Jump to content


Photo
- - - - -

Sirefef.b, Rootkit, missing internet & network connection


  • This topic is locked This topic is locked
44 replies to this topic

#1 aszu12

aszu12

    New Member

  • Members
  • Pip
  • 26 posts

Posted 24 February 2012 - 09:28 PM

I think that I got slammed by a bunch of viruses that I can't get rid of. Malwarebytes got rid of a few as did Microsoft Essentials. I cannot connect to the internet any longer, and things are pretty dire. I appreciate any assistance. Thank you.

Here are the logs:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_17
Run by User at 21:09:13 on 2012-02-24
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2000.1177 [GMT -5:00]
.
AV: Microsoft Security Essentials *Disabled/Outdated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
c:\drivers\audio\r190031\stacsv.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
svchost.exe
C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
c:\program files\verizon wireless\venturi\Client\ventc.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtTray.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\WINDOWS\system32\AESTFltr.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uWindow Title =
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5081009
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [Google Update] "c:\documents and settings\user\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [ChangeTPMAuth] c:\program files\wave systems corp\common\ChangeTPMAuth.exe /T:NTRU12
mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe
mRun: [SecureUpgrade] c:\program files\wave systems corp\SecureUpgrade.exe
mRun: [EmbassySecurityCheck] "c:\program files\wave systems corp\embassy security setup\EMBASSYSecurityCheck.exe"
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
mRun: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4.0\OpwareSE4.exe"
mRun: [Nikon Message Center 2] c:\program files\nikon\nikon message center 2\NkMC2.exe -s
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [DellControlPoint] "c:\program files\dell\dell controlpoint\Dell.ControlPoint.exe"
mRun: [DellConnectionManager] "c:\program files\dell\dell controlpoint\connection manager\Dell.UCM.exe"
mRun: [DCPstrApp] c:\program files\dell\dell controlpoint\security manager\SecurityDeviceInfoSetRegistryString.exe
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
uPolicies-explorer: NoSimpleStartMenu = 0 (0x0)
uPolicies-explorer: HideClock = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
LSP: mswsock.dll
Trusted Zone: ctest.elynx.net\gateway
Trusted Zone: ditechsecuredocs.net\www
Trusted Zone: elynx.com\gateway
Trusted Zone: elynx.net\aegis
Trusted Zone: elynx.net\ctest
Trusted Zone: elynx.net\forms
Trusted Zone: elynx.net\gateway
Trusted Zone: elynx.net\gmacforms
Trusted Zone: elynx.net\pro
Trusted Zone: elynx.net\secure
Trusted Zone: elynx.net\ssctest
Trusted Zone: elynx.net\stest
Trusted Zone: elynx.net\webpost
Trusted Zone: gmacmsecuredocs.net\www
Trusted Zone: ss3.swiftsend.com\loandocs
Trusted Zone: suntrust.com\mtgdocs
Trusted Zone: swiftsend.com\docs
Trusted Zone: swiftsend.com\gateway
Trusted Zone: swiftsend.com\loandocs
Trusted Zone: swiftsend.com\www
Trusted Zone: swiftsend2.com\docs
Trusted Zone: swiftsend2.com\loandocs
Trusted Zone: swiftview.com\products
Trusted Zone: swiftview.com\www
Trusted Zone: us.hsbc.com\mortgage-esign
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {03A89EFD-E023-A200-A22D-45F77558EB4C} - hxxps://content10.ilinc.com/download/AXCltInstall.dll
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1224078805390
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1224078801343
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{82627534-4036-4530-B136-C5C2800B8E11} : NameServer = 4.2.2.1
TCP: Interfaces\{82627534-4036-4530-B136-C5C2800B8E11} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{99B9E6BD-88B7-47CD-8FBC-9D53D0D32312} : NameServer = 8.8.8.8,8.8.4.4
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: LMIinit - LMIinit.dll
Notify: NecUsb3Sevices - USB3Sw32.dll
Notify: USB3Sw32 - USB3Sw32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 wvauth
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\z4wdr2c5.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: c:\documents and settings\user\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\user\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\user\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\user\local settings\application data\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPCltInstall.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npsview.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
.
============= SERVICES / DRIVERS ===============
.
R0 FixTDSS;TDSS Fixtool driver;c:\windows\system32\drivers\FixTDSS.sys [2012-2-13 26872]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-11-28 116608]
R2 ASFAgent;ASF Agent;c:\program files\intel\asf agent\ASFAgent.exe [2007-4-19 133968]
R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\dell\dell controlpoint\DCPButtonSvc.exe [2008-6-3 386328]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostControlService.exe [2008-7-31 808296]
R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostStorageService.exe [2008-7-31 21352]
R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\dell\dell controlpoint\system manager\DCPSysMgrSvc.exe [2008-8-18 455960]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2010-3-7 47640]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-2-9 652360]
R2 SMManager;Smith Micro Connection Manager Service;c:\program files\dell\dell controlpoint\connection manager\SMManager.exe [2008-9-9 69632]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2008-10-9 108160]
R3 cvusbdrv;Broadcom USH CV;c:\windows\system32\drivers\cvusbdrv.sys [2008-10-9 32808]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [2008-10-9 244368]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-10-9 110080]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-2-9 20464]
R3 pnetmdm;PdaNet Modem;c:\windows\system32\drivers\pnetmdm.sys [2008-10-20 8576]
S?4 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S0 plwgljkh;plwgljkh;c:\windows\system32\drivers\tgnmsga.sys --> c:\windows\system32\drivers\tgnmsga.sys [?]
S1 SASKUTIL;SASKUTIL;\??\c:\program files\superantispyware\saskutil.sys --> c:\program files\superantispyware\SASKUTIL.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\logmein\x86\rainfo.sys --> c:\program files\logmein\x86\RaInfo.sys [?]
S2 NecUsb3;USB3 Service;c:\windows\system32\svchost.exe -k NecUsb3Sevic [2004-8-11 14336]
S3 AsfAlrt;AsfAlrt Service;c:\windows\system32\drivers\Asfalrt.sys [2007-4-19 42832]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
.
=============== Created Last 30 ================
.
2012-02-25 00:19:44 709968 ----a-w- c:\windows\isRS-000.tmp
2012-02-15 00:12:48 154624 ----a-w- c:\windows\system32\dllcache\wlluc48.sys
2012-02-15 00:11:58 397502 ----a-w- c:\windows\system32\dllcache\vpctcom.sys
2012-02-15 00:10:59 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll
2012-02-15 00:09:58 81408 ----a-w- c:\windows\system32\dllcache\tgiul50.dll
2012-02-15 00:08:58 99328 ----a-w- c:\windows\system32\dllcache\srusd.dll
2012-02-15 00:07:59 30208 ----a-w- c:\windows\system32\dllcache\sm87w.dll
2012-02-15 00:06:58 23936 ----a-w- c:\windows\system32\dllcache\sccmusbm.sys
2012-02-15 00:05:57 86097 ----a-w- c:\windows\system32\dllcache\reslog32.dll
2012-02-15 00:04:58 16384 ----a-w- c:\windows\system32\dllcache\philcam1.dll
2012-02-15 00:03:56 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
2012-02-15 00:02:58 75520 ----a-w- c:\windows\system32\dllcache\mxport.sys
2012-02-15 00:01:58 34304 ----a-w- c:\windows\system32\dllcache\migisol.exe
2012-02-15 00:00:59 5632 ----a-w- c:\windows\system32\dllcache\kbdusa.dll
2012-02-14 23:59:59 154496 ----a-w- c:\windows\system32\dllcache\icam4usb.sys
2012-02-14 23:58:59 32768 ----a-w- c:\windows\system32\dllcache\hpgtmcro.dll
2012-02-14 23:51:44 442240 ----a-w- c:\windows\system32\dllcache\fpnpbase.sys
2012-02-14 23:50:58 51200 ----a-w- c:\windows\system32\dllcache\eqnlogr.exe
2012-02-14 23:49:59 229462 ----a-w- c:\windows\system32\dllcache\digifwrk.dll
2012-02-14 23:48:59 714698 ----a-w- c:\windows\system32\dllcache\cbmdmkxx.sys
2012-02-14 23:47:58 5632 ----a-w- c:\windows\system32\dllcache\EXCH_adsiisex.dll
2012-02-14 19:57:45 6557240 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{32855cf5-d49a-40e9-b2a0-98ec0bb5aee5}\mpengine.dll
2012-02-14 19:40:56 -------- d-----w- c:\program files\Microsoft Security Client
2012-02-14 01:16:57 26872 ----a-w- c:\windows\system32\drivers\FixTDSS.sys
2012-02-14 01:16:57 -------- d-----w- c:\documents and settings\user\application data\FixTDSS
2012-02-09 16:51:08 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-08 10:41:28 37888 ----a-w- c:\windows\system32\USB3Sw32.dll
2012-02-08 10:26:40 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
.
==================== Find3M ====================
.
2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe
2010-11-16 15:45:13 3143392 ----a-w- c:\program files\members_files_elderdocx_installation_elderdocxbeta_setup.exe
2010-10-28 20:52:49 75019048 ----a-w- c:\program files\iTunesSetup.exe
2010-03-28 05:12:36 2114184 ----a-w- c:\program files\Install_Facebook_Plug-In_1.0.3.exe
.
============= FINISH: 21:10:12.67 ===============

and then here is the second one:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 10/15/2008 9:29:40 AM
System Uptime: 2/24/2012 7:20:40 PM (2 hours ago)
.
Motherboard: Dell Inc. | | 0NY667
Processor: Intel Pentium III Xeon processor | Microprocessor | 2260/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 53.455 GiB free.
D: is CDROM ()
E: is Removable
X: is NetworkDisk (*NT5CSC) - 149 GiB total, 53.455 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
Description: Officejet Pro 8500 A909n
Device ID: ROOT\IMAGE\0001
Manufacturer: HP
Name: 8500 A909n,192.168.0.250
PNP Device ID: ROOT\IMAGE\0001
Service: StillCam
.
Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
Description: Photosmart D110 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart D110 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
Description: Officejet Pro 8500 A909n
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: HP
Name: Officejet Pro 8500 A909n
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
Class GUID: {4D36E979-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ROOT\PRINTER\0000
Manufacturer:
Name:
PNP Device ID: ROOT\PRINTER\0000
Service:
.
Class GUID: {4D36E979-E325-11CE-BFC1-08002BE10318}
Description: Officejet Pro 8500 A909n
Device ID: ROOT\PRINTER\0002
Manufacturer: HP
Name: Officejet Pro 8500 A909n
PNP Device ID: ROOT\PRINTER\0002
Service:
.
==== System Restore Points ===================
.
RP1: 2/14/2012 10:22:40 PM - System Checkpoint
RP2: 2/14/2012 11:46:18 PM - Installed Dell Driver Reset Tool
RP3: 2/15/2012 3:43:46 AM - Microsoft Antimalware Checkpoint
RP4: 2/24/2012 4:23:38 PM - System Checkpoint
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
8500A909_eDocs
8500A909_Help
8500A909n
Accent WORD Password Recovery 3.00
Across Lite 2.0
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.2.5
Adobe Shockwave Player 11.5
All Day Battery Life Configuration
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Auction Sentry
BAPRINT
Belarc Advisor 7.2
BioAPI Framework
biolsp patch
Bonjour
BPD_DSWizards
bpd_scan
BPDSoftware
BPDSoftware_Ini
Broadcom USH Host Components
Browntech Image Plugin
BufferChm
Canon MP830 User Registration
CCH ViewPlan EPS
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
Curitel PC Card Software
Dell Control Point
Dell ControlPoint Connection Manager
Dell ControlPoint Security Manager
Dell ControlPoint System Manager
Dell Driver Reset Tool
Dell Embassy Trust Suite by Wave Systems
Dell Security Device Driver Pack
Dell Touchpad
Dell Wireless WLAN Card Utility
DesignPro 5.4 Limited Edition
Destination Component
DeviceDiscovery
DivX Setup
DocMgr
DocProc
Document Manager Lite
EMBASSY Security Center
EMBASSY Security Setup
ESC Home Page Plugin
Facebook Plug-In
Fax
File Type Assistant
Final Media Player 2011
Free Media Player 0.1
Free RAR Extract Frog
Gemalto
Google Earth
Google Talk Plugin
Google Update Helper
Google Updater
GoToMeeting 4.5.0.457
High Definition Audio Driver Package - KB835221
HijackThis 1.98.2
HotDocs 2008 PDF Advantage Professional Edition
HotDocs 2008 Professional Edition
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB945436)
Hotfix for Windows XP (KB946554)
Hotfix for Windows XP (KB949764)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Document Manager 2.0
HP Imaging Device Functions 12.0
HP Product Detection
HP Update
iLinc Client
Intel® Graphics Media Accelerator Driver
Intel® Network Connections 13.0.42.0
Intel® PRO Alerting Agent
Intel® Matrix Storage Manager
iTunes
Java™ 6 Update 17
Java™ 6 Update 7
Malwarebytes Anti-Malware version 1.60.1.1000
Media Player Classic - Home Cinema v1.4.2499.0
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In
Microsoft Office Small Business Edition 2003
Microsoft Office Word 2003 Redaction Add-in
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox (3.6.3)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6.0 Parser (KB933579)
NEF Codec
Network
Nikon Message Center 2
NTRU TCG Software Stack
NumberCruncher
OCR Software by I.R.I.S. 12.0
Officejet Pro 8500 A909 Series
Palm Desktop
PdaNet 4.12 for Treo 700p/755p/Centro
Picture Control Utility
PocketMirror (Professional Edition) 4.3.0
PowerDVD
Preboot Manager
Private Information Manager
ProductContext
Quick Title 2.29
QuickBooks Pro 2008
QuickTime
Responsive Time Logger
Roxio Activation Module
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler 3
Roxio Update Manager
Scan
ScanSoft OmniPage SE 4.0
Secure Update
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2530548)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB2586448)
Security Update for Windows Internet Explorer 7 (KB2618444)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Security Wizards
Skype Toolbars
Skype™ 4.2
Sonic CinePlayer Decoder Pack
State Death Tax Manager
Status
Super TextTwist
SupportSoft Assisted Service
SwiftView Viewer
Text Twist (remove only)
Text Twist 2 (remove only)
Tiger Tables Demo
Toolbox
TrayApp
Trusted Drive Manager
tsp patch
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.4053
Venturi Client 3.1.4
ViewNX 2
VoiceOver Kit
VZAccess Manager
Wave Infrastructure Installer
Wave Support Software
WealthCounsel Toolbar
WealthDocs 6.2
WebFldrs XP
WebReg
WIDCOMM Bluetooth Software
Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WordPerfect Office 12
WorkgroupShare Client
.
==== Event Viewer Messages From Past Week ========
.
2/24/2012 4:57:04 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.119.1942.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.8001.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
2/24/2012 4:57:04 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.119.1942.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.8001.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
2/24/2012 4:57:04 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.119.1942.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.8001.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
2/24/2012 4:57:04 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.119.1942.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.8001.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
2/24/2012 4:56:32 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.119.1942.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8001.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
2/24/2012 4:40:29 PM, error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80070002 Error description: The system cannot find the file specified. Reason: The filter driver was unloaded unexpectedly.
2/24/2012 4:40:29 PM, error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80070002 Error description: The system cannot find the file specified. Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
2/24/2012 4:40:29 PM, error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80070002 Error description: The system cannot find the file specified. Reason: The filter driver was unloaded unexpectedly.
2/24/2012 4:40:29 PM, error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80070002 Error description: The system cannot find the file specified. Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
2/24/2012 4:19:21 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time-nw.nist.gov,0x1'. NtpClient will try the DNS lookup again in 120 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
2/24/2012 3:47:18 PM, error: Service Control Manager [7023] - The USB3 Service service terminated with the following error: The specified module could not be found.
2/24/2012 3:19:20 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time-nw.nist.gov,0x1'. NtpClient will try the DNS lookup again in 60 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
2/24/2012 2:50:57 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.119.1942.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.8001.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
2/24/2012 2:50:57 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.119.1942.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.8001.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
2/24/2012 2:50:57 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.119.1942.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.8001.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
2/24/2012 2:50:57 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.119.1942.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.8001.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
2/24/2012 2:50:25 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.119.1942.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8001.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
2/24/2012 2:49:20 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time-nw.nist.gov,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
2/24/2012 2:34:20 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time-nw.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
2/24/2012 2:33:53 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASKUTIL
2/24/2012 2:33:52 PM, error: Service Control Manager [7023] - The YahooAUService service terminated with the following error: The specified module could not be found.
2/24/2012 2:33:52 PM, error: Service Control Manager [7023] - The C-dillacdac11ba service terminated with the following error: The specified module could not be found.
2/24/2012 2:33:51 PM, error: Service Control Manager [7003] - The TCP/IP NetBIOS Helper service depends on the following nonexistent service: NetBT
2/24/2012 2:33:51 PM, error: Service Control Manager [7003] - The DHCP Client service depends on the following nonexistent service: NetBT
2/24/2012 2:33:51 PM, error: Service Control Manager [7000] - The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.
2/24/2012 2:33:50 PM, error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80070002 Error description: The system cannot find the file specified. Reason: The filter driver was unloaded unexpectedly.
2/24/2012 2:33:50 PM, error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80070002 Error description: The system cannot find the file specified. Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
2/24/2012 2:33:50 PM, error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80070002 Error description: The system cannot find the file specified. Reason: The filter driver was unloaded unexpectedly.
2/24/2012 2:33:50 PM, error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80070002 Error description: The system cannot find the file specified. Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
2/24/2012 2:32:38 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the USB3 Service service to connect.
2/24/2012 2:32:38 PM, error: Service Control Manager [7000] - The USB3 Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/24/2012 2:32:37 PM, error: Service Control Manager [7034] - The Venturi Client service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================

#2 Elise

Elise

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 8,721 posts
  • Gender:Female
  • Location:Romania

Posted 25 February 2012 - 12:21 PM

Hello and :welcome:

I see indeed evidence of the sirefef or ZeroAccess rootkit. Please read the following information first.

BACKDOOR WARNING
------------------------------
One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.


COMBOFIX
---------------
Please download ComboFix from one of these locations:
Bleepingcomputer
ForoSpyware
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.
regards, Elise

If I am helping you and I haven't replied within 24 hours, please feel free to send me a PM.

Posted Image


#3 aszu12

aszu12

    New Member

  • Members
  • Pip
  • 26 posts

Posted 25 February 2012 - 03:35 PM

Hi Elise: thanks for your response. I have changed all of my pw's, so do want to continue to try and save the computer.

After disabling Malware Bytes and Microsoft Security Essentials, I also disabled the Windows Firewall.

I installed the combofix to the desktop and ran it. Three error messages have popped up:

1. Dell.UCM.exe has encountered a problem and needs to close. Only choice was to either tell Microsoft about the problem or not. I chose not too (not that I could anyway since I don't have an internet connection).

2. The instruction at "0x006b0067" referenced memory at "0x00d600c6". The memory could not be written. Click on OK to terminate. Click on CANCEL to debug. I have left this screen open until I hear from you.

3. The last is" the machine does not have the 'Microsoft Windows recovery console" installed or alternatively an existing installation of the recovery console may be present but requires updating. I don't know what to do with this one since I don't have an active internet connection which it says it needs.

Thanks for your help.

#4 Elise

Elise

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 8,721 posts
  • Gender:Female
  • Location:Romania

Posted 25 February 2012 - 04:53 PM

Just say No when asked to install the Recovery Console and continue scanning.
regards, Elise

If I am helping you and I haven't replied within 24 hours, please feel free to send me a PM.

Posted Image


#5 aszu12

aszu12

    New Member

  • Members
  • Pip
  • 26 posts

Posted 26 February 2012 - 10:43 AM

OK, so ran ComboFix, got message that stated: "ComboFix has detected the presence of rootkit activity and needs to reboot the machine."

I rebooted, and ComboFix started its thing again, but came back to a blue screen this morning that says as follows: "A problem has been detected and windows has been shut down to prevent damage . . . If this screen appears again, follow these steps:
Check to be sure you have adequate disk space. If a driver is id'd in the stop message, disable the driver or check with the manufacturer for driver updates. Try changing video adapters.

Check with your hardware vendor for any BIOS updates. Diable BIOS memory options such as caching or shadowing. If you need to use Safe Mode to remove or disable components, restart your computer, press F* to select Advanced Startup options, and then select Safe Mode.

Technical information:

*** STOP: 0x0000007E (0xC000001D, 0x9DE7C770, 0xBA4FFBC0, 0xBA4FF8BC)

*** netbt.sys - Address 9DE7C770 base at 9DE78000, DateStamp 48025d1b

Beginning dump of physical memory
Physical memory dump complete.
Contact your system administrator . . .."

I have not rebooted or anything else . . . not sure what to do . . . . Thanks Elise.

#6 Elise

Elise

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 8,721 posts
  • Gender:Female
  • Location:Romania

Posted 26 February 2012 - 11:25 AM

Please reboot your computer and tap F8 until the Advanced boot options come up. Select Safe Mode (the first option) and press enter. Let me know if that loads normally and post me the c:\combofix.txt log if present.
regards, Elise

If I am helping you and I haven't replied within 24 hours, please feel free to send me a PM.

Posted Image


#7 aszu12

aszu12

    New Member

  • Members
  • Pip
  • 26 posts

Posted 26 February 2012 - 12:16 PM

Here you go:

ComboFix 12-02-25.02 - User 02/25/2012 18:15:43.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2000.1485 [GMT -5:00]
Running from: c:\documents and settings\User\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Outdated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\~QTMX38ppafFLNh
c:\documents and settings\All Users\Application Data\~QTMX38ppafFLNhr
c:\documents and settings\All Users\Application Data\QTMX38ppafFLNh
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\User\Desktop\System Check.lnk
c:\documents and settings\User\g2mdlhlpx.exe
c:\documents and settings\User\Start Menu\Programs\System Check
c:\documents and settings\User\Start Menu\Programs\System Check\System Check.lnk
c:\documents and settings\User\Start Menu\Programs\System Check\Uninstall System Check.lnk
c:\windows\$NtUninstallKB60709$
c:\windows\$NtUninstallKB60709$\2888397924
c:\windows\$NtUninstallKB60709$\4036763065\@
c:\windows\$NtUninstallKB60709$\4036763065\cfg.ini
c:\windows\$NtUninstallKB60709$\4036763065\Desktop.ini
c:\windows\$NtUninstallKB60709$\4036763065\L\iahonoel
c:\windows\Downloaded Program Files\PDFDriver8.dll
c:\windows\EventSystem.log
c:\windows\system32\USB3Sw32.dll
c:\windows\system32\zip32.dll
.
c:\windows\system32\drivers\netbt.sys was missing
Restored copy from - c:\windows\system32\dllcache\netbt.sys
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NETWORKLOG
-------\Service_NetworkLog
.
.
((((((((((((((((((((((((( Files Created from 2012-01-26 to 2012-02-26 )))))))))))))))))))))))))))))))
.
.
2012-02-25 23:24 . 2008-04-14 04:51 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2012-02-15 00:08 . 2001-08-18 03:36 7168 ----a-w- c:\windows\system32\dllcache\EXCH_snprfdll.dll
2012-02-15 00:08 . 2001-08-18 03:36 12288 ----a-w- c:\windows\system32\dllcache\EXCH_smtpctrs.dll
2012-02-15 00:07 . 2001-08-18 03:36 26112 ----a-w- c:\windows\system32\dllcache\EXCH_seos.dll
2012-02-15 00:07 . 2001-08-18 03:36 57856 ----a-w- c:\windows\system32\dllcache\EXCH_scripto.dll
2012-02-15 00:05 . 2001-08-18 03:36 23040 ----a-w- c:\windows\system32\dllcache\EXCH_regtrace.exe
2012-02-15 00:03 . 2001-08-18 03:36 38912 ----a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2012-02-15 00:01 . 2004-08-04 10:00 34304 ----a-w- c:\windows\system32\dllcache\migisol.exe
2012-02-15 00:00 . 2004-08-04 10:00 5632 ----a-w- c:\windows\system32\dllcache\kbdusa.dll
2012-02-14 23:59 . 2001-08-17 19:06 154496 ----a-w- c:\windows\system32\dllcache\icam4usb.sys
2012-02-14 23:58 . 2001-08-18 03:36 32768 ----a-w- c:\windows\system32\dllcache\hpgtmcro.dll
2012-02-14 23:51 . 2001-08-17 17:15 442240 ----a-w- c:\windows\system32\dllcache\fpnpbase.sys
2012-02-14 23:50 . 2001-08-18 03:36 51200 ----a-w- c:\windows\system32\dllcache\eqnlogr.exe
2012-02-14 23:49 . 2001-08-18 03:36 229462 ----a-w- c:\windows\system32\dllcache\digifwrk.dll
2012-02-14 23:48 . 2008-04-14 05:16 17024 ----a-w- c:\windows\system32\dllcache\ccdecode.sys
2012-02-14 23:47 . 2004-08-04 10:00 49664 ----a-w- c:\windows\system32\dllcache\adrot.dll
2012-02-14 19:57 . 2012-01-06 01:19 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{32855CF5-D49A-40E9-B2A0-98EC0BB5AEE5}\mpengine.dll
2012-02-14 19:42 . 2012-02-14 19:42 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2012-02-14 19:40 . 2012-02-14 19:41 -------- d-----w- c:\program files\Microsoft Security Client
2012-02-14 01:16 . 2012-02-15 03:03 26872 ----a-w- c:\windows\system32\drivers\FixTDSS.sys
2012-02-14 01:16 . 2012-02-14 01:16 -------- d-----w- c:\documents and settings\User\Application Data\FixTDSS
2012-02-12 08:34 . 2012-02-12 08:37 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2012-02-09 16:51 . 2011-12-10 20:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-09 05:03 . 2012-02-09 05:03 -------- d-----w- c:\documents and settings\Administrator\Application Data\U3
2012-02-08 10:26 . 2012-02-14 19:24 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-25 00:21 . 2008-10-15 13:29 0 ----a-w- c:\documents and settings\User\Local Settings\Application Data\WavXMapDrive.bat
2012-01-31 12:44 . 2010-11-28 10:10 237072 ------w- c:\windows\system32\MpSigStub.exe
2010-11-16 15:45 . 2010-11-16 15:45 3143392 ----a-w- c:\program files\members_files_elderdocx_installation_elderdocxbeta_setup.exe
2010-10-28 20:52 . 2010-10-28 20:44 75019048 ----a-w- c:\program files\iTunesSetup.exe
2010-03-28 05:12 . 2010-03-28 05:10 2114184 ----a-w- c:\program files\Install_Facebook_Plug-In_1.0.3.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{022F2F51-CDDA-4873-8A29-72C66C808A3F}"
[HKEY_CLASSES_ROOT\CLSID\{022F2F51-CDDA-4873-8A29-72C66C808A3F}]
2009-11-07 05:07 297808 ----a-w- c:\windows\system32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{661963C1-99A1-44e7-A671-1CF3768AE9D4}"
[HKEY_CLASSES_ROOT\CLSID\{661963C1-99A1-44e7-A671-1CF3768AE9D4}]
2009-11-07 05:07 297808 ----a-w- c:\windows\system32\mscoree.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-07-01 196608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-10 143360]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-10 170520]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-06-15 178712]
"ChangeTPMAuth"="c:\program files\Wave Systems Corp\Common\ChangeTPMAuth.exe" [2008-05-30 180224]
"WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2008-05-14 105472]
"SecureUpgrade"="c:\program files\Wave Systems Corp\SecureUpgrade.exe" [2008-06-24 243000]
"EmbassySecurityCheck"="c:\program files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe" [2008-06-24 79160]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-06-18 2220032]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-06-29 442467]
"AESTFltr"="c:\windows\system32\AESTFltr.exe" [2008-06-29 466944]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-02-26 128296]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143360]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-09-24 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"Nikon Message Center 2"="c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 619008]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-16 1164584]
"DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2008-05-30 593920]
"DellConnectionManager"="c:\program files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe" [2008-09-09 1486848]
"DCPstrApp"="c:\program files\Dell\Dell ControlPoint\Security Manager\SecurityDeviceInfoSetRegistryString.exe" [2008-08-04 6656]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-8-15 604776]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2008-2-27 972064]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleStartMenu"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2009-09-29 00:34 87352 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 wvauth
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Intuit\\QuickBooks 2008\\QBDBMgrN.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD DX\\PowerDVD.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD DX\\PDVDDXSrv.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\PdaNet 4.12\\PdaNet.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\McAfee\\WGET.EXE"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8100:TCP"= 8100:TCP:*:Disabled:WorkgroupShare (Non-SSL)
"8101:TCP"= 8101:TCP:*:Disabled:WorkgroupShare (SSL)
"8102:UDP"= 8102:UDP:*:Disabled:WorkgroupShare (Monitor)
"8104:UDP"= 8104:UDP:*:Disabled:WorkgroupShare (Monitor)
"8109:TCP"= 8109:TCP:*:Disabled:WorkgroupShare (Free/Busy)
"135:TCP"= 135:TCP:*:Disabled:RPC
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\RemoteAdminSettings]
"Enabled"= 1 (0x1)
.
R0 FixTDSS;TDSS Fixtool driver;c:\windows\system32\drivers\FixTDSS.sys [2/13/2012 8:16 PM 26872]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [11/28/2010 5:05 AM 116608]
S0 plwgljkh;plwgljkh;c:\windows\system32\drivers\tgnmsga.sys --> c:\windows\system32\drivers\tgnmsga.sys [?]
S1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys --> c:\program files\SUPERAntiSpyware\SASKUTIL.sys [?]
S2 ASFAgent;ASF Agent;c:\program files\Intel\ASF Agent\ASFAgent.exe [4/19/2007 5:56 AM 133968]
S2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [6/3/2008 3:28 PM 386328]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [7/31/2008 9:41 PM 808296]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [7/31/2008 9:41 PM 21352]
S2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [8/18/2008 10:39 AM 455960]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/6/2010 7:35 PM 135664]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2/9/2012 11:51 AM 652360]
S2 NecUsb3;USB3 Service;c:\windows\System32\svchost.exe -k NecUsb3Sevic [8/11/2004 5:00 PM 14336]
S2 SMManager;Smith Micro Connection Manager Service;c:\program files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [9/9/2008 2:21 PM 69632]
S3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [10/9/2008 1:23 AM 108160]
S3 AsfAlrt;AsfAlrt Service;c:\windows\system32\drivers\Asfalrt.sys [4/19/2007 5:28 AM 42832]
S3 cvusbdrv;Broadcom USH CV;c:\windows\system32\drivers\cvusbdrv.sys [10/9/2008 1:25 AM 32808]
S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [10/9/2008 1:23 AM 244368]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1/6/2010 7:35 PM 135664]
S3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [10/9/2008 1:25 AM 110080]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2/9/2012 11:51 AM 20464]
S3 pnetmdm;PdaNet Modem;c:\windows\system32\drivers\pnetmdm.sys [10/20/2008 6:21 PM 8576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
NecUsb3Sevic REG_MULTI_SZ NecUsb3
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
PNDIS5
ptbsync
nimcdfxk
yediex
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-25 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-04 02:49]
.
2012-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 00:35]
.
2012-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 00:35]
.
2012-02-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3395202182-1961662859-2963020059-1005Core.job
- c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-30 20:01]
.
2012-02-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3395202182-1961662859-2963020059-1005UA.job
- c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-30 20:01]
.
2012-02-26 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 20:39]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5081009
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
Trusted Zone: ctest.elynx.net\gateway
Trusted Zone: ditechsecuredocs.net\www
Trusted Zone: elynx.com\gateway
Trusted Zone: elynx.net\aegis
Trusted Zone: elynx.net\ctest
Trusted Zone: elynx.net\forms
Trusted Zone: elynx.net\gateway
Trusted Zone: elynx.net\gmacforms
Trusted Zone: elynx.net\pro
Trusted Zone: elynx.net\secure
Trusted Zone: elynx.net\ssctest
Trusted Zone: elynx.net\stest
Trusted Zone: elynx.net\webpost
Trusted Zone: gmacmsecuredocs.net\www
Trusted Zone: ss3.swiftsend.com\loandocs
Trusted Zone: suntrust.com\mtgdocs
Trusted Zone: swiftsend.com\docs
Trusted Zone: swiftsend.com\gateway
Trusted Zone: swiftsend.com\loandocs
Trusted Zone: swiftsend.com\www
Trusted Zone: swiftsend2.com\docs
Trusted Zone: swiftsend2.com\loandocs
Trusted Zone: swiftview.com\products
Trusted Zone: swiftview.com\www
Trusted Zone: us.hsbc.com\mortgage-esign
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{82627534-4036-4530-B136-C5C2800B8E11}: NameServer = 4.2.2.1
TCP: Interfaces\{99B9E6BD-88B7-47CD-8FBC-9D53D0D32312}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\z4wdr2c5.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-LogMeIn GUI - c:\program files\LogMeIn\x86\LogMeInSystray.exe
Notify-NecUsb3Sevices - USB3Sw32.dll
Notify-USB3Sw32 - USB3Sw32.dll
AddRemove-HijackThis - f:\spyware removal\hijackthis\HijackThis.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-26 12:09
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(300)
c:\windows\system32\LMIinit.dll
.
- - - - - - - > 'lsass.exe'(364)
c:\windows\system32\wvauth.dll
c:\windows\system32\biolsp.dll
.
- - - - - - - > 'explorer.exe'(472)
c:\windows\system32\WININET.dll
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmUserInterface.dll
c:\windows\system32\ieframe.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2012-02-26 12:14:03 - machine was rebooted
ComboFix-quarantined-files.txt 2012-02-26 17:14
.
Pre-Run: 60,426,215,424 bytes free
Post-Run: 63,857,205,248 bytes free
.
- - End Of File - - B9837808F54D88A3C204B05418F00EBA

#8 Elise

Elise

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 8,721 posts
  • Gender:Female
  • Location:Romania

Posted 26 February 2012 - 12:31 PM

Hello again,

OTL
-----
Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the NONE button.
  • Copy and Paste the following code into the Posted Image textbox.
    netsvcs
  • Push Posted Image
  • A report will open. Copy and Paste that report in your next reply.

regards, Elise

If I am helping you and I haven't replied within 24 hours, please feel free to send me a PM.

Posted Image


#9 aszu12

aszu12

    New Member

  • Members
  • Pip
  • 26 posts

Posted 26 February 2012 - 01:30 PM

It was hard to see if I actually pasted the netsvcs in the Custom Scans/Fixes textbox, since I couldn't actually see the textbox -- it was just below the bottom of my screen.

This is the report that was produced (in several replies since was too long):

OTL logfile created on: 2/26/2012 1:19:05 PM - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Documents and Settings\User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.95 Gb Total Physical Memory | 1.58 Gb Available Physical Memory | 80.94% Memory free
3.76 Gb Paging File | 3.54 Gb Available in Paging File | 94.08% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.93 Gb Total Space | 59.51 Gb Free Space | 39.96% Space Free | Partition Type: NTFS

Computer Name: 6X0FKH1 | User Name: User | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Modules (No Company Name) ==========

MOD - [2011/10/13 02:20:10 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2008/05/14 17:40:30 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\wxvault.dll
MOD - [2007/07/23 15:04:46 | 000,068,080 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\dlaapi_w.dll


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2012/02/14 22:03:03 | 000,026,872 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\FixTDSS.sys -- (FixTDSS)
DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2009/09/28 19:34:48 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2008/08/18 09:01:26 | 000,037,032 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2008/08/18 09:01:20 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/08/18 09:01:18 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008/08/18 09:01:14 | 000,991,016 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/08/18 09:01:12 | 000,534,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/08/18 08:37:14 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/08/11 12:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/08/10 14:46:24 | 000,110,080 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2008/07/31 21:39:26 | 000,032,808 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV - [2008/07/01 14:22:14 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/07/01 14:12:18 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/06/30 15:47:30 | 000,244,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress) Intel®
DRV - [2008/06/29 17:57:26 | 001,381,914 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2008/06/29 17:57:16 | 000,108,160 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2008/06/24 07:16:52 | 000,172,344 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2008/06/18 18:19:50 | 001,287,552 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/06/04 14:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\PBADRV.sys -- (PBADRV)
DRV - [2008/02/27 12:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2008/02/20 21:19:56 | 000,030,816 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2007/07/23 15:05:20 | 000,009,104 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DLADResM.SYS -- (DLADResM)
DRV - [2007/07/23 15:04:58 | 000,037,360 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007/07/23 15:04:56 | 000,098,448 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007/07/23 15:04:56 | 000,093,552 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007/07/23 15:04:54 | 000,027,216 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007/07/23 15:04:52 | 000,032,848 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007/07/23 15:04:52 | 000,016,304 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007/07/23 15:04:50 | 000,108,752 | ---- | M] (Roxio) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007/07/23 14:49:44 | 000,030,064 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/07/23 14:49:44 | 000,014,576 | ---- | M] (Roxio) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2007/04/19 05:28:12 | 000,042,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Asfalrt.sys -- (AsfAlrt)
DRV - [2006/06/14 10:53:00 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
DRV - [2006/01/01 20:20:56 | 000,008,576 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pnetmdm.sys -- (pnetmdm)
DRV - [2003/04/22 14:47:00 | 000,016,509 | ---- | M] (Palm, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com "
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.15

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\User\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\User\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\User\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/26 20:37:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/23 14:31:52 | 000,000,000 | ---D | M]

[2010/03/07 23:12:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2012/02/14 13:54:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\z4wdr2c5.default\extensions
[2011/01/12 09:22:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\z4wdr2c5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/10/05 00:12:33 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\z4wdr2c5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2012/02/01 09:44:07 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\z4wdr2c5.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012/02/14 13:54:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/03/10 20:55:14 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/11/12 13:59:01 | 000,536,424 | ---- | M] (iLinc Communications, Inc.) -- C:\Program Files\mozilla firefox\plugins\NPCltInstall.dll
[2011/01/17 10:21:39 | 000,742,088 | ---- | M] (SwiftView, Inc.) -- C:\Program Files\mozilla firefox\plugins\npsview.dll

O1 HOSTS File: ([2012/02/26 12:09:03 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ChangeTPMAuth] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [DCPstrApp] C:\Program Files\Dell\Dell ControlPoint\Security Manager\SecurityDeviceInfoSetRegistryString.exe (Broadcom Corporation)
O4 - HKLM..\Run: [DellConnectionManager] C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe (Smith Micro Software, Inc.)
O4 - HKLM..\Run: [DellControlPoint] C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EmbassySecurityCheck] C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LockTaskbar = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LockTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: ctest.elynx.net ([gateway] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ctest.elynx.net ([gateway] https in Trusted sites)
O15 - HKCU\..Trusted Domains: ditechsecuredocs.net ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ditechsecuredocs.net ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.com ([gateway] http in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.com ([gateway] https in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([aegis] http in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([aegis] https in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([ctest] http in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([ctest] https in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([forms] http in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([forms] https in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([gateway] http in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([gateway] https in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([gmacforms] http in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([gmacforms] https in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([pro] http in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([pro] https in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([secure] http in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([secure] https in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([ssctest] http in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([ssctest] https in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([stest] http in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([stest] https in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([webpost] http in Trusted sites)
O15 - HKCU\..Trusted Domains: elynx.net ([webpost] https in Trusted sites)
O15 - HKCU\..Trusted Domains: gmacmsecuredocs.net ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: gmacmsecuredocs.net ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: ss3.swiftsend.com ([loandocs] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ss3.swiftsend.com ([loandocs] https in Trusted sites)
O15 - HKCU\..Trusted Domains: suntrust.com ([mtgdocs] http in Trusted sites)
O15 - HKCU\..Trusted Domains: suntrust.com ([mtgdocs] https in Trusted sites)
O15 - HKCU\..Trusted Domains: swiftsend.com ([docs] http in Trusted sites)
O15 - HKCU\..Trusted Domains: swiftsend.com ([docs] https in Trusted sites)
O15 - HKCU\..Trusted Domains: swiftsend.com ([gateway] http in Trusted sites)
O15 - HKCU\..Trusted Domains: swiftsend.com ([gateway] https in Trusted sites)
O15 - HKCU\..Trusted Domains: swiftsend.com ([loandocs] http in Trusted sites)
O15 - HKCU\..Trusted Domains: swiftsend.com ([loandocs] https in Trusted sites)
O15 - HKCU\..Trusted Domains: swiftsend.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: swiftsend.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: swiftsend2.com ([docs] http in Trusted sites)
O15 - HKCU\..Trusted Domains: swiftsend2.com ([docs] https in Trusted sites)
O15 - HKCU\..Trusted Domains: swiftsend2.com ([loandocs] http in Trusted sites)
O15 - HKCU\..Trusted Domains: swiftsend2.com ([loandocs] https in Trusted sites)
O15 - HKCU\..Trusted Domains: swiftview.com ([products] http in Trusted sites)
O15 - HKCU\..Trusted Domains: swiftview.com ([products] https in Trusted sites)
O15 - HKCU\..Trusted Domains: swiftview.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: swiftview.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: us.hsbc.com ([mortgage-esign] http in Trusted sites)
O15 - HKCU\..Trusted Domains: us.hsbc.com ([mortgage-esign] https in Trusted sites)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {03A89EFD-E023-A200-A22D-45F77558EB4C} https://content10.il...XCltInstall.dll (ILINCInstall102 Class)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.4.3.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1224078805390 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1224078801343 (MUWebControl Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.micros...ntent/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82627534-4036-4530-B136-C5C2800B8E11}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82627534-4036-4530-B136-C5C2800B8E11}: NameServer = 4.2.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{99B9E6BD-88B7-47CD-8FBC-9D53D0D32312}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: PNDIS5 - File not found
NetSvcs: ptbsync - File not found
NetSvcs: nimcdfxk - File not found
NetSvcs: yediex - File not found
NetSvcs: WmdmPmSp - File not found

#10 aszu12

aszu12

    New Member

  • Members
  • Pip
  • 26 posts

Posted 26 February 2012 - 01:34 PM

Part 2 of OTL Log:

========== Files/Folders - Created Within 30 Days ==========

[2012/02/26 13:14:32 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2012/02/26 12:14:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/02/25 18:24:26 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netbt.sys
[2012/02/25 15:25:10 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/02/25 15:25:10 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/02/25 15:25:10 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/02/25 15:25:10 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/02/25 15:25:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/02/25 15:24:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/25 15:24:34 | 004,420,481 | R--- | C] (Swearware) -- C:\Documents and Settings\User\Desktop\ComboFix.exe
[2012/02/24 19:52:41 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\User\Desktop\dds.com
[2012/02/24 15:08:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Desktop\Copied Desktop Misc Folders
[2012/02/24 14:39:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Desktop\Desktop Misc Folders
[2012/02/24 14:31:59 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\User\Desktop\mbam-setup-1.60.1.1000.exe
[2012/02/15 00:26:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2012/02/15 00:26:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CA
[2012/02/14 23:46:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Accessories
[2012/02/14 23:45:10 | 000,647,728 | ---- | C] (Xceed Software Inc. 1-450-442-2626 info@xceedsoft.com www.xceedsoft.com) -- C:\Documents and Settings\User\Desktop\R92578.EXE
[2012/02/14 19:13:32 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2012/02/14 19:13:32 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2012/02/14 19:13:32 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2012/02/14 19:13:32 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2012/02/14 19:13:32 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2012/02/14 19:13:32 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2012/02/14 19:13:31 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2012/02/14 19:13:28 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2012/02/14 19:13:22 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2012/02/14 19:13:09 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2012/02/14 19:13:06 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2012/02/14 19:13:05 | 000,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2012/02/14 19:13:02 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2012/02/14 19:13:01 | 000,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2012/02/14 19:13:00 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2012/02/14 19:12:48 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2012/02/14 19:12:45 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2012/02/14 19:12:40 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2012/02/14 19:12:33 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2012/02/14 19:12:30 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2012/02/14 19:12:27 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2012/02/14 19:12:26 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2012/02/14 19:12:26 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2012/02/14 19:12:23 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2012/02/14 19:12:22 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2012/02/14 19:12:22 | 000,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2012/02/14 19:12:20 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2012/02/14 19:12:18 | 000,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2012/02/14 19:12:17 | 000,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2012/02/14 19:12:17 | 000,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2012/02/14 19:12:16 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2012/02/14 19:12:15 | 000,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2012/02/14 19:12:15 | 000,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2012/02/14 19:12:14 | 000,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2012/02/14 19:12:11 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2012/02/14 19:12:08 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2012/02/14 19:12:05 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2012/02/14 19:12:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2012/02/14 19:12:04 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2012/02/14 19:12:04 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2012/02/14 19:12:04 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2012/02/14 19:12:01 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2012/02/14 19:11:58 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2012/02/14 19:11:55 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2012/02/14 19:11:52 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2012/02/14 19:11:49 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2012/02/14 19:11:47 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2012/02/14 19:11:43 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2012/02/14 19:11:40 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2012/02/14 19:11:37 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2012/02/14 19:11:35 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2012/02/14 19:11:31 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2012/02/14 19:11:29 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2012/02/14 19:11:26 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2012/02/14 19:11:23 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2012/02/14 19:11:22 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2012/02/14 19:11:20 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2012/02/14 19:11:20 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2012/02/14 19:11:18 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2012/02/14 19:11:15 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2012/02/14 19:11:12 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2012/02/14 19:11:10 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2012/02/14 19:11:07 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2012/02/14 19:11:04 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2012/02/14 19:11:02 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2012/02/14 19:10:59 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2012/02/14 19:10:56 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2012/02/14 19:10:54 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2012/02/14 19:10:51 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2012/02/14 19:10:47 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2012/02/14 19:10:47 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2012/02/14 19:10:42 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2012/02/14 19:10:39 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2012/02/14 19:10:37 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2012/02/14 19:10:34 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2012/02/14 19:10:31 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2012/02/14 19:10:29 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2012/02/14 19:10:26 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2012/02/14 19:10:23 | 000,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2012/02/14 19:10:22 | 000,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2012/02/14 19:10:20 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2012/02/14 19:10:14 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2012/02/14 19:10:12 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2012/02/14 19:10:09 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2012/02/14 19:10:05 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2012/02/14 19:10:04 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2012/02/14 19:10:01 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2012/02/14 19:09:58 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2012/02/14 19:09:57 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2012/02/14 19:09:56 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2012/02/14 19:09:54 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2012/02/14 19:09:51 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2012/02/14 19:09:51 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2012/02/14 19:09:50 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2012/02/14 19:09:46 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2012/02/14 19:09:42 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2012/02/14 19:09:40 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2012/02/14 19:09:37 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2012/02/14 19:09:32 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2012/02/14 19:09:30 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2012/02/14 19:09:27 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2012/02/14 19:09:25 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2012/02/14 19:09:22 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2012/02/14 19:09:20 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2012/02/14 19:09:17 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2012/02/14 19:09:16 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2012/02/14 19:09:14 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2012/02/14 19:09:11 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2012/02/14 19:09:09 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2012/02/14 19:09:06 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2012/02/14 19:09:06 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2012/02/14 19:09:01 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2012/02/14 19:08:58 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2012/02/14 19:08:58 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2012/02/14 19:08:54 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2012/02/14 19:08:51 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2012/02/14 19:08:48 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2012/02/14 19:08:45 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2012/02/14 19:08:43 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2012/02/14 19:08:40 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2012/02/14 19:08:38 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2012/02/14 19:08:36 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2012/02/14 19:08:35 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2012/02/14 19:08:35 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2012/02/14 19:08:32 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2012/02/14 19:08:30 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2012/02/14 19:08:29 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2012/02/14 19:08:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2012/02/14 19:08:27 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2012/02/14 19:08:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2012/02/14 19:08:24 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2012/02/14 19:08:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2012/02/14 19:08:23 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2012/02/14 19:08:21 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2012/02/14 19:08:18 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2012/02/14 19:08:16 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2012/02/14 19:08:14 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2012/02/14 19:08:11 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2012/02/14 19:08:11 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2012/02/14 19:08:10 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2012/02/14 19:08:10 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2012/02/14 19:08:08 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2012/02/14 19:08:06 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2012/02/14 19:08:05 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2012/02/14 19:08:03 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2012/02/14 19:08:03 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2012/02/14 19:08:03 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2012/02/14 19:08:03 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2012/02/14 19:08:00 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2012/02/14 19:08:00 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2012/02/14 19:08:00 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2012/02/14 19:08:00 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2012/02/14 19:07:59 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2012/02/14 19:07:59 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2012/02/14 19:07:59 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2012/02/14 19:07:59 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2012/02/14 19:07:59 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2012/02/14 19:07:58 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2012/02/14 19:07:57 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2012/02/14 19:07:55 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2012/02/14 19:07:52 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2012/02/14 19:07:50 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2012/02/14 19:07:47 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2012/02/14 19:07:47 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2012/02/14 19:07:44 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll
[2012/02/14 19:07:42 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys
[2012/02/14 19:07:39 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2012/02/14 19:07:37 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2012/02/14 19:07:35 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2012/02/14 19:07:32 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2012/02/14 19:07:32 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2012/02/14 19:07:32 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2012/02/14 19:07:32 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2012/02/14 19:07:32 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2012/02/14 19:07:26 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2012/02/14 19:07:24 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2012/02/14 19:07:22 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2012/02/14 19:07:19 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2012/02/14 19:07:17 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2012/02/14 19:07:13 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2012/02/14 19:07:12 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2012/02/14 19:07:09 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2012/02/14 19:07:09 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2012/02/14 19:07:06 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2012/02/14 19:07:06 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2012/02/14 19:07:03 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2012/02/14 19:07:01 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2012/02/14 19:06:58 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2012/02/14 19:06:56 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2012/02/14 19:06:55 | 000,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2012/02/14 19:06:52 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2012/02/14 19:06:49 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2012/02/14 19:06:47 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2012/02/14 19:06:44 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2012/02/14 19:06:42 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2012/02/14 19:06:40 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2012/02/14 19:06:37 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2012/02/14 19:06:35 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2012/02/14 19:06:33 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2012/02/14 19:06:31 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2012/02/14 19:06:28 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2012/02/14 19:06:26 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2012/02/14 19:06:24 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2012/02/14 19:06:21 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2012/02/14 19:06:19 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2012/02/14 19:06:18 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/02/14 19:06:18 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/02/14 19:06:17 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2012/02/14 19:06:17 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2012/02/14 19:06:16 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2012/02/14 19:06:16 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2012/02/14 19:06:16 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2012/02/14 19:06:15 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys
[2012/02/14 19:06:13 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2012/02/14 19:06:10 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2012/02/14 19:06:07 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2012/02/14 19:06:04 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2012/02/14 19:06:03 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2012/02/14 19:06:00 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2012/02/14 19:05:57 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2012/02/14 19:05:56 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2012/02/14 19:05:56 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2012/02/14 19:05:51 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2012/02/14 19:05:47 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2012/02/14 19:05:45 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2012/02/14 19:05:42 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2012/02/14 19:05:40 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2012/02/14 19:05:40 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2012/02/14 19:05:39 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2012/02/14 19:05:37 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2012/02/14 19:05:34 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2012/02/14 19:05:32 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2012/02/14 19:05:30 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2012/02/14 19:05:29 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2012/02/14 19:05:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2012/02/14 19:05:24 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2012/02/14 19:05:21 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2012/02/14 19:05:19 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2012/02/14 19:05:17 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2012/02/14 19:05:17 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2012/02/14 19:05:14 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2012/02/14 19:05:14 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2012/02/14 19:05:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2012/02/14 19:05:14 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2012/02/14 19:05:09 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2012/02/14 19:05:07 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2012/02/14 19:05:04 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2012/02/14 19:05:02 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2012/02/14 19:05:00 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2012/02/14 19:04:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2012/02/14 19:04:55 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2012/02/14 19:04:55 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2012/02/14 19:04:55 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2012/02/14 19:04:54 | 000,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2012/02/14 19:04:54 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2012/02/14 19:04:54 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2012/02/14 19:04:52 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2012/02/14 19:04:50 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2012/02/14 19:04:48 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2012/02/14 19:04:45 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2012/02/14 19:04:43 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2012/02/14 19:04:41 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2012/02/14 19:04:40 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2012/02/14 19:04:38 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2012/02/14 19:04:37 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2012/02/14 19:04:37 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2012/02/14 19:04:37 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2012/02/14 19:04:34 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2012/02/14 19:04:31 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2012/02/14 19:04:29 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2012/02/14 19:04:27 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2012/02/14 19:04:25 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2012/02/14 19:04:22 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2012/02/14 19:04:20 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2012/02/14 19:04:18 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2012/02/14 19:04:16 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2012/02/14 19:04:13 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2012/02/14 19:04:11 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2012/02/14 19:04:09 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2012/02/14 19:04:07 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2012/02/14 19:04:05 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2012/02/14 19:04:02 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2012/02/14 19:03:56 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2012/02/14 19:03:53 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2012/02/14 19:03:49 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2012/02/14 19:03:48 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2012/02/14 19:03:46 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2012/02/14 19:03:43 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2012/02/14 19:03:42 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2012/02/14 19:03:39 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2012/02/14 19:03:37 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2012/02/14 19:03:34 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2012/02/14 19:03:34 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2012/02/14 19:03:33 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2012/02/14 19:03:27 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2012/02/14 19:03:24 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2012/02/14 19:03:22 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2012/02/14 19:03:20 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2012/02/14 19:03:19 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2012/02/14 19:03:17 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2012/02/14 19:03:15 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2012/02/14 19:03:13 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2012/02/14 19:03:11 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2012/02/14 19:03:09 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2012/02/14 19:03:07 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2012/02/14 19:03:05 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2012/02/14 19:03:03 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2012/02/14 19:03:00 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2012/02/14 19:02:58 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2012/02/14 19:02:56 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2012/02/14 19:02:54 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2012/02/14 19:02:52 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2012/02/14 19:02:50 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2012/02/14 19:02:49 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2012/02/14 19:02:47 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2012/02/14 19:02:38 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2012/02/14 19:02:37 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2012/02/14 19:02:34 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2012/02/14 19:02:29 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys
[2012/02/14 19:02:28 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2012/02/14 19:02:28 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2012/02/14 19:02:28 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2012/02/14 19:02:25 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2012/02/14 19:02:20 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2012/02/14 19:02:17 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2012/02/14 19:02:16 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2012/02/14 19:02:07 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2012/02/14 19:02:04 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2012/02/14 19:02:00 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2012/02/14 19:01:58 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe
[2012/02/14 19:01:56 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2012/02/14 19:01:54 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2012/02/14 19:01:53 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2012/02/14 19:01:53 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2012/02/14 19:01:52 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2012/02/14 19:01:50 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2012/02/14 19:01:48 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2012/02/14 19:01:48 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2012/02/14 19:01:45 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2012/02/14 19:01:42 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2012/02/14 19:01:42 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2012/02/14 19:01:39 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2012/02/14 19:01:37 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2012/02/14 19:01:35 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2012/02/14 19:01:33 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2012/02/14 19:01:33 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2012/02/14 19:01:31 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2012/02/14 19:01:29 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2012/02/14 19:01:28 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2012/02/14 19:01:28 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2012/02/14 19:01:26 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2012/02/14 19:01:26 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2012/02/14 19:01:24 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2012/02/14 19:01:21 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2012/02/14 19:01:21 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2012/02/14 19:01:17 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2012/02/14 19:01:15 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2012/02/14 19:01:14 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2012/02/14 19:01:11 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2012/02/14 19:01:10 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2012/02/14 19:01:08 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2012/02/14 19:01:06 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2012/02/14 19:01:06 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2012/02/14 19:01:05 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2012/02/14 19:01:04 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2012/02/14 19:01:02 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2012/02/14 19:01:01 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2012/02/14 19:01:00 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2012/02/14 19:01:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2012/02/14 19:00:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2012/02/14 19:00:57 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2012/02/14 19:00:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2012/02/14 19:00:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2012/02/14 19:00:54 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2012/02/14 19:00:52 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2012/02/14 19:00:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2012/02/14 19:00:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2012/02/14 19:00:43 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2012/02/14 19:00:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2012/02/14 19:00:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2012/02/14 19:00:41 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2012/02/14 19:00:41 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2012/02/14 19:00:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2012/02/14 19:00:38 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2012/02/14 19:00:36 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2012/02/14 19:00:35 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2012/02/14 19:00:33 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2012/02/14 19:00:33 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2012/02/14 19:00:32 | 000,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2012/02/14 19:00:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2012/02/14 19:00:28 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2012/02/14 19:00:26 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2012/02/14 19:00:24 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2012/02/14 19:00:22 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2012/02/14 19:00:21 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2012/02/14 19:00:19 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2012/02/14 19:00:18 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2012/02/14 19:00:17 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2012/02/14 19:00:16 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2012/02/14 19:00:15 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2012/02/14 19:00:14 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2012/02/14 19:00:14 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2012/02/14 19:00:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2012/02/14 19:00:13 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2012/02/14 19:00:12 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2012/02/14 19:00:12 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2012/02/14 19:00:07 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2012/02/14 19:00:05 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2012/02/14 19:00:03 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2012/02/14 19:00:01 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2012/02/14 18:59:59 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2012/02/14 18:59:57 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2012/02/14 18:59:55 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2012/02/14 18:59:53 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2012/02/14 18:59:51 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2012/02/14 18:59:49 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2012/02/14 18:59:48 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2012/02/14 18:59:46 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2012/02/14 18:59:44 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2012/02/14 18:59:42 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2012/02/14 18:59:41 | 000,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2012/02/14 18:59:40 | 000,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2012/02/14 18:59:38 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2012/02/14 18:59:37 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2012/02/14 18:59:36 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2012/02/14 18:59:34 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2012/02/14 18:59:31 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2012/02/14 18:59:29 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2012/02/14 18:59:27 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2012/02/14 18:59:25 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2012/02/14 18:59:23 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2012/02/14 18:59:21 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2012/02/14 18:59:20 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2012/02/14 18:59:18 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2012/02/14 18:59:16 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2012/02/14 18:59:14 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2012/02/14 18:59:12 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2012/02/14 18:59:10 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2012/02/14 18:59:09 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2012/02/14 18:59:08 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2012/02/14 18:59:08 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2012/02/14 18:59:08 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2012/02/14 18:59:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2012/02/14 18:59:05 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2012/02/14 18:59:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2012/02/14 18:59:01 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2012/02/14 18:58:59 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2012/02/14 18:58:58 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2012/02/14 18:58:54 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2012/02/14 18:58:51 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2012/02/14 18:58:47 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2012/02/14 18:58:44 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2012/02/14 18:58:40 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2012/02/14 18:58:38 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2012/02/14 18:58:36 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2012/02/14 18:58:35 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2012/02/14 18:58:33 | 000,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2012/02/14 18:58:32 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2012/02/14 18:58:31 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2012/02/14 18:58:29 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2012/02/14 18:58:28 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2012/02/14 18:58:26 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2012/02/14 18:58:26 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2012/02/14 18:58:24 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2012/02/14 18:58:22 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2012/02/14 18:58:21 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2012/02/14 18:58:20 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2012/02/14 18:58:18 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2012/02/14 18:58:14 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2012/02/14 18:58:13 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2012/02/14 18:58:11 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2012/02/14 18:58:11 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2012/02/14 18:58:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2012/02/14 18:58:08 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2012/02/14 18:51:44 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2012/02/14 18:51:42 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2012/02/14 18:51:41 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2012/02/14 18:51:40 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2012/02/14 18:51:38 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2012/02/14 18:51:37 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2012/02/14 18:51:35 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2012/02/14 18:51:31 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2012/02/14 18:51:30 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2012/02/14 18:51:29 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2012/02/14 18:51:27 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2012/02/14 18:51:26 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2012/02/14 18:51:24 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2012/02/14 18:51:22 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2012/02/14 18:51:21 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2012/02/14 18:51:19 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2012/02/14 18:51:19 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2012/02/14 18:51:18 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2012/02/14 18:51:16 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2012/02/14 18:51:16 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2012/02/14 18:51:15 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2012/02/14 18:51:15 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2012/02/14 18:51:13 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2012/02/14 18:51:13 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2012/02/14 18:51:11 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2012/02/14 18:51:10 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2012/02/14 18:51:08 | 000,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2012/02/14 18:51:07 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2012/02/14 18:51:05 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2012/02/14 18:51:04 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2012/02/14 18:51:03 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2012/02/14 18:51:01 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2012/02/14 18:51:00 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2012/02/14 18:50:58 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2012/02/14 18:50:57 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2012/02/14 18:50:55 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2012/02/14 18:50:54 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2012/02/14 18:50:53 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2012/02/14 18:50:52 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2012/02/14 18:50:50 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2012/02/14 18:50:48 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2012/02/14 18:50:47 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2012/02/14 18:50:46 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2012/02/14 18:50:45 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2012/02/14 18:50:44 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2012/02/14 18:50:43 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2012/02/14 18:50:42 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2012/02/14 18:50:41 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2012/02/14 18:50:40 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2012/02/14 18:50:39 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2012/02/14 18:50:38 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2012/02/14 18:50:37 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2012/02/14 18:50:36 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2012/02/14 18:50:35 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2012/02/14 18:50:34 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2012/02/14 18:50:33 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2012/02/14 18:50:32 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2012/02/14 18:50:32 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2012/02/14 18:50:30 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2012/02/14 18:50:29 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2012/02/14 18:50:26 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2012/02/14 18:50:25 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2012/02/14 18:50:22 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2012/02/14 18:50:21 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2012/02/14 18:50:20 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2012/02/14 18:50:20 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2012/02/14 18:50:19 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2012/02/14 18:50:16 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2012/02/14 18:50:15 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2012/02/14 18:50:14 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2012/02/14 18:50:13 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2012/02/14 18:50:10 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2012/02/14 18:50:09 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2012/02/14 18:50:08 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2012/02/14 18:50:08 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2012/02/14 18:50:06 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2012/02/14 18:50:05 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2012/02/14 18:50:04 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2012/02/14 18:50:03 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2012/02/14 18:50:02 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2012/02/14 18:50:01 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2012/02/14 18:50:01 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2012/02/14 18:50:00 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2012/02/14 18:49:59 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2012/02/14 18:49:58 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2012/02/14 18:49:57 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2012/02/14 18:49:56 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2012/02/14 18:49:56 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2012/02/14 18:49:55 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2012/02/14 18:49:52 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2012/02/14 18:49:52 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2012/02/14 18:49:50 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2012/02/14 18:49:50 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2012/02/14 18:49:49 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2012/02/14 18:49:48 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2012/02/14 18:49:47 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2012/02/14 18:49:46 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2012/02/14 18:49:45 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2012/02/14 18:49:44 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2012/02/14 18:49:43 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2012/02/14 18:49:42 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2012/02/14 18:49:41 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2012/02/14 18:49:38 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2012/02/14 18:49:37 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2012/02/14 18:49:37 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2012/02/14 18:49:36 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2012/02/14 18:49:35 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2012/02/14 18:49:34 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2012/02/14 18:49:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2012/02/14 18:49:33 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2012/02/14 18:49:32 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2012/02/14 18:49:32 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2012/02/14 18:49:31 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2012/02/14 18:49:30 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2012/02/14 18:49:29 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2012/02/14 18:49:28 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2012/02/14 18:49:28 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2012/02/14 18:49:27 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2012/02/14 18:49:26 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2012/02/14 18:49:26 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2012/02/14 18:49:25 | 000,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2012/02/14 18:49:24 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2012/02/14 18:49:23 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2012/02/14 18:49:22 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2012/02/14 18:49:21 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2012/02/14 18:49:20 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2012/02/14 18:49:20 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2012/02/14 18:49:20 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2012/02/14 18:49:19 | 000,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2012/02/14 18:49:18 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2012/02/14 18:49:18 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2012/02/14 18:49:18 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2012/02/14 18:49:15 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2012/02/14 18:49:14 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2012/02/14 18:49:13 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2012/02/14 18:49:13 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2012/02/14 18:49:12 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2012/02/14 18:49:11 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2012/02/14 18:49:10 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2012/02/14 18:49:10 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2012/02/14 18:49:09 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2012/02/14 18:49:09 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2012/02/14 18:49:07 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2012/02/14 18:49:07 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2012/02/14 18:49:06 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2012/02/14 18:49:06 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2012/02/14 18:49:05 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2012/02/14 18:49:05 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2012/02/14 18:49:05 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2012/02/14 18:49:05 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2012/02/14 18:49:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2012/02/14 18:49:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2012/02/14 18:49:04 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2012/02/14 18:49:03 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2012/02/14 18:49:02 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2012/02/14 18:49:02 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2012/02/14 18:49:01 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2012/02/14 18:49:01 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2012/02/14 18:49:00 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2012/02/14 18:48:59 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2012/02/14 18:48:59 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2012/02/14 18:48:58 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2012/02/14 18:48:58 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2012/02/14 18:48:57 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2012/02/14 18:48:56 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2012/02/14 18:48:55 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2012/02/14 18:48:55 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/02/14 18:48:54 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2012/02/14 18:48:53 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2012/02/14 18:48:53 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2012/02/14 18:48:53 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2012/02/14 18:48:52 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2012/02/14 18:48:52 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2012/02/14 18:48:51 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2012/02/14 18:48:51 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2012/02/14 18:48:50 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2012/02/14 18:48:50 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2012/02/14 18:48:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2012/02/14 18:48:39 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2012/02/14 18:48:37 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2012/02/14 18:48:37 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2012/02/14 18:48:37 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2012/02/14 18:48:36 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2012/02/14 18:48:36 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2012/02/14 18:48:35 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2012/02/14 18:48:35 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2012/02/14 18:48:34 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2012/02/14 18:48:34 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2012/02/14 18:48:33 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2012/02/14 18:48:33 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2012/02/14 18:48:33 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2012/02/14 18:48:32 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2012/02/14 18:48:32 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2012/02/14 18:48:31 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2012/02/14 18:48:31 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2012/02/14 18:48:31 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2012/02/14 18:48:30 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2012/02/14 18:48:30 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2012/02/14 18:48:29 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2012/02/14 18:48:28 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2012/02/14 18:48:27 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2012/02/14 18:48:27 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2012/02/14 18:48:27 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2012/02/14 18:48:27 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2012/02/14 18:48:26 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2012/02/14 18:48:26 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2012/02/14 18:48:26 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2012/02/14 18:48:26 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2012/02/14 18:48:25 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2012/02/14 18:48:25 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2012/02/14 18:48:25 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2012/02/14 18:48:24 | 000,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2012/02/14 18:48:24 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2012/02/14 18:48:23 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2012/02/14 18:48:23 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2012/02/14 18:48:23 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2012/02/14 18:48:22 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2012/02/14 18:48:21 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2012/02/14 18:48:21 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2012/02/14 18:48:20 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2012/02/14 18:48:20 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2012/02/14 18:48:15 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2012/02/14 18:48:15 | 000,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2012/02/14 18:48:13 | 000,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2012/02/14 18:48:13 | 000,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2012/02/14 18:48:12 | 000,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2012/02/14 18:48:12 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2012/02/14 18:48:12 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2012/02/14 18:48:11 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2012/02/14 18:48:11 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2012/02/14 18:48:09 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2012/02/14 18:48:09 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2012/02/14 18:48:08 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2012/02/14 18:48:08 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2012/02/14 18:48:07 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2012/02/14 18:48:06 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2012/02/14 18:48:05 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2012/02/14 18:48:04 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2012/02/14 18:48:04 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2012/02/14 18:48:03 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2012/02/14 18:48:03 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2012/02/14 18:48:00 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2012/02/14 18:47:58 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2012/02/14 18:47:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2012/02/14 18:47:57 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2012/02/14 18:47:57 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2012/02/14 18:47:57 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2012/02/14 18:47:56 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2012/02/14 18:47:56 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2012/02/14 18:47:56 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2012/02/14 18:47:55 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2012/02/14 18:47:55 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2012/02/14 18:47:54 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2012/02/14 18:47:53 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2012/02/14 18:47:53 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2012/02/14 18:47:53 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2012/02/14 18:47:52 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2012/02/14 18:47:52 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2012/02/14 18:47:51 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2012/02/14 18:47:51 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2012/02/14 18:47:51 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2012/02/14 18:47:50 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2012/02/14 18:47:50 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2012/02/14 18:47:49 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2012/02/14 18:47:49 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2012/02/14 18:47:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2012/02/14 18:47:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2012/02/14 18:47:31 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2012/02/14 18:47:23 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2012/02/14 18:47:23 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2012/02/14 18:47:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2012/02/14 18:47:22 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2012/02/14 18:47:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2012/02/14 18:47:21 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2012/02/14 18:47:16 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2012/02/14 14:42:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2012/02/14 14:40:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/02/13 20:16:57 | 000,026,872 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\FixTDSS.sys
[2012/02/13 20:16:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\FixTDSS
[2012/02/12 03:34:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2012/02/09 15:52:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\User\Recent
[2012/02/09 11:51:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/02/09 11:51:08 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/02/08 05:42:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2012/02/08 05:42:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/11/16 10:45:02 | 003,143,392 | ---- | C] (ElderCounsel, LLC) -- C:\Program Files\members_files_elderdocx_installation_elderdocxbeta_setup.exe
[2010/10/28 15:44:56 | 075,019,048 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesSetup.exe
[2010/03/28 00:10:38 | 002,114,184 | ---- | C] (Facebook, Inc.) -- C:\Program Files\Install_Facebook_Plug-In_1.0.3.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[

#11 aszu12

aszu12

    New Member

  • Members
  • Pip
  • 26 posts

Posted 26 February 2012 - 01:35 PM

Part 3 (last) of OTL Report:

color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012/02/26 13:09:50 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2012/02/26 12:13:24 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/02/26 12:09:03 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/02/26 12:08:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/26 12:08:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/25 18:14:56 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/25 15:13:14 | 004,420,481 | R--- | M] (Swearware) -- C:\Documents and Settings\User\Desktop\ComboFix.exe
[2012/02/25 14:39:10 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3395202182-1961662859-2963020059-1005UA.job
[2012/02/25 14:26:10 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/25 13:44:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/02/24 19:26:16 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\User\Desktop\dds.com
[2012/02/24 19:21:37 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\WavXMapDrive.bat
[2012/02/24 19:19:44 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/24 18:39:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3395202182-1961662859-2963020059-1005Core.job
[2012/02/24 14:28:06 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\User\Desktop\mbam-setup-1.60.1.1000.exe
[2012/02/24 14:26:05 | 1300,251,648 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Copy of Outlook.pst
[2012/02/14 23:44:00 | 000,647,728 | ---- | M] (Xceed Software Inc. 1-450-442-2626 info@xceedsoft.com www.xceedsoft.com) -- C:\Documents and Settings\User\Desktop\R92578.EXE
[2012/02/14 22:03:03 | 000,026,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\FixTDSS.sys
[2012/02/14 19:46:02 | 000,447,326 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/14 19:46:02 | 000,074,008 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/14 14:51:11 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/02/14 14:24:23 | 000,000,000 | -HS- | M] () -- C:\WINDOWS\System32\dds_trash_log.cmd
[2012/02/09 23:38:31 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/09 16:58:22 | 000,684,297 | ---- | M] () -- C:\Documents and Settings\User\Desktop\unhide.exe
[2012/02/08 21:55:26 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2012/02/08 05:44:58 | 000,103,733 | ---- | M] () -- C:\WINDOWS\System32\itusbcore.dat
[2012/02/08 05:44:58 | 000,000,197 | ---- | M] () -- C:\WINDOWS\System32\itlsvc.dat
[2012/02/08 05:35:29 | 000,000,853 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
[2012/02/07 12:46:36 | 000,000,041 | ---- | M] () -- C:\WINDOWS\System32\KM227125.DAT
[2012/02/07 12:46:36 | 000,000,041 | ---- | M] () -- C:\WINDOWS\KM227125.DAT
[2012/02/07 11:36:43 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Word 2003.lnk
[2012/02/03 16:25:04 | 000,002,513 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Excel 2003.lnk
[2012/01/31 15:40:03 | 000,001,371 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Quick Title.lnk
[2012/01/31 07:44:05 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/25 15:25:10 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/02/25 15:25:10 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/02/25 15:25:10 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/02/25 15:25:10 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/02/25 15:25:10 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/02/15 00:26:56 | 000,000,853 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
[2012/02/15 00:26:48 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\LogMeIn.lnk
[2012/02/14 19:13:28 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2012/02/14 19:13:25 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2012/02/14 19:05:26 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012/02/14 19:05:23 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012/02/14 19:02:17 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012/02/14 19:01:02 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/02/14 19:00:13 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/02/14 18:58:56 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2012/02/14 18:58:52 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2012/02/14 18:58:49 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2012/02/14 18:58:45 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2012/02/14 18:58:42 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2012/02/14 18:58:32 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/02/14 18:50:13 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2012/02/14 18:50:12 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2012/02/14 18:50:11 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2012/02/14 18:48:18 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2012/02/14 18:48:17 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2012/02/14 18:48:17 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2012/02/14 18:48:17 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2012/02/14 18:48:16 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2012/02/14 18:48:16 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2012/02/14 18:48:15 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2012/02/14 18:48:15 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2012/02/14 18:48:14 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2012/02/14 18:48:11 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2012/02/14 14:51:11 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012/02/14 14:46:26 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/02/14 14:41:03 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/02/09 17:05:02 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2012/02/09 17:05:02 | 000,001,836 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickBooks Pro 2008.lnk
[2012/02/09 17:05:02 | 000,001,703 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ViewNX 2.lnk
[2012/02/09 17:05:02 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ElderDocx Beta.lnk
[2012/02/09 17:05:02 | 000,001,645 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCH ViewPlan.lnk
[2012/02/09 17:05:02 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/02/09 17:05:02 | 000,000,646 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Responsive Time Logger.lnk
[2012/02/09 17:05:00 | 000,002,515 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Word 2003.lnk
[2012/02/09 17:05:00 | 000,002,513 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Excel 2003.lnk
[2012/02/09 17:05:00 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/02/09 17:05:00 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalMediaPlayer.lnk
[2012/02/09 17:05:00 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2012/02/09 17:05:00 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/02/09 17:04:57 | 000,002,109 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
[2012/02/09 17:04:57 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
[2012/02/09 17:04:53 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 8.lnk
[2012/02/09 17:04:53 | 000,001,905 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\VZAccess Manager.lnk
[2012/02/09 17:04:53 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2012/02/09 17:04:53 | 000,001,754 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Belarc Advisor.lnk
[2012/02/09 17:04:53 | 000,001,717 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\PowerDVD DX.lnk
[2012/02/09 17:04:53 | 000,001,702 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Across Lite 2.0.lnk
[2012/02/09 17:04:53 | 000,000,901 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\My Bluetooth Places.lnk
[2012/02/09 17:04:53 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2012/02/09 17:04:53 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2012/02/09 17:04:53 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2012/02/09 16:58:22 | 000,684,297 | ---- | C] () -- C:\Documents and Settings\User\Desktop\unhide.exe
[2012/02/09 11:51:10 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/08 21:55:26 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012/02/08 05:44:58 | 000,103,733 | ---- | C] () -- C:\WINDOWS\System32\itusbcore.dat
[2012/02/08 05:44:58 | 000,000,197 | ---- | C] () -- C:\WINDOWS\System32\itlsvc.dat
[2012/02/08 05:26:40 | 000,000,000 | -HS- | C] () -- C:\WINDOWS\System32\dds_trash_log.cmd
[2011/11/14 17:34:37 | 000,000,041 | ---- | C] () -- C:\WINDOWS\System32\KM227125.DAT
[2011/11/14 17:34:37 | 000,000,041 | ---- | C] () -- C:\WINDOWS\KM227125.DAT
[2011/07/04 22:56:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX2.INI
[2011/07/04 22:45:45 | 000,000,268 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\SystemConfiguration
[2011/07/04 22:45:45 | 000,000,268 | R--- | C] () -- C:\Documents and Settings\User\Application Data\Synth Leads
[2011/07/04 22:45:45 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLev.DAT
[2011/07/04 22:45:44 | 000,000,268 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\System Image Utility
[2011/07/04 22:45:44 | 000,000,268 | R--- | C] () -- C:\Documents and Settings\User\Application Data\Synth Basics
[2011/07/04 22:45:44 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLes.DAT
[2011/07/04 22:45:43 | 000,000,268 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\Synth Textures
[2011/07/04 22:45:43 | 000,000,268 | R--- | C] () -- C:\Documents and Settings\User\Application Data\Sync Services
[2011/07/04 22:45:43 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLet.DAT
[2011/03/23 14:31:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\srfvdo.dat
[2010/12/27 11:57:35 | 000,106,120 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/12/01 14:42:42 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\fusioncache.dat
[2010/07/13 10:39:04 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/21 17:25:26 | 000,188,609 | ---- | C] () -- C:\WINDOWS\hpwins22.dat.temp
[2010/06/21 15:33:33 | 000,188,093 | ---- | C] () -- C:\WINDOWS\hpwins22.dat
[2010/06/21 15:33:33 | 000,002,979 | ---- | C] () -- C:\WINDOWS\hpwmdl22.dat
[2010/05/13 16:31:19 | 000,002,979 | ---- | C] () -- C:\WINDOWS\hpwmdl22.dat.temp
[2010/03/07 23:11:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/03/07 11:23:15 | 000,014,220 | -HS- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\Nd4uB3I0oF

< End of report >

#12 Elise

Elise

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 8,721 posts
  • Gender:Female
  • Location:Romania

Posted 26 February 2012 - 02:04 PM

Please rerun OTL and click the NONE button (important, this will shorten the log considerably).

Copy/paste the following text into the "custom scan/fix" field and click Run Scan. Post me the new log.
/md5start
netbt.sys
/md5stop

regards, Elise

If I am helping you and I haven't replied within 24 hours, please feel free to send me a PM.

Posted Image


#13 aszu12

aszu12

    New Member

  • Members
  • Pip
  • 26 posts

Posted 26 February 2012 - 02:31 PM

OTL logfile created on: 2/26/2012 2:25:35 PM - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Documents and Settings\User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.95 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 79.21% Memory free
3.76 Gb Paging File | 3.51 Gb Available in Paging File | 93.25% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.93 Gb Total Space | 59.51 Gb Free Space | 39.96% Space Free | Partition Type: NTFS

Computer Name: 6X0FKH1 | User Name: User | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Custom Scans ==========



< MD5 for: NETBT.SYS >
[2004/08/04 05:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=0C80E410CD2F47134407EE7DD19CC86B -- C:\WINDOWS\$NtServicePackUninstall$\netbt.sys
[2008/04/13 23:51:02 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -- C:\WINDOWS\ServicePackFiles\i386\netbt.sys
[2008/04/13 23:51:02 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -- C:\WINDOWS\system32\dllcache\netbt.sys
[2008/04/13 23:51:02 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -- C:\WINDOWS\system32\drivers\netbt.sys

< End of report >

Thanks Elise

#14 Elise

Elise

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 8,721 posts
  • Gender:Female
  • Location:Romania

Posted 26 February 2012 - 02:34 PM

Lets check the tag values for the service as well.

