Jump to content


 

Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

malware infection

Started by GKing , Apr 26 2012 10:18 AM

  • This topic is locked This topic is locked
16 replies to this topic

#1 GKing

GKing

    Member

  • Members
  • PipPip
  • 92 posts
  • Gender:Male
  • Location:SFBayArea

Posted 26 April 2012 - 10:18 AM

Since last time I was here I took advice and stayed away from registry cleaners though I still have system machanic & Shield running. I reinstalled my system not more than 6 weeks ago and an not in a hurry to do it again. My hjt loog indictes LSP issues which LSPFix indicates nothing wrong. Also second to last time I ran combofix it indicated an access violation in one of the scan steps. I also would like to know if msconfigis running properly since in the section 'operating system' listing-theres an 'do not touch' debugger listing & Repair Console listing that seems to always stay (until recently) top if msconfig is selected as normal mode start-up. Comboxfix I suspect likely modified int. files I suspect. I should have Admin. rights, but feel locked out at times. Some times in safe mode Admin. the keyboard doesn't work-run cmd box-nothing. It took forever to run sfc /purge cache & the check disk utility also recently. Everything is running slower I I don't have a heavy background or start-up load on this cmp I would think. Thanks for you continuing help.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:56:24 AM, on 4/26/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Multimedia Card Reader\readericon10.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Qwiklinx - {3E7C8B5A-96AB-438F-BF9B-782400655440} - C:\Documents and Settings\Greg\Application Data\Qwiklinx\Qwiklinx.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Freecause Shopping BHO - {F9E44926-2497-46F3-8A25-928136AC079E} - C:\Program Files\Shop to Win 20\Shop to Win 20.dll
O4 - HKLM\..\Run: [readericon10] C:\Program Files\Multimedia Card Reader\readericon10.exe
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [iolo Startup] "C:\Program Files\iolo\Common\Lib\ioloLManager.exe"
O4 - HKLM\..\RunOnce: [InstallShieldSetup] C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /reboot{BB1DFC2A-8B34-4632-B3B3-AD037E500A00} /z
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Process Hacker 2] "C:\Program Files\Process Hacker 2\ProcessHacker.exe" -hide
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1332817847640
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: vseamps - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
O23 - Service: vsedsps - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
O23 - Service: vseqrts - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe

--
End of file - 5769 bytes

 

  • BC Ads
  • BleepingComputer.com

#2 m0le

m0le

    Let's get to work

  • Malware Response Instructor
  • PipPipPipPipPipPip
  • 32,574 posts
  • Gender:Male
  • Location:London, UK

Posted 28 April 2012 - 06:00 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


And

Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK
IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.


Then

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

If I have helped you fix your PC then please donate. Thanks

jetian6yw.jpg
m0le is a proud member of UNITE

#3 GKing

GKing

    Member

  • Members
  • PipPip
  • 92 posts
  • Gender:Male
  • Location:SFBayArea

Posted 28 April 2012 - 11:37 PM

I looked back into an prior LSP help event in my contents and found >>> Go to Start ... Run and type in cmd
A dos Window will appear.
Type in the dos window: netsh winsock reset
Click on the enter key. >>>Which I then tried and evidently hjt came up with no more locked files, but, even so now a fresh copy of my AV--System Shield gets DL corrupted...can win to lose. I had trouble with AOL fresh copys too.
Here's the logs and thanks for the attention mOle-really appreciate it. :thumbup2:

Attached Files


#4 m0le

m0le

    Let's get to work

  • Malware Response Instructor
  • PipPipPipPipPipPip
  • 32,574 posts
  • Gender:Male
  • Location:London, UK

Posted 29 April 2012 - 05:15 PM

Nothing so far, and the LSP entry is a legitimate antivirus from Iolo

Please run aswMBR first

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If I have helped you fix your PC then please donate. Thanks

jetian6yw.jpg
m0le is a proud member of UNITE

#5 GKing

GKing

    Member

  • Members
  • PipPip
  • 92 posts
  • Gender:Male
  • Location:SFBayArea

Posted 01 May 2012 - 04:05 AM

Here's the log m0le. Should also tell you I have an broken.opencommand issue that mbam picked up earlier...which of course keeps comming back. Might mean nothing though.

Attached Files


#6 m0le

m0le

    Let's get to work

  • Malware Response Instructor
  • PipPipPipPipPipPip
  • 32,574 posts
  • Gender:Male
  • Location:London, UK

Posted 01 May 2012 - 07:45 PM

Looks like a known problem. MalwareBytes look at it here

The aswMBR log looks fine too.

Please run OTL so we can have a manual search through the machine

We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

If I have helped you fix your PC then please donate. Thanks

jetian6yw.jpg
m0le is a proud member of UNITE

#7 GKing

GKing

    Member

  • Members
  • PipPip
  • 92 posts
  • Gender:Male
  • Location:SFBayArea

Posted 02 May 2012 - 02:46 PM

Here's the otl results-thanks.

#8 GKing

GKing

    Member

  • Members
  • PipPip
  • 92 posts
  • Gender:Male
  • Location:SFBayArea

Posted 02 May 2012 - 02:52 PM

:oopsign: btw...Sys Shield was holding on to trojans JS/Blacole.A,...marketing adware I think?

Attached Files


#9 GKing

GKing

    Member

  • Members
  • PipPip
  • 92 posts
  • Gender:Male
  • Location:SFBayArea

Posted 02 May 2012 - 03:03 PM

Somehow an older log got involved from 4/28? Not sure what happened-sorry but I'll post this form:

Here is new logs:
OTL Extras logfile created on: 5/2/2012 12:14:10 PM - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Documents and Settings\Greg\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.50 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 62.46% Memory free
4.35 Gb Paging File | 3.56 Gb Available in Paging File | 81.76% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 86.27 Gb Total Space | 74.85 Gb Free Space | 86.76% Space Free | Partition Type: NTFS

Computer Name: HOME-D0CEC6E9B2 | User Name: Greg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"67:UDP" = 67:UDP:*:Enabled:DHCP Discovery Service
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\acs\AOLDial.exe" = C:\Program Files\Common Files\AOL\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (America Online)
"C:\Program Files\Common Files\AOL\1335334141\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1335334141\ee\aolsoftware.exe:*:Enabled:AOL Shared Components
"C:\Program Files\AOL Desktop 9.7\waol.exe" = C:\Program Files\AOL Desktop 9.7\waol.exe:*:Enabled:AOL -- (AOL Inc.)
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL Inc.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL Inc.)
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL Inc.)
"C:\Program Files\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe" = C:\Program Files\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe:*:Enabled:AOL Browser -- (AOL Inc.)
"C:\Program Files\Common Files\AOL\acs\AOLacsd.exe" = C:\Program Files\Common Files\AOL\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)
"C:\Program Files\Common Files\AOL\1335498228\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1335498228\ee\aolsoftware.exe:*:Enabled:AOL Shared Components
"C:\Program Files\Common Files\AOL\1335632861\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1335632861\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL Inc.)
"C:\Program Files\iolo\System Shield\SysShield.exe" = C:\Program Files\iolo\System Shield\SysShield.exe:*:Enabled:iolo System Shield® -- (iolo technologies, LLC)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Dell Media Experience
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java™ 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java™ 6 Update 32
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2E497885-E60B-420A-832D-0148B392E058}_is1" = Qwiklinx
"{30DBAD4A-BA6D-4F9D-8AB0-2F6C7B0612A4}" = AVSDK5
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1" = iolo technologies' System Mechanic
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{882362E0-C71A-411B-B16F-46D1B66E1890}_is1" = iolo technologies' System Shield
"{96E16100-A77F-4B31-B9AD-FFBA040EE1BD}" = Sound Blaster Live!
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.1 MUI
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BB1DFC2A-8B34-4632-B3B3-AD037E500A00}" = Dynex 5-in-1 card reader
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{E303B395-E0C1-42E6-9EF9-F3BC23DEF2D7}" = Remote Printer Console
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"7-Zip" = 7-Zip 9.22beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AOL Toolbar" = AOL Toolbar
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"Creative PlayCenter 2.0" = Creative PlayCenter
"DocFetcher" = DocFetcher
"ESET Online Scanner" = ESET Online Scanner v3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"ie8" = Windows Internet Explorer 8
"InstallShield_{BB1DFC2A-8B34-4632-B3B3-AD037E500A00}" = Dynex 5-in-1 card reader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSNINST" = MSN
"PC Wizard 2012_is1" = PC Wizard 2012.2.0
"Process_Hacker2_is1" = Process Hacker 2.27 (r4957)
"PROSet" = Intel® PRO Network Connections Drivers
"SoftwareUpdUtility" = Download Updater (AOL Inc.)
"SpywareBlaster_is1" = SpywareBlaster 4.6
"ViewpointMediaPlayer" = Viewpoint Media Player
"Vision" = Vision
"Windows XP Service Pack" = Windows XP Service Pack 3
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1214440339-1708537768-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AOL Toolbar" = AOL Toolbar
"bd4d3a0508d364f5" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

