) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
    19:30:56.0984 0568 USBModem - ok
    19:30:57.0031 0568 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    19:30:57.0031 0568 usbprint - ok
    19:30:57.0062 0568 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    19:30:57.0062 0568 usbscan - ok
    19:30:57.0109 0568 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    19:30:57.0109 0568 USBSTOR - ok
    19:30:57.0125 0568 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    19:30:57.0125 0568 usbuhci - ok
    19:30:57.0187 0568 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
    19:30:57.0187 0568 usbvideo - ok
    19:30:57.0234 0568 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    19:30:57.0234 0568 VgaSave - ok
    19:30:57.0265 0568 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
    19:30:57.0265 0568 viaagp - ok
    19:30:57.0296 0568 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
    19:30:57.0296 0568 ViaIde - ok
    19:30:57.0328 0568 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
    19:30:57.0328 0568 VolSnap - ok
    19:30:57.0421 0568 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    19:30:57.0421 0568 Wanarp - ok
    19:30:57.0437 0568 wanatw - ok
    19:30:57.0468 0568 WDICA - ok
    19:30:57.0515 0568 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    19:30:57.0515 0568 wdmaud - ok
    19:30:57.0593 0568 winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
    19:30:57.0609 0568 winachsf - ok
    19:30:57.0781 0568 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
    19:30:57.0796 0568 WmiAcpi - ok
    19:30:57.0875 0568 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
    19:30:57.0875 0568 WpdUsb - ok
    19:30:57.0921 0568 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
    19:30:57.0921 0568 WS2IFSL - ok
    19:30:57.0953 0568 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    19:30:57.0953 0568 WSTCODEC - ok
    19:30:58.0000 0568 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    19:30:58.0000 0568 WudfPf - ok
    19:30:58.0031 0568 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    19:30:58.0031 0568 WudfRd - ok
    19:30:58.0250 0568 MBR (0x1B8) (dea9e81f0228b68c9adaf84c9b0cf931) \Device\Harddisk0\DR0
    19:30:58.0250 0568 \Device\Harddisk0\DR0 - ok
    19:30:58.0296 0568 Boot (0x1200) (4ffc8d15fe39a69b971b4e3f6fb11efb) \Device\Harddisk0\DR0\Partition0
    19:30:58.0296 0568 \Device\Harddisk0\DR0\Partition0 - ok
    19:30:58.0328 0568 Boot (0x1200) (f2883008c82bee2f9c4e6de68bef697a) \Device\Harddisk0\DR0\Partition1
    19:30:58.0343 0568 \Device\Harddisk0\DR0\Partition1 - ok
    19:30:58.0343 0568 ============================================================
    19:30:58.0343 0568 Scan finished
    19:30:58.0343 0568 ============================================================
    19:30:58.0390 0552 Detected object count: 0
    19:30:58.0390 0552 Actual detected object count: 0
    19:31:13.0515 0744 Deinitialize success

    RKill
    This log file is located at C:\rkill.log.
    Please post this only if requested to by the person helping you.
    Otherwise you can close this log when you wish.

    Rkill was run on 12/08/2011 at 19:59:23.
    Operating System: Microsoft Windows XP

    Processes terminated by Rkill or while it was running:

    Rkill completed on 12/08/2011 at 19:59:26.

    New Malwarebytes
    Malwarebytes' Anti-Malware 1.51.2.1300
    www.malwarebytes.org

    Database version: 8336

    Windows 5.1.2600 Service Pack 3 (Safe Mode)
    Internet Explorer 8.0.6001.18702

    12/8/2011 8:38:31 PM
    mbam-log-2011-12-08 (20-38-31).txt

    Scan type: Full scan (C:\|D:\|)
    Objects scanned: 295403
    Time elapsed: 36 minute(s), 40 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

    DDS
    same as before...

    Still in safe mode - never required a restart. If I don't hear tonight, I'll shut it down and wait until I hear back if I should restart normal or safe mode.

    Thanks!
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    You can shut down for the night and startup in Normal Mode when you're up again. Try the following for DDS:

    Please download this file: xp_scr_fix

    Unpack (unzip) the file onto your desktop and double-click it. You will be asked if you wish to merge the file with you registry, say Yes.

    You should then be able to run DDS.scr. It's the .scr file extension cauing the problem.
  7. 952SF

    952SF Newcomer, in training Topic Starter Posts: 34

    DDS.txt follows
    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702
    Run by Advanced Tree Health at 22:32:13 on 2011-12-08
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.420 [GMT -5:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
    AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    svchost.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
    C:\WINDOWS\system32\Rundll32.exe
    C:\DOCUME~1\ADVANC~1\LOCALS~1\Temp\clclean.0001
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe
    C:\WINDOWS\vsnpstd3.exe
    C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\program files\real\realplayer\update\realsched.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    C:\WINDOWS\system32\ctfmon.exe
    svchost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\AVG\AVG2012\avgnsx.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\Program Files\CoPilot\Navigator9\App\Spot2741.exe
    svchost.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = <local>
    mSearchAssistant = hxxp://www.google.com/ie
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
    BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    uRun: [SetDefaultMIDI] MIDIDef.exe
    uRun: [Creative Detector] "c:\program files\creative\mediasource\detector\CTDetect.exe" /R
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [Google Update] "c:\documents and settings\advanced tree health\local settings\application data\google\update\GoogleUpdate.exe" /c
    mRun: [ehTray] c:\windows\ehome\ehtray.exe
    mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
    mRun: [SigmatelSysTrayApp] stsystra.exe
    mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay
    mRun: [CTSysVol] c:\program files\creative\sbaudigy\surround mixer\CTSysVol.exe /r
    mRun: [MBMon] Rundll32 CTMBHA.DLL,MBMon
    mRun: [UpdReg] c:\windows\UpdReg.EXE
    mRun: [VoiceCenter] "c:\program files\creative\voicecenter\AndreaVC.exe" /tray
    mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -startup
    mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
    mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe
    mRun: [HPWUTOOLBOX] c:\program files\hp\hp officejet pro k550 series\toolbox\HPWUTBX.exe "-i"
    mRun: [snpstd3] c:\windows\vsnpstd3.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
    mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVWSzItQUxZTUYtU0xLTFUtQVoyVUItNkdPS0ItSkhGTkg"&"inst=NzctNDc2MjAyNDU5LUJBKzEtS1YzKzctWEwrMS1UNS1VQ0FMTCsxLVNUMSsyLUZQOSs2LUJBUjlHKzEtVEI5KzItRkwrOS1GMTBNKzUtQjE"&"prod=90"&"ver=10.0.1170
    dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
    IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB
    DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1267906116606
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1267904702622
    DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.11.1
    TCP: Interfaces\{4B2D2939-96A0-48E7-90D5-38B1CC1085F0} : DhcpNameServer = 192.168.11.1
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Notify: AtiExtEvent - Ati2evxx.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-5-27 64288]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
    R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 165648]
    R1 MpKsl5c08b3b0;MpKsl5c08b3b0;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d40444dd-f577-4429-a66f-caf03099a96f}\MpKsl5c08b3b0.sys [2011-12-8 29904]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
    R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
    R2 SpotGPSMaxim;Spot GPS Maxim;c:\program files\copilot\navigator9\app\Spot2741.exe [2006-3-30 651385]
    S1 MpKsl13773142;MpKsl13773142;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ecedad52-a166-49c2-a377-8cc259072156}\mpksl13773142.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ecedad52-a166-49c2-a377-8cc259072156}\MpKsl13773142.sys [?]
    S1 MpKsl149e08a1;MpKsl149e08a1;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{813d93dd-3122-4d9e-ab3a-b7a50d4663cc}\mpksl149e08a1.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{813d93dd-3122-4d9e-ab3a-b7a50d4663cc}\MpKsl149e08a1.sys [?]
    S1 MpKsl2e820922;MpKsl2e820922;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8f1b79ea-9ca8-45cb-8ea5-431c750027ba}\mpksl2e820922.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8f1b79ea-9ca8-45cb-8ea5-431c750027ba}\MpKsl2e820922.sys [?]
    S1 MpKsl4b46963f;MpKsl4b46963f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{42b8275f-8bfc-46c7-8ef7-c062896d549b}\mpksl4b46963f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{42b8275f-8bfc-46c7-8ef7-c062896d549b}\MpKsl4b46963f.sys [?]
    S1 MpKsl5598c58f;MpKsl5598c58f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{eb007111-a7d0-4ff3-b2a9-8b5e009669bd}\mpksl5598c58f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{eb007111-a7d0-4ff3-b2a9-8b5e009669bd}\MpKsl5598c58f.sys [?]
    S1 MpKsl66473ea3;MpKsl66473ea3;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f98218b8-a971-4023-aef7-e281bd4153c5}\mpksl66473ea3.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f98218b8-a971-4023-aef7-e281bd4153c5}\MpKsl66473ea3.sys [?]
    S1 MpKsl7964368f;MpKsl7964368f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{4a10a92c-07c2-4547-8255-d8db1a4c279b}\mpksl7964368f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{4a10a92c-07c2-4547-8255-d8db1a4c279b}\MpKsl7964368f.sys [?]
    S1 MpKsl7f0bdac6;MpKsl7f0bdac6;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e6567685-3c5d-449f-9388-c1e9edd81301}\mpksl7f0bdac6.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e6567685-3c5d-449f-9388-c1e9edd81301}\MpKsl7f0bdac6.sys [?]
    S1 MpKsl8c8586b4;MpKsl8c8586b4;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0a4affb2-a1fa-44e7-b778-b79f33f2416c}\mpksl8c8586b4.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0a4affb2-a1fa-44e7-b778-b79f33f2416c}\MpKsl8c8586b4.sys [?]
    S1 MpKsl92f478ed;MpKsl92f478ed;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{febe9444-402f-4f56-879d-c42f164240af}\mpksl92f478ed.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{febe9444-402f-4f56-879d-c42f164240af}\MpKsl92f478ed.sys [?]
    S1 MpKsl94aabdc9;MpKsl94aabdc9;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{aa6579cf-3493-4a2a-b669-7b0617c42ebd}\mpksl94aabdc9.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{aa6579cf-3493-4a2a-b669-7b0617c42ebd}\MpKsl94aabdc9.sys [?]
    S1 MpKsl9a0dbf41;MpKsl9a0dbf41;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f98218b8-a971-4023-aef7-e281bd4153c5}\mpksl9a0dbf41.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f98218b8-a971-4023-aef7-e281bd4153c5}\MpKsl9a0dbf41.sys [?]
    S1 MpKsla7ed37c2;MpKsla7ed37c2;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9431a577-e1e7-464f-ad4c-646f10433dc5}\mpksla7ed37c2.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9431a577-e1e7-464f-ad4c-646f10433dc5}\MpKsla7ed37c2.sys [?]
    S1 MpKslc7ac387a;MpKslc7ac387a;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{47314363-1558-4d32-9ac9-5c506e8f9b5a}\mpkslc7ac387a.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{47314363-1558-4d32-9ac9-5c506e8f9b5a}\MpKslc7ac387a.sys [?]
    S1 MpKsle3eb0a8d;MpKsle3eb0a8d;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ecedad52-a166-49c2-a377-8cc259072156}\mpksle3eb0a8d.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ecedad52-a166-49c2-a377-8cc259072156}\MpKsle3eb0a8d.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate1c99e0ae2c282a;Google Update Service (gupdate1c99e0ae2c282a);c:\program files\google\update\GoogleUpdate.exe [2009-3-5 133104]
    S3 AngelUsb;Angel USB MPEG Device;c:\windows\system32\drivers\AngelUsb.sys [2006-7-22 386560]
    S3 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
    S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134608]
    S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
    S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-3-5 133104]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
    S3 spotJ;Spot Software GPS USB Driver;c:\windows\system32\drivers\spotJ.sys [2006-8-1 34304]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== Created Last 30 ================
    .
    2011-12-09 03:28:25 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d40444dd-f577-4429-a66f-caf03099a96f}\MpKsl5c08b3b0.sys
    2011-12-09 03:28:13 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d40444dd-f577-4429-a66f-caf03099a96f}\offreg.dll
    2011-12-08 06:36:33 6823496 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d40444dd-f577-4429-a66f-caf03099a96f}\mpengine.dll
    2011-12-07 05:23:17 297728 ----a-w- c:\windows\system32\dllcache\ac97sis.sys
    2011-12-07 05:23:16 96256 ----a-w- c:\windows\system32\dllcache\ac97intc.sys
    2011-12-07 05:23:16 231552 ----a-w- c:\windows\system32\dllcache\ac97ali.sys
    2011-12-07 05:23:14 462848 ----a-w- c:\windows\system32\dllcache\a3dapi.dll
    2011-12-07 05:23:13 38400 ----a-w- c:\windows\system32\dllcache\8514a.dll
    2011-12-07 05:23:11 12288 ----a-w- c:\windows\system32\dllcache\4mmdat.sys
    2011-12-07 05:23:10 148352 ----a-w- c:\windows\system32\dllcache\3dfxvsm.sys
    2011-12-07 05:23:09 689216 ----a-w- c:\windows\system32\dllcache\3dfxvs.dll
    2011-12-07 05:23:08 762780 ----a-w- c:\windows\system32\dllcache\3cwmcru.sys
    2011-12-07 05:23:07 11264 ----a-w- c:\windows\system32\dllcache\1394vdbg.sys
    2011-12-07 04:51:12 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll
    2011-12-07 04:50:52 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
    2011-12-07 04:50:28 7680 ----a-w- c:\windows\system32\dllcache\inetmgr.exe
    2011-12-07 04:50:28 19968 ----a-w- c:\windows\system32\dllcache\inetsloc.dll
    2011-12-07 04:50:26 169984 ----a-w- c:\windows\system32\dllcache\iisui.dll
    2011-12-07 04:50:24 5632 ----a-w- c:\windows\system32\dllcache\iisrstap.dll
    2011-12-07 04:50:24 14336 ----a-w- c:\windows\system32\dllcache\iisreset.exe
    2011-12-07 04:50:22 6144 ----a-w- c:\windows\system32\dllcache\ftpsapi2.dll
    2011-12-06 02:21:10 -------- d-----w- c:\documents and settings\advanced tree health\application data\AVG
    2011-12-06 00:08:02 -------- d--h--w- C:\$AVG
    2011-12-05 23:39:20 -------- d-----w- c:\documents and settings\advanced tree health\application data\AVG2012
    2011-12-05 23:35:38 -------- d-----w- c:\windows\system32\drivers\AVG
    2011-12-05 23:35:38 -------- d-----w- c:\documents and settings\all users\application data\AVG2012
    2011-11-23 05:43:35 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
    2011-11-23 05:41:48 -------- d-----w- c:\documents and settings\advanced tree health\local settings\application data\Apple
    2011-11-23 05:40:23 -------- d-----w- c:\documents and settings\advanced tree health\local settings\application data\Apple Computer
    .
    ==================== Find3M ====================
    .
    2011-11-16 01:51:27 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-10-24 19:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2011-10-24 19:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
    2011-10-07 11:23:48 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys
    2011-10-04 11:21:42 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys
    2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll
    2011-09-26 15:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
    2011-09-26 15:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
    2011-09-26 15:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
    2011-09-13 11:30:10 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
    .
    ============= FINISH: 22:33:25.58 ===============