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

regards, Elise

If I am helping you and I haven't replied within 24 hours, please feel free to send me a PM.

Posted Image


#15 aszu12

aszu12

    New Member

  • Members
  • Pip
  • 26 posts

Posted 26 February 2012 - 04:38 PM

Farbar Service Scanner Version: 22-02-2012
Ran by User (administrator) on 26-02-2012 at 16:37:50
Running from "C:\Documents and Settings\User\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Minimal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.

NetBt Service is not running. Checking service configuration:
The start type of NetBt service is set to Demand. The default start type is System.
The ImagePath of NetBt service is OK.

Tcpip Service is not running. Checking service configuration:
The start type of Tcpip service is OK.
The ImagePath of Tcpip service is OK.

IpSec Service is not running. Checking service configuration:
The start type of IpSec service is OK.
The ImagePath of IpSec service is OK.


Connection Status:
==============
Localhost is blocked.
LAN connected.
Attempt to access Google IP returned error: Other errors
Attempt to access Yahoo IP returend error: Other errors


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.

netman Service is not running. Checking service configuration:
The start type of netman service is OK.
The ImagePath of netman service is OK.
The ServiceDll of netman service is OK.


Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Checking LEGACY_wscsvc: Attention! Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs".
The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll".


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) NetBT(8) PSched(7) Tcpip(3)
0x0700000004000000010000000200000003000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****

#16 Elise

Elise

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 8,721 posts
  • Gender:Female
  • Location:Romania

Posted 27 February 2012 - 01:43 AM

Can you once again run combofix, post me the new log and then try to boot in normal mode again?
regards, Elise

If I am helping you and I haven't replied within 24 hours, please feel free to send me a PM.

Posted Image


#17 aszu12

aszu12

    New Member

  • Members
  • Pip
  • 26 posts

Posted 27 February 2012 - 09:22 AM

Tried to reboot into normal -- got the same blue screen/warning as above, unfortunately. Here is the ComboFix log -- thank you Elise.

ComboFix 12-02-25.02 - User 02/27/2012 9:04.2.2 - x86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2000.1530 [GMT -5:00]
Running from: c:\documents and settings\User\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Outdated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((( Files Created from 2012-01-27 to 2012-02-27 )))))))))))))))))))))))))))))))
.
.
2012-02-25 23:24 . 2008-04-14 04:51 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2012-02-25 23:24 . 2008-04-14 04:51 162816 ----a-w- c:\windows\system32\dllcache\netbt.sys
2012-02-15 00:12 . 2008-04-14 03:05 154624 ----a-w- c:\windows\system32\dllcache\wlluc48.sys
2012-02-15 00:11 . 2001-08-17 18:28 397502 ----a-w- c:\windows\system32\dllcache\vpctcom.sys
2012-02-15 00:10 . 2001-08-18 03:36 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll
2012-02-15 00:09 . 2001-08-17 19:56 81408 ----a-w- c:\windows\system32\dllcache\tgiul50.dll
2012-02-15 00:08 . 2004-08-04 10:00 101376 ----a-w- c:\windows\system32\dllcache\srusbusd.dll
2012-02-15 00:07 . 2004-08-04 10:00 30208 ----a-w- c:\windows\system32\dllcache\sm87w.dll
2012-02-15 00:06 . 2001-08-17 18:51 23936 ----a-w- c:\windows\system32\dllcache\sccmusbm.sys
2012-02-15 00:05 . 2001-08-18 03:36 86097 ----a-w- c:\windows\system32\dllcache\reslog32.dll
2012-02-15 00:04 . 2001-08-18 03:36 16384 ----a-w- c:\windows\system32\dllcache\philcam1.dll
2012-02-15 00:03 . 2001-08-17 17:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
2012-02-15 00:02 . 2001-08-17 18:50 75520 ----a-w- c:\windows\system32\dllcache\mxport.sys
2012-02-15 00:01 . 2004-08-04 10:00 34304 ----a-w- c:\windows\system32\dllcache\migisol.exe
2012-02-15 00:00 . 2004-08-04 10:00 5632 ----a-w- c:\windows\system32\dllcache\kbdusa.dll
2012-02-14 23:59 . 2001-08-17 19:06 154496 ----a-w- c:\windows\system32\dllcache\icam4usb.sys
2012-02-14 23:58 . 2001-08-18 03:36 32768 ----a-w- c:\windows\system32\dllcache\hpgtmcro.dll
2012-02-14 23:51 . 2001-08-17 17:15 442240 ----a-w- c:\windows\system32\dllcache\fpnpbase.sys
2012-02-14 23:50 . 2001-08-18 03:36 51200 ----a-w- c:\windows\system32\dllcache\eqnlogr.exe
2012-02-14 23:49 . 2001-08-18 03:36 229462 ----a-w- c:\windows\system32\dllcache\digifwrk.dll
2012-02-14 23:48 . 2008-04-14 05:16 17024 ----a-w- c:\windows\system32\dllcache\ccdecode.sys
2012-02-14 23:47 . 2004-08-04 10:00 49664 ----a-w- c:\windows\system32\dllcache\adrot.dll
2012-02-14 19:57 . 2012-01-06 01:19 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{32855CF5-D49A-40E9-B2A0-98EC0BB5AEE5}\mpengine.dll
2012-02-14 19:42 . 2012-02-14 19:42 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2012-02-14 19:40 . 2012-02-14 19:41 -------- d-----w- c:\program files\Microsoft Security Client
2012-02-14 01:16 . 2012-02-15 03:03 26872 ----a-w- c:\windows\system32\drivers\FixTDSS.sys
2012-02-14 01:16 . 2012-02-14 01:16 -------- d-----w- c:\documents and settings\User\Application Data\FixTDSS
2012-02-12 08:34 . 2012-02-12 08:37 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2012-02-09 16:51 . 2011-12-10 20:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-09 05:03 . 2012-02-09 05:03 -------- d-----w- c:\documents and settings\Administrator\Application Data\U3
2012-02-08 10:26 . 2012-02-14 19:24 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-25 00:21 . 2008-10-15 13:29 0 ----a-w- c:\documents and settings\User\Local Settings\Application Data\WavXMapDrive.bat
2012-01-31 12:44 . 2010-11-28 10:10 237072 ------w- c:\windows\system32\MpSigStub.exe
2010-11-16 15:45 . 2010-11-16 15:45 3143392 ----a-w- c:\program files\members_files_elderdocx_installation_elderdocxbeta_setup.exe
2010-10-28 20:52 . 2010-10-28 20:44 75019048 ----a-w- c:\program files\iTunesSetup.exe
2010-03-28 05:12 . 2010-03-28 05:10 2114184 ----a-w- c:\program files\Install_Facebook_Plug-In_1.0.3.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{022F2F51-CDDA-4873-8A29-72C66C808A3F}"
[HKEY_CLASSES_ROOT\CLSID\{022F2F51-CDDA-4873-8A29-72C66C808A3F}]
2009-11-07 05:07 297808 ----a-w- c:\windows\system32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{661963C1-99A1-44e7-A671-1CF3768AE9D4}"
[HKEY_CLASSES_ROOT\CLSID\{661963C1-99A1-44e7-A671-1CF3768AE9D4}]
2009-11-07 05:07 297808 ----a-w- c:\windows\system32\mscoree.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-07-01 196608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-10 143360]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-10 170520]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-06-15 178712]
"ChangeTPMAuth"="c:\program files\Wave Systems Corp\Common\ChangeTPMAuth.exe" [2008-05-30 180224]
"WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2008-05-14 105472]
"SecureUpgrade"="c:\program files\Wave Systems Corp\SecureUpgrade.exe" [2008-06-24 243000]
"EmbassySecurityCheck"="c:\program files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe" [2008-06-24 79160]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-06-18 2220032]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-06-29 442467]
"AESTFltr"="c:\windows\system32\AESTFltr.exe" [2008-06-29 466944]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-02-26 128296]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143360]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-09-24 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"Nikon Message Center 2"="c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 619008]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-16 1164584]
"DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2008-05-30 593920]
"DellConnectionManager"="c:\program files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe" [2008-09-09 1486848]
"DCPstrApp"="c:\program files\Dell\Dell ControlPoint\Security Manager\SecurityDeviceInfoSetRegistryString.exe" [2008-08-04 6656]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-8-15 604776]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2008-2-27 972064]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleStartMenu"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2009-09-29 00:34 87352 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 wvauth
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Intuit\\QuickBooks 2008\\QBDBMgrN.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD DX\\PowerDVD.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD DX\\PDVDDXSrv.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\PdaNet 4.12\\PdaNet.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\McAfee\\WGET.EXE"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8100:TCP"= 8100:TCP:*:Disabled:WorkgroupShare (Non-SSL)
"8101:TCP"= 8101:TCP:*:Disabled:WorkgroupShare (SSL)
"8102:UDP"= 8102:UDP:*:Disabled:WorkgroupShare (Monitor)
"8104:UDP"= 8104:UDP:*:Disabled:WorkgroupShare (Monitor)
"8109:TCP"= 8109:TCP:*:Disabled:WorkgroupShare (Free/Busy)
"135:TCP"= 135:TCP:*:Disabled:RPC
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\RemoteAdminSettings]
"Enabled"= 1 (0x1)
.
R0 FixTDSS;TDSS Fixtool driver;c:\windows\system32\drivers\FixTDSS.sys [2/13/2012 8:16 PM 26872]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [11/28/2010 5:05 AM 116608]
S0 plwgljkh;plwgljkh;c:\windows\system32\drivers\tgnmsga.sys --> c:\windows\system32\drivers\tgnmsga.sys [?]
S1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys --> c:\program files\SUPERAntiSpyware\SASKUTIL.sys [?]
S2 ASFAgent;ASF Agent;c:\program files\Intel\ASF Agent\ASFAgent.exe [4/19/2007 5:56 AM 133968]
S2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [6/3/2008 3:28 PM 386328]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [7/31/2008 9:41 PM 808296]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [7/31/2008 9:41 PM 21352]
S2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [8/18/2008 10:39 AM 455960]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/6/2010 7:35 PM 135664]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2/9/2012 11:51 AM 652360]
S2 NecUsb3;USB3 Service;c:\windows\System32\svchost.exe -k NecUsb3Sevic [8/11/2004 5:00 PM 14336]
S2 SMManager;Smith Micro Connection Manager Service;c:\program files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [9/9/2008 2:21 PM 69632]
S3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [10/9/2008 1:23 AM 108160]
S3 AsfAlrt;AsfAlrt Service;c:\windows\system32\drivers\Asfalrt.sys [4/19/2007 5:28 AM 42832]
S3 cvusbdrv;Broadcom USH CV;c:\windows\system32\drivers\cvusbdrv.sys [10/9/2008 1:25 AM 32808]
S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [10/9/2008 1:23 AM 244368]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1/6/2010 7:35 PM 135664]
S3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [10/9/2008 1:25 AM 110080]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2/9/2012 11:51 AM 20464]
S3 pnetmdm;PdaNet Modem;c:\windows\system32\drivers\pnetmdm.sys [10/20/2008 6:21 PM 8576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
NecUsb3Sevic REG_MULTI_SZ NecUsb3
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
PNDIS5
ptbsync
nimcdfxk
yediex
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-25 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-04 02:49]
.
2012-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 00:35]
.
2012-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 00:35]
.
2012-02-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3395202182-1961662859-2963020059-1005Core.job
- c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-30 20:01]
.
2012-02-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3395202182-1961662859-2963020059-1005UA.job
- c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-30 20:01]
.
2012-02-26 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 20:39]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5081009
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
Trusted Zone: ctest.elynx.net\gateway
Trusted Zone: ditechsecuredocs.net\www
Trusted Zone: elynx.com\gateway
Trusted Zone: elynx.net\aegis
Trusted Zone: elynx.net\ctest
Trusted Zone: elynx.net\forms
Trusted Zone: elynx.net\gateway
Trusted Zone: elynx.net\gmacforms
Trusted Zone: elynx.net\pro
Trusted Zone: elynx.net\secure
Trusted Zone: elynx.net\ssctest
Trusted Zone: elynx.net\stest
Trusted Zone: elynx.net\webpost
Trusted Zone: gmacmsecuredocs.net\www
Trusted Zone: ss3.swiftsend.com\loandocs
Trusted Zone: suntrust.com\mtgdocs
Trusted Zone: swiftsend.com\docs
Trusted Zone: swiftsend.com\gateway
Trusted Zone: swiftsend.com\loandocs
Trusted Zone: swiftsend.com\www
Trusted Zone: swiftsend2.com\docs
Trusted Zone: swiftsend2.com\loandocs
Trusted Zone: swiftview.com\products
Trusted Zone: swiftview.com\www
Trusted Zone: us.hsbc.com\mortgage-esign
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{82627534-4036-4530-B136-C5C2800B8E11}: NameServer = 4.2.2.1
TCP: Interfaces\{99B9E6BD-88B7-47CD-8FBC-9D53D0D32312}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\z4wdr2c5.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-27 09:07
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(300)
c:\windows\system32\LMIinit.dll
c:\windows\system32\igfxdev.dll
.
- - - - - - - > 'lsass.exe'(364)
c:\windows\system32\wvauth.dll
c:\windows\system32\biolsp.dll
.
- - - - - - - > 'explorer.exe'(1840)
c:\windows\system32\WININET.dll
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmUserInterface.dll
.
Completion time: 2012-02-27 09:08:42
ComboFix-quarantined-files.txt 2012-02-27 14:08
ComboFix2.txt 2012-02-26 17:14
.
Pre-Run: 63,877,308,416 bytes free
Post-Run: 63,845,916,672 bytes free
.
- - End Of File - - AF05C60199E3826629D5258AD1392238

#18 Elise

Elise

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 8,721 posts
  • Gender:Female
  • Location:Romania

Posted 27 February 2012 - 11:33 AM

Hi again,

CF-SCRIPT
-------------
We need to execute a CF-script.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Click Start > Run and in the box that opens type notepad and press enter. Copy/paste the text in the codebox below into it:
FCopy::
C:\WINDOWS\ServicePackFiles\i386\netbt.sys | C:\WINDOWS\system32\drivers\netbt.sys

Save this as CFScript.txt, in the same location as ComboFix.exe

Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
regards, Elise

If I am helping you and I haven't replied within 24 hours, please feel free to send me a PM.

Posted Image


#19 aszu12

aszu12

    New Member

  • Members
  • Pip
  • 26 posts

Posted 27 February 2012 - 12:08 PM

Hi again Elise: here you go (in a couple of separate posts as the log is lengthy)

Also, I have the wireless button turned off on the laptop -- not sure if you want me to turn it on just yet.