[ iolo Applications Events ]
Error - 4/12/2012 1:39:39 PM | Computer Name = HOME-D0CEC6E9B2 | Source = System Shield | ID = 17
Description =

Error - 4/24/2012 10:04:34 PM | Computer Name = HOME-D0CEC6E9B2 | Source = System Shield | ID = 17
Description =

Error - 4/24/2012 10:45:06 PM | Computer Name = HOME-D0CEC6E9B2 | Source = System Shield | ID = 17
Description =

Error - 4/24/2012 10:49:45 PM | Computer Name = HOME-D0CEC6E9B2 | Source = System Shield | ID = 17
Description =

Error - 4/24/2012 11:36:46 PM | Computer Name = HOME-D0CEC6E9B2 | Source = System Shield | ID = 17
Description =

Error - 4/25/2012 12:39:30 AM | Computer Name = HOME-D0CEC6E9B2 | Source = System Shield | ID = 17
Description =

Error - 4/25/2012 3:29:36 PM | Computer Name = HOME-D0CEC6E9B2 | Source = System Shield | ID = 17
Description =

Error - 4/28/2012 2:47:21 PM | Computer Name = HOME-D0CEC6E9B2 | Source = System Shield | ID = 12
Description =

Error - 4/28/2012 2:47:21 PM | Computer Name = HOME-D0CEC6E9B2 | Source = System Shield | ID = 12
Description =

[ System Events ]
Error - 4/29/2012 12:56:58 AM | Computer Name = HOME-D0CEC6E9B2 | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate) service failed to start due to
the following error: %%3

Error - 4/29/2012 1:02:26 AM | Computer Name = HOME-D0CEC6E9B2 | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate) service failed to start due to
the following error: %%3

Error - 4/29/2012 2:29:36 AM | Computer Name = HOME-D0CEC6E9B2 | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate) service failed to start due to
the following error: %%3

Error - 4/29/2012 1:44:31 PM | Computer Name = HOME-D0CEC6E9B2 | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate) service failed to start due to
the following error: %%3

Error - 4/30/2012 10:57:19 AM | Computer Name = HOME-D0CEC6E9B2 | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate) service failed to start due to
the following error: %%3

Error - 5/1/2012 10:35:04 AM | Computer Name = HOME-D0CEC6E9B2 | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate) service failed to start due to
the following error: %%3

Error - 5/1/2012 3:17:39 PM | Computer Name = HOME-D0CEC6E9B2 | Source = Service Control Manager | ID = 7000
Description = The MBAMSwissArmy service failed to start due to the following error:
%%32

Error - 5/1/2012 8:12:46 PM | Computer Name = HOME-D0CEC6E9B2 | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate) service failed to start due to
the following error: %%3

Error - 5/2/2012 11:34:33 AM | Computer Name = HOME-D0CEC6E9B2 | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate) service failed to start due to
the following error: %%3

Error - 5/2/2012 11:37:55 AM | Computer Name = HOME-D0CEC6E9B2 | Source = DCOM | ID = 10010
Description = The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register
with DCOM within the required timeout.


< End of report >


OTL logfile created on: 5/2/2012 12:14:10 PM - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Documents and Settings\Greg\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.50 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 62.46% Memory free
4.35 Gb Paging File | 3.56 Gb Available in Paging File | 81.76% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 86.27 Gb Total Space | 74.85 Gb Free Space | 86.76% Space Free | Partition Type: NTFS

Computer Name: HOME-D0CEC6E9B2 | User Name: Greg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/02 12:11:27 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Greg\Desktop\OTL.exe
PRC - [2012/04/17 10:02:32 | 001,434,096 | ---- | M] (iolo technologies, LLC) -- C:\Program Files\iolo\System Shield\ioloSSTray.exe
PRC - [2012/04/17 09:30:36 | 001,047,336 | ---- | M] (iolo technologies, LLC) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2012/02/29 16:58:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/01/31 11:25:16 | 000,041,296 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.7\waol.exe
PRC - [2012/01/31 11:25:13 | 000,045,392 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.7\shellmon.exe
PRC - [2012/01/21 22:10:58 | 001,133,056 | ---- | M] (wj32) -- C:\Program Files\Process Hacker 2\ProcessHacker.exe
PRC - [2011/12/08 17:19:43 | 002,212,688 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe
PRC - [2011/11/29 16:11:58 | 000,039,240 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
PRC - [2011/09/28 11:59:10 | 000,097,088 | R--- | M] (Commtouch, Inc.) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
PRC - [2011/09/28 11:59:00 | 000,097,088 | R--- | M] (Commtouch, Inc.) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
PRC - [2011/01/17 18:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 18:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/03/08 00:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\AOL\1335632861\ee\aolsoftware.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/26 10:57:28 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2007/05/03 11:55:16 | 000,131,072 | ---- | M] () -- C:\Program Files\Multimedia Card Reader\readericon10.exe
PRC - [2006/10/23 05:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\acs\AOLacsd.exe
PRC - [2002/04/03 01:01:00 | 000,135,264 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/13 02:11:48 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2012/01/31 11:25:16 | 000,048,640 | ---- | M] () -- C:\Program Files\AOL Desktop 9.7\zlib.dll
MOD - [2012/01/31 11:25:06 | 000,094,208 | ---- | M] () -- C:\Program Files\AOL Desktop 9.7\components\Tier2Svc.dll
MOD - [2012/01/31 11:25:06 | 000,060,928 | ---- | M] () -- C:\Program Files\AOL Desktop 9.7\components\DataSvcs.dll
MOD - [2007/05/03 11:55:16 | 000,131,072 | ---- | M] () -- C:\Program Files\Multimedia Card Reader\readericon10.exe
MOD - [2004/04/11 19:57:44 | 000,040,960 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DirWatcher.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc -- (gupdatem) Google Update Service (gupdatem)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /svc -- (gupdate) Google Update Service (gupdate)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/04/17 09:30:36 | 001,047,336 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2012/04/13 14:07:33 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/02/29 16:58:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2011/09/28 11:59:12 | 000,142,144 | ---- | M] (Commtouch, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe -- (vseqrts)
SRV - [2011/09/28 11:59:10 | 000,097,088 | R--- | M] (Commtouch, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe -- (vsedsps)
SRV - [2011/09/28 11:59:00 | 000,097,088 | R--- | M] (Commtouch, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe -- (vseamps)
SRV - [2006/10/23 05:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Running] -- C:\Program Files\Common Files\AOL\acs\AOLacsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/02/07 16:46:02 | 000,024,328 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Program Files\CPUID\PC Wizard 2012\pcwiz_x32.sys -- (cpuz135)
DRV - [2011/09/28 12:12:32 | 000,138,048 | R--- | M] (Commtouch, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amp.sys -- (AMP)
DRV - [2011/09/28 12:12:28 | 001,189,184 | R--- | M] (Commtouch, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ampse.sys -- (AMPSE)
DRV - [2011/08/25 17:31:50 | 000,033,352 | ---- | M] (wj32) [Kernel | Disabled | Running] -- C:\Program Files\Process Hacker 2\kprocesshacker.sys -- (KProcessHacker2)
DRV - [2010/07/13 14:34:53 | 000,024,904 | ---- | M] (America Online) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\atwpkt2.sys -- (ATWPKT2)
DRV - [2008/04/13 11:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003/11/17 16:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 16:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 16:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/09/22 11:43:06 | 001,330,048 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P16X.sys -- (P16X) Creative SB Live! Series (WDM)
DRV - [2003/09/22 07:48:06 | 000,130,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/09/22 07:47:38 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2003/03/05 12:19:28 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PFMODNT.SYS -- (PfModNT)
DRV - [2003/01/10 14:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/22 09:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI)
DRV - [2001/08/17 12:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001/08/17 12:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001/08/17 12:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
IE - HKLM\..\SearchScopes,DefaultScope = {10429740-6E80-403F-9A74-506B8E012E5B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{10429740-6E80-403F-9A74-506B8E012E5B}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-aolrt-chromesbox-en-us&tb_uuid=20120428170937328&tb_oid=28-04-2012&tb_mrud=28-04-2012


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1214440339-1708537768-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://att.net/
IE - HKU\S-1-5-21-1214440339-1708537768-839522115-1004\..\URLSearchHook: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
IE - HKU\S-1-5-21-1214440339-1708537768-839522115-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1214440339-1708537768-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1214440339-1708537768-839522115-1004\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-aolrt-chromesbox-en-us&tb_uuid=20120428170937328&tb_oid=28-04-2012&tb_mrud=28-04-2012
IE - HKU\S-1-5-21-1214440339-1708537768-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