    Attach.txt
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume2
    Install Date: 7/27/2006 6:20:34 PM
    System Uptime: 12/8/2011 10:26:59 PM (0 hours ago)
    .
    Motherboard: Dell Inc. | | 0XD720
    Processor: Genuine Intel(R) CPU T2400 @ 1.83GHz | Microprocessor | 1830/166mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 51 GiB total, 10.393 GiB free.
    D: is FIXED (NTFS) - 17 GiB total, 4.605 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP1092: 10/14/2011 6:57:28 PM - Software Distribution Service 3.0
    RP1093: 10/15/2011 7:50:35 PM - Software Distribution Service 3.0
    RP1094: 10/17/2011 12:52:36 AM - Software Distribution Service 3.0
    RP1095: 10/18/2011 6:42:16 PM - Software Distribution Service 3.0
    RP1096: 10/19/2011 9:33:11 PM - Software Distribution Service 3.0
    RP1097: 10/21/2011 1:49:32 AM - Software Distribution Service 3.0
    RP1098: 10/22/2011 8:53:11 PM - Software Distribution Service 3.0
    RP1099: 10/23/2011 2:52:29 PM - Software Distribution Service 3.0
    RP1100: 10/26/2011 9:28:56 PM - Software Distribution Service 3.0
    RP1101: 10/26/2011 9:43:49 PM - Software Distribution Service 3.0
    RP1102: 10/26/2011 11:48:50 PM - Software Distribution Service 3.0
    RP1103: 10/28/2011 2:23:06 AM - Software Distribution Service 3.0
    RP1104: 10/29/2011 9:29:07 PM - Software Distribution Service 3.0
    RP1105: 10/31/2011 8:35:15 AM - Software Distribution Service 3.0
    RP1106: 11/2/2011 1:24:38 AM - Software Distribution Service 3.0
    RP1107: 11/3/2011 2:27:41 AM - Software Distribution Service 3.0
    RP1108: 11/4/2011 9:19:34 PM - Software Distribution Service 3.0
    RP1109: 11/5/2011 11:02:18 PM - Software Distribution Service 3.0
    RP1110: 11/7/2011 8:38:19 PM - Software Distribution Service 3.0
    RP1111: 11/8/2011 9:40:07 PM - Software Distribution Service 3.0
    RP1112: 11/9/2011 3:00:19 AM - Software Distribution Service 3.0
    RP1113: 11/9/2011 9:34:24 PM - Software Distribution Service 3.0
    RP1114: 11/11/2011 12:51:11 AM - System Checkpoint
    RP1115: 11/11/2011 2:53:58 PM - Software Distribution Service 3.0
    RP1116: 11/11/2011 3:04:08 PM - Software Distribution Service 3.0
    RP1117: 11/12/2011 3:20:16 PM - Software Distribution Service 3.0
    RP1118: 11/13/2011 9:06:39 PM - Software Distribution Service 3.0
    RP1119: 11/14/2011 9:19:55 PM - System Checkpoint
    RP1120: 11/15/2011 9:02:34 PM - Software Distribution Service 3.0
    RP1121: 11/17/2011 8:38:17 PM - Software Distribution Service 3.0
    RP1122: 11/19/2011 9:58:04 PM - Software Distribution Service 3.0
    RP1123: 11/20/2011 2:07:31 AM - Software Distribution Service 3.0
    RP1124: 11/21/2011 10:18:21 PM - Software Distribution Service 3.0
    RP1125: 11/23/2011 12:42:45 AM - Installed QuickTime
    RP1126: 11/23/2011 11:29:35 PM - Software Distribution Service 3.0
    RP1127: 11/25/2011 11:07:22 AM - Software Distribution Service 3.0
    RP1128: 11/26/2011 2:38:48 PM - Software Distribution Service 3.0
    RP1129: 11/27/2011 9:03:20 PM - Software Distribution Service 3.0
    RP1130: 11/28/2011 11:27:01 PM - Software Distribution Service 3.0
    RP1131: 11/30/2011 8:48:21 PM - Software Distribution Service 3.0
    RP1132: 12/1/2011 9:47:09 PM - Software Distribution Service 3.0
    RP1133: 12/2/2011 10:23:25 PM - Software Distribution Service 3.0
    RP1134: 12/4/2011 2:49:01 PM - Software Distribution Service 3.0
    RP1135: 12/5/2011 4:14:46 PM - System Checkpoint
    RP1136: 12/5/2011 6:32:27 PM - Installed AVG 2012
    RP1137: 12/5/2011 6:34:34 PM - Installed AVG 2012
    RP1138: 12/6/2011 11:08:22 PM - Restore Operation
    RP1139: 12/6/2011 11:16:35 PM - Restore Operation
    RP1140: 12/7/2011 12:49:22 AM - Restore Operation
    RP1141: 12/7/2011 12:50:57 AM - Installed Microsoft Fix it 50203
    .
    ==== Installed Programs ======================
    .
    32 Bit HP CIO Components Installer
    Acrobat.com
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Reader 9.3.2
    Adobe Shockwave Player
    Adobe SVG Viewer 3.0
    AIO_Scan
    Amazon MP3 Downloader 1.0.9
    Andrea VoiceCenter
    AOLIcon
    Apple Application Support
    Apple Software Update
    ATI Catalyst Control Center
    ATI Display Driver
    Audacity 1.2.6
    Avery Wizard 3.1
    AVG 2012
    AVG PC Tuneup 2011
    AVS Audio Editor version 4.2
    AVS4YOU Software Navigator 1.3
    BitPim 1.0.6
    Broadcom Management Programs
    Compatibility Pack for the 2007 Office system
    Conexant HDA D110 MDC V.92 Modem
    CoPilot - Navigator 9
    Corel Photo Album 6
    Coupon Printer for Windows
    Creative MediaSource
    DeductionPro 2007
    DeductionPro 2008
    Dell Digital Jukebox Driver
    Dell Driver Download Manager
    Dell System Restore
    Dell Wireless WLAN Card
    Digital Content Portal
    Dirr on Woody Landscape Plants
    Documentation & Support Launcher
    doPDF 6.1 printer
    DWG TrueView 2012
    ELIcon
    Fax
    FormatFactory 2.20
    Games, Music, & Photos Launcher
    Google Chrome
    Google Earth
    Google Update Helper
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP Officejet Pro K550 Series
    HP Photosmart All-In-One Software 9.0
    Image Resizer Powertoy for Windows XP
    Java Auto Updater
    Java(TM) 6 Update 23
    LAME v3.98.2 for Audacity
    LG USB Modem driver
    Malwarebytes' Anti-Malware version 1.51.2.1300
    MCU
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2572067)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Antimalware
    Microsoft Application Error Reporting
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Digital Image Pro 9
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Basic Edition 2003
    Microsoft Office File Validation Add-In
    Microsoft Office XP Professional
    Microsoft Plus! Digital Media Edition Installer
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Works 6-9 Converter
    Misc
    Modem Helper
    Move Media Player
    MSXML 4.0 SP2 (KB973688)
    MyPublisher
    NetWaiting
    Newtin Applications Web
    Nvu 1.0
    PayWindow 2011 Payroll 9.0 Build 9.0.43
    Picasa 3
    PowerDVD 5.7
    PS_AIO_02_Software_min
    QuickSet
    QuickTime
    RAD Video Tools
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealPlayer
    RealUpgrade 1.1
    Rhapsody Player Engine
    Scan
    Search Assist
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB2416400)
    Security Update for Windows Internet Explorer 8 (KB2482017)
    Security Update for Windows Internet Explorer 8 (KB2497640)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2530548)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2559049)
    Security Update for Windows Internet Explorer 8 (KB2586448)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Skype™ 4.1
    Sonic Copy Module
    Sonic DLA
    Sonic Encoders
    Sonic Express Labeler
    Sonic MyDVD Plus
    Sonic RecordNow Audio
    Sonic RecordNow Data
    Sonic Update Manager
    Sound Blaster ADVANCED MB Drivers
    Sound Blaster Audigy ADVANCED MB
    Spelling Dictionaries Support For Adobe Reader 9
    Synaptics Pointing Device Driver
    TaxCut Business 2007 (Remove Only)
    TaxCut Ohio 2007
    TaxCut Ohio 2008
    TaxCut Premium + State + Efile 2007
    TaxCut Premium + State + Efile 2008
    Toolbox
    UGuide
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
    Update for Windows Internet Explorer 8 (KB975364)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Media Player 10 (KB910393)
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    WebFldrs XP
    WIDCOMM Bluetooth Software
    Windows Driver Package - Philips SPOT USB (03/30/2006 1.0.3.0)
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Internet Explorer 8
    Windows Live installer
    Windows Live Messenger
    Windows Media Format 11 runtime
    Windows Media Player 10
    Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
    Windows Media Player 11
    Windows XP Service Pack 3
    .
    ==== Event Viewer Messages From Past Week ========
    .
    12/8/2011 7:29:28 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.307.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
    12/8/2011 7:26:01 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
    12/8/2011 7:20:52 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: APPDRV Avgldx86 Avgmfx86 Fips intelppm MpFilter
    12/8/2011 1:02:05 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.307.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
    12/7/2011 9:48:26 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.307.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
    12/7/2011 8:54:18 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.307.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
    12/7/2011 1:04:01 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.307.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
    12/6/2011 9:26:31 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.307.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
    12/6/2011 9:18:49 PM, error: Service Control Manager [7003] - The TCP/IP NetBIOS Helper service depends on the following nonexistent service: NetBT
    12/6/2011 9:18:49 PM, error: Service Control Manager [7003] - The DHCP Client service depends on the following nonexistent service: NetBT
    12/6/2011 11:40:42 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.307.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
    12/6/2011 11:28:12 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
    12/6/2011 11:27:49 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD APPDRV Avgldx86 Avgmfx86 Avgtdix Fips intelppm IPSec MpFilter MRxSmb NetBIOS RasAcd Rdbss Tcpip
    12/6/2011 11:27:49 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
    12/6/2011 11:27:49 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
    12/6/2011 11:27:49 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    12/6/2011 11:27:07 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    12/6/2011 11:23:57 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.307.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
    12/5/2011 6:20:59 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.307.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
    12/5/2011 6:11:19 PM, error: Service Control Manager [7003] - The Computer Browser service depends on the following nonexistent service: LanmanServer
    12/5/2011 10:13:15 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
    .
    ==== End Of File ===========================


    Much appreciated.
  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    Question: Install Date: 7/27/2006 6:20:34 PM The only update I see are for the NET and IE. Where are the security/Windows updates for the OS?

    You need to look into this
    If you are using MSE now, it does not appear to be installed correctly.
    =========================================
    I'd like you to run Combofix- but it won't run with AVG. Since you appear to be using MSE now, you can leave AVG uninstalled.

    Download AppRemover and save to the desktop
    1. Double click the setup on the desktop> click Next
    2. Select “Remove Security Application”
    3. Let scan finish to determine security apps
    4. A screen like below will appear:
      [​IMG]
    5. Click on Next after choice has been made
    6. Check the AVG program you want to uninstall
    7. After uninstall shows complete, follow online prompts to Exit the program.

    Note: If you get Microsoft Security Essentials correctly installed, do not put either of the following AV on the system. If you are not going to use MSE, then it should be completely uninstalled, then one of the following put on the system after you uninstall AVG.

    Temporary AV: Use one:
    Avira-AntiVir-Personal-Free-Antivirus
    Avast Free Version
    =============================
    Please note: If you have previously run Combofix and it's still on the system, please uninstall it. Then download the current version and do the scan: Uninstall directions, if needed
    • Click START> then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    --------------------------------------
    Download Combofix from HERE or HERE and save to the desktop
    • Double click combofix.exe & follow the prompts.
    • ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
      **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
      ***Please note: if you have downloaded Combofix to a flash drive, then run it on the infected machine> the Recovery Console will not install- just bypass and go on.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    • Once installed, you should see a blue screen prompt that says:
      The Recovery Console was successfully installed.
    • .Click on Yes, to continue scanning for malware
    • .If Combofix asks you to update the program, allow
    • .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • .Close any open browsers.
    • .Double click combofix.exe[​IMG] & follow the prompts to run.
    • When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..
    Re-enable your Antivirus software.

    Note 1:Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    Note 2: ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
    Note 3: Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
    Note 4: CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
    Note 5: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion", restart computer to fix the issue.
    =================================
    To run the Eset Online Virus Scan:
    If you use Internet Explorer:
    1. Open the ESETOnlineScan
    2. Skip to #4 to "Continue with the directions"

      If you are using a browser other than Internet Explorer
    3. Open Eset Smart Installer
      [o] Click on the esetsmartinstaller_enu.exelink and save to the desktop.
      [o] Double click on the desktop icon to run.
      [o] After successful installation of the ESET Smart Installer, the ESET Online Scanner will be launched in a new Window
    4. Continue with the directions.
    5. Check 'Yes I accept terms of use.'
    6. Click Start button
    7. Accept any security warnings from your browser.
      [​IMG]
    8. Uncheck 'Remove found threats'
    9. Check 'Scan archives/
    10. Leave remaining settings as is.
    11. Press the Start button.
    12. ESET will then download updates for itself, install itself, and begin scanning your computer. Please wait for the scan to finish.
    13. When the scan completes, press List of found threats
    14. Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
    15. Push the Back button, then Finish
    NOTE: If no malware is found then no log will be produced. Let me know if this is the case.
    ==================================
    Please update Java: Java Updates . Uninstall any earlier versions in Add/Remove Programs as they are vulnerabilities for the system.
    ----------------------
    There will be malware in the Java cache due to the outdated version on the system:
    To clear the Java Plug-in cache:

    • [1]. Click Start > Control Panel.
      [2]. Double-click the Java icon in the control panel. [​IMG] The Java Control Panel appears.
      [​IMG]
      [3].Click Settings under Temporary Internet Files.The Temporary Files Settings dialog box appears.
      [​IMG]
      [4] Click Delete Files.The Delete Temporary Files dialog box appears.
      [​IMG]
      [5]. Click OK on Delete Temporary Files window.
      Note: This deletes all the Downloaded Applications and Applets from the cache.
      [6]. Click Apply> OK on Temporary Files Settings window.
    Images courtesy java.com
    ====================================
    Please leave the logs in your next reply.
  9. 952SF

    952SF Newcomer, in training Topic Starter Posts: 34

    Waiting for ESET to complete scan. In the mean time:

    Regarding MSE: I uninstalled )with AppRemover) and reinstalled. It updated as part of installation, then when I click on the "Update" button, I get error code 0x80070424 According to Microsoft's support page that means I am missing a file "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" Using Windows search for that file name, it turned up in the following locations:
    C:\i386
    C:\WINDOWS\System32
    C:\WINDOWS\ServicePackFiles\i386
    but not in the directory path indicated by MS. I did not pursue this further as I did not want to interfere with what you are helping accomplish. MS says I should run Windows Update Troubleshooter...

    Also of note, AVG does not show up on the list of programs to be removed via AppRemover. I used AVG's own uninstall function to do that.

    I will post the ESET log when that is complete. For now...

    Following is the Combofix Log
    ComboFix 11-12-10.01 - Advanced Tree Health 12/10/2011 23:36:49.1.2 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.540 [GMT -5:00]
    Running from: c:\documents and settings\Advanced Tree Health\Desktop\ComboFix.exe
    AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
    AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\Advanced Tree Health\WINDOWS
    c:\documents and settings\All Users\Application Data\TEMP
    c:\windows\$NtUninstallKB59304$
    c:\windows\$NtUninstallKB59304$\2474013918\@
    c:\windows\$NtUninstallKB59304$\2474013918\bckfg.tmp
    c:\windows\$NtUninstallKB59304$\2474013918\cfg.ini
    c:\windows\$NtUninstallKB59304$\2474013918\Desktop.ini
    c:\windows\$NtUninstallKB59304$\2474013918\keywords
    c:\windows\$NtUninstallKB59304$\2474013918\kwrd.dll
    c:\windows\$NtUninstallKB59304$\2474013918\L\pdmzmplg
    c:\windows\$NtUninstallKB59304$\2474013918\lsflt7.ver
    c:\windows\$NtUninstallKB59304$\2474013918\U\00000001.@
    c:\windows\$NtUninstallKB59304$\2474013918\U\00000002.@
    c:\windows\$NtUninstallKB59304$\2474013918\U\00000004.@
    c:\windows\$NtUninstallKB59304$\2474013918\U\80000000.@
    c:\windows\$NtUninstallKB59304$\2474013918\U\80000004.@
    c:\windows\$NtUninstallKB59304$\2474013918\U\80000032.@
    c:\windows\$NtUninstallKB59304$\995230332
    c:\windows\CSC\d6
    c:\windows\kb913800.exe
    c:\windows\system32\AutoRun.inf
    c:\windows\system32\PowerToyReadme.htm
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    -------\Legacy_USNJSVC
    -------\Service_usnjsvc
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-11-11 to 2011-12-11 )))))))))))))))))))))))))))))))
    .
    .
    2011-12-11 04:48 . 2011-12-11 04:48 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DF1D7D18-71DB-424C-B572-9360C673137D}\offreg.dll
    2011-12-11 03:52 . 2011-11-30 07:21 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DF1D7D18-71DB-424C-B572-9360C673137D}\mpengine.dll
    2011-12-11 03:14 . 2011-12-11 03:14 -------- d-----w- c:\program files\Microsoft Security Client
    2011-12-11 03:05 . 2011-12-11 03:05 -------- d--h--w- c:\windows\system32\GroupPolicy
    2011-12-07 05:23 . 2001-08-17 17:20 297728 ----a-w- c:\windows\system32\dllcache\ac97sis.sys
    2011-12-07 05:23 . 2004-08-04 03:32 231552 ----a-w- c:\windows\system32\dllcache\ac97ali.sys
    2011-12-07 05:23 . 2001-08-17 17:20 96256 ----a-w- c:\windows\system32\dllcache\ac97intc.sys
    2011-12-07 05:23 . 2001-08-18 03:36 462848 ----a-w- c:\windows\system32\dllcache\a3dapi.dll
    2011-12-07 05:23 . 2001-08-17 19:55 38400 ----a-w- c:\windows\system32\dllcache\8514a.dll
    2011-12-07 05:23 . 2008-04-13 19:40 12288 ----a-w- c:\windows\system32\dllcache\4mmdat.sys
    2011-12-07 05:23 . 2001-08-17 17:48 148352 ----a-w- c:\windows\system32\dllcache\3dfxvsm.sys
    2011-12-07 05:23 . 2001-08-17 19:55 689216 ----a-w- c:\windows\system32\dllcache\3dfxvs.dll
    2011-12-07 05:23 . 2001-08-17 18:28 762780 ----a-w- c:\windows\system32\dllcache\3cwmcru.sys
    2011-12-07 05:23 . 2001-08-17 19:06 11264 ----a-w- c:\windows\system32\dllcache\1394vdbg.sys
    2011-12-07 04:51 . 2004-08-10 10:00 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll
    2011-12-07 04:50 . 2001-08-17 19:56 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
    2011-12-07 04:50 . 2004-08-10 10:00 7680 ----a-w- c:\windows\system32\dllcache\inetmgr.exe
    2011-12-07 04:50 . 2004-08-10 10:00 19968 ----a-w- c:\windows\system32\dllcache\inetsloc.dll
    2011-12-07 04:50 . 2004-08-10 10:00 169984 ----a-w- c:\windows\system32\dllcache\iisui.dll
    2011-12-07 04:50 . 2004-08-10 10:00 5632 ----a-w- c:\windows\system32\dllcache\iisrstap.dll
    2011-12-07 04:50 . 2004-08-10 10:00 14336 ----a-w- c:\windows\system32\dllcache\iisreset.exe
    2011-12-07 04:50 . 2004-08-10 10:00 6144 ----a-w- c:\windows\system32\dllcache\ftpsapi2.dll
    2011-12-07 04:28 . 2011-12-07 04:28 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
    2011-12-06 02:21 . 2011-12-06 02:24 -------- d-----w- c:\documents and settings\Advanced Tree Health\Application Data\AVG
    2011-11-24 23:33 . 2011-11-24 23:33 -------- d-----w- c:\documents and settings\Advanced Tree Health\Application Data\Apple Computer
    2011-11-23 05:43 . 2011-11-23 05:43 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin7.dll
    2011-11-23 05:42 . 2011-11-23 05:43 -------- d-----w- c:\program files\QuickTime
    2011-11-23 05:42 . 2011-11-23 05:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
    2011-11-23 05:42 . 2011-11-23 05:42 -------- d-----w- c:\program files\Common Files\Apple
    2011-11-23 05:41 . 2011-11-23 05:41 -------- d-----w- c:\documents and settings\Advanced Tree Health\Local Settings\Application Data\Apple
    2011-11-23 05:41 . 2011-11-23 05:41 -------- d-----w- c:\program files\Apple Software Update
    2011-11-23 05:41 . 2011-11-23 05:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
    2011-11-23 05:40 . 2011-11-23 05:40 -------- d-----w- c:\documents and settings\Advanced Tree Health\Local Settings\Application Data\Apple Computer
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-11-16 01:51 . 2011-09-02 05:07 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-11-15 19:29 . 2010-11-27 03:47 222080 ------w- c:\windows\system32\MpSigStub.exe
    2011-10-24 19:29 . 2011-10-24 19:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2011-10-24 19:29 . 2011-10-24 19:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2011-10-10 14:22 . 2005-08-16 09:40 692736 ----a-w- c:\windows\system32\inetcomm.dll
    2011-09-28 07:06 . 2005-08-16 09:18 599040 ----a-w- c:\windows\system32\crypt32.dll
    2011-09-26 15:41 . 2008-07-30 00:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
    2011-09-26 15:41 . 2005-08-16 09:18 220160 ----a-w- c:\windows\system32\oleacc.dll
    2011-09-26 15:41 . 2005-08-16 09:18 20480 ----a-w- c:\windows\system32\oleaccrc.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SetDefaultMIDI"="MIDIDef.exe" [2004-12-22 24576]
    "Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
    "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-03-16 1392640]
    "SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 282624]
    "Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2006-04-06 1032192]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
    "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 45056]
    "CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344]
    "MBMon"="CTMBHA.DLL" [2006-03-03 1355938]
    "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
    "VoiceCenter"="c:\program files\Creative\VoiceCenter\AndreaVC.exe" [2006-01-02 1126400]
    "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-06-10 249856]
    "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
    "dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
    "Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-07 50688]
    "HPWUTOOLBOX"="c:\program files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe" [2005-11-08 352256]
    "snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
    "DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-10 49152]
    "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-06-01 273544]
    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
    .
    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-5-24 622653]
    Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001
    "FirewallOverride"=dword:00000001
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\HP\\HP Officejet Pro K550 Series\\Toolbox\\HPWUTBX.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
    "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "c:\\WINDOWS\\system32\\fxsclnt.exe"=
    "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
    "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
    .
    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [5/27/2010 11:58 PM 64288]
    R2 SpotGPSMaxim;Spot GPS Maxim;c:\program files\CoPilot\Navigator9\App\Spot2741.exe [3/30/2006 5:44 PM 651385]
    S1 MpKsl13773142;MpKsl13773142;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ECEDAD52-A166-49C2-A377-8CC259072156}\MpKsl13773142.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ECEDAD52-A166-49C2-A377-8CC259072156}\MpKsl13773142.sys [?]
    S1 MpKsl149e08a1;MpKsl149e08a1;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{813D93DD-3122-4D9E-AB3A-B7A50D4663CC}\MpKsl149e08a1.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{813D93DD-3122-4D9E-AB3A-B7A50D4663CC}\MpKsl149e08a1.sys [?]
    S1 MpKsl2e820922;MpKsl2e820922;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8F1B79EA-9CA8-45CB-8EA5-431C750027BA}\MpKsl2e820922.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8F1B79EA-9CA8-45CB-8EA5-431C750027BA}\MpKsl2e820922.sys [?]
    S1 MpKsl4b46963f;MpKsl4b46963f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{42B8275F-8BFC-46C7-8EF7-C062896D549B}\MpKsl4b46963f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{42B8275F-8BFC-46C7-8EF7-C062896D549B}\MpKsl4b46963f.sys [?]
    S1 MpKsl5598c58f;MpKsl5598c58f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EB007111-A7D0-4FF3-B2A9-8B5E009669BD}\MpKsl5598c58f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EB007111-A7D0-4FF3-B2A9-8B5E009669BD}\MpKsl5598c58f.sys [?]
    S1 MpKsl66473ea3;MpKsl66473ea3;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F98218B8-A971-4023-AEF7-E281BD4153C5}\MpKsl66473ea3.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F98218B8-A971-4023-AEF7-E281BD4153C5}\MpKsl66473ea3.sys [?]
    S1 MpKsl7964368f;MpKsl7964368f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4A10A92C-07C2-4547-8255-D8DB1A4C279B}\MpKsl7964368f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4A10A92C-07C2-4547-8255-D8DB1A4C279B}\MpKsl7964368f.sys [?]
    S1 MpKsl7f0bdac6;MpKsl7f0bdac6;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E6567685-3C5D-449F-9388-C1E9EDD81301}\MpKsl7f0bdac6.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E6567685-3C5D-449F-9388-C1E9EDD81301}\MpKsl7f0bdac6.sys [?]
    S1 MpKsl8c8586b4;MpKsl8c8586b4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A4AFFB2-A1FA-44E7-B778-B79F33F2416C}\MpKsl8c8586b4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A4AFFB2-A1FA-44E7-B778-B79F33F2416C}\MpKsl8c8586b4.sys [?]
    S1 MpKsl92f478ed;MpKsl92f478ed;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FEBE9444-402F-4F56-879D-C42F164240AF}\MpKsl92f478ed.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FEBE9444-402F-4F56-879D-C42F164240AF}\MpKsl92f478ed.sys [?]
    S1 MpKsl94aabdc9;MpKsl94aabdc9;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AA6579CF-3493-4A2A-B669-7B0617C42EBD}\MpKsl94aabdc9.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AA6579CF-3493-4A2A-B669-7B0617C42EBD}\MpKsl94aabdc9.sys [?]
    S1 MpKsl9a0dbf41;MpKsl9a0dbf41;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F98218B8-A971-4023-AEF7-E281BD4153C5}\MpKsl9a0dbf41.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F98218B8-A971-4023-AEF7-E281BD4153C5}\MpKsl9a0dbf41.sys [?]
    S1 MpKsla7ed37c2;MpKsla7ed37c2;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9431A577-E1E7-464F-AD4C-646F10433DC5}\MpKsla7ed37c2.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9431A577-E1E7-464F-AD4C-646F10433DC5}\MpKsla7ed37c2.sys [?]
    S1 MpKslc7ac387a;MpKslc7ac387a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{47314363-1558-4D32-9AC9-5C506E8F9B5A}\MpKslc7ac387a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{47314363-1558-4D32-9AC9-5C506E8F9B5A}\MpKslc7ac387a.sys [?]
    S1 MpKsle3eb0a8d;MpKsle3eb0a8d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ECEDAD52-A166-49C2-A377-8CC259072156}\MpKsle3eb0a8d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ECEDAD52-A166-49C2-A377-8CC259072156}\MpKsle3eb0a8d.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384]
    S2 gupdate1c99e0ae2c282a;Google Update Service (gupdate1c99e0ae2c282a);c:\program files\Google\Update\GoogleUpdate.exe [3/5/2009 10:17 PM 133104]
    S3 AngelUsb;Angel USB MPEG Device;c:\windows\system32\drivers\AngelUsb.sys [7/22/2006 7:11 PM 386560]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3/5/2009 10:17 PM 133104]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
    S3 spotJ;Spot Software GPS USB Driver;c:\windows\system32\drivers\spotJ.sys [8/1/2006 7:53 PM 34304]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-06 03:16]
    .
    2011-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-06 03:16]
    .
    2011-12-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-62473494-4203351184-775287155-1006Core.job
    - c:\documents and settings\Advanced Tree Health\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-08 00:51]
    .
    2011-12-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-62473494-4203351184-775287155-1006UA.job
    - c:\documents and settings\Advanced Tree Health\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-08 00:51]
    .
    2011-12-11 c:\windows\Tasks\MP Scheduled Scan.job
    - c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 20:39]
    .
    2011-12-11 c:\windows\Tasks\MpIdleTask.job
    - c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 20:39]
    .
    2011-12-11 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-62473494-4203351184-775287155-1006.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
    .
    2011-12-11 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-62473494-4203351184-775287155-1006.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.com/
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = <local>
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    TCP: DhcpNameServer = 192.168.11.1
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-12-10 23:49
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'winlogon.exe'(892)
    c:\windows\system32\Ati2evxx.dll
    c:\windows\System32\BCMLogon.dll
    .
    - - - - - - - > 'explorer.exe'(1816)
    c:\windows\system32\WININET.dll
    c:\windows\system32\AcSignIcon.dll
    c:\program files\Common Files\Autodesk Shared\AcSignCore16.dll
    c:\windows\system32\msi.dll
    c:\windows\system32\ieframe.dll
    c:\windows\system32\dfshim.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\btncopy.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\system32\Ati2evxx.exe
    c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
    c:\windows\System32\WLTRYSVC.EXE
    c:\windows\System32\bcmwltry.exe
    c:\windows\system32\Ati2evxx.exe
    c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    c:\program files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
    c:\windows\system32\CTsvcCDA.exe
    c:\windows\eHome\ehRecvr.exe
    c:\windows\eHome\ehSched.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    c:\program files\Dell\QuickSet\NICCONFIGSVC.exe
    c:\windows\ehome\mcrdsvc.exe
    c:\windows\stsystra.exe
    c:\windows\system32\Rundll32.exe
    c:\docume~1\ADVANC~1\LOCALS~1\Temp\clclean.0001
    c:\windows\system32\dllhost.exe
    c:\windows\eHome\ehmsas.exe
    .
    **************************************************************************
    .
    Completion time: 2011-12-10 23:54:40 - machine was rebooted
    ComboFix-quarantined-files.txt 2011-12-11 04:54
    .
    Pre-Run: 16,086,949,888 bytes free
    Post-Run: 16,646,397,952 bytes free
    .
    WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    UnsupportedDebug="do not select this" /debug
    multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
    .
    - - End Of File - - 936AB341FAD65B94EDD7D8E8F329C10F
  10. 952SF