ComboFix 12-02-25.02 - User 02/27/2012 11:45:37.3.2 - x86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2000.1566 [GMT -5:00]
Running from: c:\documents and settings\User\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\User\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Outdated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((( Files Created from 2012-01-27 to 2012-02-27 )))))))))))))))))))))))))))))))
.
.
2012-02-25 23:24 . 2008-04-14 04:51 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2012-02-25 23:24 . 2008-04-14 04:51 162816 ----a-w- c:\windows\system32\dllcache\netbt.sys
2012-02-15 00:12 . 2008-04-14 03:05 154624 ----a-w- c:\windows\system32\dllcache\wlluc48.sys
2012-02-15 00:11 . 2001-08-17 18:28 397502 ----a-w- c:\windows\system32\dllcache\vpctcom.sys
2012-02-15 00:10 . 2001-08-18 03:36 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll
2012-02-15 00:09 . 2001-08-17 19:56 81408 ----a-w- c:\windows\system32\dllcache\tgiul50.dll
2012-02-15 00:08 . 2004-08-04 10:00 101376 ----a-w- c:\windows\system32\dllcache\srusbusd.dll
2012-02-15 00:07 . 2004-08-04 10:00 30208 ----a-w- c:\windows\system32\dllcache\sm87w.dll
2012-02-15 00:06 . 2001-08-17 18:51 23936 ----a-w- c:\windows\system32\dllcache\sccmusbm.sys
2012-02-15 00:05 . 2001-08-18 03:36 86097 ----a-w- c:\windows\system32\dllcache\reslog32.dll
2012-02-15 00:04 . 2001-08-18 03:36 16384 ----a-w- c:\windows\system32\dllcache\philcam1.dll
2012-02-15 00:03 . 2001-08-17 17:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
2012-02-15 00:02 . 2001-08-17 18:50 75520 ----a-w- c:\windows\system32\dllcache\mxport.sys
2012-02-15 00:01 . 2004-08-04 10:00 34304 ----a-w- c:\windows\system32\dllcache\migisol.exe
2012-02-15 00:00 . 2004-08-04 10:00 5632 ----a-w- c:\windows\system32\dllcache\kbdusa.dll
2012-02-14 23:59 . 2001-08-17 19:06 154496 ----a-w- c:\windows\system32\dllcache\icam4usb.sys
2012-02-14 23:58 . 2001-08-18 03:36 32768 ----a-w- c:\windows\system32\dllcache\hpgtmcro.dll
2012-02-14 23:51 . 2001-08-17 17:15 442240 ----a-w- c:\windows\system32\dllcache\fpnpbase.sys
2012-02-14 23:50 . 2001-08-18 03:36 51200 ----a-w- c:\windows\system32\dllcache\eqnlogr.exe
2012-02-14 23:49 . 2001-08-18 03:36 229462 ----a-w- c:\windows\system32\dllcache\digifwrk.dll
2012-02-14 23:48 . 2008-04-14 05:16 17024 ----a-w- c:\windows\system32\dllcache\ccdecode.sys
2012-02-14 23:47 . 2004-08-04 10:00 49664 ----a-w- c:\windows\system32\dllcache\adrot.dll
2012-02-14 19:57 . 2012-01-06 01:19 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{32855CF5-D49A-40E9-B2A0-98EC0BB5AEE5}\mpengine.dll
2012-02-14 19:42 . 2012-02-14 19:42 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2012-02-14 19:40 . 2012-02-14 19:41 -------- d-----w- c:\program files\Microsoft Security Client
2012-02-14 01:16 . 2012-02-15 03:03 26872 ----a-w- c:\windows\system32\drivers\FixTDSS.sys
2012-02-14 01:16 . 2012-02-14 01:16 -------- d-----w- c:\documents and settings\User\Application Data\FixTDSS
2012-02-12 08:34 . 2012-02-12 08:37 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2012-02-09 16:51 . 2011-12-10 20:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-09 05:03 . 2012-02-09 05:03 -------- d-----w- c:\documents and settings\Administrator\Application Data\U3
2012-02-08 10:26 . 2012-02-14 19:24 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-25 00:21 . 2008-10-15 13:29 0 ----a-w- c:\documents and settings\User\Local Settings\Application Data\WavXMapDrive.bat
2012-01-31 12:44 . 2010-11-28 10:10 237072 ------w- c:\windows\system32\MpSigStub.exe
2010-11-16 15:45 . 2010-11-16 15:45 3143392 ----a-w- c:\program files\members_files_elderdocx_installation_elderdocxbeta_setup.exe
2010-10-28 20:52 . 2010-10-28 20:44 75019048 ----a-w- c:\program files\iTunesSetup.exe
2010-03-28 05:12 . 2010-03-28 05:10 2114184 ----a-w- c:\program files\Install_Facebook_Plug-In_1.0.3.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-27_14.07.41 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-14 09:42 . 2008-04-14 09:42 57344 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll
+ 2004-08-11 22:06 . 2004-08-04 10:00 54784 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcirt.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 50688 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcirt.dll
+ 2007-11-07 06:19 . 2007-11-07 06:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2006-12-02 05:46 . 2006-12-02 05:46 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2006-12-02 05:26 . 2006-12-02 05:26 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-02 05:25 . 2006-12-02 05:25 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2005-09-23 06:16 . 2005-09-23 06:16 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2005-09-23 06:16 . 2005-09-23 06:16 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2006-12-02 03:56 . 2006-12-02 03:56 96256 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2005-09-23 03:49 . 2005-09-23 03:49 95744 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
+ 2008-04-14 09:42 . 2008-04-14 09:42 74802 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 74802 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7\atl.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 18944 c:\windows\vmmreg32.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 25600 c:\windows\twunk_32.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 49680 c:\windows\twunk_16.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 50688 c:\windows\twain_32.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 94784 c:\windows\twain.dll
+ 2004-08-11 22:07 . 2004-08-04 10:00 15360 c:\windows\TASKMAN.EXE
+ 2004-08-11 22:11 . 2008-04-14 09:42 11776 c:\windows\system32\xolehlp.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 50176 c:\windows\system32\xmlprovi.dll
+ 2006-08-14 16:02 . 2006-08-14 16:02 72192 c:\windows\system32\xltZlib.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 30720 c:\windows\system32\xcopy.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 91648 c:\windows\system32\xactsrv.dll
+ 2004-08-04 05:56 . 2008-04-14 09:42 52736 c:\windows\system32\wzcsapi.dll
+ 2004-08-11 22:12 . 2009-08-06 23:24 35552 c:\windows\system32\wups.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 32256 c:\windows\system32\wupdmgr.exe
+ 2006-09-28 22:56 . 2006-09-28 22:56 55808 c:\windows\system32\WudfSvc.dll
+ 2006-09-29 00:13 . 2006-09-29 00:13 95344 c:\windows\system32\WUDFCoinstaller.dll
+ 2004-08-11 22:12 . 2009-08-06 23:24 53472 c:\windows\system32\wuauclt.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 18432 c:\windows\system32\wtsapi32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 50688 c:\windows\system32\wstdecod.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 22528 c:\windows\system32\wsock32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 41984 c:\windows\system32\wsnmp32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 19456 c:\windows\system32\wshtcpip.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 11264 c:\windows\system32\wshrm.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 11776 c:\windows\system32\wshisn.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 14336 c:\windows\system32\wship6.dll
+ 2004-08-11 22:00 . 2008-05-09 10:53 90112 c:\windows\system32\wshext.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 36864 c:\windows\system32\wshcon.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 80896 c:\windows\system32\wscsvc.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 13824 c:\windows\system32\wscntfy.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 19968 c:\windows\system32\ws2help.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 82432 c:\windows\system32\ws2_32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 11264 c:\windows\system32\wpnpinst.exe
+ 2006-10-19 01:47 . 2006-10-19 01:47 38400 c:\windows\system32\wpdshextres.dll
+ 2006-10-19 00:00 . 2006-10-19 00:00 17408 c:\windows\system32\wpdshextautoplay.exe
+ 2006-10-19 01:47 . 2006-10-19 01:47 63488 c:\windows\system32\wpdmtpus.dll
+ 2006-10-19 01:47 . 2006-10-19 01:47 35840 c:\windows\system32\wpdconns.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 32256 c:\windows\system32\wpabaln.exe
+ 2001-08-18 03:36 . 2004-08-04 10:00 13824 c:\windows\system32\wowfaxui.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 10368 c:\windows\system32\wowexec.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 20480 c:\windows\system32\wmpui.dll
+ 2004-08-11 22:00 . 2006-10-19 01:47 99840 c:\windows\system32\wmpshell.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 20480 c:\windows\system32\wmpcore.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 20480 c:\windows\system32\wmpcd.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 55808 c:\windows\system32\wmiscmgr.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 18944 c:\windows\system32\wmiprop.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 51200 c:\windows\system32\wmerrenu.dll
+ 2004-08-11 22:00 . 2006-10-19 01:47 37376 c:\windows\system32\wmdmps.dll
+ 2004-08-11 22:00 . 2006-10-19 01:47 33792 c:\windows\system32\wmdmlog.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 92672 c:\windows\system32\wlnotify.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 18944 c:\windows\system32\winstrm.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 53760 c:\windows\system32\winsta.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 17408 c:\windows\system32\winshfhc.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 99328 c:\windows\system32\winscard.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 16896 c:\windows\system32\winrnr.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 11776 c:\windows\system32\winmsd.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 32256 c:\windows\system32\winipsec.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 35328 c:\windows\system32\winchat.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 13312 c:\windows\system32\win87em.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 18432 c:\windows\system32\win.com
+ 2004-08-11 22:00 . 2008-04-14 09:42 75776 c:\windows\system32\wiascr.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 13600 c:\windows\system32\wfwnet.drv
+ 2004-08-11 22:00 . 2008-04-14 09:42 65024 c:\windows\system32\wextract.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 40448 c:\windows\system32\webhits.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 68096 c:\windows\system32\webclnt.dll
+ 2004-08-04 05:56 . 2008-04-14 09:42 23552 c:\windows\system32\wdmaud.drv
+ 2004-08-11 22:00 . 2009-06-25 08:25 54272 c:\windows\system32\wdigest.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 45568 c:\windows\system32\wbem\xml\wmi2xml.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 95232 c:\windows\system32\wbem\wmiutils.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 52224 c:\windows\system32\wbem\wmitimep.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 41472 c:\windows\system32\wbem\wmipsess.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 62464 c:\windows\system32\wbem\wmipjobj.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 61952 c:\windows\system32\wbem\wmipiprt.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 75264 c:\windows\system32\wbem\wmipicmp.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 61440 c:\windows\system32\wbem\wmimsg.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 60928 c:\windows\system32\wbem\wmicookr.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 88576 c:\windows\system32\wbem\wmiaprpl.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 16384 c:\windows\system32\wbem\winmgmtr.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 13312 c:\windows\system32\wbem\winmgmt.exe
+ 2004-08-11 22:11 . 2008-04-14 09:42 43520 c:\windows\system32\wbem\wbemsvc.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 18944 c:\windows\system32\wbem\wbemprox.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 43008 c:\windows\system32\wbem\wbemperf.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 71680 c:\windows\system32\wbem\wbemcons.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 12288 c:\windows\system32\wbem\wbemads.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 16896 c:\windows\system32\wbem\unsecapp.exe
+ 2004-08-11 22:11 . 2004-08-04 10:00 59904 c:\windows\system32\wbem\trnsprov.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 61952 c:\windows\system32\wbem\tmplprov.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 86528 c:\windows\system32\wbem\stdprov.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 40960 c:\windows\system32\wbem\smtpcons.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 36352 c:\windows\system32\wbem\scrcons.exe
+ 2004-08-11 22:11 . 2008-04-14 09:42 92672 c:\windows\system32\wbem\policman.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 47104 c:\windows\system32\wbem\ncprov.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 16384 c:\windows\system32\wbem\mofcomp.exe
+ 2004-08-11 22:11 . 2008-04-14 09:41 24576 c:\windows\system32\wbem\krnlprov.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 53248 c:\windows\system32\wbem\fwdprov.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 21504 c:\windows\system32\wbem\evntrprv.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 45056 c:\windows\system32\wbem\cmdevtgprov.dll
+ 2004-08-11 22:00 . 2008-04-14 04:15 17664 c:\windows\system32\watchdog.sys
+ 2004-08-11 22:00 . 2008-04-14 09:42 15872 c:\windows\system32\w3ssl.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 22016 c:\windows\system32\w32topl.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 49664 c:\windows\system32\w32tm.exe
+ 2007-07-12 06:00 . 2007-07-12 06:00 88560 c:\windows\system32\vxblock.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 19456 c:\windows\system32\vwipxspx.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 33792 c:\windows\system32\vssadmin.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 16896 c:\windows\system32\vss_ps.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 18176 c:\windows\system32\vga64k.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 51456 c:\windows\system32\vga256.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 20535 c:\windows\system32\vfpodbc.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 18944 c:\windows\system32\version.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 98304 c:\windows\system32\verifier.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 26624 c:\windows\system32\verifier.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 51712 c:\windows\system32\vdmredir.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 26112 c:\windows\system32\vdmdbg.dll
+ 1999-11-24 22:40 . 1999-11-24 22:40 40960 c:\windows\system32\VBAME.DLL
+ 2004-08-11 22:00 . 2008-04-14 09:42 30749 c:\windows\system32\vbajet32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 50176 c:\windows\system32\utilman.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 25600 c:\windows\system32\utildll.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 49211 c:\windows\system32\usrvpa.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 45116 c:\windows\system32\usrvoica.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 49209 c:\windows\system32\usrv80a.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 41019 c:\windows\system32\usrsvpia.dll
+ 2001-08-18 03:37 . 2004-08-04 10:00 69700 c:\windows\system32\usrshuta.exe
+ 2001-08-18 03:36 . 2004-08-04 10:00 49211 c:\windows\system32\usrsdpia.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 77883 c:\windows\system32\usrrtosa.dll
+ 2001-08-18 03:37 . 2004-08-04 10:00 61508 c:\windows\system32\usrprbda.exe
+ 2001-08-18 03:37 . 2004-08-04 10:00 77891 c:\windows\system32\usrmlnka.exe
+ 2001-08-18 03:36 . 2004-08-04 10:00 53305 c:\windows\system32\usrlbva.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 86073 c:\windows\system32\usrfaxa.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 77890 c:\windows\system32\usrdpa.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 69699 c:\windows\system32\usrcoina.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 61500 c:\windows\system32\usrcntra.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 19968 c:\windows\system32\usmt\log.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 26112 c:\windows\system32\userinit.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 47872 c:\windows\system32\user.exe
+ 2004-08-11 22:08 . 2008-04-14 09:42 74240 c:\windows\system32\usbui.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 16896 c:\windows\system32\usbmon.dll
+ 2003-02-21 10:16 . 2003-02-21 10:16 49152 c:\windows\system32\URTTemp\regtlib.exe
+ 2004-08-11 22:21 . 2003-02-21 00:09 77824 c:\windows\system32\URTTemp\mscorsn.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 17920 c:\windows\system32\ureg.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 18432 c:\windows\system32\ups.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 16896 c:\windows\system32\upnpcont.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 13824 c:\windows\system32\uniplat.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 74240 c:\windows\system32\unimdmat.dll
+ 2007-07-03 06:00 . 2007-07-03 06:00 77824 c:\windows\system32\UMLoader.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 13312 c:\windows\system32\umdmxfrm.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 35840 c:\windows\system32\umandlg.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 82432 c:\windows\system32\ufat.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 26624 c:\windows\system32\udhisapi.dll
+ 2000-11-08 21:46 . 2000-11-08 21:46 24576 c:\windows\system32\u2lsamp1.dll
+ 2000-11-08 21:46 . 2000-11-08 21:46 49152 c:\windows\system32\u2lfinra.dll
+ 2000-11-08 21:46 . 2000-11-08 21:46 28672 c:\windows\system32\u2lexch.dll
+ 2000-11-08 21:46 . 2000-11-08 21:46 24576 c:\windows\system32\u2ldts.dll
+ 2000-11-08 21:46 . 2000-11-08 21:46 45056 c:\windows\system32\u2lcom.dll
+ 2000-11-08 21:46 . 2000-11-08 21:46 24576 c:\windows\system32\u2l2000.dll
+ 2007-06-27 20:35 . 2007-06-27 20:35 36864 c:\windows\system32\u2fdif.dll
+ 2007-06-27 20:35 . 2007-06-27 20:35 28672 c:\windows\system32\u2ddisk.dll
+ 2000-11-08 21:46 . 2000-11-08 21:46 24576 c:\windows\system32\u25dts.dll
+ 2000-11-08 21:46 . 2000-11-08 21:46 24576 c:\windows\system32\u252000.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 36352 c:\windows\system32\typeperf.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 57856 c:\windows\system32\twext.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 16896 c:\windows\system32\tsshutdn.exe
+ 2004-08-11 22:11 . 2004-08-04 10:00 16384 c:\windows\system32\tskill.exe
+ 2004-08-11 22:11 . 2004-08-04 10:00 14848 c:\windows\system32\tsdiscon.exe
+ 2004-08-11 22:00 . 2008-04-14 09:43 12168 c:\windows\system32\tsddd.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 15360 c:\windows\system32\tsd32.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 44544 c:\windows\system32\tscupgrd.exe
+ 2004-08-11 22:11 . 2004-08-04 10:00 14848 c:\windows\system32\tscon.exe
+ 2004-08-11 22:11 . 2008-04-14 09:42 93696 c:\windows\system32\tscfgwmi.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 52224 c:\windows\system32\tsappcmp.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 90112 c:\windows\system32\trkwks.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 12800 c:\windows\system32\tree.com
+ 2004-08-11 22:00 . 2004-08-04 10:00 31232 c:\windows\system32\traffic.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 31744 c:\windows\system32\tracert6.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 12288 c:\windows\system32\tracert.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 13888 c:\windows\system32\toolhelp.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 73216 c:\windows\system32\tlntsvr.exe
+ 2004-08-11 22:00 . 2009-06-12 12:31 80896 c:\windows\system32\tlntsess.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 61440 c:\windows\system32\tlntadmn.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 16896 c:\windows\system32\tftp.exe
+ 2004-08-11 22:00 . 2009-06-12 12:31 76288 c:\windows\system32\telnet.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 19456 c:\windows\system32\tcpsvcs.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 45568 c:\windows\system32\tcpmonui.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 45568 c:\windows\system32\tcpmon.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 14848 c:\windows\system32\tcpmib.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 12288 c:\windows\system32\tcmsetup.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 15360 c:\windows\system32\taskman.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 77824 c:\windows\system32\tasklist.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 76288 c:\windows\system32\taskkill.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 78848 c:\windows\system32\tapiui.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 19200 c:\windows\system32\tapi.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 71680 c:\windows\system32\systeminfo.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 36864 c:\windows\system32\syskey.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 15872 c:\windows\system32\sysinv.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 18896 c:\windows\system32\sysedit.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 57856 c:\windows\system32\synceng.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 51200 c:\windows\system32\syncapp.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 14336 c:\windows\system32\svchost.exe
+ 2004-08-11 22:00 . 2009-10-21 05:38 75776 c:\windows\system32\strmfilt.dll
+ 2004-08-11 22:07 . 2008-04-14 09:42 74752 c:\windows\system32\storprop.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 14848 c:\windows\system32\stimon.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 68096 c:\windows\system32\sti.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 59392 c:\windows\system32\stclient.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 14336 c:\windows\system32\ssstars.scr
+ 2004-08-11 22:00 . 2008-04-14 09:42 18944 c:\windows\system32\ssmyst.scr
+ 2004-08-11 22:00 . 2008-04-14 09:42 47104 c:\windows\system32\ssmypics.scr
+ 2004-08-11 22:00 . 2008-04-14 09:42 20992 c:\windows\system32\ssmarque.scr
+ 2004-08-11 22:00 . 2008-04-14 09:42 71680 c:\windows\system32\ssdpsrv.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 34816 c:\windows\system32\ssdpapi.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 19968 c:\windows\system32\ssbezier.scr
+ 2004-08-11 22:00 . 2010-08-27 05:57 99840 c:\windows\system32\srvsvc.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 67584 c:\windows\system32\srclient.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 49179 c:\windows\system32\sqlwoa.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 24603 c:\windows\system32\sqlwid.dll
+ 2004-08-11 22:07 . 2004-08-04 10:00 24661 c:\windows\system32\spxcoins.dll
+ 2008-04-14 09:42 . 2008-04-14 09:42 20992 c:\windows\system32\spupdwxp.exe
+ 2001-08-18 03:36 . 2004-08-04 10:00 72192 c:\windows\system32\sprio800.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 70656 c:\windows\system32\sprio600.dll
+ 2004-08-11 22:00 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 75264 c:\windows\system32\spoolss.dll
+ 2004-08-11 22:11 . 2008-04-14 09:41 26624 c:\windows\system32\spool\drivers\w32x86\3\fxsdrv.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 11264 c:\windows\system32\spnpinst.exe
+ 2001-08-18 03:36 . 2004-08-04 10:00 69632 c:\windows\system32\spnike.dll
+ 2004-08-11 22:00 . 2008-04-14 04:13 12800 c:\windows\system32\spiisupd.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 24576 c:\windows\system32\sort.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 18944 c:\windows\system32\snmpapi.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 50688 c:\windows\system32\smss.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 89600 c:\windows\system32\smlogsvc.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 14848 c:\windows\system32\slbrccsp.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 98304 c:\windows\system32\slbiop.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 25088 c:\windows\system32\slayerxp.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 26112 c:\windows\system32\skeys.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 13824 c:\windows\system32\sisbkup.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 70144 c:\windows\system32\sigverif.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 13312 c:\windows\system32\sigtab.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 19456 c:\windows\system32\shutdown.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 27648 c:\windows\system32\shscrap.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 77824 c:\windows\system32\shrpubw.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 45056 c:\windows\system32\shmgrate.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 65024 c:\windows\system32\shimeng.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 68096 c:\windows\system32\shgina.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 25088 c:\windows\system32\shfolder.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 14848 c:\windows\system32\shadow.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 23552 c:\windows\system32\sfmapi.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 11753 c:\windows\system32\setver.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 33792 c:\windows\system32\Setup\tabletoc.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 17408 c:\windows\system32\Setup\ocmsn.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 15360 c:\windows\system32\Setup\ocgen.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 62976 c:\windows\system32\Setup\ntoc.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 77312 c:\windows\system32\Setup\netoc.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 15360 c:\windows\system32\Setup\msgrocm.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 90112 c:\windows\system32\Setup\msdtcstp.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 16896 c:\windows\system32\Setup\medctroc.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 32828 c:\windows\system32\Setup\fp40ext.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 23040 c:\windows\system32\setup.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 31232 c:\windows\system32\sethc.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 14848 c:\windows\system32\serwvdrv.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 56320 c:\windows\system32\servdeps.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 14336 c:\windows\system32\serialui.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 13824 c:\windows\system32\senscfg.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 39424 c:\windows\system32\sens.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 54784 c:\windows\system32\sendmail.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 29184 c:\windows\system32\sendcmsg.dll