O1 HOSTS File: ([2012/04/25 11:28:41 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Qwiklinx) - {3E7C8B5A-96AB-438F-BF9B-782400655440} - C:\Documents and Settings\Greg\Application Data\Qwiklinx\Qwiklinx.dll (Qwiklinx, Inc.)
O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Shop to Win) - {F9E44926-2497-46F3-8A25-928136AC079E} - C:\Program Files\Shop to Win 20\Shop to Win 20.dll (Shop To Win, LLC)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1214440339-1708537768-839522115-1004\..\Toolbar\WebBrowser: (AOL Toolbar) - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1335632861\ee\aolsoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [iolo Startup] C:\Program Files\iolo\Common\Lib\ioloLManager.exe (iolo technologies, LLC)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [readericon10] C:\Program Files\Multimedia Card Reader\readericon10.exe ()
O4 - HKU\S-1-5-21-1214440339-1708537768-839522115-1004..\Run: [AOL Fast Start] C:\Program Files\AOL Desktop 9.7\AOL.EXE (AOL Inc.)
O4 - HKU\S-1-5-21-1214440339-1708537768-839522115-1004..\Run: [DocFetcher-Daemon] C:\Program Files\DocFetcher\docfetcher-daemon-win.exe File not found
O4 - HKU\S-1-5-21-1214440339-1708537768-839522115-1004..\Run: [Process Hacker 2] C:\Program Files\Process Hacker 2\ProcessHacker.exe (wj32)
O4 - Startup: C:\Documents and Settings\Greg\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1214440339-1708537768-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1214440339-1708537768-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1214440339-1708537768-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1214440339-1708537768-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1214440339-1708537768-839522115-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1214440339-1708537768-839522115-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O15 - HKU\S-1-5-21-1214440339-1708537768-839522115-1004\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1332817847640 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A10363B4-FFC0-4FF0-8A16-1E181A3FDEFE}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/03/18 13:36:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck)
O34 - HKLM BootExecute: (ǽ)
O34 - HKLM BootExecute: (Ƞѷ)
O34 - HKLM BootExecute: (autocheck)
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\Greg\Application Data\iolo\)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/02 12:11:14 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Greg\Desktop\OTL.exe
[2012/05/01 14:20:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Greg\Application Data\IObit
[2012/05/01 08:31:58 | 001,686,872 | ---- | C] (IObit) -- C:\Documents and Settings\Greg\Desktop\iobit-uninstaller.exe
[2012/04/30 22:00:26 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Greg\Desktop\aswMBR.exe
[2012/04/30 16:04:15 | 000,476,960 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\npdeployJava1.dll
[2012/04/30 16:04:15 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012/04/30 16:04:14 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012/04/30 16:04:14 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012/04/28 23:25:01 | 001,189,184 | R--- | C] (Commtouch, Inc.) -- C:\WINDOWS\System32\drivers\ampse.sys
[2012/04/28 23:25:00 | 000,138,048 | R--- | C] (Commtouch, Inc.) -- C:\WINDOWS\System32\drivers\amp.sys
[2012/04/28 23:24:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Authentium
[2012/04/28 23:24:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Authentium
[2012/04/28 23:24:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\System Shield
[2012/04/28 23:24:16 | 000,118,784 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\iavlsp.dll
[2012/04/28 13:06:51 | 000,000,000 | ---D | C] -- C:\Program Files\AOL Toolbar
[2012/04/28 13:06:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2012/04/28 13:04:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Greg\Local Settings\Application Data\AOL Toolbar
[2012/04/28 10:10:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AOL
[2012/04/28 10:09:45 | 000,058,696 | ---- | C] (AOL Inc.) -- C:\WINDOWS\System32\AOLParconLink.exe
[2012/04/28 10:09:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AOL Toolbar
[2012/04/28 10:08:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\AOL Downloads
[2012/04/28 10:08:24 | 000,033,588 | R--- | C] (America Online, Inc.) -- C:\WINDOWS\System32\drivers\wanatw4.sys
[2012/04/28 10:07:38 | 000,000,000 | ---D | C] -- C:\Program Files\AOL
[2012/04/28 10:07:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2012/04/28 10:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\aolshare
[2012/04/28 10:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\AOL Desktop 9.7
[2012/04/28 09:23:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Greg\Start Menu\Programs\DocFetcher
[2012/04/28 09:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\DocFetcher
[2012/04/28 09:11:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/04/26 22:44:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Vision
[2012/04/26 22:44:19 | 000,000,000 | ---D | C] -- C:\Program Files\Foundstone
[2012/04/26 22:43:55 | 000,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[2012/04/26 22:43:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Greg\WINDOWS
[2012/04/26 22:43:27 | 002,525,288 | ---- | C] (Foundstone, Inc.) -- C:\Documents and Settings\Greg\Desktop\visionsetup.exe
[2012/04/26 22:30:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Greg\Desktop\fport
[2012/04/26 20:36:12 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2012/04/26 20:36:10 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012/04/26 20:36:04 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2012/04/26 20:36:01 | 002,000,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2012/04/26 07:12:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\MakeBootableCard
[2012/04/26 07:12:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\command
[2012/04/26 06:56:20 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/04/26 06:56:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Greg\Start Menu\Programs\HiJackThis
[2012/04/25 12:22:00 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/04/25 12:16:29 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2012/04/25 12:16:25 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2012/04/25 12:16:17 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2012/04/25 12:16:10 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2012/04/25 12:16:02 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2012/04/25 12:16:00 | 000,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2012/04/25 12:15:57 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2012/04/25 12:15:56 | 000,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2012/04/25 12:15:54 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2012/04/25 12:15:31 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiacpi.sys
[2012/04/25 12:15:28 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2012/04/25 12:15:24 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2012/04/25 12:15:14 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2012/04/25 12:15:09 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2012/04/25 12:15:05 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2012/04/25 12:15:05 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2012/04/25 12:15:04 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2012/04/25 12:14:57 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2012/04/25 12:14:56 | 000,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2012/04/25 12:14:55 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2012/04/25 12:14:51 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2012/04/25 12:14:48 | 000,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2012/04/25 12:14:47 | 000,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2012/04/25 12:14:46 | 000,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2012/04/25 12:14:45 | 000,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2012/04/25 12:14:44 | 000,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2012/04/25 12:14:42 | 000,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2012/04/25 12:14:38 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2012/04/25 12:14:35 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2012/04/25 12:14:31 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2012/04/25 12:14:30 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2012/04/25 12:14:24 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2012/04/25 12:14:20 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2012/04/25 12:14:16 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2012/04/25 12:14:12 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2012/04/25 12:14:08 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2012/04/25 12:14:07 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viaide.sys
[2012/04/25 12:14:05 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2012/04/25 12:14:01 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2012/04/25 12:13:57 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2012/04/25 12:13:53 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2012/04/25 12:13:50 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2012/04/25 12:13:46 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2012/04/25 12:13:42 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2012/04/25 12:13:39 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2012/04/25 12:13:35 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2012/04/25 12:13:33 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2012/04/25 12:13:32 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2012/04/25 12:13:31 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbohci.sys
[2012/04/25 12:13:29 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2012/04/25 12:13:28 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2012/04/25 12:13:27 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2012/04/25 12:13:21 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2012/04/25 12:13:18 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2012/04/25 12:13:15 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2012/04/25 12:13:11 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2012/04/25 12:13:08 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2012/04/25 12:13:04 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2012/04/25 12:13:01 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2012/04/25 12:12:58 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2012/04/25 12:12:54 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2012/04/25 12:12:51 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2012/04/25 12:12:47 | 000,036,736 | ---- | C] (Promise Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ultra.sys
[2012/04/25 12:12:43 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2012/04/25 12:12:43 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2012/04/25 12:12:35 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2012/04/25 12:12:32 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2012/04/25 12:12:29 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2012/04/25 12:12:25 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2012/04/25 12:12:22 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2012/04/25 12:12:18 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2012/04/25 12:12:15 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2012/04/25 12:12:11 | 000,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2012/04/25 12:12:10 | 000,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2012/04/25 12:12:06 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2012/04/25 12:12:02 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toside.sys
[2012/04/25 12:11:59 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2012/04/25 12:11:55 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2012/04/25 12:11:52 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2012/04/25 12:11:48 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2012/04/25 12:11:45 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2012/04/25 12:11:40 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2012/04/25 12:11:36 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2012/04/25 12:11:35 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2012/04/25 12:11:34 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2012/04/25 12:11:31 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2012/04/25 12:11:28 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2012/04/25 12:11:27 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2012/04/25 12:11:27 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2012/04/25 12:11:20 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2012/04/25 12:11:16 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2012/04/25 12:11:13 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2012/04/25 12:11:10 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2012/04/25 12:11:04 | 000,032,640 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\symc8xx.sys
[2012/04/25 12:11:01 | 000,016,256 | ---- | C] (Symbios Logic Inc.) -- C:\WINDOWS\System32\dllcache\symc810.sys
[2012/04/25 12:10:58 | 000,030,688 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_u3.sys
[2012/04/25 12:10:55 | 000,028,384 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_hi.sys