    952SF Newcomer, in training Topic Starter Posts: 34

    ESET Log
    C:\Documents and Settings\Advanced Tree Health\Application Data\AVG\Rescue\PC Tuneup 2011\111205212434965.rsc a variant of Java/Agent.DU trojan

    C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1135\A0195660.sys a variant of Win32/Rootkit.Kryptik.FW trojan

    C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1141\A0198160.sys a variant of Win32/Rootkit.Kryptik.FW trojan
  11. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    Regrding wuauserv
    Please click on Start> Run> type in services.msc> enter> scroll down to the end and double click on wuauserv> Set Startup type to Automatic> Start the Service.

    If it is already set this way-or-if the Service is missing, please let me know. We should be able to replace it.
    ==========================================
    There is only one new entry in Eset. It is malware in the Java cache.
    The entries for System Volume are for restore points. They are no longer active in the system. I will have you drop the old restore points at the end of cleaning. Since you are not suppose to do a System Restore during cleaning, they are not a threat.

    Please download OTMovit by Old Timer and save to your desktop.
    • Double-click OTMoveIt3.exe to run it. (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator")
    • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
      Code:
      :Files 
      C:\Documents and Settings\Advanced Tree Health\Application Data\AVG\Rescue\PC Tuneup 2011\111205212434965.rsc
      :Commands
      [purity]
      [emptytemp]
      [start explorer]
      [Reboot]
    • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window and choose Paste.
    • Click the red Moveit! button.
    • A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
    • Close OTMoveIt3
    If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
    ================================
    If you have not cleared the Java cache yet per my instruction in Reply #8, please do so now.
    =================================
    Regarding AVG: I do see that you ran the uninstaller in the DDS log. But there were many remaining processes for it.
    An FYI for the AVG PC Tuneup 2011. I recommend that you uninstall this program for 2 reasons:
    1. I'm seeing a lot of conflicts in systems that have both AVG AV and AVG Tumeup.
    2. The AVG Tuneup is basically a registry cleaner. Most of us don't recommend a registry cleaner for anyone. They are not beneficial when if comes to removing significant entries.
    3. The use of "optimizers" is almost always a drain on the system resources.
    ====================================
    I recommend that you stop these Scheduled Tasks

    Opening scheduled tasks to modify or delete them:
    Access Scheduled Tasks with Click on Start> All Programs> Accessories> System Tools> Scheduled Tasks.

    • To change the settings for a task: right-click the Task> click Properties> do any of the following:
      1. To change the schedule for the task, click the Schedule tab.
        (Since these are new, make sure the settings are configured as you want. Both as MSE/MSAntimalware related)
        c:\windows\Tasks\MP Scheduled Scan.job
        c:\windows\Tasks\MpIdleTask.job
      2. To customize the settings for the task,such as run time,idle time, power management options, click the Settings tab.
      3. To delete a task> right-click the task> click Delete.
        c:\windows\Tasks\RealUpgradeLogonTask
        c:\windows\Tasks\RealUpgradeScheduledTasks
      4. To prevent task from running until you run again>
        [o] right-click the task> Properties> On the General tab>
        [o] clear the Enabled check box> Select the check box again when you are ready to run it again.
      ======================================
      Please make sure this is done: Reset your browser proxies
      • For Firefox:
        o Open Firefox, click on "Tools" then "Options" and then on "Advanced".
        o Click on the "Network" tab, and then on the "Settings" button.
        o Please make sure that the "No Proxy" option is selected.
      • For Internet Explorer:
        o Open Internet Explorer.
        o Click on "Tools" and then select "Internet Options".
        o Click on the "Connections" tab and click the "Lan Settings" button at the bottom.
        o Uncheck "Use a Proxy server for your LAN".
        o Click Ok to close the Local Area Network (LAN) Settings window.
        o Click Ok to close the Internet Options window.
      =========================================
      Last scan: HijackThis:
      First, set up a Directory for HijackThis as follows:
      Right click Taskbar> Explore> My Computer> Local Drive (C)> File> New> Folder> Name folder HijackThis
      Exit Explorer
      You now have a folder C:\HijackThis
      -----------------------------------------
      Download HijackThis and save to your desktop.
      • Click on the HJT icon> 'Extract all files'> Extraction Wizard> Click on Browse to right of dialogue box that says 'Select a folder'
      • Extract it to the directory on your hard drive you created C:\HijackThis.
      • Then navigate to that directory and double-click on the hijackthis.exe file.
      • When started click on the Scan button and then the Save Log button to create a log of your information.
      • The log file and then the log will open in notepad. Be sure to click on Format> Uncheck Word Wrap when you open Notepad
      • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
      • Come back here to this thread and paste (Ctrl+V) the log in your next reply.

      NOTE: Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.
      ===================================
      Have any of the issued not been resolved? If 'yes', which remain? Are there any new problems?
     
  12. 952SF

    952SF Newcomer, in training Topic Starter Posts: 34

    Everything was done in order of your post, but I'll confirm what I have done before posting logs...

    First: wuauserv does not exist

    I uninstalled Java then installed through provided link (Java cashe was cleared

    AVG Tuneup uninstalled

    All Scheduled tasks suspended & Real Updates removed from list.

    Browser Proxies reset

    OTMoveIt Log
    All processes killed
    ========== FILES ==========
    C:\Documents and Settings\Advanced Tree Health\Application Data\AVG\Rescue\PC Tuneup 2011\111205212434965.rsc moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes

    User: Advanced Tree Health
    ->Temp folder emptied: 3325782 bytes
    ->Temporary Internet Files folder emptied: 18487041 bytes
    ->Java cache emptied: 0 bytes
    ->Google Chrome cache emptied: 33082007 bytes
    ->Flash cache emptied: 4325 bytes

    User: All Users

    User: Default User
    ->Temp folder emptied: 59964 bytes
    ->Temporary Internet Files folder emptied: 32902 bytes
    ->Flash cache emptied: 41661 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 180358 bytes
    ->Flash cache emptied: 348 bytes

    User: NetworkService
    ->Temp folder emptied: 13542 bytes
    ->Temporary Internet Files folder emptied: 32902 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 19569 bytes
    %systemroot%\System32 .tmp files removed: 2577 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 33256 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 1277477 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 54.00 mb


    OTM by OldTimer - Version 3.1.19.0 log created on 12112011_134423

    Files moved on Reboot...
    C:\Documents and Settings\Advanced Tree Health\Local Settings\Temp\clclean.0001.dir.0001\~df394b.tmp moved successfully.
    C:\Documents and Settings\Advanced Tree Health\Local Settings\Temp\clclean.0001.dir.0001\~efe2.tmp moved successfully.

    Registry entries deleted on Reboot...


    Hijack This log
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 4:48:52 PM, on 12/11/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
    C:\WINDOWS\system32\Rundll32.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe
    C:\WINDOWS\vsnpstd3.exe
    C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
    C:\DOCUME~1\ADVANC~1\LOCALS~1\Temp\clclean.0001
    C:\program files\real\realplayer\update\realsched.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\CoPilot\Navigator9\App\Spot2741.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Hijack This\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
    O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [HPWUTOOLBOX] C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe "-i"
    O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
    O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1267906116606
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1267904702622
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: Google Update Service (gupdate1c99e0ae2c282a) (gupdate1c99e0ae2c282a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
    O23 - Service: Spot GPS Maxim (SpotGPSMaxim) - Koninklijke Philips Electronics N.V. - C:\Program Files\CoPilot\Navigator9\App\Spot2741.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

    --
    End of file - 10472 bytes



    Thank you!
  13. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    It appears there may be a problem with the OS. Please run the following:

    Please run the MGA Diagnostics tool
    • You will be prompted to either “Run” or “Save” the tool. Choose to “Run” the tool and follow the on-screen prompts.
    • You will receive an Internet Explorer-Security Warning dialog box for the Windows Genuine Advantage Diagnostic Tool>
    • You must choose to Run this tool when prompted.
    • Once you are presented with the Diagnostics tool choose Continue to run the diagnostic report.
    • If the RESOLVE button is available after running the diagnostics, please click RESOLVE to allow the diagnostic tool to attempt a repair.
    • After running the MGA Diagnostic tool, click on the Windows tab and then click on Copy
    • Please return to this thread and Paste the results here for review.
    ------------------------------------------
    This tool will is to look on the computer itself, in the documentation you received with the computer or with your retail purchase of Windows to see if you have a Certificate of Authenticity (COA). If you have one, tell us about the COA. Tell us:

    1. What edition of Windows XP is it for, Home, Pro, or Media Center, or another version of Windows?
    2. Does it read "OEM Software" or "OEM Product" in black lettering?
    3. Or, does it have the computer manufacturer's name in black lettering?
    4. DO NOT post the Product Key.

    NOTE: The data collected with the Genuine Diagnostics Tool does NOT contain any information that can personally identify you and can be fully reviewed, by you, before being posted.
  14. 952SF

    952SF Newcomer, in training Topic Starter Posts: 34

    I have XP Media Center (confirmed with winver.exe). Is it odd that the MGA DIagnostic says XP Professional?

    I could not find the documentation from when the computer was purchased - but I bought it directly from Dell in 2006...

    When I rean MGA, it did not ask to resolve anything.

    MGA Diagnostic report
    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->
    Validation Status: Genuine
    Validation Code: 0
    Cached Validation Code: N/A
    Windows Product Key: *****-*****-
    Windows Product Key Hash: tJB30tZY737ZFJYewUg2SpzsCb0=
    Windows Product ID: 76487-OEM-2211906-00825
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 5.1.2600.2.00010100.3.0.med
    ID: {0790E478-9F44-4E96-8286-C39B5BDB0372}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: Registered, 1.7.69.2
    Signed By: Microsoft
    Product Name: N/A
    Architecture: N/A
    Build lab: N/A
    TTS Error: N/A
    Validation Diagnostic: 025D1FF3-230-1
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A
    Version: N/A

    Windows XP Notifications Data-->
    Cached Result: 0
    File Exists: Yes
    Version: 1.7.17.0
    WgaTray.exe Signed By: Microsoft
    WgaLogon.dll Signed By: Microsoft

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office XP Professional - 100 Genuine
    Microsoft Office Basic Edition 2003 - 100 Genuine
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-230-1_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{0790E478-9F44-4E96-8286-C39B5BDB0372}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.3.0.med</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-8CFT3</PKey><PID>76487-OEM-2211906-00825</PID><PIDType>2</PIDType><SID>S-1-5-21-62473494-4203351184-775287155</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>MM061 </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A17</Version><SMBIOSVersion major="2" minor="4"/><Date>20070613000000.000000+000</Date><SLPBIOS>Dell System,Dell Computer,Dell System,Dell System</SLPBIOS></BIOS><HWID>36493AAF0184606E</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>2</stat><msppid></msppid><name>Dell Inspiron I6400</name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.7.17.0"/><File Name="WgaLogon.dll" Version="1.7.17.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91110409-6000-11D3-8CFE-0050048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office XP Professional</Name><Ver>10</Ver><Val>239C7115AC30D14</Val><Hash>dRpeo4sQp5FVyKBsf3qys0QBblM=</Hash><Pid>54186-761-3661543-17332</Pid><PidType>1</PidType></Product><Product GUID="{91130409-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Basic Edition 2003</Name><Ver>11</Ver><Val>9F3C22A121A972A</Val><Hash>2f0DV2/JJq1Og9VjCHNA+m0E0CM=</Hash><Pid>73102-OEM-5691725-25953</Pid><PidType>6</PidType></Product></Products><Applications><App Id="15" Version="10" Result="100"/><App Id="16" Version="10" Result="100"/><App Id="18" Version="10" Result="100"/><App Id="1A" Version="10" Result="100"/><App Id="1B" Version="10" Result="100"/><App Id="16" Version="11" Result="100"/><App Id="1A" Version="11" Result="100"/><App Id="1B" Version="11" Result="100"/></Applications></Office></Software></GenuineResults>

    Licensing Data-->
    N/A

    Windows Activation Technologies-->
    N/A

    HWID Data-->
    N/A

    OEM Activation 1.0 Data-->
    BIOS string matches: yes
    Marker string from BIOS: 4000: Dell Inc|4000:Microsoft Corporation
    Marker string from OEMBIOS.DAT: Dell System,Dell Computer,Dell System,Dell System

    OEM Activation 2.0 Data-->
    N/A
  15. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    In you logs with the list of installed programs, it reads: Windows XP Service Pack 3

    Are you having any contiued malware related problems? If the wuauservis still missing, you will need to try and replace it. You should be able to run the System Files Checker (SFC) and replace the Service:

    Have your Windows XP installation CD ready, so that you can it insert it if you are prompted to do so.
    Go to Start> Run> type this command: SFC /SCANNOW (note there is a space between SFC and the forward slash) > Enter.
    Follow any instructions on the screen. After its done, it would just close. And then reboot the computer.

    Be sure all open Windows have been closed.
  16. 952SF

    952SF Newcomer, in training Topic Starter Posts: 34

    Computer is running OK. It did have issues connecting with a 3rd party wireless that another computer connected to just fine, so I am not sure if that is malware related, or just bad luck.

    I created a Win XP SP3 disk with the instructions from: PC Magazine Build an XP SP3 Recovery Disc

    When running System Files Checker, it asks for Windows XP Professional CD2. Not sure what it is looking for here or how I can provide that! I had to click cancel, then it asked if I wanted to proceed without the files, so I clicked yes (this repeated several times). When that was completed I restarted and searched for the wuauserv file. Besides the 3 locations listed above, it is also in c:\XP\I386 Possibly worthy of note: the other 3 locations are file type Application Extension, while the new one is file type DL_ File


    Thanks again.
  17. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    Discussion on Windows XP Professional CD2 HERE.

    Check this: Click on Start> Run> type in services.msc> enter> scroll down and see if the wuausrv Service is listed.

    Then run this:

    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2

    • Double-click SystemLook.exe to run it.
    • Copy the content of the following codebox into the main textfield:
      Code:
      
      :filefind
      wuauserv.*
      
      
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt

    I may need to move the file.
  18. 952SF

    952SF Newcomer, in training Topic Starter Posts: 34

    Why does it want a SP2 CD, when I have SP3...are there files in SP2, that weren't included in SP3?

    wuauserv is not on the services.msc list

    Probably a dumb question...but do the other files with the same name have the same content? (Could I just copy one to the directory Windows wants it in? - I assume if it was that easy, you would have told me to do that 4 days ago...but just curious)

    Log From SystemLook
    SystemLook 30.07.11 by jpshortstuff
    Log created at 18:27 on 17/12/2011 by Advanced Tree Health
    Administrator - Elevation successful

    ========== filefind ==========

    Searching for "wuauserv.*"
    C:\i386\wuauserv.dll --a---- 6656 bytes [03:10 28/07/2006] [10:00 10/08/2004] 13D72740963CBA12D9FF76A7F218BCD8
    C:\WINDOWS\$NtServicePackUninstall$\wuauserv.dll -----c- 6656 bytes [02:12 14/09/2008] [10:00 10/08/2004] 13D72740963CBA12D9FF76A7F218BCD8
    C:\WINDOWS\ServicePackFiles\i386\wuauserv.dll ------- 6656 bytes [01:54 14/09/2008] [00:12 14/04/2008] 35321FB577CDC98CE3EB3A3EB9E4610A
    C:\WINDOWS\system32\wuauserv.dll --a---- 6656 bytes [09:40 16/08/2005] [00:12 14/04/2008] 35321FB577CDC98CE3EB3A3EB9E4610A
    C:\WINDOWS\system32\dllcache\wuauserv.dll --a---- 6656 bytes [09:40 16/08/2005] [00:12 14/04/2008] 35321FB577CDC98CE3EB3A3EB9E4610A
    C:\XP\I386\WUAUSERV.DL_ ------- 2929 bytes [03:04 17/12/2011] [10:42 14/04/2008] 0AA92EF927638ED93DC6B8E9FB0C5EF0

    -= EOF =-

    Thanks again.
     