+ 2004-08-11 22:00 . 2009-06-25 08:25 56832 c:\windows\system32\secur32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 18944 c:\windows\system32\seclogon.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 18944 c:\windows\system32\secedit.exe
+ 2004-08-04 05:56 . 2008-04-14 09:42 29184 c:\windows\system32\sdhcinst.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 77312 c:\windows\system32\sdbinst.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 10240 c:\windows\system32\scriptpw.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 26624 c:\windows\system32\scredir.dll
+ 1998-03-25 01:54 . 1998-03-25 01:54 15872 c:\windows\system32\SCP32.DLL
+ 2004-08-11 22:00 . 2008-04-14 09:42 20480 c:\windows\system32\sclgntfy.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 95744 c:\windows\system32\scardsvr.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 69632 c:\windows\system32\scarddlg.dll
+ 2004-08-11 22:00 . 2009-02-06 10:39 35328 c:\windows\system32\sc.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 13312 c:\windows\system32\savedump.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 64000 c:\windows\system32\samlib.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 45568 c:\windows\system32\safrslv.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 29696 c:\windows\system32\safrdm.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 43520 c:\windows\system32\safrcdlg.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 15872 c:\windows\system32\rwinsta.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 14336 c:\windows\system32\runonce.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 33280 c:\windows\system32\rundll32.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 16384 c:\windows\system32\runas.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 44032 c:\windows\system32\rtutils.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 98304 c:\windows\system32\rtm.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 31744 c:\windows\system32\rtipxmib.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 77312 c:\windows\system32\rtcshare.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 92672 c:\windows\system32\rsvpsp.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 23552 c:\windows\system32\rsvpmsg.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 62976 c:\windows\system32\rsopprov.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 49152 c:\windows\system32\rsmui.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 24576 c:\windows\system32\rsmsink.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 18944 c:\windows\system32\rsmps.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 49152 c:\windows\system32\rsm.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 39936 c:\windows\system32\rshx32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 14848 c:\windows\system32\rsh.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 28672 c:\windows\system32\rsfsaps.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 22016 c:\windows\system32\rpcns4.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 25600 c:\windows\system32\routemon.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 19968 c:\windows\system32\route.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 13824 c:\windows\system32\rexec.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 58880 c:\windows\system32\resutils.dll
+ 2004-08-11 22:12 . 2004-08-04 10:00 47104 c:\windows\system32\Restore\srdiag.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 12800 c:\windows\system32\replace.exe
+ 2004-08-11 22:11 . 2008-04-14 09:42 60416 c:\windows\system32\remotepg.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 32768 c:\windows\system32\relog.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 11776 c:\windows\system32\regsvr32.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 59904 c:\windows\system32\regsvc.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 33792 c:\windows\system32\regini.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 49664 c:\windows\system32\regapi.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 50176 c:\windows\system32\reg.exe
+ 2004-08-11 22:11 . 2008-04-14 09:42 67072 c:\windows\system32\rdshost.exe
+ 2004-08-11 22:11 . 2008-04-14 09:42 13824 c:\windows\system32\rdsaddin.exe
+ 2004-08-11 22:11 . 2008-04-14 09:43 87176 c:\windows\system32\rdpwsx.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 19968 c:\windows\system32\rdpsnd.dll
+ 2004-08-11 22:00 . 2008-04-14 09:43 92424 c:\windows\system32\rdpdd.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 62976 c:\windows\system32\rdpclip.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 21504 c:\windows\system32\rcp.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 35840 c:\windows\system32\rcimlby.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 58368 c:\windows\system32\rastapi.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 12800 c:\windows\system32\rasser.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 16384 c:\windows\system32\rassapi.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 23552 c:\windows\system32\rasrad.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 56832 c:\windows\system32\rasphone.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 22528 c:\windows\system32\rasmxs.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 61440 c:\windows\system32\rasman.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 11264 c:\windows\system32\rasdial.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 11776 c:\windows\system32\rasctrs.dll
+ 2004-08-11 22:00 . 2009-10-12 13:38 79872 c:\windows\system32\raschap.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 11776 c:\windows\system32\rasautou.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 88576 c:\windows\system32\rasauto.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 43520 c:\windows\system32\racpldlg.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 22016 c:\windows\system32\qwinsta.exe
+ 2004-08-11 22:11 . 2008-04-14 09:42 19968 c:\windows\system32\qprocess.exe
+ 2004-08-11 22:12 . 2008-04-14 09:42 18944 c:\windows\system32\qmgrprxy.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 16896 c:\windows\system32\qappsrv.exe
+ 2007-07-26 19:22 . 2007-07-26 19:22 65008 c:\windows\system32\pxinsa64.exe
+ 2007-07-26 19:22 . 2007-07-26 19:22 66544 c:\windows\system32\pxcpya64.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 34304 c:\windows\system32\pstorsvc.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 43520 c:\windows\system32\pstorec.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 10752 c:\windows\system32\pschdprf.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 96768 c:\windows\system32\psbase.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 23040 c:\windows\system32\psapi.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 50176 c:\windows\system32\proquota.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 27648 c:\windows\system32\profmap.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 15860 c:\windows\system32\prnqctl.vbs
+ 2004-08-11 22:00 . 2004-08-04 10:00 29454 c:\windows\system32\prnport.vbs
+ 2004-08-11 22:00 . 2004-08-04 10:00 32546 c:\windows\system32\prnmngr.vbs
+ 2004-08-11 22:00 . 2004-08-04 10:00 21527 c:\windows\system32\prnjobs.vbs
+ 2004-08-11 22:00 . 2004-08-04 10:00 25415 c:\windows\system32\prndrvr.vbs
+ 2004-08-11 22:00 . 2004-08-04 10:00 35755 c:\windows\system32\prncnfg.vbs
+ 2004-08-11 22:00 . 2004-08-04 10:00 16384 c:\windows\system32\prflbmsg.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 17408 c:\windows\system32\powrprof.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 49152 c:\windows\system32\powercfg.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 58880 c:\windows\system32\pnrpnsp.dll
+ 2004-08-11 22:00 . 2011-10-31 23:43 44544 c:\windows\system32\pngfilt.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 46592 c:\windows\system32\pmspl.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 30720 c:\windows\system32\plustab.dll
+ 2004-08-04 05:56 . 2008-04-14 09:42 15360 c:\windows\system32\pjlmon.dll
+ 2007-09-20 15:12 . 2007-09-20 15:12 95640 c:\windows\system32\PIXTREEN.DLL
+ 2007-09-20 15:12 . 2007-09-20 15:12 95640 c:\windows\system32\PIXTAGN.DLL
+ 2007-09-20 15:12 . 2007-09-20 15:12 50576 c:\windows\system32\PIXSLN.DLL
+ 2007-09-20 15:12 . 2007-09-20 15:12 50584 c:\windows\system32\PIXRAMN.DLL
+ 2007-09-20 15:12 . 2007-09-20 15:12 58784 c:\windows\system32\PIXPERMN.DLL
+ 2007-09-20 15:12 . 2007-09-20 15:12 50584 c:\windows\system32\PIXPANN.DLL
+ 2007-09-20 15:12 . 2007-09-20 15:12 79256 c:\windows\system32\PIXNAMEN.DLL
+ 2007-09-20 15:11 . 2007-09-20 15:11 51712 c:\windows\system32\PIXN20.DLL
+ 2007-09-20 15:12 . 2007-09-20 15:12 50576 c:\windows\system32\PIXMPN.DLL
+ 2007-09-20 15:12 . 2007-09-20 15:12 50584 c:\windows\system32\PIXMDLGN.DLL
+ 2007-09-20 15:12 . 2007-09-20 15:12 83360 c:\windows\system32\PIXLOCN.DLL
+ 2007-09-20 15:12 . 2007-09-20 15:12 75160 c:\windows\system32\PIXDLGN.DLL
+ 2007-09-20 15:12 . 2007-09-20 15:12 99744 c:\windows\system32\PIXAPS.DLL
+ 2004-08-11 22:00 . 2004-08-04 10:00 33280 c:\windows\system32\ping6.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 17920 c:\windows\system32\ping.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 35328 c:\windows\system32\pifmgr.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 24064 c:\windows\system32\pidgen.dll
+ 2004-08-04 05:56 . 2008-04-14 09:42 35328 c:\windows\system32\pid.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 12288 c:\windows\system32\perfts.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 34816 c:\windows\system32\perfproc.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 25088 c:\windows\system32\perfos.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 17920 c:\windows\system32\perfnet.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 15872 c:\windows\system32\perfmon.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 26624 c:\windows\system32\perfdisk.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 28626 c:\windows\system32\perfd009.dat
+ 2004-08-11 22:00 . 2008-04-14 09:42 39936 c:\windows\system32\perfctrs.dll
+ 2004-08-11 22:00 . 2012-02-15 00:46 74008 c:\windows\system32\perfc009.dat
+ 2004-08-11 22:00 . 2004-08-04 10:00 15360 c:\windows\system32\pentnt.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 67584 c:\windows\system32\pautoenr.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 21504 c:\windows\system32\pathping.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 10240 c:\windows\system32\panmap.dll
+ 2004-08-11 22:00 . 2011-11-18 12:35 60416 c:\windows\system32\packager.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 40448 c:\windows\system32\osuninst.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 67584 c:\windows\system32\osuninst.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 67584 c:\windows\system32\openfiles.exe
+ 2004-08-11 22:12 . 2008-04-14 09:42 51200 c:\windows\system32\oobe\oobebaln.exe
+ 2004-08-11 22:12 . 2008-04-14 09:42 29184 c:\windows\system32\oobe\msoobe.exe
+ 2004-08-11 22:12 . 2008-04-14 09:42 19456 c:\windows\system32\oobe\msobweb.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 30720 c:\windows\system32\oobe\msobshel.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 16384 c:\windows\system32\oobe\msobdl.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 69120 c:\windows\system32\olethk32.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 22016 c:\windows\system32\olesvr32.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 24064 c:\windows\system32\olesvr.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 84992 c:\windows\system32\olepro32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 37376 c:\windows\system32\olecnv32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 74752 c:\windows\system32\olecli32.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 82944 c:\windows\system32\olecli.dll
+ 2004-08-11 22:00 . 2011-09-26 15:41 20480 c:\windows\system32\oleaccrc.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 39744 c:\windows\system32\ole2.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 20511 c:\windows\system32\odtext32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 20510 c:\windows\system32\odpdx32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 20510 c:\windows\system32\odfox32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 20510 c:\windows\system32\odexl32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 20511 c:\windows\system32\oddbse32.dll
+ 2004-08-11 22:00 . 2008-04-14 02:56 12288 c:\windows\system32\odbcp32r.dll
+ 2004-08-11 22:00 . 2008-04-14 09:40 53279 c:\windows\system32\odbcji32.dll
+ 2004-08-11 22:00 . 2008-04-14 02:56 94208 c:\windows\system32\odbcint.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 65536 c:\windows\system32\odbccu32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 65536 c:\windows\system32\odbccr32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 69632 c:\windows\system32\odbcconf.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 24576 c:\windows\system32\odbcbcp.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 32768 c:\windows\system32\odbcad32.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 16384 c:\windows\system32\odbc32gt.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 26224 c:\windows\system32\odbc16gt.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 67584 c:\windows\system32\ocmanage.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 65536 c:\windows\system32\nwwks.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 20480 c:\windows\system32\nwcfg.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 64000 c:\windows\system32\nwapi32.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 17408 c:\windows\system32\nwapi16.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 15360 c:\windows\system32\ntvdmd.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 36864 c:\windows\system32\ntsdexts.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 31744 c:\windows\system32\ntsd.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 91136 c:\windows\system32\ntprint.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 36864 c:\windows\system32\ntmsevt.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 40960 c:\windows\system32\ntmsapi.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 14336 c:\windows\system32\ntlanui2.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 57856 c:\windows\system32\ntlanui.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 44032 c:\windows\system32\ntlanman.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 34560 c:\windows\system32\ntio804.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 35424 c:\windows\system32\ntio412.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 35648 c:\windows\system32\ntio411.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 34560 c:\windows\system32\ntio404.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 33840 c:\windows\system32\ntio.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 26112 c:\windows\system32\ntdsbcli.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 67072 c:\windows\system32\ntdsapi.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 29146 c:\windows\system32\ntdos804.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 29274 c:\windows\system32\ntdos412.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 29370 c:\windows\system32\ntdos411.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 29146 c:\windows\system32\ntdos404.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 27866 c:\windows\system32\ntdos.sys
+ 2004-08-11 22:00 . 2008-04-14 09:42 76800 c:\windows\system32\nslookup.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 54784 c:\windows\system32\npptools.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 15360 c:\windows\system32\npp\nppagent.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 57344 c:\windows\system32\npp\ndisnpp.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 69120 c:\windows\system32\notepad.exe
+ 2006-06-29 12:05 . 2006-06-29 12:05 23552 c:\windows\system32\normaliz.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 28672 c:\windows\system32\nmmkcert.dll
+ 2004-08-11 22:12 . 2004-08-04 10:00 12288 c:\windows\system32\nmevtmsg.dll
+ 2006-06-28 21:59 . 2006-06-28 21:59 24576 c:\windows\system32\nlsdl.dll
+ 2004-08-11 22:00 . 2008-03-07 17:02 98304 c:\windows\system32\nlhtml.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 80896 c:\windows\system32\netui0.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 36864 c:\windows\system32\netstat.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 86016 c:\windows\system32\netsh.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 11776 c:\windows\system32\netrap.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 42496 c:\windows\system32\net.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 18944 c:\windows\system32\nddenb32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 17920 c:\windows\system32\nddeapi.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 36352 c:\windows\system32\ncobjapi.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 20480 c:\windows\system32\nbtstat.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 35840 c:\windows\system32\narrhook.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 53760 c:\windows\system32\narrator.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 90624 c:\windows\system32\mydocs.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 90112 c:\windows\system32\mycomput.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 87552 c:\windows\system32\mui\0009\hhctrlui.dll
+ 2004-08-11 22:11 . 2008-06-12 14:23 91648 c:\windows\system32\mtxoci.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 34304 c:\windows\system32\mtxlegih.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 30720 c:\windows\system32\mtxdm.dll
+ 2004-08-11 22:00 . 2008-06-12 14:23 66560 c:\windows\system32\mtxclu.dll
+ 2004-08-04 05:56 . 2009-11-27 17:11 17920 c:\windows\system32\msyuv.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 26624 c:\windows\system32\msxmlr.dll
+ 2007-05-08 22:08 . 2008-04-14 02:57 79872 c:\windows\system32\msxml6r.dll
+ 2003-04-18 21:29 . 2003-04-18 21:29 82432 c:\windows\system32\msxml4r.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 44032 c:\windows\system32\msxml3r.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 37916 c:\windows\system32\msxml2r.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 72704 c:\windows\system32\msw3prt.dll
+ 2004-08-11 22:00 . 2009-11-27 16:07 28672 c:\windows\system32\msvidc32.dll
+ 2004-08-11 22:00 . 2008-04-14 04:00 61440 c:\windows\system32\msvcrt40.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 57344 c:\windows\system32\msvcirt.dll
+ 2002-01-05 07:38 . 2002-01-05 07:38 54784 c:\windows\system32\msvci70.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 12288 c:\windows\system32\mstinit.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 13312 c:\windows\system32\msswch.dll
+ 1998-08-09 15:07 . 1998-08-09 15:07 94208 c:\windows\system32\MSSTKPRP.DLL
+ 2004-08-11 22:00 . 2004-08-04 10:00 35840 c:\windows\system32\mssign32.dll
+ 2004-08-11 22:00 . 2009-11-27 16:07 11264 c:\windows\system32\msrle32.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 28746 c:\windows\system32\msrecr40.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 73802 c:\windows\system32\msrclr40.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 60416 c:\windows\system32\msratelc.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 69632 c:\windows\system32\msr2c.dll
+ 2004-08-11 22:00 . 2008-04-14 01:53 48128 c:\windows\system32\msprivs.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 41984 c:\windows\system32\msports.dll
+ 2004-08-11 22:00 . 2006-10-19 01:47 27136 c:\windows\system32\mspmsnsv.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 29696 c:\windows\system32\mspatcha.dll
+ 2004-08-11 22:00 . 2008-04-14 02:54 20480 c:\windows\system32\msorc32r.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 33280 c:\windows\system32\msobjs.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 25088 c:\windows\system32\mslbui.dll
+ 2004-08-11 22:00 . 2008-03-25 04:50 60192 c:\windows\system32\msjter40.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 15360 c:\windows\system32\msisip.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 78848 c:\windows\system32\msiexec.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 14848 c:\windows\system32\msidntld.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 51712 c:\windows\system32\msident.dll
+ 2004-08-11 22:00 . 2007-08-13 22:01 48128 c:\windows\system32\mshtmler.dll
+ 2004-08-11 22:00 . 2007-08-13 22:32 45568 c:\windows\system32\mshta.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 33792 c:\windows\system32\msgsvc.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 20992 c:\windows\system32\msg.exe
+ 2007-08-13 22:36 . 2007-08-13 22:36 12288 c:\windows\system32\msfeedssync.exe
+ 2007-08-13 22:54 . 2011-10-31 23:43 52224 c:\windows\system32\msfeedsbs.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 94282 c:\windows\system32\msencode.dll
+ 2004-08-11 22:11 . 2008-06-12 14:23 58880 c:\windows\system32\msdtclog.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 19429 c:\windows\system32\MsDtc\Trace\msdtcvtr.bat
+ 2004-08-11 22:00 . 2008-04-14 09:42 14336 c:\windows\system32\msdmo.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 68608 c:\windows\system32\msctfp.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 36864 c:\windows\system32\mscpxl32.dll
+ 2004-08-11 22:00 . 2008-04-14 02:56 12288 c:\windows\system32\mscpx32r.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 69632 c:\windows\system32\msconf.dll
+ 2004-08-11 22:00 . 2008-06-24 16:43 74240 c:\windows\system32\mscms.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 65024 c:\windows\system32\msaudite.dll
+ 2004-08-11 22:00 . 2009-09-04 21:03 58880 c:\windows\system32\msasn1.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 86016 c:\windows\system32\msapsspc.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 20480 c:\windows\system32\msacm32.drv
+ 2004-08-11 22:00 . 2008-04-14 09:42 71680 c:\windows\system32\msacm32.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 61168 c:\windows\system32\msacm.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 12800 c:\windows\system32\mrinfo.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 49152 c:\windows\system32\mqupgrd.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 95744 c:\windows\system32\mqsec.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 89088 c:\windows\system32\mqlogmgr.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 16896 c:\windows\system32\mqise.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 60928 c:\windows\system32\mqgentr.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 47616 c:\windows\system32\mqdscli.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 10752 c:\windows\system32\mqcertui.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 19968 c:\windows\system32\mqbkup.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 47104 c:\windows\system32\mprui.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 99840 c:\windows\system32\mprmsg.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 53248 c:\windows\system32\mprdim.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 69120 c:\windows\system32\mprddm.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 87040 c:\windows\system32\mprapi.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 59904 c:\windows\system32\mpr.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 22016 c:\windows\system32\mpnotify.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 16896 c:\windows\system32\more.com
+ 2004-08-11 22:00 . 2004-08-04 10:00 10112 c:\windows\system32\modex.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 19456 c:\windows\system32\mode.com
+ 2004-08-11 22:12 . 2008-04-14 09:42 32768 c:\windows\system32\mnmsrvc.exe
+ 2004-08-11 22:12 . 2008-04-14 09:41 34560 c:\windows\system32\mnmdd.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 68768 c:\windows\system32\mmsystem.dll
+ 2004-08-11 22:11 . 2008-04-14 09:41 17408 c:\windows\system32\mmfutil.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 12288 c:\windows\system32\mmdrv.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 61440 c:\windows\system32\mmcshext.dll
+ 2004-08-11 22:00 . 2008-03-07 17:02 29696 c:\windows\system32\mimefilt.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 51712 c:\windows\system32\migpwd.exe
+ 2004-08-11 22:00 . 2008-04-14 09:41 60928 c:\windows\system32\miglibnt.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 18944 c:\windows\system32\midimap.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 46258 c:\windows\system32\mib.bin
+ 2004-08-11 22:00 . 2008-04-14 09:41 14848 c:\windows\system32\mgmtapi.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 22528 c:\windows\system32\mfcsubs.dll
+ 1998-06-17 23:08 . 1998-06-17 23:08 53248 c:\windows\system32\MFC42ENU.DLL
+ 2004-08-11 22:00 . 2008-04-14 09:41 40960 c:\windows\system32\mf3216.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 39274 c:\windows\system32\mem.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 50176 c:\windows\system32\mdhcp.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 28160 c:\windows\system32\mciwave.drv
+ 2004-08-11 22:00 . 2008-04-14 09:41 23552 c:\windows\system32\mciwave.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 25264 c:\windows\system32\mciseq.drv
+ 2004-08-11 22:00 . 2011-10-14 14:47 23040 c:\windows\system32\mciseq.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 35328 c:\windows\system32\mciqtz32.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 17408 c:\windows\system32\mcicda.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 84480 c:\windows\system32\mciavi32.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 73376 c:\windows\system32\mciavi.drv