[2012/04/25 12:10:51 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2012/04/25 12:10:48 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2012/04/25 12:10:45 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2012/04/25 12:10:42 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2012/04/25 12:10:39 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2012/04/25 12:10:36 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2012/04/25 12:10:32 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2012/04/25 12:10:31 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2012/04/25 12:10:28 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2012/04/25 12:10:24 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2012/04/25 12:10:21 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2012/04/25 12:10:17 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2012/04/25 12:10:12 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2012/04/25 12:10:08 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2012/04/25 12:10:08 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2012/04/25 12:10:00 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2012/04/25 12:09:55 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2012/04/25 12:09:52 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2012/04/25 12:09:49 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2012/04/25 12:09:46 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2012/04/25 12:09:42 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2012/04/25 12:09:39 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2012/04/25 12:09:36 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2012/04/25 12:09:33 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2012/04/25 12:09:32 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2012/04/25 12:09:32 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2012/04/25 12:09:28 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2012/04/25 12:09:28 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2012/04/25 12:09:27 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2012/04/25 12:09:24 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2012/04/25 12:09:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2012/04/25 12:09:20 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2012/04/25 12:09:19 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2012/04/25 12:09:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2012/04/25 12:09:16 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2012/04/25 12:09:12 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2012/04/25 12:09:09 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2012/04/25 12:09:06 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2012/04/25 12:09:03 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2012/04/25 12:09:02 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2012/04/25 12:09:01 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2012/04/25 12:09:01 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2012/04/25 12:08:58 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2012/04/25 12:08:55 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2012/04/25 12:08:54 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2012/04/25 12:08:51 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2012/04/25 12:08:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2012/04/25 12:08:50 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2012/04/25 12:08:50 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2012/04/25 12:08:47 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2012/04/25 12:08:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2012/04/25 12:08:46 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2012/04/25 12:08:46 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2012/04/25 12:08:45 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2012/04/25 12:08:45 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2012/04/25 12:08:44 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2012/04/25 12:08:44 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2012/04/25 12:08:44 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2012/04/25 12:08:39 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2012/04/25 12:08:37 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2012/04/25 12:08:34 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2012/04/25 12:08:31 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2012/04/25 12:08:27 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2012/04/25 12:08:24 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2012/04/25 12:08:23 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2012/04/25 12:08:20 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll
[2012/04/25 12:08:17 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys
[2012/04/25 12:08:14 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2012/04/25 12:08:11 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2012/04/25 12:08:08 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2012/04/25 12:08:04 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2012/04/25 12:08:03 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2012/04/25 12:07:50 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2012/04/25 12:07:47 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2012/04/25 12:07:43 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2012/04/25 12:07:40 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2012/04/25 12:07:35 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2012/04/25 12:07:32 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2012/04/25 12:07:32 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2012/04/25 12:07:28 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2012/04/25 12:07:26 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2012/04/25 12:07:23 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2012/04/25 12:07:23 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2012/04/25 12:07:19 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2012/04/25 12:07:16 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2012/04/25 12:07:13 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2012/04/25 12:07:09 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2012/04/25 12:07:08 | 000,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2012/04/25 12:07:02 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2012/04/25 12:06:59 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2012/04/25 12:06:56 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2012/04/25 12:06:53 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2012/04/25 12:06:50 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2012/04/25 12:06:47 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2012/04/25 12:06:44 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2012/04/25 12:06:41 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2012/04/25 12:06:38 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2012/04/25 12:06:35 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2012/04/25 12:06:32 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2012/04/25 12:06:29 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2012/04/25 12:06:25 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2012/04/25 12:06:22 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2012/04/25 12:06:22 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/04/25 12:06:21 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/04/25 12:06:18 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2012/04/25 12:06:17 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2012/04/25 12:06:14 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys
[2012/04/25 12:06:11 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2012/04/25 12:06:07 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2012/04/25 12:06:04 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2012/04/25 12:06:00 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2012/04/25 12:05:58 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2012/04/25 12:05:55 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2012/04/25 12:05:51 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2012/04/25 12:05:50 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2012/04/25 12:05:49 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2012/04/25 12:05:41 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2012/04/25 12:05:36 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2012/04/25 12:05:33 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2012/04/25 12:05:30 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2012/04/25 12:05:27 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2012/04/25 12:05:26 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2012/04/25 12:05:25 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2012/04/25 12:05:18 | 000,049,024 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1280.sys
[2012/04/25 12:05:15 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql1240.sys
[2012/04/25 12:05:12 | 000,045,312 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql12160.sys
[2012/04/25 12:05:09 | 000,033,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql10wnt.sys
[2012/04/25 12:05:05 | 000,040,320 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1080.sys
[2012/04/25 12:05:04 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2012/04/25 12:05:00 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2012/04/25 12:04:57 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2012/04/25 12:04:54 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2012/04/25 12:04:53 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2012/04/25 12:04:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2012/04/25 12:04:45 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2012/04/25 12:04:41 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2012/04/25 12:04:36 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2012/04/25 12:04:33 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2012/04/25 12:04:33 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2012/04/25 12:04:29 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2012/04/25 12:04:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2012/04/25 12:04:28 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2012/04/25 12:04:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2012/04/25 12:04:20 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2012/04/25 12:04:17 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2012/04/25 12:04:14 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2012/04/25 12:04:11 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2012/04/25 12:04:08 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2012/04/25 12:04:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2012/04/25 12:04:02 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2012/04/25 12:04:01 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2012/04/25 12:04:00 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2012/04/25 12:03:59 | 000,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2012/04/25 12:03:59 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2012/04/25 12:03:55 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2hib.sys
[2012/04/25 12:03:52 | 000,027,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2.sys
[2012/04/25 12:03:51 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2012/04/25 12:03:48 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2012/04/25 12:03:45 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2012/04/25 12:03:42 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2012/04/25 12:03:39 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2012/04/25 12:03:36 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2012/04/25 12:03:35 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2012/04/25 12:03:32 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2012/04/25 12:03:31 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2012/04/25 12:03:31 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2012/04/25 12:03:26 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2012/04/25 12:03:24 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2012/04/25 12:03:21 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2012/04/25 12:03:18 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2012/04/25 12:03:15 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2012/04/25 12:03:12 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2012/04/25 12:03:09 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2012/04/25 12:03:06 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2012/04/25 12:03:03 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2012/04/25 12:03:00 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2012/04/25 12:02:57 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2012/04/25 12:02:54 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2012/04/25 12:02:51 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2012/04/25 12:02:48 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2012/04/25 12:02:45 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2012/04/25 12:02:41 | 000,061,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ohci1394.sys
[2012/04/25 12:02:28 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2012/04/25 12:02:25 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2012/04/25 12:02:18 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2012/04/25 12:02:18 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2012/04/25 12:02:14 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2012/04/25 12:02:11 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2012/04/25 12:02:11 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2012/04/25 12:02:06 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2012/04/25 12:02:02 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2012/04/25 12:01:57 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2012/04/25 12:01:56 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2012/04/25 12:01:50 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2012/04/25 12:01:47 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2012/04/25 12:01:44 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2012/04/25 12:01:41 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2012/04/25 12:01:40 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2012/04/25 12:01:38 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2012/04/25 12:01:35 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2012/04/25 12:01:33 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2012/04/25 12:01:30 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2012/04/25 12:01:27 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2012/04/25 12:01:24 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2012/04/25 12:01:22 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2012/04/25 12:01:19 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2012/04/25 12:01:16 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2012/04/25 12:01:13 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2012/04/25 12:01:10 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2012/04/25 12:01:07 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2012/04/25 12:01:05 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2012/04/25 12:01:01 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2012/04/25 12:01:01 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2012/04/25 12:00:54 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2012/04/25 12:00:42 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2012/04/25 12:00:41 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2012/04/25 12:00:36 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2012/04/25 12:00:28 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys
[2012/04/25 12:00:26 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2012/04/25 12:00:26 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2012/04/25 12:00:25 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2012/04/25 12:00:10 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2012/04/25 12:00:06 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2012/04/25 12:00:05 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2012/04/25 11:59:58 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2012/04/25 11:59:55 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2012/04/25 11:59:45 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2012/04/25 11:59:44 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe
[2012/04/25 11:59:41 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2012/04/25 11:59:38 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2012/04/25 11:59:37 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2012/04/25 11:59:37 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2012/04/25 11:59:34 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2012/04/25 11:59:31 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2012/04/25 11:59:28 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2012/04/25 11:59:25 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2012/04/25 11:59:21 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2012/04/25 11:59:21 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2012/04/25 11:59:18 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2012/04/25 11:59:15 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2012/04/25 11:59:12 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2012/04/25 11:59:09 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2012/04/25 11:59:08 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2012/04/25 11:59:03 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2012/04/25 11:59:00 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2012/04/25 11:59:00 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2012/04/25 11:58:59 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2012/04/25 11:58:57 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2012/04/25 11:58:56 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2012/04/25 11:58:53 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2012/04/25 11:58:50 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2012/04/25 11:58:46 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2012/04/25 11:58:44 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2012/04/25 11:58:41 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2012/04/25 11:58:38 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2012/04/25 11:58:37 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2012/04/25 11:58:35 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2012/04/25 11:58:32 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2012/04/25 11:58:31 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2012/04/25 11:58:31 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2012/04/25 11:58:30 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2012/04/25 11:58:24 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2012/04/25 11:58:00 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2012/04/25 11:57:58 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2012/04/25 11:57:57 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2012/04/25 11:57:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2012/04/25 11:57:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2012/04/25 11:57:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2012/04/25 11:57:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2012/04/25 11:57:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2012/04/25 11:57:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2012/04/25 11:57:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2012/04/25 11:57:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2012/04/25 11:57:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2012/04/25 11:57:52 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2012/04/25 11:57:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2012/04/25 11:57:51 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2012/04/25 11:57:48 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2012/04/25 11:57:46 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2012/04/25 11:57:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2012/04/25 11:57:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2012/04/25 11:57:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2012/04/25 11:57:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2012/04/25 11:57:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2012/04/25 11:57:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2012/04/25 11:57:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2012/04/25 11:57:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2012/04/25 11:57:41 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2012/04/25 11:57:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2012/04/25 11:57:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2012/04/25 11:57:32 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2012/04/25 11:57:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2012/04/25 11:57:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2012/04/25 11:57:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2012/04/25 11:57:29 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2012/04/25 11:57:29 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2012/04/25 11:57:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2012/04/25 11:57:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2012/04/25 11:57:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2012/04/25 11:57:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2012/04/25 11:57:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2012/04/25 11:57:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2012/04/25 11:57:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2012/04/25 11:57:18 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2012/04/25 11:57:12 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2012/04/25 11:57:10 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2012/04/25 11:57:09 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2012/04/25 11:57:07 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2012/04/25 11:57:06 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2012/04/25 11:57:05 | 000,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2012/04/25 11:57:04 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2012/04/25 11:57:00 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2012/04/25 11:56:57 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2012/04/25 11:56:55 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2012/04/25 11:56:51 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2012/04/25 11:56:48 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ini910u.sys
[2012/04/25 11:56:45 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2012/04/25 11:56:44 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2012/04/25 11:56:42 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2012/04/25 11:56:38 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2012/04/25 11:56:35 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2012/04/25 11:56:34 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2012/04/25 11:56:33 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2012/04/25 11:56:23 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2012/04/25 11:56:21 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2012/04/25 11:56:18 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2012/04/25 11:56:15 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2012/04/25 11:56:13 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2012/04/25 11:56:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2012/04/25 11:56:08 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2012/04/25 11:56:06 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2012/04/25 11:56:03 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2012/04/25 11:56:01 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2012/04/25 11:55:58 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2012/04/25 11:55:56 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2012/04/25 11:55:53 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2012/04/25 11:55:50 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2012/04/25 11:55:49 | 000,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2012/04/25 11:55:48 | 000,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2012/04/25 11:55:45 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2012/04/25 11:55:41 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2012/04/25 11:55:40 | 000,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omp.sys
[2012/04/25 11:55:39 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2012/04/25 11:55:37 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2012/04/25 11:55:19 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2012/04/25 11:55:09 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2012/04/25 11:55:07 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2012/04/25 11:55:05 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2012/04/25 11:55:02 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2012/04/25 11:55:00 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2012/04/25 11:54:57 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2012/04/25 11:54:55 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2012/04/25 11:54:52 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2012/04/25 11:54:50 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2012/04/25 11:54:47 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2012/04/25 11:54:45 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2012/04/25 11:54:43 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2012/04/25 11:54:40 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2012/04/25 11:54:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2012/04/25 11:54:35 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2012/04/25 11:54:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2012/04/25 11:54:30 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2012/04/25 11:54:28 | 000,025,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpn.sys
[2012/04/25 11:54:25 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2012/04/25 11:54:23 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2012/04/25 11:54:18 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2012/04/25 11:54:14 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2012/04/25 11:54:09 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2012/04/25 11:54:04 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2012/04/25 11:54:00 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2012/04/25 11:53:56 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2012/04/25 11:53:56 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2012/04/25 11:53:53 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2012/04/25 11:53:53 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2012/04/25 11:53:49 | 000,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2012/04/25 11:53:49 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2012/04/25 11:53:44 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2012/04/25 11:53:42 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2012/04/25 11:53:39 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2012/04/25 11:53:37 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2012/04/25 11:53:34 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2012/04/25 11:53:32 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2012/04/25 11:53:30 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2012/04/25 11:53:28 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2012/04/25 11:53:26 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2012/04/25 11:52:59 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2012/04/25 11:52:59 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2012/04/25 11:52:56 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2012/04/25 11:52:55 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2012/04/25 11:52:52 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2012/04/25 11:52:50 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2012/04/25 11:52:48 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2012/04/25 11:52:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2012/04/25 11:52:42 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2012/04/25 11:52:39 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2012/04/25 11:52:37 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2012/04/25 11:52:36 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2012/04/25 11:52:34 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2012/04/25 11:52:33 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2012/04/25 11:52:28 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2012/04/25 11:52:22 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2012/04/25 11:52:22 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2012/04/25 11:52:19 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2012/04/25 11:52:17 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2012/04/25 11:52:15 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2012/04/25 11:52:13 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2012/04/25 11:52:11 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2012/04/25 11:52:09 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2012/04/25 11:52:08 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2012/04/25 11:52:07 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2012/04/25 11:52:05 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2012/04/25 11:52:03 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2012/04/25 11:52:03 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2012/04/25 11:52:01 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2012/04/25 11:52:00 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2012/04/25 11:51:56 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2012/04/25 11:51:55 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2012/04/25 11:51:53 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2012/04/25 11:51:51 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2012/04/25 11:51:49 | 000,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2012/04/25 11:51:47 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2012/04/25 11:51:45 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2012/04/25 11:51:43 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2012/04/25 11:51:41 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2012/04/25 11:51:39 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2012/04/25 11:51:37 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2012/04/25 11:51:36 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2012/04/25 11:51:34 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2012/04/25 11:51:32 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2012/04/25 11:51:30 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2012/04/25 11:51:28 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2012/04/25 11:51:26 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2012/04/25 11:51:25 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\enum1394.sys
[2012/04/25 11:51:20 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2012/04/25 11:51:19 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2012/04/25 11:51:17 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2012/04/25 11:51:16 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2012/04/25 11:51:15 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2012/04/25 11:51:13 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2012/04/25 11:51:12 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2012/04/25 11:51:10 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2012/04/25 11:51:09 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2012/04/25 11:51:08 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2012/04/25 11:51:06 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2012/04/25 11:51:05 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2012/04/25 11:51:03 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2012/04/25 11:51:02 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2012/04/25 11:51:01 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2012/04/25 11:50:59 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2012/04/25 11:50:58 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2012/04/25 11:50:57 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2012/04/25 11:50:52 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2012/04/25 11:50:50 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2012/04/25 11:50:45 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2012/04/25 11:50:44 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2012/04/25 11:50:41 | 000,020,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpti2o.sys