  19. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    Why did you create a recovery disc? Did you attempt to run the SCF? The system may be confused because the original Win XP would not have had the SP updates on it. It's not the wuauserv Service itself that missing, it's the registry entry.

    Download the Windows Update Agent HERE

    You can read the causes for this here: http://support.microsoft.com/kb/943144
    This may help you understand the SP versions possibly causing the problem. There are several scenarios.

    If this does not restore the registry entry, you may be able to register the process.
  20. 952SF

    952SF Newcomer, in training Topic Starter Posts: 34

    I created the recovery disk because I understood that SFC needsit. The only installation CD I have is XP Pro that I purchased retail for another computer... I Do not have anything for this computer (didn't come with it, or I can't find it if it did).

    It did not like that CD because, as you just suggested, it that didn't have SP3 updates. I went searching and found a suggestion on how to make a SP3 installation CD, and tried to run SFC with that, but as I said in previous post it still did not work.

    I just tried to download Windows Update Agent, but it says "Install is not needed since Windows Update Agent is already installed". Is this a process that runs automatically, or do I need to initiate it? If I need to initiate it, I can't find the executable file to do so...
  21. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    Holiday Notice! I will not be working on the threads Sat. Dec. 24 or Sunday Dec. 25. I will begin with the oldest threads first on Monday. I will do my best to get you finished or as far along as I can before that. Please do not send a PM during those days.

    Go to the Control Panel> Security Center> Check to see if Automatic Updates it checked.
  22. 952SF

    952SF Newcomer, in training Topic Starter Posts: 34

    Automatic updates was already on.
  23. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    Holiday Notice! I will not be working on the threads Sat. Dec. 24 or Sunday Dec. 25. I will begin with the oldest threads first on Monday. I will do my best to get you finished or as far along as I can before that. Please do not send a PM during those days.

    I don't know if this will work since you used a new recovery disc. It would have been better to use the CD for the OS on hand>> if it was requested when you rn the SFC. But give it a try:

    Custom CFScript

    • [1]. Close any open browsers.
      [2]. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      [3]. Open notepad> click on Format> Uncheck 'Word Wrap> and copy/paste the text in the code below into it:
    Code:
    File::
    
    FCopy::
    C:\WINDOWS\ServicePackFiles\i386\wuauserv.dll | C:\WINDOWS\system32\wuauserv.dll 
    
    Save this as CFScript.txt, in the same location as ComboFix.exe
    [​IMG]

    Referring to the picture above, drag CFScript into ComboFix.exe

    When finished, it will produce a log for you at C:\ComboFix.txt . Please paste into to your next reply.
    ====================
  24. 952SF