+ 2004-08-11 22:00 . 2004-08-04 10:00 10496 c:\windows\system32\mcdsrv32.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 10240 c:\windows\system32\mcd32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 14336 c:\windows\system32\mcastmib.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 57344 c:\windows\system32\makecab.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 72704 c:\windows\system32\magnify.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 13312 c:\windows\system32\lsass.exe
+ 2004-08-11 22:00 . 2008-04-14 09:41 10240 c:\windows\system32\lprhelp.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 22016 c:\windows\system32\lpk.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 15360 c:\windows\system32\logoff.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 59392 c:\windows\system32\logman.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 50176 c:\windows\system32\loghours.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 75264 c:\windows\system32\locator.exe
+ 2004-08-11 22:00 . 2008-04-14 09:41 11776 c:\windows\system32\localui.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 97280 c:\windows\system32\loadperf.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 25088 c:\windows\system32\lnkstub.exe
+ 2004-08-11 22:00 . 2008-04-14 09:41 13824 c:\windows\system32\lmhsvc.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 19968 c:\windows\system32\linkinfo.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 29696 c:\windows\system32\lights.exe
+ 2004-08-11 22:11 . 2008-04-14 09:41 58880 c:\windows\system32\licwmi.dll
+ 2004-08-11 22:00 . 2007-08-13 22:44 40960 c:\windows\system32\licmgr10.dll
+ 2004-08-11 22:00 . 2006-10-19 01:47 11264 c:\windows\system32\LAPRXY.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 89600 c:\windows\system32\langwrbk.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 92224 c:\windows\system32\krnl386.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 42537 c:\windows\system32\keyboard.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 42809 c:\windows\system32\key01.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 14710 c:\windows\system32\kb16.com
+ 2004-08-11 22:00 . 2011-10-31 23:43 27648 c:\windows\system32\jsproxy.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 47952 c:\windows\system32\jobexec.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 65536 c:\windows\system32\jgsh400.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 45568 c:\windows\system32\jgsd400.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 27648 c:\windows\system32\jgpl400.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 35840 c:\windows\system32\jgmd400.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 44544 c:\windows\system32\jgaw400.dll
+ 2004-08-04 05:56 . 2009-11-27 16:07 48128 c:\windows\system32\iyuv_32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 54272 c:\windows\system32\ixsso.dll
+ 2004-08-11 22:12 . 2008-04-14 09:41 32768 c:\windows\system32\isrdbg32.dll
+ 2004-08-11 22:12 . 2010-11-18 18:12 81920 c:\windows\system32\isign32.dll
+ 2004-08-11 22:07 . 2004-08-04 10:00 13312 c:\windows\system32\irclass.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 22016 c:\windows\system32\ipxwan.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 66560 c:\windows\system32\ipxsap.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 39936 c:\windows\system32\ipxrtmgr.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 23552 c:\windows\system32\ipxroute.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 21504 c:\windows\system32\ipxrip.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 69120 c:\windows\system32\ipxpromn.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 83968 c:\windows\system32\ipxmontr.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 59904 c:\windows\system32\ipv6mon.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 53248 c:\windows\system32\ipv6.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 44032 c:\windows\system32\ipsec6.exe
+ 2004-08-11 22:00 . 2008-04-14 09:41 94720 c:\windows\system32\iphlpapi.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 55808 c:\windows\system32\ipconfig.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 30720 c:\windows\system32\iologmsg.dll
+ 2004-08-11 22:00 . 2007-08-13 22:39 92672 c:\windows\system32\inseng.dll
+ 2006-08-14 16:02 . 2006-08-14 16:02 49152 c:\windows\system32\INETWH32.dll
+ 2004-08-11 22:12 . 2008-04-14 01:52 48128 c:\windows\system32\inetres.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 15872 c:\windows\system32\inetppui.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 75264 c:\windows\system32\inetpp.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 32768 c:\windows\system32\inetmib1.dll
+ 2004-08-11 22:00 . 2007-08-13 22:36 36352 c:\windows\system32\imgutil.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 36921 c:\windows\system32\imeshare.dll
+ 2004-08-11 22:12 . 2008-04-14 09:41 81920 c:\windows\system32\ils.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 70656 c:\windows\system32\ifsutil.dll
+ 2007-08-13 22:39 . 2011-10-31 20:56 13824 c:\windows\system32\ieudinit.exe
+ 2004-08-11 22:00 . 2007-08-13 22:39 55296 c:\windows\system32\iesetup.dll
+ 2004-08-11 22:00 . 2011-10-31 23:43 44544 c:\windows\system32\iernonce.dll
+ 2004-08-11 22:00 . 2011-10-31 23:43 78336 c:\windows\system32\ieencode.dll
+ 2004-08-11 22:00 . 2011-10-31 20:56 70656 c:\windows\system32\ie4uinit.exe
+ 2006-06-29 12:05 . 2006-06-29 12:05 26112 c:\windows\system32\idndl.dll
+ 2004-08-11 22:12 . 2008-04-14 09:41 65536 c:\windows\system32\icwphbk.dll
+ 2004-08-11 22:12 . 2008-04-14 09:41 73728 c:\windows\system32\icwdial.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 54784 c:\windows\system32\icmui.dll
+ 2004-08-11 22:12 . 2004-08-04 10:00 16384 c:\windows\system32\icfgnt5.dll
+ 2004-08-11 22:00 . 2010-06-17 14:03 80384 c:\windows\system32\iccvid.dll
+ 2007-08-13 22:36 . 2011-10-31 23:43 63488 c:\windows\system32\icardie.dll
+ 2004-08-11 22:11 . 2008-04-14 09:41 11264 c:\windows\system32\icaapi.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 59392 c:\windows\system32\iassvcs.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 86528 c:\windows\system32\iassam.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 17920 c:\windows\system32\iaspolcy.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 62464 c:\windows\system32\iasnap.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 32256 c:\windows\system32\iashlpr.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 41472 c:\windows\system32\iasads.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 23552 c:\windows\system32\iasacct.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 41984 c:\windows\system32\htui.dll
+ 2004-08-11 22:00 . 2009-10-21 05:38 25088 c:\windows\system32\httpapi.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 44544 c:\windows\system32\hticons.dll
+ 2008-03-05 01:44 . 2008-03-05 01:44 39936 c:\windows\system32\hpbpro.dll
+ 2008-03-05 01:45 . 2008-03-05 01:45 25600 c:\windows\system32\hpboid.dll
+ 2008-03-05 01:44 . 2008-03-05 01:44 24576 c:\windows\system32\hpbmiapi.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 14848 c:\windows\system32\hnetmon.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 72704 c:\windows\system32\hlink.dll
+ 2004-08-04 05:56 . 2008-04-14 09:41 20992 c:\windows\system32\hid.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 41472 c:\windows\system32\hhsetup.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 15872 c:\windows\system32\help.exe
+ 2004-08-12 22:45 . 2004-08-12 22:45 61952 c:\windows\system32\Hdaudpropshortcut.exe
+ 2004-08-12 22:45 . 2004-08-12 22:45 24064 c:\windows\system32\Hdaudprop.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 39424 c:\windows\system32\grpconv.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 19694 c:\windows\system32\graphics.com
+ 2004-08-11 22:00 . 2004-08-04 10:00 26112 c:\windows\system32\graftabl.com
+ 2004-08-11 22:00 . 2004-08-04 10:00 57344 c:\windows\system32\gpupdate.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 59904 c:\windows\system32\getmac.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 24576 c:\windows\system32\gdi.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 76800 c:\windows\system32\gcdef.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 11264 c:\windows\system32\fxssend.exe
+ 2004-08-11 22:11 . 2004-08-04 10:00 31744 c:\windows\system32\fxsroute.dll
+ 2004-08-11 22:11 . 2008-04-14 09:41 23552 c:\windows\system32\fxsmon.dll
+ 2004-08-11 22:11 . 2008-04-14 09:41 23552 c:\windows\system32\fxsext32.dll
+ 2004-08-11 22:11 . 2008-04-14 09:41 55296 c:\windows\system32\fxsevent.dll
+ 2004-08-11 22:11 . 2008-04-14 09:41 26624 c:\windows\system32\fxsdrv.dll
+ 2004-08-11 22:11 . 2008-04-14 09:41 72192 c:\windows\system32\fxscom.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 60416 c:\windows\system32\fwcfg.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 42496 c:\windows\system32\ftp.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 56320 c:\windows\system32\fsutil.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 81408 c:\windows\system32\fsusd.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 29696 c:\windows\system32\format.com
+ 2004-08-11 22:00 . 2008-04-14 09:42 20992 c:\windows\system32\fontview.exe
+ 2004-08-11 22:00 . 2009-10-15 16:28 81920 c:\windows\system32\fontsub.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 16384 c:\windows\system32\fmifs.dll
+ 2007-03-22 23:17 . 2007-03-22 23:17 35440 c:\windows\system32\FM20ENU.DLL
+ 2004-08-11 22:12 . 2008-04-14 09:42 23040 c:\windows\system32\fltmc.exe
+ 2004-08-11 22:12 . 2008-04-14 09:41 16896 c:\windows\system32\fltlib.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 87552 c:\windows\system32\fldrclnr.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 27136 c:\windows\system32\findstr.exe
+ 2004-08-11 22:00 . 2008-04-14 09:41 21504 c:\windows\system32\feclient.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 73728 c:\windows\system32\fdeploy.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 14848 c:\windows\system32\fc.exe
+ 2008-04-14 09:42 . 2008-04-14 09:42 20992 c:\windows\system32\faxpatch.exe
+ 2004-08-11 22:00 . 2008-04-14 09:41 80384 c:\windows\system32\faultrep.dll
+ 2003-10-19 16:35 . 2003-10-19 16:35 49152 c:\windows\system32\EZPdf.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 24064 c:\windows\system32\extrac32.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 15872 c:\windows\system32\expand.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 82944 c:\windows\system32\eventtriggers.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 97965 c:\windows\system32\eventquery.vbs
+ 2004-08-11 22:00 . 2008-04-14 09:41 56320 c:\windows\system32\eventlog.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 50688 c:\windows\system32\eventcreate.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 33280 c:\windows\system32\eventcls.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 39424 c:\windows\system32\esentutl.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 17408 c:\windows\system32\esentprf.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 23040 c:\windows\system32\ersvc.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 20480 c:\windows\system32\encapi.dll
+ 2004-08-11 22:12 . 2004-08-11 22:12 21640 c:\windows\system32\emptyregdb.dat
+ 2004-08-11 22:00 . 2008-04-14 09:41 26624 c:\windows\system32\efsadu.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 12642 c:\windows\system32\edlin.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 69886 c:\windows\system32\edit.com
+ 2007-09-20 18:43 . 2007-09-20 18:43 61440 c:\windows\system32\EcutelPKI2.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 17920 c:\windows\system32\dvdupgrd.exe
+ 2001-08-18 03:36 . 2004-08-04 10:00 55296 c:\windows\system32\dvdplay.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 10752 c:\windows\system32\dumprep.exe
+ 2004-08-11 22:00 . 2008-04-14 09:41 19456 c:\windows\system32\dswave.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 51200 c:\windows\system32\dssec.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 92672 c:\windows\system32\dskquota.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 71680 c:\windows\system32\dsdmoprp.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 62976 c:\windows\system32\dsauth.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 16384 c:\windows\system32\ds32gt.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 45568 c:\windows\system32\drwtsn32.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 28112 c:\windows\system32\drwatson.exe
+ 2007-07-26 19:22 . 2007-07-26 19:22 68080 c:\windows\system32\drvins64.exe
+ 2004-08-11 22:00 . 2008-04-14 09:41 14336 c:\windows\system32\drprov.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 87040 c:\windows\system32\drmstor.dll
+ 2006-09-28 23:00 . 2006-09-28 23:00 82944 c:\windows\system32\drivers\WudfRd.sys
+ 2006-09-28 22:55 . 2006-09-28 22:55 77568 c:\windows\system32\drivers\WudfPf.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 12032 c:\windows\system32\drivers\ws2ifsl.sys
+ 2006-10-19 00:00 . 2006-10-19 00:00 38528 c:\windows\system32\drivers\wpdusb.sys
+ 2006-11-02 12:22 . 2006-11-02 12:22 32224 c:\windows\system32\drivers\wdfldr.sys
+ 2004-08-11 22:00 . 2008-04-14 04:27 34560 c:\windows\system32\drivers\wanarp.sys
+ 2004-08-11 22:00 . 2008-04-14 04:11 52352 c:\windows\system32\drivers\volsnap.sys
+ 2004-08-11 22:00 . 2008-04-14 04:14 81664 c:\windows\system32\drivers\videoprt.sys
+ 2004-08-11 22:37 . 2008-04-14 04:06 42240 c:\windows\system32\drivers\viaagp.sys
+ 2004-08-11 22:00 . 2008-04-14 04:14 20992 c:\windows\system32\drivers\vga.sys
+ 2001-08-17 19:02 . 2004-08-04 10:00 58112 c:\windows\system32\drivers\vdmindvd.sys
+ 2004-08-04 04:08 . 2008-04-14 04:15 20608 c:\windows\system32\drivers\usbuhci.sys
+ 2004-08-04 04:08 . 2008-04-14 04:15 15872 c:\windows\system32\drivers\usbintel.sys
+ 2004-08-04 04:08 . 2008-04-14 04:15 59520 c:\windows\system32\drivers\usbhub.sys
+ 2004-08-04 04:08 . 2008-04-14 04:15 30208 c:\windows\system32\drivers\usbehci.sys
+ 2001-08-17 19:03 . 2008-04-14 04:15 25728 c:\windows\system32\drivers\usbcamd2.sys
+ 2001-08-17 19:03 . 2008-04-14 04:15 25600 c:\windows\system32\drivers\usbcamd.sys
+ 2004-08-11 22:00 . 2008-04-14 04:26 12800 c:\windows\system32\drivers\usb8023.sys
+ 2004-08-11 22:47 . 2001-08-17 18:52 36736 c:\windows\system32\drivers\ultra.sys
+ 2004-08-11 22:00 . 2008-04-14 04:02 66048 c:\windows\system32\drivers\udfs.sys
+ 2004-08-04 04:03 . 2008-04-14 04:26 12288 c:\windows\system32\drivers\tunmp.sys
+ 2001-08-17 19:06 . 2004-08-04 10:00 21376 c:\windows\system32\drivers\tsbvcap.sys
+ 2001-08-17 19:01 . 2004-08-04 10:00 51712 c:\windows\system32\drivers\tosdvd.sys
+ 2004-08-11 22:11 . 2008-04-14 09:43 40840 c:\windows\system32\drivers\termdd.sys
+ 2004-08-11 22:11 . 2008-04-14 09:43 21896 c:\windows\system32\drivers\tdtcp.sys
+ 2004-08-11 22:11 . 2008-04-14 09:43 12040 c:\windows\system32\drivers\tdpipe.sys
+ 2004-08-11 22:00 . 2008-04-14 04:30 19072 c:\windows\system32\drivers\tdi.sys
+ 2004-08-11 22:00 . 2008-04-14 04:10 14976 c:\windows\system32\drivers\tape.sys
+ 2004-08-11 22:42 . 2001-08-17 19:07 32640 c:\windows\system32\drivers\symc8xx.sys
+ 2004-08-11 22:43 . 2001-08-17 19:07 16256 c:\windows\system32\drivers\symc810.sys
+ 2004-08-11 22:43 . 2001-08-17 19:07 30688 c:\windows\system32\drivers\sym_u3.sys
+ 2004-08-11 22:41 . 2001-08-17 19:07 28384 c:\windows\system32\drivers\sym_hi.sys
+ 2004-08-04 04:08 . 2008-04-14 04:15 49408 c:\windows\system32\drivers\stream.sys
+ 2004-08-11 22:12 . 2008-04-14 04:06 73472 c:\windows\system32\drivers\sr.sys
+ 2004-08-11 22:38 . 2001-08-17 19:07 19072 c:\windows\system32\drivers\sparrow.sys
+ 2004-08-04 04:09 . 2008-04-14 04:16 25344 c:\windows\system32\drivers\sonydcam.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 14592 c:\windows\system32\drivers\smclib.sys
+ 2004-08-11 22:36 . 2008-04-14 04:06 40960 c:\windows\system32\drivers\sisagp.sys
+ 2004-08-04 03:59 . 2008-04-14 04:10 11392 c:\windows\system32\drivers\sfloppy.sys
+ 2004-08-04 03:59 . 2008-04-14 04:10 11008 c:\windows\system32\drivers\sffp_sd.sys
+ 2004-08-04 03:59 . 2008-04-14 04:10 11904 c:\windows\system32\drivers\sffdisk.sys
+ 2004-08-04 04:15 . 2008-04-14 04:45 64512 c:\windows\system32\drivers\serial.sys
+ 2004-08-04 03:59 . 2008-04-14 04:10 15744 c:\windows\system32\drivers\serenum.sys
+ 2004-08-11 22:00 . 2007-11-13 10:25 20480 c:\windows\system32\drivers\secdrv.sys
+ 2004-08-04 04:07 . 2008-04-14 04:06 79232 c:\windows\system32\drivers\sdbus.sys
+ 2004-08-04 03:59 . 2008-04-14 04:10 96384 c:\windows\system32\drivers\scsiport.sys
+ 2004-08-11 22:00 . 2008-04-14 04:26 30592 c:\windows\system32\drivers\rndismp.sys
+ 2001-08-17 18:24 . 2004-08-04 10:00 12032 c:\windows\system32\drivers\riodrv.sys
+ 2001-08-17 18:24 . 2004-08-04 10:00 12032 c:\windows\system32\drivers\rio8drv.sys
+ 2004-08-11 22:09 . 2008-04-14 04:10 57600 c:\windows\system32\drivers\redbook.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 34432 c:\windows\system32\drivers\rawwan.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 16512 c:\windows\system32\drivers\raspti.sys
+ 2004-08-11 22:00 . 2008-04-14 04:49 48384 c:\windows\system32\drivers\raspptp.sys
+ 2004-08-11 22:00 . 2008-04-14 04:27 41472 c:\windows\system32\drivers\raspppoe.sys
+ 2004-08-11 22:00 . 2008-04-14 04:49 51328 c:\windows\system32\drivers\rasl2tp.sys
+ 2004-08-11 22:44 . 2001-08-17 18:52 49024 c:\windows\system32\drivers\ql1280.sys
+ 2004-08-11 22:44 . 2001-08-17 18:52 40448 c:\windows\system32\drivers\ql1240.sys
+ 2004-08-11 22:44 . 2001-08-17 18:52 45312 c:\windows\system32\drivers\ql12160.sys
+ 2004-08-11 22:43 . 2001-08-17 18:52 33152 c:\windows\system32\drivers\ql10wnt.sys
+ 2004-08-11 22:43 . 2001-08-17 18:52 40320 c:\windows\system32\drivers\ql1080.sys
+ 2007-07-26 08:00 . 2007-07-26 08:00 43872 c:\windows\system32\drivers\pxhelp20.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 17792 c:\windows\system32\drivers\ptilink.sys
+ 2004-08-11 22:00 . 2008-04-14 04:26 69120 c:\windows\system32\drivers\psched.sys
+ 2004-08-04 03:59 . 2008-04-14 04:01 35840 c:\windows\system32\drivers\processr.sys
+ 2004-08-11 22:41 . 2001-08-17 19:07 27296 c:\windows\system32\drivers\perc2.sys
+ 2004-08-04 03:59 . 2008-04-14 04:10 24960 c:\windows\system32\drivers\pciidex.sys
+ 2004-08-04 04:07 . 2008-04-14 04:06 68224 c:\windows\system32\drivers\pci.sys
+ 2004-08-11 22:00 . 2008-04-14 04:10 19712 c:\windows\system32\drivers\partmgr.sys
+ 2004-08-04 03:59 . 2008-04-14 04:10 80128 c:\windows\system32\drivers\parport.sys
+ 2003-04-22 19:47 . 2003-04-22 19:47 16509 c:\windows\system32\drivers\PalmUSBD.sys
+ 2004-08-04 03:59 . 2008-04-14 04:01 42752 c:\windows\system32\drivers\p3.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 55936 c:\windows\system32\drivers\nwlnkspx.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 63232 c:\windows\system32\drivers\nwlnknb.sys
+ 2004-08-11 22:00 . 2008-04-14 04:26 88320 c:\windows\system32\drivers\nwlnkipx.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 32512 c:\windows\system32\drivers\nwlnkfwd.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 12416 c:\windows\system32\drivers\nwlnkflt.sys
+ 2004-08-11 22:00 . 2008-04-14 04:02 30848 c:\windows\system32\drivers\npfs.sys
+ 2004-08-11 22:00 . 2008-04-14 04:23 40320 c:\windows\system32\drivers\nmnt.sys
+ 2001-08-17 18:24 . 2004-08-04 10:00 12032 c:\windows\system32\drivers\nikedrv.sys
+ 2004-08-04 03:58 . 2008-04-14 04:21 61824 c:\windows\system32\drivers\nic1394.sys
+ 2004-08-11 22:00 . 2008-04-14 04:26 34688 c:\windows\system32\drivers\netbios.sys
+ 2007-04-19 10:28 . 2007-04-19 10:28 25424 c:\windows\system32\drivers\netamsg.dll
+ 2004-08-11 22:00 . 2010-11-02 15:17 40960 c:\windows\system32\drivers\ndproxy.sys
+ 2004-08-11 22:00 . 2008-04-14 04:50 91520 c:\windows\system32\drivers\ndiswan.sys
+ 2004-08-04 04:03 . 2008-04-14 04:26 14592 c:\windows\system32\drivers\ndisuio.sys
+ 2004-08-11 22:00 . 2011-07-08 14:02 10496 c:\windows\system32\drivers\ndistapi.sys
+ 2004-08-04 04:07 . 2008-04-14 04:06 15488 c:\windows\system32\drivers\mssmbios.sys
+ 2004-08-11 22:00 . 2008-04-14 04:26 35072 c:\windows\system32\drivers\msgpc.sys
+ 2004-08-11 22:00 . 2008-04-14 04:02 19072 c:\windows\system32\drivers\msfs.sys
+ 2004-08-11 22:41 . 2001-08-17 18:52 17280 c:\windows\system32\drivers\mraid35x.sys
+ 2004-08-11 22:00 . 2008-04-14 04:09 92544 c:\windows\system32\drivers\mqac.sys
+ 2004-08-11 22:00 . 2008-04-14 04:09 42368 c:\windows\system32\drivers\mountmgr.sys
+ 2004-08-04 03:58 . 2008-04-14 04:09 23040 c:\windows\system32\drivers\mouclass.sys
+ 2004-08-04 04:08 . 2008-04-14 04:30 30080 c:\windows\system32\drivers\modem.sys
+ 2004-08-04 04:07 . 2008-04-14 04:06 63744 c:\windows\system32\drivers\mf.sys
+ 2004-08-11 22:00 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys
+ 2004-08-04 03:58 . 2008-04-14 04:09 24576 c:\windows\system32\drivers\kbdclass.sys
+ 2001-08-17 18:58 . 2008-04-14 04:06 37248 c:\windows\system32\drivers\isapnp.sys
+ 2004-08-11 22:07 . 2008-04-14 04:24 11264 c:\windows\system32\drivers\irenum.sys
+ 2008-02-21 02:19 . 2008-02-21 02:19 30816 c:\windows\system32\drivers\iqvw32.sys
+ 2004-08-11 22:00 . 2008-04-14 04:49 75264 c:\windows\system32\drivers\ipsec.sys
+ 2004-08-11 22:00 . 2008-04-14 04:27 20864 c:\windows\system32\drivers\ipinip.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 32896 c:\windows\system32\drivers\ipfltdrv.sys
+ 2004-08-11 22:00 . 2008-04-14 04:23 36608 c:\windows\system32\drivers\ip6fw.sys
+ 2004-08-04 03:59 . 2008-04-14 04:01 36352 c:\windows\system32\drivers\intelppm.sys
+ 2004-08-11 22:46 . 2001-08-17 18:52 16000 c:\windows\system32\drivers\ini910u.sys
+ 2004-08-04 04:00 . 2008-04-14 04:11 42112 c:\windows\system32\drivers\imapi.sys
+ 2004-08-04 04:14 . 2008-04-14 04:48 52480 c:\windows\system32\drivers\i8042prt.sys
+ 2004-08-11 22:44 . 2008-04-14 04:11 18560 c:\windows\system32\drivers\i2omp.sys
+ 2004-08-11 22:42 . 2001-08-17 19:07 25952 c:\windows\system32\drivers\hpn.sys
+ 2004-08-04 04:08 . 2008-04-14 04:15 24960 c:\windows\system32\drivers\hidparse.sys
+ 2004-08-04 04:08 . 2008-04-14 04:15 36864 c:\windows\system32\drivers\hidclass.sys
+ 2001-08-17 18:57 . 2004-08-04 10:00 12160 c:\windows\system32\drivers\fsvga.sys
+ 2004-08-04 03:59 . 2008-04-14 04:10 20480 c:\windows\system32\drivers\flpydisk.sys
+ 2004-08-11 22:00 . 2008-04-14 04:03 44544 c:\windows\system32\drivers\fips.sys
+ 2004-08-04 03:59 . 2008-04-14 04:10 27392 c:\windows\system32\drivers\fdc.sys
+ 2004-08-04 04:00 . 2008-04-14 04:08 71168 c:\windows\system32\drivers\dxg.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 10496 c:\windows\system32\drivers\dxapi.sys
+ 2004-08-11 22:40 . 2001-08-17 19:07 20192 c:\windows\system32\drivers\dpti2o.sys
+ 2004-08-11 22:00 . 2008-04-14 04:10 14208 c:\windows\system32\drivers\diskdump.sys
+ 2004-08-04 03:59 . 2008-04-14 04:10 36352 c:\windows\system32\drivers\disk.sys
+ 2004-08-11 22:46 . 2001-08-17 18:52 14720 c:\windows\system32\drivers\dac960nt.sys
+ 2004-08-04 03:59 . 2008-04-14 04:01 36736 c:\windows\system32\drivers\crusoe.sys
+ 2001-08-17 18:24 . 2004-08-04 10:00 11776 c:\windows\system32\drivers\cpqdap01.sys
+ 2004-08-11 22:41 . 2001-08-17 18:52 14976 c:\windows\system32\drivers\cpqarray.sys
+ 2004-08-11 22:00 . 2008-04-14 04:46 49536 c:\windows\system32\drivers\classpnp.sys
+ 2004-08-04 03:59 . 2008-04-14 04:10 62976 c:\windows\system32\drivers\cdrom.sys
+ 2004-08-11 22:00 . 2008-04-14 04:44 63744 c:\windows\system32\drivers\cdfs.sys
+ 2001-08-17 18:52 . 2004-08-04 10:00 18688 c:\windows\system32\drivers\cdaudio.sys
+ 2001-08-17 18:52 . 2001-08-17 18:52 13952 c:\windows\system32\drivers\cbidf2k.sys
+ 2004-08-11 22:00 . 2008-04-14 04:23 71552 c:\windows\system32\drivers\bridge.sys
+ 2004-08-11 22:00 . 2008-04-14 04:21 55808 c:\windows\system32\drivers\atmlane.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 31360 c:\windows\system32\drivers\atmepvc.sys
+ 2004-08-11 22:00 . 2008-04-14 04:21 59904 c:\windows\system32\drivers\atmarpc.sys
+ 2004-08-04 03:59 . 2008-04-14 04:10 96512 c:\windows\system32\drivers\atapi.sys
+ 2004-08-11 22:00 . 2008-04-14 04:27 14336 c:\windows\system32\drivers\asyncmac.sys
+ 2007-04-19 10:28 . 2007-04-19 10:28 42832 c:\windows\system32\drivers\Asfalrt.sys
+ 2004-08-11 22:46 . 2001-08-17 18:51 14848 c:\windows\system32\drivers\asc3550.sys
+ 2004-08-11 22:46 . 2001-08-17 18:52 22400 c:\windows\system32\drivers\asc3350p.sys
+ 2004-08-11 22:46 . 2001-08-17 18:52 26496 c:\windows\system32\drivers\asc.sys
+ 2004-08-04 03:58 . 2008-04-14 04:21 60800 c:\windows\system32\drivers\arp1394.sys
+ 2004-08-11 22:46 . 2001-08-17 18:52 12032 c:\windows\system32\drivers\amsint.sys
+ 2004-08-04 03:59 . 2008-04-14 04:01 37760 c:\windows\system32\drivers\amdk7.sys
+ 2004-08-04 03:59 . 2008-04-14 04:01 37376 c:\windows\system32\drivers\amdk6.sys
+ 2004-08-11 22:29 . 2008-04-14 04:06 43008 c:\windows\system32\drivers\amdagp.sys
+ 2004-08-11 22:29 . 2008-04-14 04:06 42752 c:\windows\system32\drivers\alim1541.sys
+ 2004-08-11 22:39 . 2001-08-17 19:07 56960 c:\windows\system32\drivers\aic78xx.sys
+ 2004-08-11 22:39 . 2001-08-17 19:07 55168 c:\windows\system32\drivers\aic78u2.sys
+ 2004-08-11 22:38 . 2001-08-17 18:52 12800 c:\windows\system32\drivers\aha154x.sys
+ 2004-08-11 22:35 . 2008-04-14 04:06 44928 c:\windows\system32\drivers\agpcpq.sys
+ 2004-08-11 22:08 . 2008-04-14 04:06 42368 c:\windows\system32\drivers\agp440.sys
+ 2001-08-17 18:57 . 2004-08-04 10:00 11648 c:\windows\system32\drivers\acpiec.sys
+ 2004-08-11 22:46 . 2001-08-17 18:52 23552 c:\windows\system32\drivers\ABP480N5.SYS
+ 2004-08-11 22:00 . 2008-04-14 09:42 62976 c:\windows\system32\driverquery.exe
+ 2004-08-11 22:00 . 2008-04-14 09:41 57344 c:\windows\system32\dpwsockx.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 42768 c:\windows\system32\dpwsock.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 83456 c:\windows\system32\dpvsetup.exe
+ 2004-08-11 22:00 . 2008-04-14 09:41 21504 c:\windows\system32\dpvacm.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 53520 c:\windows\system32\dpserial.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 61952 c:\windows\system32\dpnwsock.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 17920 c:\windows\system32\dpnsvr.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 62464 c:\windows\system32\dpnmodem.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 60928 c:\windows\system32\dpnhupnp.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 35328 c:\windows\system32\dpnhpast.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 23552 c:\windows\system32\dpmodemx.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 29696 c:\windows\system32\dplaysvr.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 33040 c:\windows\system32\dplay.dll