[2012/04/25 11:50:39 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2012/04/25 11:50:38 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2012/04/25 11:50:36 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2012/04/25 11:50:35 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2012/04/25 11:50:34 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2012/04/25 11:50:30 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2012/04/25 11:50:30 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2012/04/25 11:50:28 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2012/04/25 11:50:27 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2012/04/25 11:50:21 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2012/04/25 11:50:20 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2012/04/25 11:50:18 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2012/04/25 11:50:17 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2012/04/25 11:50:15 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2012/04/25 11:50:13 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2012/04/25 11:50:12 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2012/04/25 11:50:11 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2012/04/25 11:50:10 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2012/04/25 11:50:08 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2012/04/25 11:50:07 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2012/04/25 11:50:06 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2012/04/25 11:50:04 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2012/04/25 11:50:03 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2012/04/25 11:50:02 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2012/04/25 11:50:00 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2012/04/25 11:49:59 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2012/04/25 11:49:58 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2012/04/25 11:49:55 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2012/04/25 11:49:54 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2012/04/25 11:49:52 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2012/04/25 11:49:51 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2012/04/25 11:49:49 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2012/04/25 11:49:48 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2012/04/25 11:49:46 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2012/04/25 11:49:45 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2012/04/25 11:49:44 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2012/04/25 11:49:42 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2012/04/25 11:49:41 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2012/04/25 11:49:38 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dac960nt.sys
[2012/04/25 11:49:36 | 000,179,584 | ---- | C] (Mylex Corporation) -- C:\WINDOWS\System32\dllcache\dac2w2k.sys
[2012/04/25 11:49:34 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2012/04/25 11:49:33 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2012/04/25 11:49:31 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2012/04/25 11:49:30 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2012/04/25 11:49:29 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2012/04/25 11:49:28 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2012/04/25 11:49:27 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2012/04/25 11:49:25 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2012/04/25 11:49:24 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2012/04/25 11:49:24 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2012/04/25 11:49:22 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2012/04/25 11:49:21 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2012/04/25 11:49:20 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2012/04/25 11:49:19 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2012/04/25 11:49:18 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2012/04/25 11:49:16 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2012/04/25 11:49:16 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2012/04/25 11:49:15 | 000,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2012/04/25 11:49:13 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2012/04/25 11:49:12 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2012/04/25 11:49:10 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2012/04/25 11:49:09 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2012/04/25 11:49:09 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2012/04/25 11:49:05 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2012/04/25 11:49:04 | 000,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2012/04/25 11:49:02 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cpqarray.sys
[2012/04/25 11:48:59 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compbatt.sys
[2012/04/25 11:48:57 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2012/04/25 11:48:56 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2012/04/25 11:48:54 | 000,006,656 | ---- | C] (CMD Technology, Inc.) -- C:\WINDOWS\System32\dllcache\cmdide.sys
[2012/04/25 11:48:52 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2012/04/25 11:48:52 | 000,013,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmbatt.sys
[2012/04/25 11:48:51 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2012/04/25 11:48:50 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2012/04/25 11:48:49 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2012/04/25 11:48:48 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2012/04/25 11:48:47 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2012/04/25 11:48:44 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2012/04/25 11:48:42 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2012/04/25 11:48:40 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2012/04/25 11:48:40 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2012/04/25 11:48:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2012/04/25 11:48:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2012/04/25 11:48:37 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2012/04/25 11:48:36 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2012/04/25 11:48:36 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2012/04/25 11:48:32 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2012/04/25 11:48:31 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2012/04/25 11:48:30 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2012/04/25 11:48:29 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2012/04/25 11:48:28 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2012/04/25 11:48:26 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cd20xrnt.sys
[2012/04/25 11:48:25 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2012/04/25 11:48:25 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2012/04/25 11:48:24 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2012/04/25 11:48:23 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2012/04/25 11:48:22 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2012/04/25 11:48:20 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2012/04/25 11:48:19 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2012/04/25 11:48:18 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2012/04/25 11:48:18 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/04/25 11:48:17 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2012/04/25 11:48:16 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2012/04/25 11:48:15 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2012/04/25 11:48:14 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2012/04/25 11:48:14 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2012/04/25 11:48:13 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2012/04/25 11:48:12 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2012/04/25 11:48:11 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2012/04/25 11:48:10 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2012/04/25 11:48:10 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2012/04/25 11:47:35 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2012/04/25 11:47:34 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2012/04/25 11:47:33 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2012/04/25 11:47:33 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2012/04/25 11:47:32 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2012/04/25 11:47:31 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2012/04/25 11:47:30 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2012/04/25 11:47:30 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2012/04/25 11:47:29 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2012/04/25 11:47:27 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2012/04/25 11:47:27 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2012/04/25 11:47:26 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2012/04/25 11:47:25 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2012/04/25 11:47:25 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2012/04/25 11:47:24 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2012/04/25 11:47:23 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2012/04/25 11:47:23 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2012/04/25 11:47:22 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2012/04/25 11:47:21 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2012/04/25 11:47:20 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2012/04/25 11:47:19 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2012/04/25 11:47:15 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2012/04/25 11:47:15 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2012/04/25 11:47:14 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2012/04/25 11:47:13 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2012/04/25 11:47:13 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2012/04/25 11:47:12 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2012/04/25 11:47:11 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\battc.sys
[2012/04/25 11:47:10 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2012/04/25 11:47:09 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2012/04/25 11:47:08 | 000,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2012/04/25 11:47:08 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2012/04/25 11:47:07 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2012/04/25 11:47:06 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2012/04/25 11:47:06 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2012/04/25 11:47:05 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2012/04/25 11:47:04 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2012/04/25 11:47:03 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2012/04/25 11:47:03 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2012/04/25 11:46:55 | 000,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2012/04/25 11:46:54 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2012/04/25 11:46:52 | 000,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2012/04/25 11:46:52 | 000,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2012/04/25 11:46:51 | 000,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2012/04/25 11:46:50 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2012/04/25 11:46:49 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2012/04/25 11:46:49 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2012/04/25 11:46:48 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2012/04/25 11:46:44 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2012/04/25 11:46:43 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2012/04/25 11:46:43 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2012/04/25 11:46:42 | 000,014,848 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc3550.sys
[2012/04/25 11:46:41 | 000,026,496 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc.sys
[2012/04/25 11:46:41 | 000,022,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asc3350p.sys
[2012/04/25 11:46:40 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2012/04/25 11:46:39 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2012/04/25 11:46:38 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2012/04/25 11:46:38 | 000,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amsint.sys
[2012/04/25 11:46:37 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2012/04/25 11:46:36 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2012/04/25 11:46:36 | 000,005,248 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\aliide.sys
[2012/04/25 11:46:35 | 000,056,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78xx.sys
[2012/04/25 11:46:35 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2012/04/25 11:46:34 | 000,055,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78u2.sys
[2012/04/25 11:46:33 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aha154x.sys
[2012/04/25 11:46:29 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2012/04/25 11:46:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2012/04/25 11:46:23 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adpu160m.sys
[2012/04/25 11:46:23 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2012/04/25 11:46:22 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2012/04/25 11:46:22 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2012/04/25 11:46:21 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2012/04/25 11:46:20 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2012/04/25 11:46:20 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2012/04/25 11:46:19 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2012/04/25 11:46:18 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2012/04/25 11:46:17 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2012/04/25 11:46:17 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2012/04/25 11:46:16 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2012/04/25 11:46:16 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2012/04/25 11:46:15 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2012/04/25 11:46:15 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\abp480n5.sys
[2012/04/25 11:46:14 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2012/04/25 11:46:13 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2012/04/25 11:46:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2012/04/25 11:46:12 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2012/04/25 11:46:12 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2012/04/25 11:46:11 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2012/04/25 11:46:11 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394bus.sys
[2012/04/25 11:46:11 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2012/04/25 11:45:29 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2012/04/17 21:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Greg\Application Data\ElevatedDiagnostics
[2012/04/17 09:30:40 | 001,053,464 | ---- | C] (Toolwiz ) -- C:\Documents and Settings\Greg\Desktop\Setup_TimeFreeze.exe
[2012/04/14 14:13:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Greg\Application Data\OpenOffice.org
[2012/04/13 02:18:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Greg\.swt
[2012/04/13 02:18:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Greg\Local Settings\Application Data\Copy Handler
[2012/04/13 02:16:48 | 001,765,529 | ---- | C] (wj32 ) -- C:\Documents and Settings\Greg\My Documents\processhacker-2.27-setup.exe
[2012/04/13 02:15:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