    952SF Newcomer, in training Topic Starter Posts: 34

    This will take a few replies:
    Combofix Log Part 1
    ComboFix 11-12-23.01 - Advanced Tree Health 12/23/2011 14:02:52.2.2 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.417 [GMT -5:00]
    Running from: c:\documents and settings\Advanced Tree Health\Desktop\ComboFix.exe
    Command switches used :: c:\documents and settings\Advanced Tree Health\Desktop\CFScript.txt
    AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
    AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\docume~1\ADVANC~1\LOCALS~1\Temp\clclean.0001.dir.0002\~df394b.tmp
    c:\documents and settings\Advanced Tree Health\Local Settings\temp\clclean.0001.dir.0002\~df394b.tmp
    c:\documents and settings\All Users\Application Data\TEMP
    c:\windows\Downloaded Installations\BMP
    c:\windows\Downloaded Installations\BMP\{77976D5E-C17A-49E5-A91B-D7BFA08301CB}\1033.MST
    c:\windows\Downloaded Installations\BMP\{77976D5E-C17A-49E5-A91B-D7BFA08301CB}\BACS.msi
    c:\windows\system32\oobe\isperror
    c:\windows\system32\oobe\isperror\ispcnerr.htm
    c:\windows\system32\oobe\isperror\ispdtone.htm
    c:\windows\system32\oobe\isperror\isphdshk.htm
    c:\windows\system32\oobe\isperror\ispins.htm
    c:\windows\system32\oobe\isperror\ispnoanw.htm
    c:\windows\system32\oobe\isperror\isppberr.htm
    c:\windows\system32\oobe\isperror\ispphbsy.htm
    c:\windows\system32\oobe\isperror\ispsbusy.htm
    .
    .
    --------------- FCopy ---------------
    .
    c:\windows\ServicePackFiles\i386\wuauserv.dll --> c:\windows\system32\wuauserv.dll
    .
    ((((((((((((((((((((((((( Files Created from 2011-11-23 to 2011-12-23 )))))))))))))))))))))))))))))))
    .
    .
    2011-12-23 17:21 . 2011-12-23 17:21 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DBC2AD36-8844-4149-985A-621DA2925074}\MpKsl408d909f.sys
    2011-12-23 17:21 . 2011-12-23 17:21 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DBC2AD36-8844-4149-985A-621DA2925074}\offreg.dll
    2011-12-23 02:13 . 2011-11-30 07:21 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DBC2AD36-8844-4149-985A-621DA2925074}\mpengine.dll
    2011-12-22 06:01 . 2011-12-22 06:01 -------- d-----w- c:\documents and settings\Advanced Tree Health\Application Data\ElevatedDiagnostics
    2011-12-18 19:53 . 2011-11-30 07:21 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2011-12-17 05:46 . 2008-04-14 01:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
    2011-12-17 05:46 . 2001-08-18 03:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
    2011-12-17 05:46 . 2008-04-14 01:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
    2011-12-17 05:46 . 2001-08-18 03:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
    2011-12-17 05:46 . 2001-08-18 03:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
    2011-12-17 05:46 . 2001-08-18 03:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
    2011-12-17 05:44 . 2004-08-04 03:29 33599 ----a-w- c:\windows\system32\dllcache\watv04nt.sys
    2011-12-17 05:43 . 2001-08-17 18:28 7556 ----a-w- c:\windows\system32\dllcache\usroslba.sys
    2011-12-17 05:42 . 2001-08-18 03:36 211968 ----a-w- c:\windows\system32\dllcache\um54scan.dll
    2011-12-17 05:41 . 2001-08-17 17:10 28232 ----a-w- c:\windows\system32\dllcache\tos4mo.sys
    2011-12-17 05:40 . 2001-08-18 03:36 10240 ----a-w- c:\windows\system32\dllcache\swpdflt2.dll
    2011-12-17 05:39 . 2001-08-18 03:36 114688 ----a-w- c:\windows\system32\dllcache\sonypi.dll
    2011-12-17 05:38 . 2004-08-04 03:31 63547 ----a-w- c:\windows\system32\dllcache\sla30nd5.sys
    2011-12-17 05:37 . 2001-08-17 18:53 6784 ----a-w- c:\windows\system32\dllcache\serscan.sys
    2011-12-17 05:36 . 2001-08-18 03:36 62496 ----a-w- c:\windows\system32\dllcache\s3mtrio.dll
    2011-12-17 05:35 . 2001-08-17 18:51 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys
    2011-12-17 05:34 . 2001-08-18 03:36 121344 ----a-w- c:\windows\system32\dllcache\phvfwext.dll
    2011-12-17 05:33 . 2001-08-18 03:36 39424 ----a-w- c:\windows\system32\dllcache\ovcoms.exe
    2011-12-17 05:32 . 2001-08-17 18:47 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
    2011-12-17 05:31 . 2001-08-17 17:11 128000 ----a-w- c:\windows\system32\dllcache\n100325.sys
    2011-12-17 05:30 . 2008-04-13 19:46 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys
    2011-12-17 05:29 . 2004-08-04 03:39 20864 ----a-w- c:\windows\system32\dllcache\lwadihid.sys
    2011-12-17 05:28 . 2001-08-17 19:55 5632 ----a-w- c:\windows\system32\dllcache\kbd103.dll
    2011-12-17 05:28 . 2001-08-17 19:55 6144 ----a-w- c:\windows\system32\dllcache\kbd101c.dll
    2011-12-17 05:28 . 2004-08-10 10:00 6144 ----a-w- c:\windows\system32\dllcache\kbd101a.dll
    2011-12-17 05:28 . 2001-08-17 19:55 6144 ----a-w- c:\windows\system32\dllcache\kbd101b.dll
    2011-12-17 05:28 . 2004-08-10 10:00 18432 ----a-w- c:\windows\system32\dllcache\jupiw.dll
    2011-12-17 05:28 . 2004-08-10 10:00 9216 ----a-w- c:\windows\system32\dllcache\iwrps.dll
    2011-12-17 05:28 . 2004-08-10 10:00 7168 ----a-w- c:\windows\system32\dllcache\isapips.dll
    2011-12-17 05:28 . 2001-08-17 18:49 26624 ----a-w- c:\windows\system32\dllcache\irstusb.sys
    2011-12-17 05:28 . 2008-04-14 01:11 28160 ----a-w- c:\windows\system32\dllcache\irmon.dll
    2011-12-17 05:28 . 2001-08-17 18:51 18688 ----a-w- c:\windows\system32\dllcache\irsir.sys
    2011-12-17 05:28 . 2008-04-14 01:12 151552 ----a-w- c:\windows\system32\dllcache\irftp.exe
    2011-12-17 05:28 . 2001-08-17 18:49 23552 ----a-w- c:\windows\system32\dllcache\irmk7.sys
    2011-12-17 05:28 . 2008-04-13 19:54 88192 ----a-w- c:\windows\system32\dllcache\irda.sys
    2011-12-17 05:26 . 2001-08-18 03:36 91136 ----a-w- c:\windows\system32\dllcache\icam4com.dll
    2011-12-17 05:25 . 2001-08-17 18:28 289887 ----a-w- c:\windows\system32\dllcache\hsf_fall.sys
    2011-12-17 05:24 . 2001-08-17 18:51 82304 ----a-w- c:\windows\system32\dllcache\grclass.sys
    2011-12-17 05:23 . 2001-08-17 18:52 7040 ----a-w- c:\windows\system32\dllcache\exabyte2.sys
    2011-12-17 05:22 . 2001-08-17 17:11 455199 ----a-w- c:\windows\system32\dllcache\el985n51.sys
    2011-12-17 05:21 . 2001-08-18 03:36 102484 ----a-w- c:\windows\system32\dllcache\digiinf.dll
    2011-12-17 05:20 . 2001-08-17 17:19 42112 ----a-w- c:\windows\system32\dllcache\crtaud.sys
    2011-12-17 05:19 . 2001-08-17 18:51 13824 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys
    2011-12-17 05:18 . 2004-08-04 03:31 36224 ----a-w- c:\windows\system32\dllcache\an983.sys
    2011-12-17 04:16 . 2011-12-17 04:40 -------- d-----w- c:\documents and settings\Advanced Tree Health\Application Data\ImgBurn
    2011-12-17 04:09 . 2011-12-17 04:09 -------- d-----w- c:\program files\ImgBurn
    2011-12-17 04:01 . 2011-12-17 04:07 -------- d-----w- c:\documents and settings\Advanced Tree Health\Application Data\InfraRecorder
    2011-12-17 03:27 . 2011-12-17 03:27 -------- d-----w- c:\program files\InfraRecorder
    2011-12-17 03:21 . 2011-12-17 04:16 -------- d-----w- C:\SP3
    2011-12-17 02:58 . 2011-12-17 04:00 -------- d-----w- C:\XP
    2011-12-14 06:18 . 2011-12-14 06:18 -------- d-----w- c:\program files\DisplayLink Graphics
    2011-12-14 06:18 . 2011-12-14 06:15 21888 ----a-w- c:\windows\system32\drivers\DisplayLinkUsbPort_6.1.32700.0.sys
    2011-12-14 06:18 . 2011-12-14 06:15 1978368 ----a-w- c:\windows\system32\DisplayLinkUsbCo2_6.1.32700.0.dll
    2011-12-14 03:44 . 2011-12-14 06:18 -------- d-----w- c:\program files\DisplayLink Core Software
    2011-12-13 01:57 . 2011-12-13 01:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
    2011-12-11 21:46 . 2011-12-11 21:48 -------- d-----w- C:\Hijack This
    2011-12-11 18:44 . 2011-12-11 18:44 -------- d-----w- C:\_OTM
    2011-12-11 17:55 . 2011-12-11 17:55 -------- d-----w- c:\program files\Common Files\Java
    2011-12-11 17:54 . 2011-12-11 17:53 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2011-12-11 05:02 . 2011-12-11 05:02 -------- d-----w- c:\program files\ESET
    2011-12-11 03:14 . 2011-12-11 03:14 -------- d-----w- c:\program files\Microsoft Security Client
    2011-12-11 03:05 . 2011-12-11 03:05 -------- d--h--w- c:\windows\system32\GroupPolicy
    2011-12-07 05:23 . 2001-08-17 17:20 297728 ----a-w- c:\windows\system32\dllcache\ac97sis.sys
    2011-12-07 05:23 . 2004-08-04 03:32 231552 ----a-w- c:\windows\system32\dllcache\ac97ali.sys
    2011-12-07 05:23 . 2001-08-17 17:20 96256 ----a-w- c:\windows\system32\dllcache\ac97intc.sys
    2011-12-07 05:23 . 2001-08-18 03:36 462848 ----a-w- c:\windows\system32\dllcache\a3dapi.dll
    2011-12-07 05:23 . 2001-08-17 19:55 38400 ----a-w- c:\windows\system32\dllcache\8514a.dll
    2011-12-07 05:23 . 2008-04-13 19:40 12288 ----a-w- c:\windows\system32\dllcache\4mmdat.sys
    2011-12-07 05:23 . 2001-08-17 17:48 148352 ----a-w- c:\windows\system32\dllcache\3dfxvsm.sys
    2011-12-07 05:23 . 2001-08-17 19:55 689216 ----a-w- c:\windows\system32\dllcache\3dfxvs.dll
    2011-12-07 05:23 . 2001-08-17 18:28 762780 ----a-w- c:\windows\system32\dllcache\3cwmcru.sys
    2011-12-07 05:23 . 2001-08-17 19:06 11264 ----a-w- c:\windows\system32\dllcache\1394vdbg.sys
    2011-12-07 04:51 . 2004-08-10 10:00 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll
    2011-12-07 04:50 . 2001-08-17 19:56 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
    2011-12-07 04:50 . 2004-08-10 10:00 7680 ----a-w- c:\windows\system32\dllcache\inetmgr.exe
    2011-12-07 04:50 . 2004-08-10 10:00 19968 ----a-w- c:\windows\system32\dllcache\inetsloc.dll
    2011-12-07 04:50 . 2004-08-10 10:00 169984 ----a-w- c:\windows\system32\dllcache\iisui.dll
    2011-12-07 04:50 . 2004-08-10 10:00 5632 ----a-w- c:\windows\system32\dllcache\iisrstap.dll
    2011-12-07 04:50 . 2004-08-10 10:00 14336 ----a-w- c:\windows\system32\dllcache\iisreset.exe
    2011-12-07 04:50 . 2004-08-10 10:00 6144 ----a-w- c:\windows\system32\dllcache\ftpsapi2.dll
    2011-12-07 04:28 . 2011-12-07 04:28 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
    2011-12-06 02:21 . 2011-12-06 02:24 -------- d-----w- c:\documents and settings\Advanced Tree Health\Application Data\AVG
    2011-11-24 23:33 . 2011-11-24 23:33 -------- d-----w- c:\documents and settings\Advanced Tree Health\Application Data\Apple Computer
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-12-11 17:53 . 2010-06-29 02:25 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-11-23 18:12 . 2011-11-23 18:12 7296 ----a-w- c:\windows\system32\drivers\DisplayLinkFilter.sys
    2011-11-23 18:12 . 2011-11-23 18:12 40576 ----a-w- c:\windows\system32\drivers\DisplayLinkGAport.sys
    2011-11-23 18:12 . 2011-11-23 18:12 32512 ----a-w- c:\windows\system32\DisplayLinkGAdisp.dll
    2011-11-23 18:12 . 2011-11-23 18:12 24448 ----a-w- c:\windows\system32\drivers\DisplayLinkmirrorport.sys
    2011-11-23 18:12 . 2011-11-23 18:12 18816 ----a-w- c:\windows\system32\DisplayLinkmirrordisp.dll
    2011-11-23 13:25 . 2005-08-16 09:18 1859584 ------w- c:\windows\system32\win32k.sys
    2011-11-16 01:51 . 2011-09-02 05:07 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-11-15 19:29 . 2010-11-27 03:47 222080 ------w- c:\windows\system32\MpSigStub.exe
    2011-11-04 19:20 . 2005-08-16 09:18 916992 ----a-w- c:\windows\system32\wininet.dll
    2011-11-04 19:20 . 2005-08-16 09:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2011-11-04 19:20 . 2005-08-16 09:18 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2011-11-04 11:23 . 2005-08-16 09:18 385024 ----a-w- c:\windows\system32\html.iec
    2011-11-01 16:07 . 2005-08-16 09:18 1288704 ----a-w- c:\windows\system32\ole32.dll
    2011-10-28 05:31 . 2005-08-16 09:18 33280 ------w- c:\windows\system32\csrsrv.dll
    2011-10-25 13:37 . 2005-08-16 09:18 2148864 ------w- c:\windows\system32\ntoskrnl.exe
    2011-10-25 12:52 . 2004-08-04 03:59 2027008 ------w- c:\windows\system32\ntkrnlpa.exe
    2011-10-24 19:29 . 2011-10-24 19:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2011-10-24 19:29 . 2011-10-24 19:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2011-10-14 22:38 . 2005-08-16 09:18 456192 ------w- c:\windows\system32\encdec.dll
    2011-10-10 14:22 . 2005-08-16 09:40 692736 ----a-w- c:\windows\system32\inetcomm.dll
    2011-09-28 07:06 . 2005-08-16 09:18 599040 ----a-w- c:\windows\system32\crypt32.dll
    2011-09-26 15:41 . 2008-07-30 00:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
    2011-09-26 15:41 . 2005-08-16 09:18 220160 ----a-w- c:\windows\system32\oleacc.dll
    2011-09-26 15:41 . 2005-08-16 09:18 20480 ----a-w- c:\windows\system32\oleaccrc.dll
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2011-12-11_04.49.11 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2011-12-23 17:21 . 2011-12-23 17:21 16384 c:\windows\Temp\Perflib_Perfdata_83c.dat
    + 2011-12-22 06:00 . 2007-11-01 04:48 20992 c:\windows\system32\windowspowershell\v1.0\pwrshsip.dll
    + 2010-03-18 14:15 . 2010-03-18 14:15 51024 c:\windows\system32\vcomp100.dll
    - 2007-01-29 08:58 . 2011-07-08 13:49 46080 c:\windows\system32\tzchange.exe
    + 2007-01-29 08:58 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe
    + 2005-08-16 09:18 . 2011-12-23 17:22 90262 c:\windows\system32\perfc009.dat
    - 2005-08-16 09:18 . 2011-11-20 02:51 90262 c:\windows\system32\perfc009.dat
    - 2005-08-16 09:18 . 2011-08-22 23:48 66560 c:\windows\system32\mshtmled.dll
    + 2005-08-16 09:18 . 2011-11-04 19:20 66560 c:\windows\system32\mshtmled.dll
    + 2007-08-13 22:54 . 2011-11-04 19:20 55296 c:\windows\system32\msfeedsbs.dll
    - 2007-08-13 22:54 . 2011-08-22 23:48 55296 c:\windows\system32\msfeedsbs.dll
    - 2005-08-16 09:18 . 2011-08-22 23:48 25600 c:\windows\system32\jsproxy.dll
    + 2005-08-16 09:18 . 2011-11-04 19:20 25600 c:\windows\system32\jsproxy.dll
    + 2011-12-14 06:18 . 2011-11-23 18:12 30208 c:\windows\system32\DRVSTORE\dlcdcecm_13D38BD7D9BDCE5FB8003DCB9F92925720E08C9A\x86\dlcdcecm.sys
    + 2011-12-14 06:18 . 2011-12-14 06:15 21888 c:\windows\system32\DRVSTORE\displaylin_05C2E505B569EF8770A61D6A02AEF30193E31A25\DisplayLinkUsbPort.sys
    - 2009-11-18 07:09 . 2011-08-22 23:48 12800 c:\windows\system32\dllcache\xpshims.dll
    + 2009-11-18 07:09 . 2011-11-04 19:20 12800 c:\windows\system32\dllcache\xpshims.dll
    + 2005-08-16 09:37 . 2008-04-14 00:12 11776 c:\windows\system32\dllcache\xolehlp.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 50176 c:\windows\system32\dllcache\xmlprovi.dll
    + 2011-12-17 05:45 . 2001-08-17 17:11 16970 c:\windows\system32\dllcache\xem336n5.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 30720 c:\windows\system32\dllcache\xcopy.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 91648 c:\windows\system32\dllcache\xactsrv.dll
    + 2004-08-04 05:56 . 2008-04-14 00:12 52736 c:\windows\system32\dllcache\wzcsapi.dll
    + 2011-12-17 05:45 . 2004-08-04 03:29 19455 c:\windows\system32\dllcache\wvchntxx.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 32256 c:\windows\system32\dllcache\wupdmgr.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 18432 c:\windows\system32\dllcache\wtsapi32.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 50688 c:\windows\system32\dllcache\wstdecod.dll
    + 2006-08-07 02:23 . 2008-04-13 18:46 19200 c:\windows\system32\dllcache\wstcodec.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 22528 c:\windows\system32\dllcache\wsock32.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 41984 c:\windows\system32\dllcache\wsnmp32.dll
    + 2011-12-17 05:45 . 2004-08-04 03:29 12063 c:\windows\system32\dllcache\wsiintxx.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 19456 c:\windows\system32\dllcache\wshtcpip.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 11264 c:\windows\system32\dllcache\wshrm.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 11776 c:\windows\system32\dllcache\wshisn.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 14336 c:\windows\system32\dllcache\wship6.dll
    + 2005-08-16 09:18 . 2008-05-09 10:53 90112 c:\windows\system32\dllcache\wshext.dll
    - 2008-05-09 10:53 . 2008-05-09 10:53 90112 c:\windows\system32\dllcache\wshext.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 36864 c:\windows\system32\dllcache\wshcon.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 80896 c:\windows\system32\dllcache\wscsvc.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 13824 c:\windows\system32\dllcache\wscntfy.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 12032 c:\windows\system32\dllcache\ws2ifsl.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 19968 c:\windows\system32\dllcache\ws2help.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 82432 c:\windows\system32\dllcache\ws2_32.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 11264 c:\windows\system32\dllcache\wpnpinst.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 32256 c:\windows\system32\dllcache\wpabaln.exe
    + 2001-08-18 03:36 . 2004-08-10 10:00 13824 c:\windows\system32\dllcache\wowfaxui.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 10368 c:\windows\system32\dllcache\wowexec.exe
    + 2005-08-16 09:19 . 2008-04-14 00:12 20480 c:\windows\system32\dllcache\wmpui.dll
    + 2005-08-16 09:19 . 2006-10-19 01:47 99840 c:\windows\system32\dllcache\wmpshell.dll
    + 2005-08-16 09:40 . 2006-10-19 01:46 64000 c:\windows\system32\dllcache\wmplayer.exe
    + 2005-08-16 09:19 . 2008-04-14 00:12 20480 c:\windows\system32\dllcache\wmpcore.dll
    + 2005-08-16 09:19 . 2008-04-14 00:12 20480 c:\windows\system32\dllcache\wmpcd.dll
    + 2005-08-16 09:40 . 2006-10-19 01:47 96256 c:\windows\system32\dllcache\wmpband.dll
    + 2005-08-16 09:37 . 2004-08-10 08:47 69632 c:\windows\system32\dllcache\wmm2ext.dll
    + 2005-08-16 09:37 . 2008-04-14 00:12 95232 c:\windows\system32\dllcache\wmiutils.dll
    + 2005-08-16 09:37 . 2004-08-10 10:00 52224 c:\windows\system32\dllcache\wmitimep.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 55808 c:\windows\system32\dllcache\wmiscmgr.dll
    + 2005-08-16 09:37 . 2008-04-14 00:12 41472 c:\windows\system32\dllcache\wmipsess.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 18944 c:\windows\system32\dllcache\wmiprop.dll
    + 2005-08-16 09:37 . 2008-04-14 00:12 62464 c:\windows\system32\dllcache\wmipjobj.dll
    + 2005-08-16 09:37 . 2008-04-14 00:12 61952 c:\windows\system32\dllcache\wmipiprt.dll
    + 2005-08-16 09:37 . 2004-08-10 10:00 75264 c:\windows\system32\dllcache\wmipicmp.dll
    + 2005-08-16 09:37 . 2004-08-10 10:00 61440 c:\windows\system32\dllcache\wmimsg.dll
    + 2005-08-16 09:37 . 2008-04-14 00:12 60928 c:\windows\system32\dllcache\wmicookr.dll
    + 2005-08-16 09:37 . 2008-04-14 00:12 88576 c:\windows\system32\dllcache\wmiaprpl.dll
    + 2005-08-16 09:37 . 2004-08-10 10:00 45568 c:\windows\system32\dllcache\wmi2xml.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 51200 c:\windows\system32\dllcache\wmerrenu.dll
    + 2005-08-16 09:19 . 2006-10-19 01:47 37376 c:\windows\system32\dllcache\wmdmps.dll
    + 2005-08-16 09:19 . 2006-10-19 01:47 33792 c:\windows\system32\dllcache\wmdmlog.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 92672 c:\windows\system32\dllcache\wlnotify.dll
    + 2011-12-17 05:45 . 2001-08-17 17:12 34890 c:\windows\system32\dllcache\wlandrv2.sys
    + 2008-09-14 01:54 . 2008-04-14 00:12 69120 c:\windows\system32\dllcache\wlanapi.dll
    + 2005-08-16 09:40 . 2004-08-10 10:00 25088 c:\windows\system32\dllcache\wisc10.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 18944 c:\windows\system32\dllcache\winstrm.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 53760 c:\windows\system32\dllcache\winsta.dll
    + 2005-08-16 09:19 . 2008-04-14 00:12 17408 c:\windows\system32\dllcache\winshfhc.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 99328 c:\windows\system32\dllcache\winscard.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 16896 c:\windows\system32\dllcache\winrnr.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 11776 c:\windows\system32\dllcache\winmsd.exe
    + 2005-08-16 09:37 . 2004-08-10 10:00 16384 c:\windows\system32\dllcache\winmgmtr.dll
    + 2005-08-16 09:37 . 2004-08-10 10:00 13312 c:\windows\system32\dllcache\winmgmt.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 32256 c:\windows\system32\dllcache\winipsec.dll
    + 2005-08-16 09:37 . 2004-08-10 10:00 35328 c:\windows\system32\dllcache\winchat.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 13312 c:\windows\system32\dllcache\win87em.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 75776 c:\windows\system32\dllcache\wiascr.dll
    + 2011-12-17 05:45 . 2001-08-18 03:36 53760 c:\windows\system32\dllcache\wiamsmud.dll
    + 2011-12-17 05:45 . 2001-08-18 03:36 87040 c:\windows\system32\dllcache\wiafbdrv.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 13600 c:\windows\system32\dllcache\wfwnet.drv
    + 2005-08-16 09:18 . 2008-04-14 00:12 65024 c:\windows\system32\dllcache\wextract.exe
    + 2011-12-17 05:45 . 2004-08-10 10:00 31232 c:\windows\system32\dllcache\weitekp9.sys