#20 aszu12

aszu12

    New Member

  • Members
  • Pip
  • 26 posts

Posted 27 February 2012 - 12:11 PM

post #2 of ComboFix log:

+ 2004-08-11 22:00 . 2004-08-04 10:00 53840 c:\windows\system32\dosx.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 10752 c:\windows\system32\doskey.exe
+ 2004-08-11 22:00 . 2008-04-14 09:41 48128 c:\windows\system32\docprop2.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 46080 c:\windows\system32\docprop.dll
+ 2004-08-11 22:00 . 2009-04-20 17:17 45568 c:\windows\system32\dnsrslvr.dll
+ 2004-08-04 05:56 . 2008-04-14 09:41 52224 c:\windows\system32\dmutil.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 23552 c:\windows\system32\dmserver.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 82432 c:\windows\system32\dmscript.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 15872 c:\windows\system32\dmremote.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 19456 c:\windows\system32\dmocx.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 35840 c:\windows\system32\dmloader.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 18432 c:\windows\system32\dmintf.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 61440 c:\windows\system32\dmcompos.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 28672 c:\windows\system32\dmband.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 11776 c:\windows\system32\dllcache\xolehlp.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 50176 c:\windows\system32\dllcache\xmlprovi.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 30720 c:\windows\system32\dllcache\xcopy.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 91648 c:\windows\system32\dllcache\xactsrv.dll
+ 2004-08-04 05:56 . 2008-04-14 09:42 52736 c:\windows\system32\dllcache\wzcsapi.dll
+ 2004-08-11 22:12 . 2009-08-06 23:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 32256 c:\windows\system32\dllcache\wupdmgr.exe
+ 2004-08-11 22:12 . 2009-08-06 23:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 18432 c:\windows\system32\dllcache\wtsapi32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 50688 c:\windows\system32\dllcache\wstdecod.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 22528 c:\windows\system32\dllcache\wsock32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 41984 c:\windows\system32\dllcache\wsnmp32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 19456 c:\windows\system32\dllcache\wshtcpip.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 11264 c:\windows\system32\dllcache\wshrm.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 11776 c:\windows\system32\dllcache\wshisn.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 14336 c:\windows\system32\dllcache\wship6.dll
+ 2004-08-11 22:00 . 2008-05-09 10:53 90112 c:\windows\system32\dllcache\wshext.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 36864 c:\windows\system32\dllcache\wshcon.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 80896 c:\windows\system32\dllcache\wscsvc.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 13824 c:\windows\system32\dllcache\wscntfy.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 12032 c:\windows\system32\dllcache\ws2ifsl.sys
+ 2004-08-11 22:00 . 2008-04-14 09:42 19968 c:\windows\system32\dllcache\ws2help.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 82432 c:\windows\system32\dllcache\ws2_32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 11264 c:\windows\system32\dllcache\wpnpinst.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 32256 c:\windows\system32\dllcache\wpabaln.exe
+ 2001-08-18 03:36 . 2004-08-04 10:00 13824 c:\windows\system32\dllcache\wowfaxui.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 10368 c:\windows\system32\dllcache\wowexec.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 20480 c:\windows\system32\dllcache\wmpui.dll
+ 2004-08-11 22:00 . 2006-10-19 01:47 99840 c:\windows\system32\dllcache\wmpshell.dll
+ 2004-08-11 22:12 . 2006-10-19 01:46 64000 c:\windows\system32\dllcache\wmplayer.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 20480 c:\windows\system32\dllcache\wmpcore.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 20480 c:\windows\system32\dllcache\wmpcd.dll
+ 2004-08-11 22:12 . 2006-10-19 01:47 96256 c:\windows\system32\dllcache\wmpband.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 95232 c:\windows\system32\dllcache\wmiutils.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 52224 c:\windows\system32\dllcache\wmitimep.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 55808 c:\windows\system32\dllcache\wmiscmgr.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 41472 c:\windows\system32\dllcache\wmipsess.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 18944 c:\windows\system32\dllcache\wmiprop.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 62464 c:\windows\system32\dllcache\wmipjobj.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 61952 c:\windows\system32\dllcache\wmipiprt.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 75264 c:\windows\system32\dllcache\wmipicmp.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 61440 c:\windows\system32\dllcache\wmimsg.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 60928 c:\windows\system32\dllcache\wmicookr.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 88576 c:\windows\system32\dllcache\wmiaprpl.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 45568 c:\windows\system32\dllcache\wmi2xml.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 51200 c:\windows\system32\dllcache\wmerrenu.dll
+ 2004-08-11 22:00 . 2006-10-19 01:47 37376 c:\windows\system32\dllcache\wmdmps.dll
+ 2004-08-11 22:00 . 2006-10-19 01:47 33792 c:\windows\system32\dllcache\wmdmlog.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 92672 c:\windows\system32\dllcache\wlnotify.dll
+ 2004-08-11 22:12 . 2004-08-04 10:00 25088 c:\windows\system32\dllcache\wisc10.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 18944 c:\windows\system32\dllcache\winstrm.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 53760 c:\windows\system32\dllcache\winsta.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 17408 c:\windows\system32\dllcache\winshfhc.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 99328 c:\windows\system32\dllcache\winscard.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 16896 c:\windows\system32\dllcache\winrnr.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 11776 c:\windows\system32\dllcache\winmsd.exe
+ 2004-08-11 22:11 . 2004-08-04 10:00 16384 c:\windows\system32\dllcache\winmgmtr.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 13312 c:\windows\system32\dllcache\winmgmt.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 32256 c:\windows\system32\dllcache\winipsec.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 35328 c:\windows\system32\dllcache\winchat.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 13312 c:\windows\system32\dllcache\win87em.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 75776 c:\windows\system32\dllcache\wiascr.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 13600 c:\windows\system32\dllcache\wfwnet.drv
+ 2004-08-11 22:00 . 2008-04-14 09:42 65024 c:\windows\system32\dllcache\wextract.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 40448 c:\windows\system32\dllcache\webhits.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 68096 c:\windows\system32\dllcache\webclnt.dll
+ 2004-08-04 05:56 . 2008-04-14 09:42 23552 c:\windows\system32\dllcache\wdmaud.drv
+ 2004-08-11 22:00 . 2009-06-25 08:25 54272 c:\windows\system32\dllcache\wdigest.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 43520 c:\windows\system32\dllcache\wbemsvc.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 18944 c:\windows\system32\dllcache\wbemprox.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 43008 c:\windows\system32\dllcache\wbemperf.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 71680 c:\windows\system32\dllcache\wbemcons.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 12288 c:\windows\system32\dllcache\wbemads.dll
+ 2004-08-11 22:12 . 2004-08-04 10:00 12288 c:\windows\system32\dllcache\wb32.exe
+ 2004-08-11 22:00 . 2008-04-14 04:15 17664 c:\windows\system32\dllcache\watchdog.sys
+ 2004-08-11 22:00 . 2008-04-14 04:27 34560 c:\windows\system32\dllcache\wanarp.sys
+ 2004-08-11 22:12 . 2008-04-14 09:42 30208 c:\windows\system32\dllcache\wabmig.exe
+ 2004-08-11 22:12 . 2008-04-14 09:42 85504 c:\windows\system32\dllcache\wabimp.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 32768 c:\windows\system32\dllcache\wabfind.dll
+ 2004-08-11 22:12 . 2010-10-11 14:59 45568 c:\windows\system32\dllcache\wab.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 15872 c:\windows\system32\dllcache\w3ssl.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 22016 c:\windows\system32\dllcache\w32topl.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 49664 c:\windows\system32\dllcache\w32tm.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 19456 c:\windows\system32\dllcache\vwipxspx.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 33792 c:\windows\system32\dllcache\vssadmin.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 16896 c:\windows\system32\dllcache\vss_ps.dll
+ 2004-08-11 22:00 . 2008-04-14 04:11 52352 c:\windows\system32\dllcache\volsnap.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 18944 c:\windows\system32\dllcache\vmmreg32.dll
+ 2004-08-11 22:00 . 2008-04-14 04:14 81664 c:\windows\system32\dllcache\videoprt.sys
+ 2004-08-11 22:37 . 2008-04-14 04:06 42240 c:\windows\system32\dllcache\viaagp.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 18176 c:\windows\system32\dllcache\vga64k.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 51456 c:\windows\system32\dllcache\vga256.dll
+ 2004-08-11 22:00 . 2008-04-14 04:14 20992 c:\windows\system32\dllcache\vga.sys
+ 2004-08-11 22:00 . 2008-04-14 09:42 18944 c:\windows\system32\dllcache\version.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 98304 c:\windows\system32\dllcache\verifier.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 26624 c:\windows\system32\dllcache\verifier.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 51712 c:\windows\system32\dllcache\vdmredir.dll
+ 2001-08-17 19:02 . 2004-08-04 10:00 58112 c:\windows\system32\dllcache\vdmindvd.sys
+ 2004-08-11 22:00 . 2008-04-14 09:42 26112 c:\windows\system32\dllcache\vdmdbg.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 30749 c:\windows\system32\dllcache\vbajet32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 50176 c:\windows\system32\dllcache\utilman.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 25600 c:\windows\system32\dllcache\utildll.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 49211 c:\windows\system32\dllcache\usrvpa.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 45116 c:\windows\system32\dllcache\usrvoica.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 49209 c:\windows\system32\dllcache\usrv80a.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 41019 c:\windows\system32\dllcache\usrsvpia.dll
+ 2001-08-18 03:37 . 2004-08-04 10:00 69700 c:\windows\system32\dllcache\usrshuta.exe
+ 2001-08-18 03:36 . 2004-08-04 10:00 49211 c:\windows\system32\dllcache\usrsdpia.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 77883 c:\windows\system32\dllcache\usrrtosa.dll
+ 2001-08-18 03:37 . 2004-08-04 10:00 61508 c:\windows\system32\dllcache\usrprbda.exe
+ 2001-08-18 03:37 . 2004-08-04 10:00 77891 c:\windows\system32\dllcache\usrmlnka.exe
+ 2001-08-18 03:36 . 2004-08-04 10:00 53305 c:\windows\system32\dllcache\usrlbva.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 86073 c:\windows\system32\dllcache\usrfaxa.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 77890 c:\windows\system32\dllcache\usrdpa.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 69699 c:\windows\system32\dllcache\usrcoina.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 61500 c:\windows\system32\dllcache\usrcntra.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 26112 c:\windows\system32\dllcache\userinit.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 47872 c:\windows\system32\dllcache\user.exe
+ 2004-08-11 22:08 . 2008-04-14 09:42 74240 c:\windows\system32\dllcache\usbui.dll
+ 2004-08-04 04:08 . 2008-04-14 04:15 20608 c:\windows\system32\dllcache\usbuhci.sys
+ 2004-08-11 22:00 . 2008-04-14 09:42 16896 c:\windows\system32\dllcache\usbmon.dll
+ 2004-08-04 04:08 . 2008-04-14 04:15 15872 c:\windows\system32\dllcache\usbintel.sys
+ 2004-08-04 04:08 . 2008-04-14 04:15 59520 c:\windows\system32\dllcache\usbhub.sys
+ 2004-08-04 04:08 . 2008-04-14 04:15 30208 c:\windows\system32\dllcache\usbehci.sys
+ 2001-08-17 19:03 . 2008-04-14 04:15 25728 c:\windows\system32\dllcache\usbcamd2.sys
+ 2001-08-17 19:03 . 2008-04-14 04:15 25600 c:\windows\system32\dllcache\usbcamd.sys
+ 2004-08-11 22:00 . 2008-04-14 04:26 12800 c:\windows\system32\dllcache\usb8023.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 17920 c:\windows\system32\dllcache\ureg.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 18432 c:\windows\system32\dllcache\ups.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 16896 c:\windows\system32\dllcache\upnpcont.exe
+ 2004-08-11 22:11 . 2004-08-04 10:00 16896 c:\windows\system32\dllcache\unsecapp.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 13824 c:\windows\system32\dllcache\uniplat.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 74240 c:\windows\system32\dllcache\unimdmat.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 13312 c:\windows\system32\dllcache\umdmxfrm.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 35840 c:\windows\system32\dllcache\umandlg.dll
+ 2004-08-11 22:47 . 2001-08-17 18:52 36736 c:\windows\system32\dllcache\ultra.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 82432 c:\windows\system32\dllcache\ufat.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 26624 c:\windows\system32\dllcache\udhisapi.dll
+ 2004-08-11 22:00 . 2008-04-14 04:02 66048 c:\windows\system32\dllcache\udfs.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 36352 c:\windows\system32\dllcache\typeperf.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 25600 c:\windows\system32\dllcache\twunk_32.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 49680 c:\windows\system32\dllcache\twunk_16.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 57856 c:\windows\system32\dllcache\twext.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 50688 c:\windows\system32\dllcache\twain_32.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 94784 c:\windows\system32\dllcache\twain.dll
+ 2004-08-04 04:03 . 2008-04-14 04:26 12288 c:\windows\system32\dllcache\tunmp.sys
+ 2004-08-11 22:11 . 2004-08-04 10:00 16896 c:\windows\system32\dllcache\tsshutdn.exe
+ 2004-08-11 22:11 . 2004-08-04 10:00 16384 c:\windows\system32\dllcache\tskill.exe
+ 2004-08-11 22:11 . 2004-08-04 10:00 14848 c:\windows\system32\dllcache\tsdiscon.exe
+ 2004-08-11 22:00 . 2008-04-14 09:43 12168 c:\windows\system32\dllcache\tsddd.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 15360 c:\windows\system32\dllcache\tsd32.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 14848 c:\windows\system32\dllcache\tscon.exe
+ 2004-08-11 22:11 . 2008-04-14 09:42 93696 c:\windows\system32\dllcache\tscfgwmi.dll
+ 2001-08-17 19:06 . 2004-08-04 10:00 21376 c:\windows\system32\dllcache\tsbvcap.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 52224 c:\windows\system32\dllcache\tsappcmp.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 59904 c:\windows\system32\dllcache\trnsprov.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 90112 c:\windows\system32\dllcache\trkwks.dll
+ 2004-08-11 22:12 . 2004-08-04 10:00 40960 c:\windows\system32\dllcache\trialoc.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 31232 c:\windows\system32\dllcache\traffic.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 31744 c:\windows\system32\dllcache\tracert6.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 12288 c:\windows\system32\dllcache\tracert.exe
+ 2001-08-17 19:01 . 2004-08-04 10:00 51712 c:\windows\system32\dllcache\tosdvd.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 13888 c:\windows\system32\dllcache\toolhelp.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 61952 c:\windows\system32\dllcache\tmplprov.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 73216 c:\windows\system32\dllcache\tlntsvr.exe
+ 2004-08-11 22:00 . 2009-06-12 12:31 80896 c:\windows\system32\dllcache\tlntsess.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 61440 c:\windows\system32\dllcache\tlntadmn.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 16896 c:\windows\system32\dllcache\tftp.exe
+ 2004-08-11 22:11 . 2008-04-14 09:43 40840 c:\windows\system32\dllcache\termdd.sys
+ 2004-08-11 22:00 . 2009-06-12 12:31 76288 c:\windows\system32\dllcache\telnet.exe
+ 2004-08-11 22:11 . 2008-04-14 09:43 21896 c:\windows\system32\dllcache\tdtcp.sys
+ 2004-08-11 22:11 . 2008-04-14 09:43 12040 c:\windows\system32\dllcache\tdpipe.sys
+ 2004-08-11 22:00 . 2008-04-14 04:30 19072 c:\windows\system32\dllcache\tdi.sys
+ 2007-04-03 02:06 . 2007-04-03 02:06 16384 c:\windows\system32\dllcache\tcptsat.dll
+ 2008-04-14 09:42 . 2008-04-14 09:42 32827 c:\windows\system32\dllcache\tcptest.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 19456 c:\windows\system32\dllcache\tcpsvcs.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 45568 c:\windows\system32\dllcache\tcpmonui.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 45568 c:\windows\system32\dllcache\tcpmon.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 14848 c:\windows\system32\dllcache\tcpmib.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 12288 c:\windows\system32\dllcache\tcmsetup.exe
+ 2004-08-11 22:07 . 2004-08-04 10:00 15360 c:\windows\system32\dllcache\taskman.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 77824 c:\windows\system32\dllcache\tasklist.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 76288 c:\windows\system32\dllcache\taskkill.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 78848 c:\windows\system32\dllcache\tapiui.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 19200 c:\windows\system32\dllcache\tapi.dll
+ 2004-08-11 22:00 . 2008-04-14 04:10 14976 c:\windows\system32\dllcache\tape.sys
+ 2004-08-11 22:00 . 2008-04-14 09:42 33792 c:\windows\system32\dllcache\tabletoc.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 36864 c:\windows\system32\dllcache\syskey.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 15872 c:\windows\system32\dllcache\sysinv.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 71680 c:\windows\system32\dllcache\sysinfo.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 18896 c:\windows\system32\dllcache\sysedit.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 57856 c:\windows\system32\dllcache\synceng.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 51200 c:\windows\system32\dllcache\syncapp.exe
+ 2004-08-11 22:42 . 2001-08-17 19:07 32640 c:\windows\system32\dllcache\symc8xx.sys
+ 2004-08-11 22:43 . 2001-08-17 19:07 16256 c:\windows\system32\dllcache\symc810.sys
+ 2004-08-11 22:43 . 2001-08-17 19:07 30688 c:\windows\system32\dllcache\sym_u3.sys
+ 2004-08-11 22:41 . 2001-08-17 19:07 28384 c:\windows\system32\dllcache\sym_hi.sys
+ 2004-08-11 22:00 . 2008-04-14 09:42 14336 c:\windows\system32\dllcache\svchost.exe
+ 2004-08-11 22:00 . 2009-10-21 05:38 75776 c:\windows\system32\dllcache\strmfilt.dll
+ 2004-08-04 04:08 . 2008-04-14 04:15 49408 c:\windows\system32\dllcache\stream.sys
+ 2004-08-11 22:07 . 2008-04-14 09:42 74752 c:\windows\system32\dllcache\storprop.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 14848 c:\windows\system32\dllcache\stimon.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 68096 c:\windows\system32\dllcache\sti.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 86528 c:\windows\system32\dllcache\stdprov.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 59392 c:\windows\system32\dllcache\stclient.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 33280 c:\windows\system32\dllcache\sstub.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 14336 c:\windows\system32\dllcache\ssstars.scr
+ 2004-08-11 22:00 . 2008-04-14 09:42 18944 c:\windows\system32\dllcache\ssmyst.scr
+ 2004-08-11 22:00 . 2008-04-14 09:42 47104 c:\windows\system32\dllcache\ssmypics.scr
+ 2004-08-11 22:00 . 2008-04-14 09:42 20992 c:\windows\system32\dllcache\ssmarque.scr
+ 2004-08-11 22:00 . 2008-04-14 09:42 71680 c:\windows\system32\dllcache\ssdpsrv.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 34816 c:\windows\system32\dllcache\ssdpapi.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 19968 c:\windows\system32\dllcache\ssbezier.scr
+ 2004-08-11 22:00 . 2010-08-27 05:57 99840 c:\windows\system32\dllcache\srvsvc.dll
+ 2004-08-11 22:12 . 2004-08-04 10:00 47104 c:\windows\system32\dllcache\srdiag.exe
+ 2004-08-11 22:12 . 2008-04-14 09:42 67584 c:\windows\system32\dllcache\srclient.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 58434 c:\windows\system32\dllcache\srchctls.dll
+ 2004-08-11 22:12 . 2008-04-14 04:06 73472 c:\windows\system32\dllcache\sr.sys
+ 2004-08-11 22:07 . 2004-08-04 10:00 24661 c:\windows\system32\dllcache\spxcoins.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 72192 c:\windows\system32\dllcache\sprio800.dll
+ 2001-08-18 03:36 . 2004-08-04 10:00 70656 c:\windows\system32\dllcache\sprio600.dll
+ 2004-08-11 22:00 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 75264 c:\windows\system32\dllcache\spoolss.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 11264 c:\windows\system32\dllcache\spnpinst.exe
+ 2001-08-18 03:36 . 2004-08-04 10:00 69632 c:\windows\system32\dllcache\spnike.dll
+ 2004-08-11 22:00 . 2008-04-14 04:13 12800 c:\windows\system32\dllcache\spiisupd.exe
+ 2004-08-11 22:00 . 2008-04-14 02:13 62976 c:\windows\system32\dllcache\spgrmr.dll
+ 2004-08-11 22:07 . 2004-08-04 10:00 61440 c:\windows\system32\dllcache\spcplui.dll
+ 2004-08-11 22:07 . 2004-08-04 10:00 77824 c:\windows\system32\dllcache\spcommon.dll
+ 2004-08-11 22:38 . 2001-08-17 19:07 19072 c:\windows\system32\dllcache\sparrow.sys
+ 2004-08-11 22:00 . 2008-04-14 09:42 24576 c:\windows\system32\dllcache\sort.exe
+ 2004-08-04 04:09 . 2008-04-14 04:16 25344 c:\windows\system32\dllcache\sonydcam.sys
+ 2004-08-11 22:00 . 2008-04-14 09:42 18944 c:\windows\system32\dllcache\snmpapi.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 34816 c:\windows\system32\dllcache\sniffpol.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 40960 c:\windows\system32\dllcache\smtpcons.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 50688 c:\windows\system32\dllcache\smss.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 89600 c:\windows\system32\dllcache\smlogsvc.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 14592 c:\windows\system32\dllcache\smclib.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 14848 c:\windows\system32\dllcache\slbrccsp.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 98304 c:\windows\system32\dllcache\slbiop.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 25088 c:\windows\system32\dllcache\slayerxp.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 26112 c:\windows\system32\dllcache\skeys.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 13824 c:\windows\system32\dllcache\sisbkup.dll
+ 2004-08-11 22:36 . 2008-04-14 04:06 40960 c:\windows\system32\dllcache\sisagp.sys
+ 2004-08-11 22:00 . 2008-04-14 09:42 70144 c:\windows\system32\dllcache\sigverif.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 13312 c:\windows\system32\dllcache\sigtab.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 19456 c:\windows\system32\dllcache\shutdown.exe
+ 2008-04-14 09:42 . 2008-04-14 09:42 16437 c:\windows\system32\dllcache\shtml.exe
+ 2008-04-14 09:42 . 2008-04-14 09:42 20536 c:\windows\system32\dllcache\shtml.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 27648 c:\windows\system32\dllcache\shscrap.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 77824 c:\windows\system32\dllcache\shrpubw.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 45056 c:\windows\system32\dllcache\shmgrate.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 65024 c:\windows\system32\dllcache\shimeng.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 68096 c:\windows\system32\dllcache\shgina.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 25088 c:\windows\system32\dllcache\shfolder.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 14848 c:\windows\system32\dllcache\shadow.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 23552 c:\windows\system32\dllcache\sfmapi.dll
+ 2004-08-04 03:59 . 2008-04-14 04:10 11392 c:\windows\system32\dllcache\sfloppy.sys
+ 2004-08-04 03:59 . 2008-04-14 04:10 11008 c:\windows\system32\dllcache\sffp_sd.sys
+ 2004-08-04 03:59 . 2008-04-14 04:10 11904 c:\windows\system32\dllcache\sffdisk.sys
+ 2004-08-11 22:12 . 2008-04-14 09:42 73216 c:\windows\system32\dllcache\setup50.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 23040 c:\windows\system32\dllcache\setup.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 31232 c:\windows\system32\dllcache\sethc.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 14848 c:\windows\system32\dllcache\serwvdrv.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 56320 c:\windows\system32\dllcache\servdeps.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 14336 c:\windows\system32\dllcache\serialui.dll
+ 2004-08-04 04:15 . 2008-04-14 04:45 64512 c:\windows\system32\dllcache\serial.sys
+ 2004-08-04 03:59 . 2008-04-14 04:10 15744 c:\windows\system32\dllcache\serenum.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 13824 c:\windows\system32\dllcache\senscfg.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 39424 c:\windows\system32\dllcache\sens.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 54784 c:\windows\system32\dllcache\sendmail.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 29184 c:\windows\system32\dllcache\sendcmsg.dll
+ 2004-08-11 22:00 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 18944 c:\windows\system32\dllcache\seclogon.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 18944 c:\windows\system32\dllcache\secedit.exe
+ 2004-08-04 05:56 . 2008-04-14 09:42 29184 c:\windows\system32\dllcache\sdhcinst.dll
+ 2004-08-04 04:07 . 2008-04-14 04:06 79232 c:\windows\system32\dllcache\sdbus.sys
+ 2004-08-11 22:00 . 2008-04-14 09:42 77312 c:\windows\system32\dllcache\sdbinst.exe
+ 2004-08-04 03:59 . 2008-04-14 04:10 96384 c:\windows\system32\dllcache\scsiport.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 10240 c:\windows\system32\dllcache\scriptpw.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 26624 c:\windows\system32\dllcache\scredir.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 36352 c:\windows\system32\dllcache\scrcons.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 20480 c:\windows\system32\dllcache\sclgntfy.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 95744 c:\windows\system32\dllcache\scardsvr.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 69632 c:\windows\system32\dllcache\scarddlg.dll
+ 2004-08-11 22:00 . 2009-02-06 10:39 35328 c:\windows\system32\dllcache\sc.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 13312 c:\windows\system32\dllcache\savedump.exe
+ 2004-08-11 22:07 . 2004-08-04 10:00 36864 c:\windows\system32\dllcache\sapisvr.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 64000 c:\windows\system32\dllcache\samlib.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 45568 c:\windows\system32\dllcache\safrslv.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 29696 c:\windows\system32\dllcache\safrdm.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 43520 c:\windows\system32\dllcache\safrcdlg.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 15872 c:\windows\system32\dllcache\rwinsta.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 14336 c:\windows\system32\dllcache\runonce.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 33280 c:\windows\system32\dllcache\rundll32.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 16384 c:\windows\system32\dllcache\runas.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 44032 c:\windows\system32\dllcache\rtutils.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 98304 c:\windows\system32\dllcache\rtm.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 31744 c:\windows\system32\dllcache\rtipxmib.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 77312 c:\windows\system32\dllcache\rtcshare.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 92672 c:\windows\system32\dllcache\rsvpsp.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 23552 c:\windows\system32\dllcache\rsvpmsg.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 62976 c:\windows\system32\dllcache\rsopprov.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 49152 c:\windows\system32\dllcache\rsmui.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 24576 c:\windows\system32\dllcache\rsmsink.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 18944 c:\windows\system32\dllcache\rsmps.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 49152 c:\windows\system32\dllcache\rsm.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 39936 c:\windows\system32\dllcache\rshx32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 14848 c:\windows\system32\dllcache\rsh.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 28672 c:\windows\system32\dllcache\rsfsaps.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 61440 c:\windows\system32\dllcache\rrcm.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 22016 c:\windows\system32\dllcache\rpcns4.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 25600 c:\windows\system32\dllcache\routemon.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 19968 c:\windows\system32\dllcache\route.exe
+ 2004-08-11 22:00 . 2008-04-14 04:26 30592 c:\windows\system32\dllcache\rndismp.sys
+ 2001-08-17 18:24 . 2004-08-04 10:00 12032 c:\windows\system32\dllcache\riodrv.sys
+ 2001-08-17 18:24 . 2004-08-04 10:00 12032 c:\windows\system32\dllcache\rio8drv.sys
+ 2004-08-11 22:00 . 2008-04-14 09:42 13824 c:\windows\system32\dllcache\rexec.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 58880 c:\windows\system32\dllcache\resutils.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 12800 c:\windows\system32\dllcache\replace.exe
+ 2004-08-11 22:11 . 2008-04-14 09:42 60416 c:\windows\system32\dllcache\remotepg.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 32768 c:\windows\system32\dllcache\relog.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 11776 c:\windows\system32\dllcache\regsvr32.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 59904 c:\windows\system32\dllcache\regsvc.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 33792 c:\windows\system32\dllcache\regini.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 49664 c:\windows\system32\dllcache\regapi.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 50176 c:\windows\system32\dllcache\reg.exe
+ 2004-08-11 22:09 . 2008-04-14 04:10 57600 c:\windows\system32\dllcache\redbook.sys
+ 2004-08-11 22:11 . 2008-04-14 09:42 67072 c:\windows\system32\dllcache\rdshost.exe
+ 2004-08-11 22:11 . 2008-04-14 09:42 13824 c:\windows\system32\dllcache\rdsaddin.exe
+ 2004-08-11 22:11 . 2008-04-14 09:43 87176 c:\windows\system32\dllcache\rdpwsx.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 19968 c:\windows\system32\dllcache\rdpsnd.dll
+ 2004-08-11 22:00 . 2008-04-14 09:43 92424 c:\windows\system32\dllcache\rdpdd.dll
+ 2004-08-11 22:11 . 2008-04-14 09:42 62976 c:\windows\system32\dllcache\rdpclip.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 21504 c:\windows\system32\dllcache\rcp.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 35840 c:\windows\system32\dllcache\rcimlby.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 34432 c:\windows\system32\dllcache\rawwan.sys
+ 2004-08-11 22:00 . 2008-04-14 09:42 58368 c:\windows\system32\dllcache\rastapi.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 12800 c:\windows\system32\dllcache\rasser.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 16384 c:\windows\system32\dllcache\rassapi.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 23552 c:\windows\system32\dllcache\rasrad.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 16512 c:\windows\system32\dllcache\raspti.sys
+ 2004-08-11 22:00 . 2008-04-14 04:49 48384 c:\windows\system32\dllcache\raspptp.sys
+ 2004-08-11 22:00 . 2008-04-14 04:27 41472 c:\windows\system32\dllcache\raspppoe.sys
+ 2004-08-11 22:00 . 2008-04-14 09:42 56832 c:\windows\system32\dllcache\rasphone.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 22528 c:\windows\system32\dllcache\rasmxs.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 61440 c:\windows\system32\dllcache\rasman.dll
+ 2004-08-11 22:00 . 2008-04-14 04:49 51328 c:\windows\system32\dllcache\rasl2tp.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 11264 c:\windows\system32\dllcache\rasdial.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 11776 c:\windows\system32\dllcache\rasctrs.dll
+ 2004-08-11 22:00 . 2009-10-12 13:38 79872 c:\windows\system32\dllcache\raschap.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 11776 c:\windows\system32\dllcache\rasautou.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 88576 c:\windows\system32\dllcache\rasauto.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 43520 c:\windows\system32\dllcache\racpldlg.dll
+ 2004-08-11 22:11 . 2004-08-04 10:00 22016 c:\windows\system32\dllcache\qwinsta.exe
+ 2004-08-11 22:11 . 2008-04-14 09:42 19968 c:\windows\system32\dllcache\qprocess.exe
+ 2004-08-11 22:12 . 2008-04-14 09:42 18944 c:\windows\system32\dllcache\qmgrprxy.dll
+ 2004-08-11 22:44 . 2001-08-17 18:52 49024 c:\windows\system32\dllcache\ql1280.sys
+ 2004-08-11 22:44 . 2001-08-17 18:52 40448 c:\windows\system32\dllcache\ql1240.sys
+ 2004-08-11 22:44 . 2001-08-17 18:52 45312 c:\windows\system32\dllcache\ql12160.sys
+ 2004-08-11 22:43 . 2001-08-17 18:52 33152 c:\windows\system32\dllcache\ql10wnt.sys
+ 2004-08-11 22:43 . 2001-08-17 18:52 40320 c:\windows\system32\dllcache\ql1080.sys
+ 2004-08-11 22:11 . 2004-08-04 10:00 16896 c:\windows\system32\dllcache\qappsrv.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 17792 c:\windows\system32\dllcache\ptilink.sys
+ 2004-08-11 22:00 . 2008-04-14 09:42 34304 c:\windows\system32\dllcache\pstorsvc.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 43520 c:\windows\system32\dllcache\pstorec.dll
+ 2004-08-11 22:00 . 2008-04-14 04:26 69120 c:\windows\system32\dllcache\psched.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 10752 c:\windows\system32\dllcache\pschdprf.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 96768 c:\windows\system32\dllcache\psbase.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 23040 c:\windows\system32\dllcache\psapi.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 50176 c:\windows\system32\dllcache\proquota.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 27648 c:\windows\system32\dllcache\profmap.dll
+ 2004-08-04 03:59 . 2008-04-14 04:01 35840 c:\windows\system32\dllcache\processr.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 15860 c:\windows\system32\dllcache\prnqctl.vbs
+ 2004-08-11 22:00 . 2004-08-04 10:00 29454 c:\windows\system32\dllcache\prnport.vbs
+ 2004-08-11 22:00 . 2004-08-04 10:00 32546 c:\windows\system32\dllcache\prnmngr.vbs
+ 2004-08-11 22:00 . 2004-08-04 10:00 21527 c:\windows\system32\dllcache\prnjobs.vbs
+ 2004-08-11 22:00 . 2004-08-04 10:00 25415 c:\windows\system32\dllcache\prndrvr.vbs
+ 2004-08-11 22:00 . 2004-08-04 10:00 35755 c:\windows\system32\dllcache\prncnfg.vbs
+ 2004-08-11 22:00 . 2004-08-04 10:00 16384 c:\windows\system32\dllcache\prflbmsg.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 17408 c:\windows\system32\dllcache\powrprof.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 49152 c:\windows\system32\dllcache\powercfg.exe
+ 2004-08-11 22:11 . 2008-04-14 09:42 92672 c:\windows\system32\dllcache\policman.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 58880 c:\windows\system32\dllcache\pnrpnsp.dll
+ 2004-08-11 22:00 . 2011-10-31 23:43 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 46592 c:\windows\system32\dllcache\pmspl.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 30720 c:\windows\system32\dllcache\plustab.dll
+ 2004-08-04 05:56 . 2008-04-14 09:42 15360 c:\windows\system32\dllcache\pjlmon.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 33280 c:\windows\system32\dllcache\ping6.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 17920 c:\windows\system32\dllcache\ping.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 35328 c:\windows\system32\dllcache\pifmgr.dll
+ 2004-08-11 22:00 . 2008-04-14 09:41 24064 c:\windows\system32\dllcache\pidgen.dll
+ 2004-08-04 05:56 . 2008-04-14 09:42 35328 c:\windows\system32\dllcache\pid.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 12288 c:\windows\system32\dllcache\perfts.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 34816 c:\windows\system32\dllcache\perfproc.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 25088 c:\windows\system32\dllcache\perfos.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 17920 c:\windows\system32\dllcache\perfnet.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 15872 c:\windows\system32\dllcache\perfmon.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 26624 c:\windows\system32\dllcache\perfdisk.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 39936 c:\windows\system32\dllcache\perfctrs.dll
+ 2004-08-11 22:41 . 2001-08-17 19:07 27296 c:\windows\system32\dllcache\perc2.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 15360 c:\windows\system32\dllcache\pentnt.exe
+ 2004-08-04 03:59 . 2008-04-14 04:10 24960 c:\windows\system32\dllcache\pciidex.sys
+ 2004-08-04 04:07 . 2008-04-14 04:06 68224 c:\windows\system32\dllcache\pci.sys
+ 2004-08-11 22:12 . 2008-04-14 09:42 38400 c:\windows\system32\dllcache\pchsvc.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 67584 c:\windows\system32\dllcache\pautoenr.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 21504 c:\windows\system32\dllcache\pathping.exe
+ 2004-08-11 22:00 . 2008-04-14 04:10 19712 c:\windows\system32\dllcache\partmgr.sys
+ 2004-08-04 03:59 . 2008-04-14 04:10 80128 c:\windows\system32\dllcache\parport.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 10240 c:\windows\system32\dllcache\panmap.dll
+ 2004-08-11 22:00 . 2011-11-18 12:35 60416 c:\windows\system32\dllcache\packager.exe
+ 2004-08-04 03:59 . 2008-04-14 04:01 42752 c:\windows\system32\dllcache\p3.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 40448 c:\windows\system32\dllcache\osuninst.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 67584 c:\windows\system32\dllcache\osuninst.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 67584 c:\windows\system32\dllcache\opnfiles.exe
+ 2004-08-11 22:12 . 2008-04-14 09:42 51200 c:\windows\system32\dllcache\oobebaln.exe
+ 2004-08-11 22:00 . 2004-08-04 10:00 69120 c:\windows\system32\dllcache\olethk32.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 22016 c:\windows\system32\dllcache\olesvr32.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 24064 c:\windows\system32\dllcache\olesvr.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 84992 c:\windows\system32\dllcache\olepro32.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 65536 c:\windows\system32\dllcache\oledb32r.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 37376 c:\windows\system32\dllcache\olecnv32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 74752 c:\windows\system32\dllcache\olecli32.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 82944 c:\windows\system32\dllcache\olecli.dll
+ 2004-08-11 22:00 . 2011-09-26 15:41 20480 c:\windows\system32\dllcache\oleaccrc.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 39744 c:\windows\system32\dllcache\ole2.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 35328 c:\windows\system32\dllcache\oemiglib.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 60416 c:\windows\system32\dllcache\oemig50.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 20511 c:\windows\system32\dllcache\odtext32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 20510 c:\windows\system32\dllcache\odpdx32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 20510 c:\windows\system32\dllcache\odfox32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 20510 c:\windows\system32\dllcache\odexl32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 20511 c:\windows\system32\dllcache\oddbse32.dll
+ 2004-08-11 22:00 . 2008-04-14 02:56 12288 c:\windows\system32\dllcache\odbcp32r.dll
+ 2004-08-11 22:00 . 2008-04-14 09:40 53279 c:\windows\system32\dllcache\odbcji32.dll
+ 2004-08-11 22:00 . 2008-04-14 02:56 94208 c:\windows\system32\dllcache\odbcint.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 65536 c:\windows\system32\dllcache\odbccu32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 65536 c:\windows\system32\dllcache\odbccr32.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 69632 c:\windows\system32\dllcache\odbcconf.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 32768 c:\windows\system32\dllcache\odbcad32.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 16384 c:\windows\system32\dllcache\odbc32gt.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 26224 c:\windows\system32\dllcache\odbc16gt.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 17408 c:\windows\system32\dllcache\ocmsn.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 67584 c:\windows\system32\dllcache\ocmanage.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 15360 c:\windows\system32\dllcache\ocgen.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 65536 c:\windows\system32\dllcache\nwwks.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 55936 c:\windows\system32\dllcache\nwlnkspx.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 63232 c:\windows\system32\dllcache\nwlnknb.sys
+ 2004-08-11 22:00 . 2008-04-14 04:26 88320 c:\windows\system32\dllcache\nwlnkipx.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 32512 c:\windows\system32\dllcache\nwlnkfwd.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 12416 c:\windows\system32\dllcache\nwlnkflt.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 20480 c:\windows\system32\dllcache\nwcfg.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 64000 c:\windows\system32\dllcache\nwapi32.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 17408 c:\windows\system32\dllcache\nwapi16.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 15360 c:\windows\system32\dllcache\ntvdmd.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 36864 c:\windows\system32\dllcache\ntsdexts.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 31744 c:\windows\system32\dllcache\ntsd.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 91136 c:\windows\system32\dllcache\ntprint.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 62976 c:\windows\system32\dllcache\ntoc.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 36864 c:\windows\system32\dllcache\ntmsevt.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 40960 c:\windows\system32\dllcache\ntmsapi.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 14336 c:\windows\system32\dllcache\ntlanui2.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 57856 c:\windows\system32\dllcache\ntlanui.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 44032 c:\windows\system32\dllcache\ntlanman.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 34560 c:\windows\system32\dllcache\ntio804.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 35424 c:\windows\system32\dllcache\ntio412.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 35648 c:\windows\system32\dllcache\ntio411.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 34560 c:\windows\system32\dllcache\ntio404.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 33840 c:\windows\system32\dllcache\ntio.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 26112 c:\windows\system32\dllcache\ntdsbcli.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 67072 c:\windows\system32\dllcache\ntdsapi.dll
+ 2004-08-11 22:00 . 2004-08-04 10:00 29146 c:\windows\system32\dllcache\ntdos804.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 29274 c:\windows\system32\dllcache\ntdos412.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 29370 c:\windows\system32\dllcache\ntdos411.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 29146 c:\windows\system32\dllcache\ntdos404.sys
+ 2004-08-11 22:00 . 2004-08-04 10:00 27866 c:\windows\system32\dllcache\ntdos.sys
+ 2004-08-11 22:00 . 2008-04-14 09:42 76800 c:\windows\system32\dllcache\nslookup.exe
+ 2004-08-11 22:12 . 2008-04-14 09:42 10240 c:\windows\system32\dllcache\npwmsdrm.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 54784 c:\windows\system32\dllcache\npptools.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 15360 c:\windows\system32\dllcache\nppagent.exe
+ 2004-08-11 22:00 . 2008-04-14 04:02 30848 c:\windows\system32\dllcache\npfs.sys
+ 2004-08-11 22:12 . 2004-08-04 10:00 35328 c:\windows\system32\dllcache\notiflag.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 69120 c:\windows\system32\dllcache\notepad.exe
+ 2004-08-11 22:00 . 2008-04-14 04:23 40320 c:\windows\system32\dllcache\nmnt.sys
+ 2004-08-11 22:12 . 2008-04-14 09:42 28672 c:\windows\system32\dllcache\nmmkcert.dll
+ 2004-08-11 22:12 . 2004-08-04 10:00 12288 c:\windows\system32\dllcache\nmevtmsg.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 77824 c:\windows\system32\dllcache\nmcom.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 81920 c:\windows\system32\dllcache\nmchat.dll
+ 2004-08-11 22:12 . 2008-04-14 09:42 28672 c:\windows\system32\dllcache\nmasnt.dll
+ 2004-08-11 22:00 . 2008-03-07 17:02 98304 c:\windows\system32\dllcache\nlhtml.dll
+ 2001-08-17 18:24 . 2004-08-04 10:00 12032 c:\windows\system32\dllcache\nikedrv.sys
+ 2004-08-04 03:58 . 2008-04-14 04:21 61824 c:\windows\system32\dllcache\nic1394.sys
+ 2004-08-11 22:00 . 2008-04-14 09:42 80896 c:\windows\system32\dllcache\netui0.dll
+ 2004-08-11 22:00 . 2008-04-14 09:42 36864 c:\windows\system32\dllcache\netstat.exe
+ 2004-08-11 22:00 . 2008-04-14 09:42 86016 c:\windows\system32\dllcache\netsh.exe




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users