[2012/04/13 02:15:46 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012/04/13 02:11:35 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3
[2012/04/13 02:10:08 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2012/04/13 02:08:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Greg\Desktop\OpenOffice.org 3.3 (en-US) Installation Files
[2012/04/12 22:17:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Greg\Application Data\Process Hacker 2
[2012/04/12 22:15:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Process Hacker 2
[2012/04/12 22:15:16 | 000,000,000 | ---D | C] -- C:\Program Files\Process Hacker 2
[2012/04/12 22:14:40 | 003,212,078 | ---- | C] (http://winmerge.org ) -- C:\Documents and Settings\Greg\My Documents\WinMerge-2.12.4-Setup.exe
[2012/04/12 14:01:54 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/04/12 10:03:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Greg\Application Data\blekkotb_019
[2012/04/12 10:01:47 | 000,000,000 | ---D | C] -- C:\Program Files\Qwiklinx
[2012/04/12 10:01:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Greg\Application Data\Qwiklinx
[2012/04/12 10:01:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Greg\Application Data\FCSB000063941
[2012/04/12 10:01:33 | 000,000,000 | ---D | C] -- C:\Program Files\Shop to Win 20
[2012/04/12 10:00:01 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
[2012/04/12 09:59:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\blekko toolbars
[2012/04/12 09:59:07 | 000,000,000 | ---D | C] -- C:\Program Files\blekkotb_soc
[2012/04/08 10:02:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\System Mechanic
[2012/04/08 10:02:55 | 002,095,816 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\Incinerator32.dll
[2012/04/08 10:02:51 | 000,056,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\offreg.dll
[2012/04/08 10:02:51 | 000,033,280 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\iolobtdfg.exe
[2012/04/08 10:02:51 | 000,015,360 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\smrgdf.exe
[2012/04/08 09:59:32 | 000,000,000 | ---D | C] -- C:\iolo
[2012/04/06 08:22:36 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/02 12:11:27 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Greg\Desktop\OTL.exe
[2012/05/02 12:06:27 | 000,000,408 | ---- | M] () -- C:\WINDOWS\System32\iolo.ini
[2012/05/02 12:06:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/02 08:32:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/01 12:21:53 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\Greg\Desktop\HiJackThis.lnk
[2012/05/01 08:32:14 | 001,686,872 | ---- | M] (IObit) -- C:\Documents and Settings\Greg\Desktop\iobit-uninstaller.exe
[2012/05/01 01:53:55 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Greg\Desktop\MBR.dat
[2012/04/30 22:00:28 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Greg\Desktop\aswMBR.exe
[2012/04/30 16:03:35 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012/04/30 16:03:35 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012/04/30 16:03:35 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012/04/30 16:03:35 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012/04/30 16:03:34 | 000,476,960 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\npdeployJava1.dll
[2012/04/30 16:03:34 | 000,472,864 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2012/04/28 23:24:43 | 000,001,687 | ---- | M] () -- C:\Documents and Settings\Greg\Desktop\System Shield.lnk
[2012/04/28 23:24:43 | 000,001,585 | ---- | M] () -- C:\Documents and Settings\Greg\Application Data\Microsoft\Internet Explorer\Quick Launch\System Shield.lnk
[2012/04/28 22:07:00 | 000,459,696 | ---- | M] () -- C:\Documents and Settings\Greg\Desktop\ss_dm.exe
[2012/04/28 22:01:53 | 000,122,136 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/04/28 20:41:35 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Greg\defogger_reenable
[2012/04/28 10:10:18 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AOL Desktop 9.7.lnk
[2012/04/28 10:10:17 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/04/28 09:42:24 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/04/28 09:30:39 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Greg\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/28 08:20:51 | 000,000,006 | ---- | M] () -- C:\WINDOWS\msoffice.ini
[2012/04/27 20:32:09 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/04/26 22:43:31 | 002,525,288 | ---- | M] (Foundstone, Inc.) -- C:\Documents and Settings\Greg\Desktop\visionsetup.exe
[2012/04/26 22:38:23 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Greg\fport
[2012/04/26 22:30:19 | 000,057,843 | ---- | M] () -- C:\Documents and Settings\Greg\My Documents\fport.zip
[2012/04/26 06:59:40 | 000,201,030 | ---- | M] () -- C:\Documents and Settings\Greg\Desktop\lspfix.zip
[2012/04/26 06:49:52 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Greg\Desktop\HiJackThis.msi
[2012/04/25 18:45:18 | 000,294,216 | ---- | M] () -- C:\Documents and Settings\Greg\My Documents\gmer.zip
[2012/04/25 11:28:41 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/04/25 07:23:37 | 000,223,610 | ---- | M] () -- C:\Documents and Settings\Greg\Desktop\hjt.exe
[2012/04/24 19:00:54 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Greg\Desktop\Haywardpolicereport
[2012/04/19 06:30:40 | 000,003,418 | ---- | M] () -- C:\Documents and Settings\Greg\My Documents\System Mechanic PC Report 12-04-19.html
[2012/04/18 20:06:41 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\Greg\Desktop\System Mechanic.lnk
[2012/04/17 10:11:44 | 000,033,280 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\iolobtdfg.exe
[2012/04/17 10:11:34 | 000,015,360 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\smrgdf.exe
[2012/04/17 09:37:02 | 002,095,816 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\Incinerator32.dll
[2012/04/17 09:30:49 | 001,053,464 | ---- | M] (Toolwiz ) -- C:\Documents and Settings\Greg\Desktop\Setup_TimeFreeze.exe
[2012/04/17 08:25:20 | 000,118,784 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\iavlsp.dll
[2012/04/16 15:29:55 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012/04/14 14:31:17 | 000,009,061 | ---- | M] () -- C:\Documents and Settings\Greg\My Documents\Untitled 1.odt
[2012/04/14 14:14:44 | 000,000,864 | ---- | M] () -- C:\Documents and Settings\Greg\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2012/04/13 14:07:31 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/04/13 14:07:27 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/04/13 02:18:20 | 000,000,674 | ---- | M] () -- C:\Documents and Settings\Greg\My Documents\Copy Handler.lnk
[2012/04/13 02:11:36 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.3.lnk
[2012/04/12 22:15:17 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\Greg\Application Data\Microsoft\Internet Explorer\Quick Launch\Process Hacker 2.lnk
[2012/04/12 22:15:17 | 000,001,711 | ---- | M] () -- C:\Documents and Settings\Greg\Desktop\Process Hacker 2.lnk
[2012/04/12 22:10:56 | 001,765,529 | ---- | M] (wj32 ) -- C:\Documents and Settings\Greg\My Documents\processhacker-2.27-setup.exe
[2012/04/12 22:06:58 | 001,191,936 | ---- | M] () -- C:\Documents and Settings\Greg\Desktop\sfk165.exe
[2012/04/12 21:54:00 | 034,051,839 | ---- | M] () -- C:\Documents and Settings\Greg\Desktop\docfetcher_1.1-beta6_win32_setup.exe
[2012/04/12 21:38:36 | 004,090,912 | ---- | M] () -- C:\Documents and Settings\Greg\Desktop\ir052.exe
[2012/04/12 21:30:53 | 003,212,078 | ---- | M] (http://winmerge.org ) -- C:\Documents and Settings\Greg\My Documents\WinMerge-2.12.4-Setup.exe
[2012/04/12 10:45:59 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Greg\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/04/12 10:45:59 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/11 18:09:10 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/04/11 18:09:10 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/04/08 10:08:37 | 000,000,406 | ---- | M] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg
[2012/04/08 10:02:57 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\Greg\Application Data\Microsoft\Internet Explorer\Quick Launch\System Mechanic.lnk
[2012/04/08 10:00:30 | 000,459,696 | ---- | M] () -- C:\Documents and Settings\Greg\Desktop\sm_dm.exe
[2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/01 01:53:55 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Greg\Desktop\MBR.dat
[2012/04/28 23:31:09 | 000,000,408 | ---- | C] () -- C:\WINDOWS\System32\iolo.ini
[2012/04/28 23:24:43 | 000,001,687 | ---- | C] () -- C:\Documents and Settings\Greg\Desktop\System Shield.lnk
[2012/04/28 23:24:43 | 000,001,585 | ---- | C] () -- C:\Documents and Settings\Greg\Application Data\Microsoft\Internet Explorer\Quick Launch\System Shield.lnk
[2012/04/28 22:06:56 | 000,459,696 | ---- | C] () -- C:\Documents and Settings\Greg\Desktop\ss_dm.exe
[2012/04/28 20:41:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Greg\defogger_reenable
[2012/04/28 10:10:18 | 000,000,756 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AOL Desktop 9.7.lnk
[2012/04/28 09:30:38 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Greg\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/27 20:23:18 | 000,000,864 | ---- | C] () -- C:\Documents and Settings\Greg\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2012/04/26 22:37:01 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Greg\fport
[2012/04/26 22:30:42 | 000,057,843 | ---- | C] () -- C:\Documents and Settings\Greg\My Documents\fport.zip
[2012/04/26 07:08:56 | 000,294,216 | ---- | C] () -- C:\Documents and Settings\Greg\My Documents\gmer.zip
[2012/04/26 07:08:28 | 000,011,445 | ---- | C] () -- C:\Documents and Settings\Greg\My Documents\LSPFix-source.zip
[2012/04/26 07:05:00 | 000,011,445 | ---- | C] () -- C:\Documents and Settings\Greg\Desktop\LSPFix-source.zip
[2012/04/26 06:59:38 | 000,201,030 | ---- | C] () -- C:\Documents and Settings\Greg\Desktop\lspfix.zip
[2012/04/26 06:56:20 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\Greg\Desktop\HiJackThis.lnk
[2012/04/26 06:49:51 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Greg\Desktop\HiJackThis.msi
[2012/04/25 12:16:24 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2012/04/25 12:16:20 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2012/04/25 12:04:49 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012/04/25 12:04:44 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012/04/25 12:00:06 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012/04/25 11:58:00 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/04/25 11:56:30 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/04/25 11:54:21 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2012/04/25 11:54:16 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2012/04/25 11:54:12 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2012/04/25 11:54:07 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2012/04/25 11:54:02 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2012/04/25 11:53:48 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/04/25 11:50:26 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2012/04/25 11:50:24 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2012/04/25 11:50:23 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2012/04/25 11:47:00 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2012/04/25 11:47:00 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2012/04/25 11:46:59 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2012/04/25 11:46:58 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2012/04/25 11:46:57 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2012/04/25 11:46:57 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2012/04/25 11:46:56 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2012/04/25 11:46:55 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2012/04/25 11:46:54 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2012/04/25 11:46:47 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2012/04/25 07:23:37 | 000,223,610 | ---- | C] () -- C:\Documents and Settings\Greg\Desktop\hjt.exe
[2012/04/24 18:55:37 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Greg\Desktop\Haywardpolicereport
[2012/04/24 13:27:27 | 000,000,006 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2012/04/19 06:30:40 | 000,003,418 | ---- | C] () -- C:\Documents and Settings\Greg\My Documents\System Mechanic PC Report 12-04-19.html
[2012/04/14 14:31:15 | 000,009,061 | ---- | C] () -- C:\Documents and Settings\Greg\My Documents\Untitled 1.odt
[2012/04/13 02:20:55 | 000,000,674 | ---- | C] () -- C:\Documents and Settings\Greg\My Documents\Copy Handler.lnk
[2012/04/13 02:11:36 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.3.lnk
[2012/04/12 22:15:17 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\Greg\Application Data\Microsoft\Internet Explorer\Quick Launch\Process Hacker 2.lnk
[2012/04/12 22:15:17 | 000,001,711 | ---- | C] () -- C:\Documents and Settings\Greg\Desktop\Process Hacker 2.lnk
[2012/04/12 22:06:53 | 001,191,936 | ---- | C] () -- C:\Documents and Settings\Greg\Desktop\sfk165.exe
[2012/04/12 21:53:37 | 034,051,839 | ---- | C] () -- C:\Documents and Settings\Greg\Desktop\docfetcher_1.1-beta6_win32_setup.exe
[2012/04/12 21:38:25 | 004,090,912 | ---- | C] () -- C:\Documents and Settings\Greg\Desktop\ir052.exe
[2012/04/12 10:45:59 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Greg\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/04/08 10:08:37 | 000,000,406 | ---- | C] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg
[2012/04/08 10:02:57 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\Greg\Application Data\Microsoft\Internet Explorer\Quick Launch\System Mechanic.lnk
[2012/04/08 10:02:57 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\Greg\Desktop\System Mechanic.lnk
[2012/04/08 10:00:12 | 000,459,696 | ---- | C] () -- C:\Documents and Settings\Greg\Desktop\sm_dm.exe
[2012/04/06 08:22:39 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/03/19 14:12:18 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2012/03/18 21:18:27 | 000,002,158 | R--- | C] () -- C:\WINDOWS\System32\P16X.ini
[2012/03/18 21:18:27 | 000,000,026 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2012/03/18 19:55:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/03/18 18:19:36 | 000,293,992 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/03/18 18:19:36 | 000,293,992 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/03/18 18:19:36 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/03/18 18:18:47 | 002,784,050 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/03/18 16:17:31 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/03/18 15:57:13 | 000,000,410 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2012/03/18 15:57:13 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD5240.DAT
[2012/03/18 14:30:45 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2012/03/18 14:26:45 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2012/03/18 14:26:41 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2012/03/18 14:26:12 | 000,000,064 | ---- | C] () -- C:\WINDOWS\P16x.ini
[2012/03/18 14:15:48 | 000,000,186 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2012/03/18 13:38:55 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/03/18 13:34:02 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/03/18 05:28:07 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/03/18 05:26:35 | 000,122,136 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== Alternate Data Streams ==========