    + 2011-12-17 05:45 . 2004-08-10 10:00 41600 c:\windows\system32\dllcache\weitekp9.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 40448 c:\windows\system32\dllcache\webhits.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 68096 c:\windows\system32\dllcache\webclnt.dll
    + 2006-07-23 00:36 . 2008-04-13 19:17 83072 c:\windows\system32\dllcache\wdmaud.sys
    + 2004-08-04 05:56 . 2008-04-14 00:12 23552 c:\windows\system32\dllcache\wdmaud.drv
    + 2005-08-16 09:18 . 2009-06-25 08:25 54272 c:\windows\system32\dllcache\wdigest.dll
    - 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\system32\dllcache\wdigest.dll
    + 2011-12-17 05:45 . 2004-08-04 03:29 23615 c:\windows\system32\dllcache\wch7xxnt.sys
    + 2011-12-17 05:45 . 2008-04-13 19:45 31744 c:\windows\system32\dllcache\wceusbsh.sys
    + 2011-12-17 05:45 . 2001-08-17 17:10 35871 c:\windows\system32\dllcache\wbfirdma.sys
    + 2005-08-16 09:37 . 2008-04-14 00:12 43520 c:\windows\system32\dllcache\wbemsvc.dll
    + 2005-08-16 09:37 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\wbemprox.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 43008 c:\windows\system32\dllcache\wbemperf.dll
    + 2005-08-16 09:37 . 2008-04-14 00:12 71680 c:\windows\system32\dllcache\wbemcons.dll
    + 2005-08-16 09:37 . 2004-08-10 10:00 12288 c:\windows\system32\dllcache\wbemads.dll
    + 2005-08-16 09:40 . 2004-08-10 10:00 12288 c:\windows\system32\dllcache\wb32.exe
    + 2008-09-14 01:54 . 2004-08-04 02:29 25471 c:\windows\system32\dllcache\watv10nt.sys
    + 2008-09-14 01:54 . 2004-08-04 02:29 22271 c:\windows\system32\dllcache\watv06nt.sys
    + 2011-12-17 05:44 . 2004-08-04 03:29 19551 c:\windows\system32\dllcache\watv02nt.sys
    + 2011-12-17 05:44 . 2004-08-04 03:29 29311 c:\windows\system32\dllcache\watv01nt.sys
    + 2005-08-16 09:18 . 2008-04-13 18:44 17664 c:\windows\system32\dllcache\watchdog.sys
    + 2005-08-16 09:18 . 2008-04-13 18:57 34560 c:\windows\system32\dllcache\wanarp.sys
    + 2008-09-14 01:54 . 2008-04-14 00:12 53248 c:\windows\system32\dllcache\wamreg51.dll
    + 2008-09-14 01:54 . 2008-04-14 00:12 76800 c:\windows\system32\dllcache\wam51.dll
    + 2008-09-14 01:54 . 2004-08-04 02:29 11935 c:\windows\system32\dllcache\wadv11nt.sys
    + 2008-09-14 01:54 . 2004-08-04 02:29 11871 c:\windows\system32\dllcache\wadv09nt.sys
    + 2008-09-14 01:54 . 2004-08-04 02:29 11295 c:\windows\system32\dllcache\wadv08nt.sys
    + 2008-09-14 01:54 . 2004-08-04 02:29 11807 c:\windows\system32\dllcache\wadv07nt.sys
    + 2011-12-17 05:44 . 2004-08-04 03:29 11775 c:\windows\system32\dllcache\wadv05nt.sys
    + 2011-12-17 05:44 . 2004-08-04 03:29 12127 c:\windows\system32\dllcache\wadv02nt.sys
    + 2011-12-17 05:44 . 2004-08-04 03:29 12415 c:\windows\system32\dllcache\wadv01nt.sys
    + 2008-09-14 01:54 . 2008-04-13 18:43 14208 c:\windows\system32\dllcache\wacompen.sys
    + 2005-08-16 09:40 . 2008-04-14 00:12 30208 c:\windows\system32\dllcache\wabmig.exe
    + 2005-08-16 09:40 . 2008-04-14 00:12 85504 c:\windows\system32\dllcache\wabimp.dll
    + 2005-08-16 09:40 . 2008-04-14 00:12 32768 c:\windows\system32\dllcache\wabfind.dll
    - 2010-12-15 02:58 . 2010-10-11 14:59 45568 c:\windows\system32\dllcache\wab.exe
    + 2005-08-16 09:40 . 2010-10-11 14:59 45568 c:\windows\system32\dllcache\wab.exe
    + 2011-12-17 05:44 . 2001-08-17 17:13 16925 c:\windows\system32\dllcache\w940nd.sys
    + 2011-12-17 05:44 . 2001-08-17 17:13 19016 c:\windows\system32\dllcache\w926nd.sys
    + 2011-12-17 05:44 . 2001-08-17 17:13 19528 c:\windows\system32\dllcache\w840nd.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 15872 c:\windows\system32\dllcache\w3ssl.dll
    + 2011-12-17 05:44 . 2004-08-10 10:00 73728 c:\windows\system32\dllcache\w3ext.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 22016 c:\windows\system32\dllcache\w32topl.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 49664 c:\windows\system32\dllcache\w32tm.exe
    + 2011-12-17 05:44 . 2004-08-10 10:00 48256 c:\windows\system32\dllcache\w32.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 19456 c:\windows\system32\dllcache\vwipxspx.dll
    + 2011-12-17 05:44 . 2001-08-17 18:28 64605 c:\windows\system32\dllcache\vvoice.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 33792 c:\windows\system32\dllcache\vssadmin.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 16896 c:\windows\system32\dllcache\vss_ps.dll
    + 2005-08-16 09:18 . 2008-04-13 18:41 52352 c:\windows\system32\dllcache\volsnap.sys
    + 2008-09-14 01:53 . 2008-04-14 00:11 86073 c:\windows\system32\dllcache\voicesub.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 18944 c:\windows\system32\dllcache\vmmreg32.dll
    + 2005-08-16 09:18 . 2008-04-13 18:44 81664 c:\windows\system32\dllcache\videoprt.sys
    + 2011-12-17 05:44 . 2001-08-17 18:49 24576 c:\windows\system32\dllcache\viairda.sys
    + 2005-08-17 02:21 . 2008-04-13 18:36 42240 c:\windows\system32\dllcache\viaagp.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 18176 c:\windows\system32\dllcache\vga64k.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 51456 c:\windows\system32\dllcache\vga256.dll
    + 2005-08-16 09:18 . 2008-04-13 18:44 20992 c:\windows\system32\dllcache\vga.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\version.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 98304 c:\windows\system32\dllcache\verifier.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 26624 c:\windows\system32\dllcache\verifier.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 51712 c:\windows\system32\dllcache\vdmredir.dll
    + 2001-08-17 19:02 . 2004-08-10 10:00 58112 c:\windows\system32\dllcache\vdmindvd.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 26112 c:\windows\system32\dllcache\vdmdbg.dll
    + 2008-09-14 01:54 . 2008-04-14 00:12 11325 c:\windows\system32\dllcache\vchnt5.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 50176 c:\windows\system32\dllcache\utilman.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 25600 c:\windows\system32\dllcache\utildll.dll
    + 2001-08-18 03:36 . 2004-08-10 10:00 49211 c:\windows\system32\dllcache\usrvpa.dll
    + 2001-08-18 03:36 . 2004-08-10 10:00 45116 c:\windows\system32\dllcache\usrvoica.dll
    + 2001-08-18 03:36 . 2004-08-10 10:00 49209 c:\windows\system32\dllcache\usrv80a.dll
    + 2001-08-18 03:36 . 2004-08-10 10:00 41019 c:\windows\system32\dllcache\usrsvpia.dll
    + 2001-08-18 03:37 . 2004-08-10 10:00 69700 c:\windows\system32\dllcache\usrshuta.exe
    + 2001-08-18 03:36 . 2004-08-10 10:00 49211 c:\windows\system32\dllcache\usrsdpia.dll
    + 2001-08-18 03:36 . 2004-08-10 10:00 77883 c:\windows\system32\dllcache\usrrtosa.dll
    + 2001-08-18 03:37 . 2004-08-10 10:00 61508 c:\windows\system32\dllcache\usrprbda.exe
    + 2001-08-18 03:37 . 2004-08-10 10:00 77891 c:\windows\system32\dllcache\usrmlnka.exe
    + 2001-08-18 03:36 . 2004-08-10 10:00 53305 c:\windows\system32\dllcache\usrlbva.dll
    + 2001-08-18 03:36 . 2004-08-10 10:00 86073 c:\windows\system32\dllcache\usrfaxa.dll
    + 2001-08-18 03:36 . 2004-08-10 10:00 77890 c:\windows\system32\dllcache\usrdpa.dll
    + 2001-08-18 03:36 . 2004-08-10 10:00 69699 c:\windows\system32\dllcache\usrcoina.dll
    + 2001-08-18 03:36 . 2004-08-10 10:00 61500 c:\windows\system32\dllcache\usrcntra.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 26112 c:\windows\system32\dllcache\userinit.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 47872 c:\windows\system32\dllcache\user.exe
    + 2005-08-16 09:34 . 2008-04-14 00:12 74240 c:\windows\system32\dllcache\usbui.dll
    + 2004-08-04 04:08 . 2008-04-13 18:45 20608 c:\windows\system32\dllcache\usbuhci.sys
    + 2006-07-28 00:11 . 2008-04-13 18:45 26368 c:\windows\system32\dllcache\usbstor.sys
    + 2011-12-17 05:43 . 2008-04-13 19:45 26112 c:\windows\system32\dllcache\usbser.sys
    + 2006-10-14 14:51 . 2008-04-13 18:47 25856 c:\windows\system32\dllcache\usbprint.sys
    + 2011-12-17 05:43 . 2008-04-13 19:45 17152 c:\windows\system32\dllcache\usbohci.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 16896 c:\windows\system32\dllcache\usbmon.dll
    + 2004-08-04 04:08 . 2008-04-13 18:45 15872 c:\windows\system32\dllcache\usbintel.sys
    + 2004-08-04 04:08 . 2008-04-13 18:45 59520 c:\windows\system32\dllcache\usbhub.sys
    + 2004-08-04 04:08 . 2008-04-13 18:45 30208 c:\windows\system32\dllcache\usbehci.sys
    + 2007-08-04 03:29 . 2008-04-13 18:45 32128 c:\windows\system32\dllcache\usbccgp.sys
    + 2001-08-17 19:03 . 2008-04-13 18:45 25728 c:\windows\system32\dllcache\usbcamd2.sys
    + 2001-08-17 19:03 . 2008-04-13 18:45 25600 c:\windows\system32\dllcache\usbcamd.sys
    + 2007-08-04 03:29 . 2008-04-13 18:45 60032 c:\windows\system32\dllcache\usbaudio.sys
    + 2008-09-14 01:54 . 2008-04-13 18:56 12800 c:\windows\system32\dllcache\usb8023x.sys
    + 2005-08-16 09:18 . 2008-04-13 18:56 12800 c:\windows\system32\dllcache\usb8023.sys
    + 2011-12-17 05:43 . 2004-08-04 03:31 32384 c:\windows\system32\dllcache\usb101et.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 17920 c:\windows\system32\dllcache\ureg.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 18432 c:\windows\system32\dllcache\ups.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 16896 c:\windows\system32\dllcache\upnpcont.exe
    + 2005-08-16 09:37 . 2004-08-10 10:00 16896 c:\windows\system32\dllcache\unsecapp.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 13824 c:\windows\system32\dllcache\uniplat.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 74240 c:\windows\system32\dllcache\unimdmat.dll
    + 2008-09-14 01:53 . 2008-04-14 00:11 76288 c:\windows\system32\dllcache\uniime.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 13312 c:\windows\system32\dllcache\umdmxfrm.dll
    + 2011-12-17 05:43 . 2001-08-18 03:36 94720 c:\windows\system32\dllcache\umaxud32.dll
    + 2011-12-17 05:43 . 2001-08-18 03:36 28160 c:\windows\system32\dllcache\umaxu40.dll
    + 2011-12-17 05:43 . 2001-08-18 03:36 26624 c:\windows\system32\dllcache\umaxu22.dll
    + 2011-12-17 05:43 . 2001-08-18 03:36 69632 c:\windows\system32\dllcache\umaxu12.dll
    + 2011-12-17 05:43 . 2001-08-18 03:36 50688 c:\windows\system32\dllcache\umaxscan.dll
    + 2011-12-17 05:43 . 2001-08-17 18:58 22912 c:\windows\system32\dllcache\umaxpcls.sys
    + 2011-12-17 05:43 . 2001-08-18 03:36 50176 c:\windows\system32\dllcache\umaxp60.dll
    + 2011-12-17 05:43 . 2001-08-18 03:36 47616 c:\windows\system32\dllcache\umaxcam.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 35840 c:\windows\system32\dllcache\umandlg.dll
    + 2005-08-17 02:29 . 2001-08-17 18:52 36736 c:\windows\system32\dllcache\ultra.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 82432 c:\windows\system32\dllcache\ufat.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 26624 c:\windows\system32\dllcache\udhisapi.dll
    + 2005-08-16 09:18 . 2008-04-13 18:32 66048 c:\windows\system32\dllcache\udfs.sys
    + 2008-09-14 01:54 . 2008-04-13 18:36 44672 c:\windows\system32\dllcache\uagp35.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 36352 c:\windows\system32\dllcache\typeperf.exe
    + 2011-12-17 05:42 . 2001-08-17 18:48 11520 c:\windows\system32\dllcache\twotrack.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 57856 c:\windows\system32\dllcache\twext.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 50688 c:\windows\system32\dllcache\twain_32.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 94784 c:\windows\system32\dllcache\twain.dll
    + 2004-08-04 04:03 . 2008-04-13 18:56 12288 c:\windows\system32\dllcache\tunmp.sys
    + 2005-08-16 09:37 . 2004-08-10 10:00 16896 c:\windows\system32\dllcache\tsshutdn.exe
    + 2011-12-17 05:42 . 2004-08-10 10:00 14336 c:\windows\system32\dllcache\tsprof.exe
    + 2008-09-14 01:54 . 2008-04-14 00:12 50688 c:\windows\system32\dllcache\tspkg.dll
    + 2005-08-16 09:37 . 2004-08-10 10:00 16384 c:\windows\system32\dllcache\tskill.exe
    + 2008-09-14 01:54 . 2008-04-14 00:12 53248 c:\windows\system32\dllcache\tsgqec.dll
    + 2005-08-16 09:37 . 2004-08-10 10:00 14848 c:\windows\system32\dllcache\tsdiscon.exe
    + 2005-08-16 09:18 . 2008-04-14 00:13 12168 c:\windows\system32\dllcache\tsddd.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 15360 c:\windows\system32\dllcache\tsd32.dll
    + 2005-08-16 09:37 . 2004-08-10 10:00 14848 c:\windows\system32\dllcache\tscon.exe
    + 2005-08-16 09:37 . 2008-04-14 00:12 93696 c:\windows\system32\dllcache\tscfgwmi.dll
    + 2001-08-17 19:06 . 2004-08-10 10:00 21376 c:\windows\system32\dllcache\tsbvcap.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 52224 c:\windows\system32\dllcache\tsappcmp.dll
    + 2005-08-16 09:37 . 2004-08-10 10:00 59904 c:\windows\system32\dllcache\trnsprov.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 90112 c:\windows\system32\dllcache\trkwks.dll
    + 2005-08-16 09:40 . 2004-08-10 10:00 40960 c:\windows\system32\dllcache\trialoc.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 31232 c:\windows\system32\dllcache\traffic.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 31744 c:\windows\system32\dllcache\tracert6.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 12288 c:\windows\system32\dllcache\tracert.exe
    + 2011-12-17 05:42 . 2001-08-17 17:12 34375 c:\windows\system32\dllcache\tpro4.sys
    + 2011-12-17 05:42 . 2001-08-18 03:35 42496 c:\windows\system32\dllcache\tp4res.dll
    + 2011-12-17 05:42 . 2008-04-14 01:12 82944 c:\windows\system32\dllcache\tp4mon.exe
    + 2011-12-17 05:42 . 2001-08-18 03:36 31744 c:\windows\system32\dllcache\tp4.dll
    + 2001-08-17 19:01 . 2004-08-10 10:00 51712 c:\windows\system32\dllcache\tosdvd.sys
    + 2008-09-14 01:54 . 2008-04-14 00:12 33792 c:\windows\system32\dllcache\tools.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 13888 c:\windows\system32\dllcache\toolhelp.dll
    + 2005-08-16 09:37 . 2004-08-10 10:00 61952 c:\windows\system32\dllcache\tmplprov.dll
    + 2008-09-14 01:53 . 2008-04-14 00:10 10240 c:\windows\system32\dllcache\tmigrate.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 73216 c:\windows\system32\dllcache\tlntsvr.exe
    - 2009-06-12 12:31 . 2009-06-12 12:31 80896 c:\windows\system32\dllcache\tlntsess.exe
    + 2005-08-16 09:18 . 2009-06-12 12:31 80896 c:\windows\system32\dllcache\tlntsess.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 61440 c:\windows\system32\dllcache\tlntadmn.exe
    + 2008-09-14 01:53 . 2004-08-04 02:32 44032 c:\windows\system32\dllcache\tintlphr.exe
    + 2011-12-17 05:41 . 2001-08-17 19:56 81408 c:\windows\system32\dllcache\tgiul50.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 16896 c:\windows\system32\dllcache\tftp.exe
    + 2005-08-16 09:37 . 2008-04-14 00:13 40840 c:\windows\system32\dllcache\termdd.sys
    - 2009-06-12 12:31 . 2009-06-12 12:31 76288 c:\windows\system32\dllcache\telnet.exe
    + 2005-08-16 09:18 . 2009-06-12 12:31 76288 c:\windows\system32\dllcache\telnet.exe
    + 2005-08-16 09:37 . 2008-04-14 00:13 21896 c:\windows\system32\dllcache\tdtcp.sys
    + 2011-12-17 05:41 . 2004-08-10 10:00 19464 c:\windows\system32\dllcache\tdspx.sys
    + 2005-08-16 09:37 . 2008-04-14 00:13 12040 c:\windows\system32\dllcache\tdpipe.sys
    + 2011-12-17 05:41 . 2001-08-17 17:13 17129 c:\windows\system32\dllcache\tdkcd31.sys
    + 2011-12-17 05:41 . 2001-08-17 17:13 37961 c:\windows\system32\dllcache\tdk100b.sys
    + 2011-12-17 05:41 . 2004-08-10 10:00 21896 c:\windows\system32\dllcache\tdipx.sys
    + 2005-08-16 09:18 . 2008-04-13 19:00 19072 c:\windows\system32\dllcache\tdi.sys
    + 2011-12-17 05:41 . 2004-08-10 10:00 13192 c:\windows\system32\dllcache\tdasync.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 19456 c:\windows\system32\dllcache\tcpsvcs.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 45568 c:\windows\system32\dllcache\tcpmonui.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 45568 c:\windows\system32\dllcache\tcpmon.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 14848 c:\windows\system32\dllcache\tcpmib.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 12288 c:\windows\system32\dllcache\tcmsetup.exe
    + 2011-12-17 05:41 . 2001-08-17 18:49 30464 c:\windows\system32\dllcache\tbatm155.sys
    + 2005-08-16 09:33 . 2004-08-10 10:00 15360 c:\windows\system32\dllcache\taskman.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 77824 c:\windows\system32\dllcache\tasklist.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 76288 c:\windows\system32\dllcache\taskkill.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 78848 c:\windows\system32\dllcache\tapiui.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 19200 c:\windows\system32\dllcache\tapi.dll
    + 2005-08-16 09:18 . 2008-04-13 18:40 14976 c:\windows\system32\dllcache\tape.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 33792 c:\windows\system32\dllcache\tabletoc.dll
    + 2011-12-17 05:41 . 2001-08-17 17:50 36640 c:\windows\system32\dllcache\t2r4mini.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 36864 c:\windows\system32\dllcache\syskey.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 15872 c:\windows\system32\dllcache\sysinv.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 71680 c:\windows\system32\dllcache\sysinfo.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 18896 c:\windows\system32\dllcache\sysedit.exe
    + 2006-07-23 00:36 . 2008-04-13 19:15 60800 c:\windows\system32\dllcache\sysaudio.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 57856 c:\windows\system32\dllcache\synceng.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 51200 c:\windows\system32\dllcache\syncapp.exe
    + 2005-08-17 02:25 . 2001-08-17 19:07 32640 c:\windows\system32\dllcache\symc8xx.sys
    + 2005-08-17 02:26 . 2001-08-17 19:07 16256 c:\windows\system32\dllcache\symc810.sys
    + 2005-08-17 02:26 . 2001-08-17 19:07 30688 c:\windows\system32\dllcache\sym_u3.sys
    + 2005-08-17 02:24 . 2001-08-17 19:07 28384 c:\windows\system32\dllcache\sym_hi.sys
    + 2011-12-17 05:41 . 2001-08-18 03:36 94293 c:\windows\system32\dllcache\sxports.dll
    + 2011-12-17 05:41 . 2001-08-18 03:36 10240 c:\windows\system32\dllcache\swpidflt.dll
    + 2006-07-23 00:36 . 2008-04-13 18:45 56576 c:\windows\system32\dllcache\swmidi.sys
    + 2011-12-17 05:40 . 2001-08-18 03:36 53760 c:\windows\system32\dllcache\sw_wheel.dll
    + 2011-12-17 05:40 . 2001-08-18 03:36 41472 c:\windows\system32\dllcache\sw_effct.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 14336 c:\windows\system32\dllcache\svchost.exe
    + 2008-09-14 01:54 . 2008-04-14 00:12 46592 c:\windows\system32\dllcache\svcext51.dll
    - 2009-10-21 05:38 . 2009-10-21 05:38 75776 c:\windows\system32\dllcache\strmfilt.dll
    + 2005-08-16 09:18 . 2009-10-21 05:38 75776 c:\windows\system32\dllcache\strmfilt.dll
    + 2006-08-07 02:23 . 2008-04-13 18:46 15232 c:\windows\system32\dllcache\streamip.sys
    + 2004-08-04 04:08 . 2008-04-13 18:45 49408 c:\windows\system32\dllcache\stream.sys
    + 2005-08-16 09:33 . 2008-04-14 00:12 74752 c:\windows\system32\dllcache\storprop.dll
    + 2011-12-17 05:40 . 2001-08-18 03:36 53248 c:\windows\system32\dllcache\stlncoin.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 14848 c:\windows\system32\dllcache\stimon.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 68096 c:\windows\system32\dllcache\sti.dll
    + 2005-08-16 09:37 . 2008-04-14 00:12 86528 c:\windows\system32\dllcache\stdprov.dll
    + 2011-12-17 05:40 . 2001-08-17 18:51 16896 c:\windows\system32\dllcache\stcusb.sys
    + 2005-08-16 09:37 . 2008-04-14 00:12 59392 c:\windows\system32\dllcache\stclient.dll
    + 2011-12-17 05:40 . 2004-08-10 10:00 16896 c:\windows\system32\dllcache\status.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 33280 c:\windows\system32\dllcache\sstub.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 14336 c:\windows\system32\dllcache\ssstars.scr
    + 2008-09-14 01:54 . 2008-04-14 00:12 46592 c:\windows\system32\dllcache\sspifilt.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\ssmyst.scr
    + 2005-08-16 09:18 . 2008-04-14 00:12 47104 c:\windows\system32\dllcache\ssmypics.scr
    + 2005-08-16 09:18 . 2008-04-14 00:12 20992 c:\windows\system32\dllcache\ssmarque.scr
    + 2008-09-14 01:54 . 2008-04-14 00:12 45056 c:\windows\system32\dllcache\ssinc51.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 71680 c:\windows\system32\dllcache\ssdpsrv.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 34816 c:\windows\system32\dllcache\ssdpapi.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 19968 c:\windows\system32\dllcache\ssbezier.scr
    + 2011-12-17 05:40 . 2001-08-17 17:11 48736 c:\windows\system32\dllcache\srwlnd5.sys
    + 2005-08-16 09:18 . 2010-08-27 05:57 99840 c:\windows\system32\dllcache\srvsvc.dll
    - 2010-08-27 05:57 . 2010-08-27 05:57 99840 c:\windows\system32\dllcache\srvsvc.dll
    + 2011-12-17 05:40 . 2001-08-18 03:36 99328 c:\windows\system32\dllcache\srusd.dll
    + 2005-08-16 09:40 . 2004-08-10 10:00 47104 c:\windows\system32\dllcache\srdiag.exe
    + 2005-08-16 09:40 . 2008-04-14 00:12 67584 c:\windows\system32\dllcache\srclient.dll
    + 2005-08-16 09:40 . 2008-04-14 00:12 58434 c:\windows\system32\dllcache\srchctls.dll
    + 2005-08-16 09:40 . 2008-04-13 18:36 73472 c:\windows\system32\dllcache\sr.sys
  25. 952SF

    952SF Newcomer, in training Topic Starter Posts: 34

    + 2011-12-17 05:40 . 2001-08-18 03:36 24660 c:\windows\system32\dllcache\spxupchk.dll
    + 2005-08-16 09:33 . 2004-08-10 10:00 24661 c:\windows\system32\dllcache\spxcoins.dll
    + 2001-08-18 03:36 . 2004-08-10 10:00 72192 c:\windows\system32\dllcache\sprio800.dll
    + 2001-08-18 03:36 . 2004-08-10 10:00 70656 c:\windows\system32\dllcache\sprio600.dll
    - 2010-08-17 13:17 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
    + 2005-08-16 09:18 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 75264 c:\windows\system32\dllcache\spoolss.dll
    + 2005-08-16 09:18 . 2008-04-14 09:42 11264 c:\windows\system32\dllcache\spnpinst.exe
    + 2001-08-18 03:36 . 2004-08-10 10:00 69632 c:\windows\system32\dllcache\spnike.dll
    + 2005-08-16 09:18 . 2008-04-13 18:43 12800 c:\windows\system32\dllcache\spiisupd.exe
    + 2005-08-16 09:18 . 2008-04-13 16:43 62976 c:\windows\system32\dllcache\spgrmr.dll
    + 2011-12-17 05:40 . 2001-08-17 18:51 61824 c:\windows\system32\dllcache\speed.sys
    + 2005-08-16 09:33 . 2004-08-10 10:00 61440 c:\windows\system32\dllcache\spcplui.dll
    + 2005-08-16 09:33 . 2004-08-10 10:00 77824 c:\windows\system32\dllcache\spcommon.dll
    + 2005-08-17 02:22 . 2001-08-17 19:07 19072 c:\windows\system32\dllcache\sparrow.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 24576 c:\windows\system32\dllcache\sort.exe
    + 2011-12-17 05:40 . 2001-08-17 17:51 37040 c:\windows\system32\dllcache\sonypi.sys
    + 2011-12-17 05:39 . 2001-08-17 17:51 20752 c:\windows\system32\dllcache\sonync.sys
    + 2004-08-04 04:09 . 2008-04-13 18:46 25344 c:\windows\system32\dllcache\sonydcam.sys
    + 2005-08-16 09:37 . 2004-08-10 10:00 56832 c:\windows\system32\dllcache\sol.exe
    + 2008-09-14 01:54 . 2008-04-14 00:12 39936 c:\windows\system32\dllcache\snmpthrd.dll
    + 2011-12-17 05:39 . 2004-08-10 10:00 10240 c:\windows\system32\dllcache\snmpstup.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\snmpapi.dll
    + 2008-09-14 01:54 . 2008-04-14 00:12 33280 c:\windows\system32\dllcache\snmp.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 34816 c:\windows\system32\dllcache\sniffpol.dll
    + 2005-08-16 09:37 . 2004-08-10 10:00 40960 c:\windows\system32\dllcache\smtpcons.dll
    + 2008-09-14 01:53 . 2008-04-14 00:12 10752 c:\windows\system32\dllcache\smtpapi.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 50688 c:\windows\system32\dllcache\smss.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 89600 c:\windows\system32\dllcache\smlogsvc.exe
    + 2011-12-17 05:39 . 2001-08-17 17:51 58368 c:\windows\system32\dllcache\smiminib.sys
    + 2011-12-17 05:39 . 2004-08-10 10:00 15872 c:\windows\system32\dllcache\smierrsm.dll
    + 2011-12-17 05:39 . 2001-08-17 17:12 25034 c:\windows\system32\dllcache\smcpwr2n.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 14592 c:\windows\system32\dllcache\smclib.sys
    + 2011-12-17 05:39 . 2001-08-17 17:10 35913 c:\windows\system32\dllcache\smcirda.sys
    + 2011-12-17 05:39 . 2001-08-17 17:12 24576 c:\windows\system32\dllcache\smc8000n.sys
    + 2011-12-17 05:39 . 2008-04-13 19:36 16000 c:\windows\system32\dllcache\smbbatt.sys
    + 2011-12-17 05:39 . 2004-08-10 10:00 31744 c:\windows\system32\dllcache\smb6w.dll
    + 2011-12-17 05:39 . 2001-08-18 03:36 45568 c:\windows\system32\dllcache\smb3w.dll
    + 2011-12-17 05:39 . 2001-08-18 03:36 33792 c:\windows\system32\dllcache\smb0w.dll
    + 2011-12-17 05:39 . 2004-08-10 10:00 31744 c:\windows\system32\dllcache\sma3w.dll
    + 2011-12-17 05:39 . 2001-08-18 03:36 28672 c:\windows\system32\dllcache\sma0w.dll
    + 2011-12-17 05:39 . 2004-08-10 10:00 38912 c:\windows\system32\dllcache\sm9aw.dll
    + 2011-12-17 05:39 . 2004-08-10 10:00 26624 c:\windows\system32\dllcache\sm93w.dll
    + 2011-12-17 05:39 . 2004-08-10 10:00 26624 c:\windows\system32\dllcache\sm92w.dll
    + 2011-12-17 05:39 . 2001-08-18 03:36 28160 c:\windows\system32\dllcache\sm91w.dll
    + 2011-12-17 05:39 . 2004-08-10 10:00 26112 c:\windows\system32\dllcache\sm90w.dll
    + 2011-12-17 05:39 . 2004-08-10 10:00 26112 c:\windows\system32\dllcache\sm8dw.dll
    + 2011-12-17 05:39 . 2004-08-10 10:00 29184 c:\windows\system32\dllcache\sm8cw.dll
    + 2011-12-17 05:39 . 2004-08-10 10:00 26112 c:\windows\system32\dllcache\sm8aw.dll
    + 2011-12-17 05:39 . 2004-08-10 10:00 26112 c:\windows\system32\dllcache\sm89w.dll
    + 2011-12-17 05:39 . 2004-08-10 10:00 30208 c:\windows\system32\dllcache\sm87w.dll
    + 2011-12-17 05:39 . 2004-08-10 10:00 30208 c:\windows\system32\dllcache\sm81w.dll
    + 2011-12-17 05:39 . 2004-08-10 10:00 25088 c:\windows\system32\dllcache\sm59w.dll
    + 2008-09-14 01:54 . 2004-08-04 02:41 13240 c:\windows\system32\dllcache\slwdmsup.sys
    + 2008-09-14 01:54 . 2008-04-14 00:12 73796 c:\windows\system32\dllcache\slserv.exe
    + 2008-09-14 01:54 . 2008-04-14 00:12 32866 c:\windows\system32\dllcache\slrundll.exe
    + 2008-09-14 01:54 . 2004-08-04 02:41 95424 c:\windows\system32\dllcache\slnthal.sys
    + 2006-08-07 02:23 . 2008-04-13 18:46 11136 c:\windows\system32\dllcache\slip.sys
    + 2008-09-14 01:54 . 2008-04-14 00:12 73832 c:\windows\system32\dllcache\slcoinst.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 14848 c:\windows\system32\dllcache\slbrccsp.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 98304 c:\windows\system32\dllcache\slbiop.dll
    + 2011-12-17 05:38 . 2001-08-17 17:12 91294 c:\windows\system32\dllcache\skfpwin.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 26112 c:\windows\system32\dllcache\skeys.exe
    + 2011-12-17 05:38 . 2001-08-17 17:12 94698 c:\windows\system32\dllcache\sk98xwin.sys
    + 2011-12-17 05:38 . 2001-08-17 17:50 50432 c:\windows\system32\dllcache\sisv.sys
    + 2011-12-17 05:38 . 2004-08-04 03:31 32768 c:\windows\system32\dllcache\sisnic.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 13824 c:\windows\system32\dllcache\sisbkup.dll
    + 2005-08-17 02:20 . 2008-04-13 18:36 40960 c:\windows\system32\dllcache\sisagp.sys
    + 2011-12-17 05:38 . 2001-08-17 17:50 68608 c:\windows\system32\dllcache\sis6306p.sys
    + 2011-12-17 05:38 . 2004-08-10 10:00 18944 c:\windows\system32\dllcache\simptcp.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 70144 c:\windows\system32\dllcache\sigverif.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 13312 c:\windows\system32\dllcache\sigtab.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 19456 c:\windows\system32\dllcache\shutdown.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 27648 c:\windows\system32\dllcache\shscrap.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 77824 c:\windows\system32\dllcache\shrpubw.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 45056 c:\windows\system32\dllcache\shmgrate.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 68096 c:\windows\system32\dllcache\shgina.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 25088 c:\windows\system32\dllcache\shfolder.dll
    + 2005-08-16 09:37 . 2004-08-10 10:00 14848 c:\windows\system32\dllcache\shadow.exe
    + 2011-12-17 05:38 . 2001-07-21 19:29 18400 c:\windows\system32\dllcache\sgsmld.sys
    + 2011-12-17 05:38 . 2001-08-17 17:51 98080 c:\windows\system32\dllcache\sgiulnt5.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 23552 c:\windows\system32\dllcache\sfmapi.dll
    + 2011-12-17 05:38 . 2001-08-17 17:19 36480 c:\windows\system32\dllcache\sfmanm.sys
    + 2004-08-04 03:59 . 2008-04-13 18:40 11392 c:\windows\system32\dllcache\sfloppy.sys
    + 2004-08-04 03:59 . 2008-04-13 18:40 11008 c:\windows\system32\dllcache\sffp_sd.sys
    + 2004-08-04 03:59 . 2008-04-13 18:40 11904 c:\windows\system32\dllcache\sffdisk.sys
    + 2008-09-14 01:54 . 2008-04-14 00:12 32768 c:\windows\system32\dllcache\setupn.exe
    + 2005-08-16 09:40 . 2008-04-14 00:12 73216 c:\windows\system32\dllcache\setup50.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 23040 c:\windows\system32\dllcache\setup.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 31232 c:\windows\system32\dllcache\sethc.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 14848 c:\windows\system32\dllcache\serwvdrv.dll
    + 2005-08-16 09:37 . 2008-04-14 00:12 56320 c:\windows\system32\dllcache\servdeps.dll
    + 2011-12-17 05:37 . 2001-08-17 18:48 17664 c:\windows\system32\dllcache\sermouse.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 14336 c:\windows\system32\dllcache\serialui.dll
    + 2004-08-04 04:15 . 2008-04-13 19:15 64512 c:\windows\system32\dllcache\serial.sys
    + 2004-08-04 03:59 . 2008-04-13 18:40 15744 c:\windows\system32\dllcache\serenum.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 13824 c:\windows\system32\dllcache\senscfg.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 39424 c:\windows\system32\dllcache\sens.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 54784 c:\windows\system32\dllcache\sendmail.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 29184 c:\windows\system32\dllcache\sendcmsg.dll
    + 2005-08-16 09:18 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll
    - 2009-02-03 19:59 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\seclogon.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\secedit.exe
    + 2004-08-04 05:56 . 2008-04-14 00:12 29184 c:\windows\system32\dllcache\sdhcinst.dll
    + 2004-08-04 04:07 . 2008-04-13 18:36 79232 c:\windows\system32\dllcache\sdbus.sys
    + 2011-12-17 05:37 . 2008-04-13 19:45 11520 c:\windows\system32\dllcache\scsiscan.sys
    + 2011-12-17 05:37 . 2001-08-17 18:52 11648 c:\windows\system32\dllcache\scsiprnt.sys
    + 2004-08-04 03:59 . 2008-04-13 18:40 96384 c:\windows\system32\dllcache\scsiport.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 10240 c:\windows\system32\dllcache\scriptpw.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 26624 c:\windows\system32\dllcache\scredir.dll
    + 2005-08-16 09:37 . 2008-04-14 00:12 36352 c:\windows\system32\dllcache\scrcons.exe
    + 2011-12-17 05:37 . 2001-08-17 18:51 17280 c:\windows\system32\dllcache\scr111.sys
    + 2011-12-17 05:37 . 2001-08-17 18:51 16640 c:\windows\system32\dllcache\scmstcs.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 20480 c:\windows\system32\dllcache\sclgntfy.dll
    + 2011-12-17 05:37 . 2001-08-17 18:51 23936 c:\windows\system32\dllcache\sccmusbm.sys
    + 2011-12-17 05:37 . 2001-08-17 18:51 23936 c:\windows\system32\dllcache\sccmn50m.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 95744 c:\windows\system32\dllcache\scardsvr.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 69632 c:\windows\system32\dllcache\scarddlg.dll
    + 2005-08-16 09:18 . 2009-02-06 10:39 35328 c:\windows\system32\dllcache\sc.exe
    - 2010-03-07 02:01 . 2009-02-06 10:39 35328 c:\windows\system32\dllcache\sc.exe
    + 2011-12-17 05:37 . 2008-04-13 19:40 43904 c:\windows\system32\dllcache\sbp2port.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 13312 c:\windows\system32\dllcache\savedump.exe
    + 2005-08-16 09:33 . 2004-08-10 10:00 36864 c:\windows\system32\dllcache\sapisvr.exe
    + 2005-08-16 09:40 . 2008-04-14 00:12 45568 c:\windows\system32\dllcache\safrslv.dll
    + 2005-08-16 09:40 . 2008-04-14 00:12 29696 c:\windows\system32\dllcache\safrdm.dll
    + 2005-08-16 09:40 . 2008-04-14 00:12 43520 c:\windows\system32\dllcache\safrcdlg.dll
    + 2011-12-17 05:37 . 2001-08-17 17:50 75392 c:\windows\system32\dllcache\s3savmxm.sys
    + 2011-12-17 05:37 . 2001-08-17 17:50 77824 c:\windows\system32\dllcache\s3sav4m.sys
    + 2011-12-17 05:37 . 2001-08-17 17:50 61504 c:\windows\system32\dllcache\s3sav3dm.sys
    + 2011-12-17 05:36 . 2001-08-17 17:50 41216 c:\windows\system32\dllcache\s3mt3d.sys
    + 2011-12-17 05:36 . 2001-08-17 18:57 65664 c:\windows\system32\dllcache\s3legacy.sys
    + 2005-08-16 09:37 . 2004-08-10 10:00 15872 c:\windows\system32\dllcache\rwinsta.exe
    + 2011-12-17 05:36 . 2001-08-18 03:36 82432 c:\windows\system32\dllcache\rwia450.dll
    + 2011-12-17 05:36 . 2001-08-18 03:36 79872 c:\windows\system32\dllcache\rwia430.dll
    + 2011-12-17 05:36 . 2004-08-10 10:00 79872 c:\windows\system32\dllcache\rwia330.dll
    + 2011-12-17 05:36 . 2004-08-10 10:00 79872 c:\windows\system32\dllcache\rwia001.dll
    + 2011-12-17 05:36 . 2008-04-14 01:12 29696 c:\windows\system32\dllcache\rw450ext.dll
    + 2011-12-17 05:36 . 2008-04-14 01:12 27648 c:\windows\system32\dllcache\rw430ext.dll
    + 2008-09-14 01:54 . 2008-04-14 00:12 29184 c:\windows\system32\dllcache\rw330ext.dll
    + 2008-09-14 01:54 . 2008-04-14 00:12 27648 c:\windows\system32\dllcache\rw001ext.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 14336 c:\windows\system32\dllcache\runonce.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 33280 c:\windows\system32\dllcache\rundll32.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 16384 c:\windows\system32\dllcache\runas.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 44032 c:\windows\system32\dllcache\rtutils.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 98304 c:\windows\system32\dllcache\rtm.dll
    + 2011-12-17 05:36 . 2004-08-04 03:31 20992 c:\windows\system32\dllcache\rtl8139.sys
    + 2011-12-17 05:36 . 2001-08-17 17:12 19017 c:\windows\system32\dllcache\rtl8029.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 31744 c:\windows\system32\dllcache\rtipxmib.dll
    + 2011-12-17 05:36 . 2001-08-17 17:19 30720 c:\windows\system32\dllcache\rthwcls.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 77312 c:\windows\system32\dllcache\rtcshare.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 92672 c:\windows\system32\dllcache\rsvpsp.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 23552 c:\windows\system32\dllcache\rsvpmsg.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 62976 c:\windows\system32\dllcache\rsopprov.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 49152 c:\windows\system32\dllcache\rsmui.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 24576 c:\windows\system32\dllcache\rsmsink.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\rsmps.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 49152 c:\windows\system32\dllcache\rsm.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 39936 c:\windows\system32\dllcache\rshx32.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 14848 c:\windows\system32\dllcache\rsh.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 28672 c:\windows\system32\dllcache\rsfsaps.dll
    + 2005-08-16 09:40 . 2008-04-14 00:12 61440 c:\windows\system32\dllcache\rrcm.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 22016 c:\windows\system32\dllcache\rpcns4.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 25600 c:\windows\system32\dllcache\routemon.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 19968 c:\windows\system32\dllcache\route.exe
    + 2011-12-17 05:36 . 2008-04-13 19:40 79104 c:\windows\system32\dllcache\rocket.sys
    + 2008-09-14 01:54 . 2008-04-13 18:56 30592 c:\windows\system32\dllcache\rndismpx.sys
    + 2005-08-16 09:18 . 2008-04-13 18:56 30592 c:\windows\system32\dllcache\rndismp.sys
    + 2011-12-17 05:36 . 2001-08-17 17:12 37563 c:\windows\system32\dllcache\rlnet5.sys
    + 2001-08-17 18:24 . 2004-08-10 10:00 12032 c:\windows\system32\dllcache\riodrv.sys
    + 2001-08-17 18:24 . 2004-08-10 10:00 12032 c:\windows\system32\dllcache\rio8drv.sys
    + 2008-09-14 01:54 . 2008-04-13 18:46 59136 c:\windows\system32\dllcache\rfcomm.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 13824 c:\windows\system32\dllcache\rexec.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 58880 c:\windows\system32\dllcache\resutils.dll
    + 2011-12-17 05:36 . 2001-08-18 03:36 86097 c:\windows\system32\dllcache\reslog32.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 12800 c:\windows\system32\dllcache\replace.exe
    + 2005-08-16 09:37 . 2008-04-14 00:12 60416 c:\windows\system32\dllcache\remotepg.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 32768 c:\windows\system32\dllcache\relog.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 11776 c:\windows\system32\dllcache\regsvr32.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 59904 c:\windows\system32\dllcache\regsvc.dll
    + 2011-12-17 05:36 . 2004-08-10 10:00 14848 c:\windows\system32\dllcache\register.exe
    + 2005-08-16 09:37 . 2004-08-10 10:00 33792 c:\windows\system32\dllcache\regini.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 49664 c:\windows\system32\dllcache\regapi.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 50176 c:\windows\system32\dllcache\reg.exe
    + 2005-08-16 09:35 . 2008-04-13 18:40 57600 c:\windows\system32\dllcache\redbook.sys
    + 2008-09-14 01:54 . 2004-08-04 02:41 13776 c:\windows\system32\dllcache\recagent.sys
    + 2005-08-16 09:37 . 2008-04-14 00:12 67072 c:\windows\system32\dllcache\rdshost.exe
    + 2005-08-16 09:37 . 2008-04-14 00:12 13824 c:\windows\system32\dllcache\rdsaddin.exe
    + 2005-08-16 09:37 . 2008-04-14 00:13 87176 c:\windows\system32\dllcache\rdpwsx.dll
    + 2005-08-16 09:37 . 2008-04-14 00:12 19968 c:\windows\system32\dllcache\rdpsnd.dll
    + 2005-08-16 09:18 . 2008-04-14 00:13 92424 c:\windows\system32\dllcache\rdpdd.dll
    + 2005-08-16 09:37 . 2008-04-14 00:12 62976 c:\windows\system32\dllcache\rdpclip.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 21504 c:\windows\system32\dllcache\rcp.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 35840 c:\windows\system32\dllcache\rcimlby.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 34432 c:\windows\system32\dllcache\rawwan.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 58368 c:\windows\system32\dllcache\rastapi.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 12800 c:\windows\system32\dllcache\rasser.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 16384 c:\windows\system32\dllcache\rassapi.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 23552 c:\windows\system32\dllcache\rasrad.dll
    + 2008-09-14 01:54 . 2008-04-14 00:12 61952 c:\windows\system32\dllcache\rasqec.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 16512 c:\windows\system32\dllcache\raspti.sys
    + 2005-08-16 09:18 . 2008-04-13 19:19 48384 c:\windows\system32\dllcache\raspptp.sys
    + 2005-08-16 09:18 . 2008-04-13 18:57 41472 c:\windows\system32\dllcache\raspppoe.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 56832 c:\windows\system32\dllcache\rasphone.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 22528 c:\windows\system32\dllcache\rasmxs.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 61440 c:\windows\system32\dllcache\rasman.dll
    + 2005-08-16 09:18 . 2008-04-13 19:19 51328 c:\windows\system32\dllcache\rasl2tp.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 11264 c:\windows\system32\dllcache\rasdial.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 11776 c:\windows\system32\dllcache\rasctrs.dll
    - 2009-10-12 13:38 . 2009-10-12 13:38 79872 c:\windows\system32\dllcache\raschap.dll
    + 2005-08-16 09:18 . 2009-10-12 13:38 79872 c:\windows\system32\dllcache\raschap.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 11776 c:\windows\system32\dllcache\rasautou.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 88576 c:\windows\system32\dllcache\rasauto.dll
    + 2008-09-14 01:54 . 2008-04-13 18:41 20736 c:\windows\system32\dllcache\ramdisk.sys
    + 2005-08-16 09:40 . 2008-04-14 00:12 43520 c:\windows\system32\dllcache\racpldlg.dll
    + 2005-08-16 09:37 . 2004-08-10 10:00 22016 c:\windows\system32\dllcache\qwinsta.exe
    + 2011-12-17 05:35 . 2001-08-18 03:36 41472 c:\windows\system32\dllcache\qvusd.dll
    + 2008-09-14 01:54 . 2008-04-14 00:12 76800 c:\windows\system32\dllcache\qutil.dll
    + 2011-12-17 05:35 . 2004-08-10 10:00 16384 c:\windows\system32\dllcache\quser.exe
    + 2005-08-16 09:37 . 2008-04-14 00:12 19968 c:\windows\system32\dllcache\qprocess.exe
    + 2005-08-16 09:40 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\qmgrprxy.dll
    + 2005-08-17 02:26 . 2001-08-17 18:52 49024 c:\windows\system32\dllcache\ql1280.sys
    + 2005-08-17 02:26 . 2001-08-17 18:52 40448 c:\windows\system32\dllcache\ql1240.sys
    + 2005-08-17 02:27 . 2001-08-17 18:52 45312 c:\windows\system32\dllcache\ql12160.sys
    + 2005-08-17 02:26 . 2001-08-17 18:52 33152 c:\windows\system32\dllcache\ql10wnt.sys
    + 2005-08-17 02:26 . 2001-08-17 18:52 40320 c:\windows\system32\dllcache\ql1080.sys
    + 2008-09-14 01:54 . 2008-04-14 00:12 62464 c:\windows\system32\dllcache\qcliprov.dll
    + 2005-08-16 09:37 . 2004-08-10 10:00 16896 c:\windows\system32\dllcache\qappsrv.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 17792 c:\windows\system32\dllcache\ptilink.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 34304 c:\windows\system32\dllcache\pstorsvc.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 43520 c:\windows\system32\dllcache\pstorec.dll
    + 2011-12-17 05:35 . 2001-08-18 03:36 35328 c:\windows\system32\dllcache\psisload.dll
    + 2011-12-17 05:35 . 2001-08-17 18:51 16128 c:\windows\system32\dllcache\pscr.sys
    + 2005-08-16 09:18 . 2008-04-13 18:56 69120 c:\windows\system32\dllcache\psched.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 10752 c:\windows\system32\dllcache\pschdprf.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 96768 c:\windows\system32\dllcache\psbase.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 23040 c:\windows\system32\dllcache\psapi.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 50176 c:\windows\system32\dllcache\proquota.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 27648 c:\windows\system32\dllcache\profmap.dll