@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >

#10 m0le

m0le

    Let's get to work

  • Malware Response Instructor
  • PipPipPipPipPipPip
  • 32,574 posts
  • Gender:Male
  • Location:London, UK

Posted 02 May 2012 - 05:43 PM

We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
    :OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
O2 - BHO: (Qwiklinx) - {3E7C8B5A-96AB-438F-BF9B-782400655440} - C:\Documents and Settings\Greg\Application Data\Qwiklinx\Qwiklinx.dll (Qwiklinx, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
[2012/04/12 10:01:47 | 000,000,000 | ---D | C] -- C:\Program Files\Qwiklinx
[2012/04/12 10:01:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Greg\Application Data\Qwiklinx
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.

Follow that with a run of MBAM

Please download Posted Image Malwarebytes Anti-Malware and save it to your desktop.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application or, if you are using Vista, right-click and select Run As Administrator on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
    If MBAM won't update then download and update MBAM on a clean computer then save the rules.ref folder to a memory stick. This file is found here: 'C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware' then transfer it across to the infected computer.
  • On the Scanner tab:
    • Make sure the "Perform Full Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.

If I have helped you fix your PC then please donate. Thanks

jetian6yw.jpg
m0le is a proud member of UNITE

#11 GKing

GKing

    Member

  • Members
  • PipPip
  • 92 posts
  • Gender:Male
  • Location:SFBayArea

Posted 03 May 2012 - 04:27 PM

Again, thanks for you help on this. The report didn't stick to desktop-and search couldn't find it-lol, I had to did through C/ and use explore; moved files evidently.
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E7C8B5A-96AB-438F-BF9B-782400655440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3E7C8B5A-96AB-438F-BF9B-782400655440}\ deleted successfully.
C:\Documents and Settings\Greg\Application Data\Qwiklinx\Qwiklinx.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
C:\Program Files\Qwiklinx folder moved successfully.
C:\Documents and Settings\Greg\Application Data\Qwiklinx\TestFeeds folder moved successfully.
C:\Documents and Settings\Greg\Application Data\Qwiklinx folder moved successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 deleted successfully.

OTL by OldTimer - Version 3.2.42.2 log created on 05032012_102734




Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.03.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Greg :: HOME-D0CEC6E9B2 [administrator]

5/3/2012 12:33:41 PM
mbam-log-2012-05-03 (12-33-41).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 269906
Time elapsed: 1 hour(s), 49 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 2
HKCR\scrfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE "%1") Good: ("%1" /S) -> Quarantined and repaired successfully.
HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE "%1") Good: (regedit.exe "%1") -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#12 m0le

m0le

    Let's get to work

  • Malware Response Instructor
  • PipPipPipPipPipPip
  • 32,574 posts
  • Gender:Male
  • Location:London, UK

Posted 03 May 2012 - 06:20 PM

Next we need to run an online scan to pick up any remnants

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • Copy and paste the resulting log in your next reply
If no log is generated that means nothing was found. Please let me know if this happens.

If you think a log should have been generated then go to C:\Program Files\ESET\ESET Online Scanner\log.txt to find it.

If I have helped you fix your PC then please donate. Thanks

jetian6yw.jpg
m0le is a proud member of UNITE

#13 GKing

GKing

    Member

  • Members
  • PipPip
  • 92 posts
  • Gender:Male
  • Location:SFBayArea

Posted 05 May 2012 - 10:23 AM

:radioactive:ESET found something in C:\D&C\Greg\App.Data\Sun\Java\cach\6.0\50\4adda572-1bc35...
Claims it was cleaned.
Full log from 25 days ago to now:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3b2bd590c45b304f8cc8e6dbfe8b27e8
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-04-12 10:37:30
# local_time=2012-04-12 03:37:30 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=41878
# found=4
# cleaned=4
# scan_time=5134
C:\Program Files\Yontoo\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{95A74D0A-EC1A-4D3A-9B45-55D737C8BE3D}\RP71\A0014245.dll a variant of Win32/Adware.Yontoo.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3b2bd590c45b304f8cc8e6dbfe8b27e8
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-25 12:10:04
# local_time=2012-04-24 05:10:04 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=8192 67108863 100 0 960455 960455 0 0
# scanned=2072
# found=0
# cleaned=0
# scan_time=1219
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3b2bd590c45b304f8cc8e6dbfe8b27e8
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-26 04:07:09
# local_time=2012-04-25 09:07:09 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=8192 67108863 100 0 1059896 1059896 0 0
# scanned=2233
# found=0
# cleaned=0
# scan_time=2423
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3b2bd590c45b304f8cc8e6dbfe8b27e8
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-26 05:49:41
# local_time=2012-04-25 10:49:41 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=8192 67108863 100 0 1062399 1062399 0 0
# scanned=41503
# found=0
# cleaned=0
# scan_time=6080
esets_scanner_update returned -1 esets_gle=53251
# version=7
# aolbrowser.exe=0.2.8.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3b2bd590c45b304f8cc8e6dbfe8b27e8
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-05-05 12:27:34
# local_time=2012-05-05 05:27:34 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 1857572 1857572 0 0
# scanned=43310
# found=1
# cleaned=1
# scan_time=12377
C:\Documents and Settings\Greg\Application Data\Sun\Java\Deployment\cache\6.0\50\4adda572-1bc351e6 Java/Exploit.Agent.NAX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

#14 m0le

m0le

    Let's get to work

  • Malware Response Instructor
  • PipPipPipPipPipPip
  • 32,574 posts
  • Gender:Male
  • Location:London, UK

Posted 05 May 2012 - 04:06 PM

There's some stuff there but nothing major.

How's the machine now?

If I have helped you fix your PC then please donate. Thanks

jetian6yw.jpg
m0le is a proud member of UNITE

#15 GKing

GKing

    Member

  • Members
  • PipPip
  • 92 posts
  • Gender:Male
  • Location:SFBayArea

Posted 05 May 2012 - 08:47 PM

Evidently a quick flash of hjt indicated the 3 usual [locked] suspects are back, but otherwise the machine seems to have picked up speed from those irritating command & click delays. I don't think I'll renew System Shield with System Machanic again. I tried to keep from monkeying around with this machine like I did in the past years but now, prehaps, I've got the above programs doing it for me! :whistle:
Also the cpu is a little over 7yr.s old and that's somewhat a concern perfomance/bios wise. Maybe sooner than latter it's time for windows 7 or 8 in a new tower or a new mac/apple laptop instead.
And again thanks m0le for what has been checked out.
Back to Virus, Trojan, Spyware, and Malware Removal Logs


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Virus, Trojan, Spyware, and Malware Removal Logs
  4. Privacy Policy
  5. Rules ·