    + 2004-08-04 03:59 . 2008-04-13 18:31 35840 c:\windows\system32\dllcache\processr.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 15860 c:\windows\system32\dllcache\prnqctl.vbs
    + 2005-08-16 09:18 . 2004-08-10 10:00 29454 c:\windows\system32\dllcache\prnport.vbs
    + 2005-08-16 09:18 . 2004-08-10 10:00 32546 c:\windows\system32\dllcache\prnmngr.vbs
    + 2005-08-16 09:18 . 2004-08-10 10:00 21527 c:\windows\system32\dllcache\prnjobs.vbs
    + 2005-08-16 09:18 . 2004-08-10 10:00 25415 c:\windows\system32\dllcache\prndrvr.vbs
    + 2005-08-16 09:18 . 2004-08-10 10:00 35755 c:\windows\system32\dllcache\prncnfg.vbs
    + 2005-08-16 09:18 . 2004-08-10 10:00 16384 c:\windows\system32\dllcache\prflbmsg.dll
    + 2011-12-17 05:35 . 2008-04-13 19:41 17664 c:\windows\system32\dllcache\ppa3.sys
    + 2011-12-17 05:35 . 2001-08-17 18:53 17792 c:\windows\system32\dllcache\ppa.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 17408 c:\windows\system32\dllcache\powrprof.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 49152 c:\windows\system32\dllcache\powercfg.exe
    + 2005-08-16 09:37 . 2008-04-14 00:12 92672 c:\windows\system32\dllcache\policman.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 58880 c:\windows\system32\dllcache\pnrpnsp.dll
    + 2005-08-16 09:18 . 2009-03-08 09:31 46592 c:\windows\system32\dllcache\pngfilt.dll
    - 2006-07-23 00:32 . 2009-03-08 09:31 46592 c:\windows\system32\dllcache\pngfilt.dll
    + 2011-12-17 05:35 . 2004-08-10 10:00 11264 c:\windows\system32\dllcache\pmxmcro.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 46592 c:\windows\system32\dllcache\pmspl.dll
    + 2008-09-14 01:53 . 2008-04-14 00:10 67584 c:\windows\system32\dllcache\pmigrate.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 30720 c:\windows\system32\dllcache\plustab.dll
    + 2004-08-04 05:56 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\pjlmon.dll
    + 2008-09-14 01:53 . 2008-04-13 16:43 70144 c:\windows\system32\dllcache\pintlphr.exe
    + 2008-09-14 01:53 . 2008-04-14 00:10 53760 c:\windows\system32\dllcache\pintlcsd.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 33280 c:\windows\system32\dllcache\ping6.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 17920 c:\windows\system32\dllcache\ping.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 35328 c:\windows\system32\dllcache\pifmgr.dll
    + 2005-08-16 09:18 . 2008-04-14 00:11 24064 c:\windows\system32\dllcache\pidgen.dll
    + 2004-08-04 05:56 . 2008-04-14 00:12 35328 c:\windows\system32\dllcache\pid.dll
    + 2011-12-17 05:34 . 2001-08-17 19:07 19840 c:\windows\system32\dllcache\philtune.sys
    + 2011-12-17 05:34 . 2001-08-17 19:04 92416 c:\windows\system32\dllcache\phildec.sys
    + 2011-12-17 05:34 . 2001-08-17 19:04 75776 c:\windows\system32\dllcache\philcam1.sys
    + 2011-12-17 05:34 . 2001-08-18 03:36 16384 c:\windows\system32\dllcache\philcam1.dll
    + 2011-12-17 05:34 . 2004-08-10 10:00 20992 c:\windows\system32\dllcache\permchk.dll
    + 2011-12-17 05:34 . 2008-04-13 19:44 28032 c:\windows\system32\dllcache\perm3.sys
    + 2011-12-17 05:34 . 2008-04-13 19:44 27904 c:\windows\system32\dllcache\perm2.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 12288 c:\windows\system32\dllcache\perfts.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 34816 c:\windows\system32\dllcache\perfproc.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 25088 c:\windows\system32\dllcache\perfos.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 17920 c:\windows\system32\dllcache\perfnet.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 15872 c:\windows\system32\dllcache\perfmon.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 26624 c:\windows\system32\dllcache\perfdisk.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 39936 c:\windows\system32\dllcache\perfctrs.dll
    + 2005-08-17 02:24 . 2001-08-17 19:07 27296 c:\windows\system32\dllcache\perc2.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 15360 c:\windows\system32\dllcache\pentnt.exe
    + 2011-12-17 05:34 . 2001-08-18 03:36 86016 c:\windows\system32\dllcache\pctspk.exe
    + 2011-12-17 05:34 . 2001-08-17 17:11 35328 c:\windows\system32\dllcache\pcntpci5.sys
    + 2011-12-17 05:34 . 2001-08-17 17:11 29769 c:\windows\system32\dllcache\pcntn5m.sys
    + 2011-12-17 05:34 . 2001-08-17 17:11 30282 c:\windows\system32\dllcache\pcntn5hl.sys
    + 2011-12-17 05:34 . 2001-08-17 17:12 26153 c:\windows\system32\dllcache\pcmlm56.sys
    + 2004-08-04 03:59 . 2008-04-13 18:40 24960 c:\windows\system32\dllcache\pciidex.sys
    + 2004-08-04 04:07 . 2008-04-13 18:36 68224 c:\windows\system32\dllcache\pci.sys
    + 2005-08-16 09:40 . 2008-04-14 00:12 38400 c:\windows\system32\dllcache\pchsvc.dll
    + 2011-12-17 05:34 . 2004-08-04 03:31 29502 c:\windows\system32\dllcache\pca200e.sys
    + 2011-12-17 05:34 . 2001-08-17 17:12 30495 c:\windows\system32\dllcache\pc100nds.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 67584 c:\windows\system32\dllcache\pautoenr.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 21504 c:\windows\system32\dllcache\pathping.exe
    + 2005-08-16 09:18 . 2008-04-13 18:40 19712 c:\windows\system32\dllcache\partmgr.sys
    + 2004-08-04 03:59 . 2008-04-13 18:40 80128 c:\windows\system32\dllcache\parport.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 10240 c:\windows\system32\dllcache\panmap.dll
    + 2011-12-17 05:34 . 2004-08-10 10:00 31744 c:\windows\system32\dllcache\pagecnt.dll
    + 2008-09-14 01:53 . 2008-04-14 00:10 15360 c:\windows\system32\dllcache\padrs804.dll
    + 2011-12-17 05:34 . 2004-08-10 10:00 14336 c:\windows\system32\dllcache\padrs412.dll
    + 2011-12-17 05:34 . 2004-08-10 10:00 36927 c:\windows\system32\dllcache\padrs411.dll
    + 2008-09-14 01:53 . 2008-04-14 00:10 15872 c:\windows\system32\dllcache\padrs404.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 58368 c:\windows\system32\dllcache\packager.exe
    + 2004-08-04 03:59 . 2008-04-13 18:31 42752 c:\windows\system32\dllcache\p3.sys
    + 2011-12-17 05:34 . 2001-08-18 03:36 41984 c:\windows\system32\dllcache\ovui2rc.dll
    + 2011-12-17 05:34 . 2001-08-18 03:36 44544 c:\windows\system32\dllcache\ovui2.dll
    + 2011-12-17 05:34 . 2001-08-17 19:05 25216 c:\windows\system32\dllcache\ovsound2.sys
    + 2011-12-17 05:33 . 2001-08-18 03:36 20480 c:\windows\system32\dllcache\ovcomc.dll
    + 2011-12-17 05:33 . 2001-08-17 19:05 31872 c:\windows\system32\dllcache\ovce.sys
    + 2011-12-17 05:33 . 2001-08-17 19:05 28032 c:\windows\system32\dllcache\ovcd.sys
    + 2011-12-17 05:33 . 2001-08-17 19:05 48000 c:\windows\system32\dllcache\ovcam2.sys
    + 2011-12-17 05:33 . 2001-08-17 19:05 25088 c:\windows\system32\dllcache\ovca.sys
    + 2011-12-17 05:33 . 2001-08-17 18:28 54186 c:\windows\system32\dllcache\otcsercb.sys
    + 2011-12-17 05:33 . 2001-08-17 17:12 43689 c:\windows\system32\dllcache\otceth5.sys
    + 2011-12-17 05:33 . 2001-08-17 17:12 27209 c:\windows\system32\dllcache\otc06x5.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 40448 c:\windows\system32\dllcache\osuninst.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 67584 c:\windows\system32\dllcache\osuninst.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 67584 c:\windows\system32\dllcache\opnfiles.exe
    + 2011-12-17 05:33 . 2001-08-17 17:20 54528 c:\windows\system32\dllcache\opl3sax.sys
    + 2005-08-16 09:40 . 2008-04-14 00:12 51200 c:\windows\system32\dllcache\oobebaln.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 69120 c:\windows\system32\dllcache\olethk32.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 22016 c:\windows\system32\dllcache\olesvr32.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 24064 c:\windows\system32\dllcache\olesvr.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 37376 c:\windows\system32\dllcache\olecnv32.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 74752 c:\windows\system32\dllcache\olecli32.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 82944 c:\windows\system32\dllcache\olecli.dll
    + 2005-08-16 09:18 . 2011-09-26 15:41 20480 c:\windows\system32\dllcache\oleaccrc.dll
    - 2011-09-26 15:41 . 2011-09-26 15:41 20480 c:\windows\system32\dllcache\oleaccrc.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 39744 c:\windows\system32\dllcache\ole2.dll
    + 2006-07-23 00:18 . 2008-04-13 18:46 61696 c:\windows\system32\dllcache\ohci1394.sys
    + 2005-08-16 09:40 . 2008-04-14 00:12 35328 c:\windows\system32\dllcache\oemiglib.dll
    + 2005-08-16 09:40 . 2008-04-14 00:12 60416 c:\windows\system32\dllcache\oemig50.exe
    + 2005-08-16 09:18 . 2008-04-13 17:26 12288 c:\windows\system32\dllcache\odbcp32r.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 26224 c:\windows\system32\dllcache\odbc16gt.dll
    + 2005-08-16 09:19 . 2008-04-14 00:12 17408 c:\windows\system32\dllcache\ocmsn.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\ocgen.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 65536 c:\windows\system32\dllcache\nwwks.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 55936 c:\windows\system32\dllcache\nwlnkspx.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 63232 c:\windows\system32\dllcache\nwlnknb.sys
    + 2005-08-16 09:18 . 2008-04-13 18:56 88320 c:\windows\system32\dllcache\nwlnkipx.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 32512 c:\windows\system32\dllcache\nwlnkfwd.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 12416 c:\windows\system32\dllcache\nwlnkflt.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 20480 c:\windows\system32\dllcache\nwcfg.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\ntvdmd.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 36864 c:\windows\system32\dllcache\ntsdexts.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 31744 c:\windows\system32\dllcache\ntsd.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 91136 c:\windows\system32\dllcache\ntprint.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 62976 c:\windows\system32\dllcache\ntoc.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 36864 c:\windows\system32\dllcache\ntmsevt.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 40960 c:\windows\system32\dllcache\ntmsapi.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 14336 c:\windows\system32\dllcache\ntlanui2.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 57856 c:\windows\system32\dllcache\ntlanui.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 44032 c:\windows\system32\dllcache\ntlanman.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 34560 c:\windows\system32\dllcache\ntio804.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 35424 c:\windows\system32\dllcache\ntio412.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 35648 c:\windows\system32\dllcache\ntio411.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 34560 c:\windows\system32\dllcache\ntio404.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 33840 c:\windows\system32\dllcache\ntio.sys
    + 2011-12-17 05:33 . 2001-08-17 17:49 51552 c:\windows\system32\dllcache\ntgrip.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 26112 c:\windows\system32\dllcache\ntdsbcli.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 67072 c:\windows\system32\dllcache\ntdsapi.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 29146 c:\windows\system32\dllcache\ntdos804.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 29274 c:\windows\system32\dllcache\ntdos412.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 29370 c:\windows\system32\dllcache\ntdos411.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 29146 c:\windows\system32\dllcache\ntdos404.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 27866 c:\windows\system32\dllcache\ntdos.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 76800 c:\windows\system32\dllcache\nslookup.exe
    + 2008-09-14 01:54 . 2008-04-14 00:12 44544 c:\windows\system32\dllcache\nsepm.dll
    + 2011-12-17 05:32 . 2008-04-13 19:54 28672 c:\windows\system32\dllcache\nscirda.sys
    + 2011-12-17 05:18 . 2008-04-14 10:42 10240 c:\windows\system32\dllcache\npwmsdrm.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 54784 c:\windows\system32\dllcache\npptools.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\nppagent.exe
    + 2005-08-16 09:18 . 2008-04-13 18:32 30848 c:\windows\system32\dllcache\npfs.sys
    + 2005-08-16 09:40 . 2004-08-10 10:00 35328 c:\windows\system32\dllcache\notiflag.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 69120 c:\windows\system32\dllcache\notepad.exe
    + 2005-08-16 09:18 . 2008-04-13 18:53 40320 c:\windows\system32\dllcache\nmnt.sys
    + 2005-08-16 09:40 . 2008-04-14 00:12 28672 c:\windows\system32\dllcache\nmmkcert.dll
    + 2005-08-16 09:40 . 2004-08-10 10:00 12288 c:\windows\system32\dllcache\nmevtmsg.dll
    + 2005-08-16 09:40 . 2008-04-14 00:12 77824 c:\windows\system32\dllcache\nmcom.dll
    + 2005-08-16 09:40 . 2008-04-14 00:12 81920 c:\windows\system32\dllcache\nmchat.dll
    + 2005-08-16 09:40 . 2008-04-14 00:12 28672 c:\windows\system32\dllcache\nmasnt.dll
    + 2011-12-17 05:32 . 2001-08-17 17:20 87040 c:\windows\system32\dllcache\nm6wdm.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 98304 c:\windows\system32\dllcache\nlhtml.dll
    + 2001-08-17 18:24 . 2004-08-10 10:00 12032 c:\windows\system32\dllcache\nikedrv.sys
    + 2004-08-04 03:58 . 2008-04-13 18:51 61824 c:\windows\system32\dllcache\nic1394.sys
    + 2011-12-17 05:32 . 2001-08-17 17:12 32840 c:\windows\system32\dllcache\ngrpci.sys
    + 2011-12-17 05:32 . 2004-08-10 10:00 53248 c:\windows\system32\dllcache\nextlink.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 80896 c:\windows\system32\dllcache\netui0.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 36864 c:\windows\system32\dllcache\netstat.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 86016 c:\windows\system32\dllcache\netsh.exe
    + 2005-08-16 09:18 . 2008-04-14 00:12 11776 c:\windows\system32\dllcache\netrap.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 77312 c:\windows\system32\dllcache\netoc.dll
    + 2011-12-17 05:32 . 2001-08-17 17:11 65278 c:\windows\system32\dllcache\netflx3.sys
    + 2005-08-16 09:18 . 2008-04-13 18:56 34688 c:\windows\system32\dllcache\netbios.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 42496 c:\windows\system32\dllcache\net.exe
    + 2011-12-17 05:32 . 2001-08-17 17:50 39264 c:\windows\system32\dllcache\neo20xx.sys
    + 2011-12-17 05:32 . 2001-08-18 03:36 60480 c:\windows\system32\dllcache\neo20xx.dll
    + 2011-12-17 05:32 . 2001-08-17 18:49 15872 c:\windows\system32\dllcache\ne2000.sys
    + 2005-08-16 09:18 . 2010-11-02 15:17 40960 c:\windows\system32\dllcache\ndproxy.sys
    - 2010-12-15 03:01 . 2010-11-02 15:17 40960 c:\windows\system32\dllcache\ndproxy.sys
    + 2004-08-04 04:03 . 2008-04-13 18:55 14592 c:\windows\system32\dllcache\ndisuio.sys
    + 2005-08-16 09:18 . 2011-07-08 14:02 10496 c:\windows\system32\dllcache\ndistapi.sys
    - 2011-08-10 05:20 . 2011-07-08 14:02 10496 c:\windows\system32\dllcache\ndistapi.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 57344 c:\windows\system32\dllcache\ndisnpp.dll
    + 2006-08-07 02:23 . 2008-04-13 18:46 10880 c:\windows\system32\dllcache\ndisip.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 18944 c:\windows\system32\dllcache\nddenb32.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 17920 c:\windows\system32\dllcache\nddeapi.dll
    + 2005-08-16 09:37 . 2008-04-14 00:12 47104 c:\windows\system32\dllcache\ncprov.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 36352 c:\windows\system32\dllcache\ncobjapi.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 20480 c:\windows\system32\dllcache\nbtstat.exe
    + 2005-08-16 09:18 . 2004-08-10 10:00 35840 c:\windows\system32\dllcache\narrhook.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 53760 c:\windows\system32\dllcache\narrator.exe
    + 2008-09-14 01:54 . 2008-04-14 00:12 30208 c:\windows\system32\dllcache\napipsec.dll
    + 2006-08-07 02:23 . 2008-04-13 18:46 85248 c:\windows\system32\dllcache\nabtsfec.sys
    + 2011-12-17 05:32 . 2001-08-17 19:56 91488 c:\windows\system32\dllcache\n9i3disp.dll
    + 2011-12-17 05:32 . 2001-08-17 17:50 27936 c:\windows\system32\dllcache\n9i3d.sys
    + 2011-12-17 05:32 . 2001-08-17 17:50 33088 c:\windows\system32\dllcache\n9i128v2.sys
    + 2011-12-17 05:32 . 2001-08-18 03:36 59104 c:\windows\system32\dllcache\n9i128v2.dll
    + 2011-12-17 05:32 . 2001-08-17 17:50 13664 c:\windows\system32\dllcache\n9i128.sys
    + 2011-12-17 05:32 . 2001-08-17 19:56 35392 c:\windows\system32\dllcache\n9i128.dll
    + 2011-12-17 05:31 . 2001-08-17 17:11 52255 c:\windows\system32\dllcache\n1000nt5.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 90624 c:\windows\system32\dllcache\mydocs.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 90112 c:\windows\system32\dllcache\mycomput.dll
    + 2011-12-17 05:31 . 2001-08-17 18:50 75520 c:\windows\system32\dllcache\mxport.sys
    + 2011-12-17 05:31 . 2001-08-17 18:49 19968 c:\windows\system32\dllcache\mxnic.sys
    + 2011-12-17 05:31 . 2001-08-18 03:36 19968 c:\windows\system32\dllcache\mxicfg.dll
    + 2011-12-17 05:31 . 2001-08-17 18:50 21888 c:\windows\system32\dllcache\mxcard.sys
    + 2008-09-14 01:54 . 2008-04-13 18:43 12672 c:\windows\system32\dllcache\mutohpen.sys
    + 2005-08-16 09:18 . 2008-04-14 00:12 90624 c:\windows\system32\dllcache\muisetup.exe
    + 2005-08-16 09:37 . 2008-06-12 14:23 91648 c:\windows\system32\dllcache\mtxoci.dll
    - 2008-06-12 14:23 . 2008-06-12 14:23 91648 c:\windows\system32\dllcache\mtxoci.dll
    + 2005-08-16 09:37 . 2008-04-14 00:12 34304 c:\windows\system32\dllcache\mtxlegih.dll
    + 2005-08-16 09:37 . 2008-04-14 00:12 30720 c:\windows\system32\dllcache\mtxdm.dll
    - 2008-06-12 14:23 . 2008-06-12 14:23 66560 c:\windows\system32\dllcache\mtxclu.dll
    + 2005-08-16 09:18 . 2008-06-12 14:23 66560 c:\windows\system32\dllcache\mtxclu.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 26624 c:\windows\system32\dllcache\msxmlr.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 44032 c:\windows\system32\dllcache\msxml3r.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 37916 c:\windows\system32\dllcache\msxml2r.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 72704 c:\windows\system32\dllcache\msw3prt.dll
    - 2009-11-27 16:07 . 2009-11-27 16:07 28672 c:\windows\system32\dllcache\msvidc32.dll
    + 2005-08-16 09:18 . 2009-11-27 16:07 28672 c:\windows\system32\dllcache\msvidc32.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 57344 c:\windows\system32\dllcache\msvcirt.dll
    + 2005-08-16 09:40 . 2008-04-14 00:12 12288 c:\windows\system32\dllcache\mstinit.exe
    + 2011-12-17 05:31 . 2008-04-13 19:46 49024 c:\windows\system32\dllcache\mstape.sys
    + 2005-08-16 09:40 . 2008-04-14 00:12 57344 c:\windows\system32\dllcache\mst123.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 13312 c:\windows\system32\dllcache\msswch.dll
    + 2005-08-16 09:40 . 2004-08-10 10:00 23552 c:\windows\system32\dllcache\mssoapr.dll
    + 2004-08-04 04:07 . 2008-04-13 18:36 15488 c:\windows\system32\dllcache\mssmbios.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 35840 c:\windows\system32\dllcache\mssign32.dll
    + 2008-09-14 01:53 . 2008-04-13 18:14 76800 c:\windows\system32\dllcache\msshamsg.dll
    + 2005-08-16 09:18 . 2009-11-27 16:07 11264 c:\windows\system32\dllcache\msrle32.dll
    - 2009-11-27 16:07 . 2009-11-27 16:07 11264 c:\windows\system32\dllcache\msrle32.dll
    + 2011-12-17 05:31 . 2001-08-17 18:48 12416 c:\windows\system32\dllcache\msriffwv.sys
    + 2005-08-16 09:18 . 2004-08-10 10:00 60416 c:\windows\system32\dllcache\msratelc.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 69632 c:\windows\system32\dllcache\msr2c.dll
    + 2005-08-16 09:18 . 2008-04-13 16:23 48128 c:\windows\system32\dllcache\msprivs.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 41984 c:\windows\system32\dllcache\msports.dll
    + 2005-08-16 09:19 . 2006-10-19 01:47 27136 c:\windows\system32\dllcache\mspmsnsv.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 29696 c:\windows\system32\dllcache\mspatcha.dll
    + 2005-08-16 09:18 . 2008-04-13 17:24 20480 c:\windows\system32\dllcache\msorc32r.dll
    + 2005-08-16 09:40 . 2008-04-14 00:12 29184 c:\windows\system32\dllcache\msoobe.exe
    + 2005-08-16 09:40 . 2008-04-14 00:12 19456 c:\windows\system32\dllcache\msobweb.dll
    + 2005-08-16 09:40 . 2008-04-14 00:12 30720 c:\windows\system32\dllcache\msobshel.dll
    + 2005-08-16 09:18 . 2004-08-10 10:00 33280 c:\windows\system32\dllcache\msobjs.dll
    + 2005-08-16 09:40 . 2008-04-14 00:12 16384 c:\windows\system32\dllcache\msobdl.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 39936 c:\windows\system32\dllcache\mslwvtts.dll
    + 2005-08-16 09:18 . 2008-04-14 00:12 25088 c:\windows\system32\dllcache\mslbui.dll
    - 2008-05-19 10:33 . 2008-05-19 10:33 18944 c:\windows\system32\dllcache\msisip.dll
    + 2005-08-16 09:18 . 2008-05-19 10:33 18944 c:\windows\system32\dllcache\msisip.dll
    + 2008-09-14 01:53 . 2008-04-14 00:12 40960 c:\windows\system32\dllcache\msiregmv.exe
    + 2011-12-17 05:31 . 2008-04-13 19:54 22016 c:\windows\system32\dllcache\msircomm.sys
    + 2011-12-17 05:31 . 2004-08-10 10:00 98304 c:\windows\system32\dllcache\msir3jp.dll
    + 2005-08-16 09:40 . 2004-08-10 10:00 39936 c:\windows\system32\dllcache\msinfo32.exe
    + 2005-08-16 09:40 . 2008-04-14 00:12 60416 c:\windows\system32\dllcache\msimn.exe


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.